cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:48:25 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:25 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:48:25 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r2, &(0x7f0000004280)={&(0x7f0000004180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004240)={&(0x7f00000041c0)={0x44, 0x0, 0x724469f4053571e0, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x19c2}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8804}, 0x2004c081)

22:48:25 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:48:34 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

22:48:34 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2335.915111] kmemleak: Found object by alias at 0x607f1a639184
[ 2335.915134] CPU: 0 UID: 0 PID: 15911 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2335.915152] Tainted: [W]=WARN
[ 2335.915155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2335.915162] Call Trace:
[ 2335.915166]  <TASK>
[ 2335.915171]  dump_stack_lvl+0xca/0x120
[ 2335.915195]  __lookup_object+0x94/0xb0
[ 2335.915211]  delete_object_full+0x27/0x70
[ 2335.915227]  free_percpu+0x30/0x1160
[ 2335.915242]  ? arch_uprobe_clear_state+0x16/0x140
[ 2335.915262]  futex_hash_free+0x38/0xc0
[ 2335.915276]  mmput+0x2d3/0x390
[ 2335.915294]  do_exit+0x79d/0x2970
[ 2335.915310]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2335.915325]  ? __pfx_do_exit+0x10/0x10
[ 2335.915339]  ? find_held_lock+0x2b/0x80
[ 2335.915357]  ? get_signal+0x1a05/0x2340
[ 2335.915376]  do_group_exit+0xd3/0x2a0
[ 2335.915390]  get_signal+0x2315/0x2340
[ 2335.915412]  ? __pfx_get_signal+0x10/0x10
[ 2335.915434]  arch_do_signal_or_restart+0x80/0x790
[ 2335.915451]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2335.915476]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2335.915495]  asm_exc_general_protection+0x26/0x30
[ 2335.915507] RIP: 0033:0x7f426ab2ab21
[ 2335.915516] Code: Unable to access opcode bytes at 0x7f426ab2aaf7.
[ 2335.915521] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2335.915531] RAX: 0000000000000000 RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2335.915538] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2335.915545] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2335.915551] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2335.915558] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2335.915573]  </TASK>
[ 2335.915577] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2335.915584] kmemleak:   comm "syz-executor.7", pid 15907, jiffies 4297002774
[ 2335.915591] kmemleak:   min_count = 1
[ 2335.915594] kmemleak:   count = 0
[ 2335.915598] kmemleak:   flags = 0x21
[ 2335.915601] kmemleak:   checksum = 0
[ 2335.915605] kmemleak:   backtrace:
[ 2335.915609]  pcpu_alloc_noprof+0x87a/0x1170
[ 2335.915623]  percpu_ref_init+0x37/0x400
[ 2335.915641]  io_uring_setup+0x44c/0x2000
[ 2335.915652]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2335.915662]  do_syscall_64+0xbf/0x360
[ 2335.915671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:48:34 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:48:34 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2335.970196] kmemleak: Found object by alias at 0x607f1a639184
[ 2335.970217] CPU: 0 UID: 0 PID: 15898 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2335.970235] Tainted: [W]=WARN
[ 2335.970238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2335.970246] Call Trace:
[ 2335.970249]  <TASK>
[ 2335.970254]  dump_stack_lvl+0xca/0x120
[ 2335.970279]  __lookup_object+0x94/0xb0
[ 2335.970295]  delete_object_full+0x27/0x70
[ 2335.970310]  free_percpu+0x30/0x1160
[ 2335.970326]  ? arch_uprobe_clear_state+0x16/0x140
[ 2335.970347]  futex_hash_free+0x38/0xc0
[ 2335.970360]  mmput+0x2d3/0x390
[ 2335.970378]  do_exit+0x79d/0x2970
[ 2335.970392]  ? signal_wake_up_state+0x85/0x120
[ 2335.970407]  ? zap_other_threads+0x2b9/0x3a0
[ 2335.970423]  ? __pfx_do_exit+0x10/0x10
[ 2335.970435]  ? do_group_exit+0x1c3/0x2a0
[ 2335.970448]  ? lock_release+0xc8/0x290
[ 2335.970465]  do_group_exit+0xd3/0x2a0
[ 2335.970479]  __x64_sys_exit_group+0x3e/0x50
[ 2335.970493]  x64_sys_call+0x18c5/0x18d0
[ 2335.970508]  do_syscall_64+0xbf/0x360
[ 2335.970519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2335.970530] RIP: 0033:0x7f426ab2ab19
[ 2335.970539] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2335.970544] RSP: 002b:00007ffe695d2ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2335.970555] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f426ab2ab19
[ 2335.970562] RDX: 00007f426aadd72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2335.970569] RBP: 0000000000000000 R08: 0000001b2cc20f4c R09: 0000000000000000
[ 2335.970576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2335.970582] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe695d2bb0
[ 2335.970598]  </TASK>
[ 2335.970601] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2335.970608] kmemleak:   comm "syz-executor.7", pid 15907, jiffies 4297002774
[ 2335.970615] kmemleak:   min_count = 1
[ 2335.970618] kmemleak:   count = 0
[ 2335.970622] kmemleak:   flags = 0x21
[ 2335.970625] kmemleak:   checksum = 0
[ 2335.970629] kmemleak:   backtrace:
[ 2335.970632]  pcpu_alloc_noprof+0x87a/0x1170
[ 2335.970647]  percpu_ref_init+0x37/0x400
[ 2335.970664]  io_uring_setup+0x44c/0x2000
[ 2335.970676]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2335.970686]  do_syscall_64+0xbf/0x360
[ 2335.970695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:48:34 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:48:34 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

22:48:34 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:48:34 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

[ 2336.257198] kmemleak: Found object by alias at 0x607f1a638af4
[ 2336.257216] CPU: 0 UID: 0 PID: 15939 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2336.257234] Tainted: [W]=WARN
[ 2336.257238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2336.257245] Call Trace:
[ 2336.257248]  <TASK>
[ 2336.257253]  dump_stack_lvl+0xca/0x120
[ 2336.257278]  __lookup_object+0x94/0xb0
[ 2336.257294]  delete_object_full+0x27/0x70
[ 2336.257309]  free_percpu+0x30/0x1160
[ 2336.257326]  ? arch_uprobe_clear_state+0x16/0x140
[ 2336.257346]  futex_hash_free+0x38/0xc0
[ 2336.257360]  mmput+0x2d3/0x390
[ 2336.257378]  do_exit+0x79d/0x2970
[ 2336.257391]  ? lock_release+0xc8/0x290
[ 2336.257408]  ? __pfx_do_exit+0x10/0x10
[ 2336.257421]  ? find_held_lock+0x2b/0x80
[ 2336.257438]  ? get_signal+0x835/0x2340
[ 2336.257458]  do_group_exit+0xd3/0x2a0
[ 2336.257473]  get_signal+0x2315/0x2340
[ 2336.257495]  ? __pfx_get_signal+0x10/0x10
[ 2336.257511]  ? do_futex+0x135/0x370
[ 2336.257525]  ? __pfx_do_futex+0x10/0x10
[ 2336.257536]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2336.257553]  arch_do_signal_or_restart+0x80/0x790
[ 2336.257570]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2336.257586]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2336.257598]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2336.257613]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2336.257627]  ? syscall_user_dispatch+0x78/0x140
[ 2336.257643]  exit_to_user_mode_loop+0x8b/0x110
[ 2336.257654]  do_syscall_64+0x2f7/0x360
[ 2336.257666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2336.257678] RIP: 0033:0x7f11f0c47b19
[ 2336.257686] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2336.257691] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2336.257702] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2336.257710] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2336.257717] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2336.257723] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2336.257730] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2336.257745]  </TASK>
[ 2336.257749] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2336.257756] kmemleak:   comm "syz-executor.2", pid 15932, jiffies 4297003055
[ 2336.257763] kmemleak:   min_count = 1
[ 2336.257766] kmemleak:   count = 0
[ 2336.257770] kmemleak:   flags = 0x21
[ 2336.257773] kmemleak:   checksum = 0
[ 2336.257777] kmemleak:   backtrace:
[ 2336.257781]  pcpu_alloc_noprof+0x87a/0x1170
[ 2336.257795]  percpu_ref_init+0x37/0x400
[ 2336.257812]  io_uring_setup+0x44c/0x2000
[ 2336.257828]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2336.257838]  do_syscall_64+0xbf/0x360
[ 2336.257847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:48:34 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:34 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:48:34 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:48:34 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:48:43 executing program 6:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:48:43 executing program 4:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 0:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2345.102663] kmemleak: Found object by alias at 0x607f1a638af4
[ 2345.102696] CPU: 1 UID: 0 PID: 15986 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2345.102731] Tainted: [W]=WARN
[ 2345.102738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2345.102751] Call Trace:
[ 2345.102758]  <TASK>
[ 2345.102767]  dump_stack_lvl+0xca/0x120
[ 2345.102808]  __lookup_object+0x94/0xb0
[ 2345.102848]  delete_object_full+0x27/0x70
[ 2345.102879]  free_percpu+0x30/0x1160
[ 2345.102909]  ? arch_uprobe_clear_state+0x16/0x140
[ 2345.102946]  futex_hash_free+0x38/0xc0
[ 2345.102972]  mmput+0x2d3/0x390
[ 2345.103007]  do_exit+0x79d/0x2970
[ 2345.103033]  ? signal_wake_up_state+0x85/0x120
[ 2345.103062]  ? zap_other_threads+0x2b9/0x3a0
[ 2345.103092]  ? __pfx_do_exit+0x10/0x10
[ 2345.103117]  ? do_group_exit+0x1c3/0x2a0
[ 2345.103143]  ? lock_release+0xc8/0x290
[ 2345.103175]  do_group_exit+0xd3/0x2a0
[ 2345.103203]  __x64_sys_exit_group+0x3e/0x50
[ 2345.103230]  x64_sys_call+0x18c5/0x18d0
[ 2345.103259]  do_syscall_64+0xbf/0x360
[ 2345.103281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2345.103303] RIP: 0033:0x7f11f0c47b19
[ 2345.103319] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2345.103329] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2345.103351] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2345.103365] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2345.103379] RBP: 0000000000000000 R08: 0000001b2d22001c R09: 0000000000000000
[ 2345.103392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2345.103405] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2345.103435]  </TASK>
[ 2345.103442] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2345.103455] kmemleak:   comm "syz-executor.2", pid 15984, jiffies 4297011922
[ 2345.103469] kmemleak:   min_count = 1
[ 2345.103476] kmemleak:   count = 0
[ 2345.103483] kmemleak:   flags = 0x21
[ 2345.103491] kmemleak:   checksum = 0
[ 2345.103498] kmemleak:   backtrace:
[ 2345.103504]  pcpu_alloc_noprof+0x87a/0x1170
[ 2345.103533]  percpu_ref_init+0x37/0x400
[ 2345.103565]  io_uring_setup+0x44c/0x2000
[ 2345.103587]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2345.103608]  do_syscall_64+0xbf/0x360
[ 2345.103625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:48:43 executing program 4:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:48:43 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2345.238656] kmemleak: Found object by alias at 0x607f1a639184
[ 2345.238684] CPU: 1 UID: 0 PID: 15999 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2345.238719] Tainted: [W]=WARN
[ 2345.238726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2345.238739] Call Trace:
[ 2345.238746]  <TASK>
[ 2345.238755]  dump_stack_lvl+0xca/0x120
[ 2345.238796]  __lookup_object+0x94/0xb0
[ 2345.238833]  delete_object_full+0x27/0x70
[ 2345.238864]  free_percpu+0x30/0x1160
[ 2345.238894]  ? arch_uprobe_clear_state+0x16/0x140
[ 2345.238932]  futex_hash_free+0x38/0xc0
[ 2345.238958]  mmput+0x2d3/0x390
[ 2345.238993]  do_exit+0x79d/0x2970
[ 2345.239024]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2345.239053]  ? __pfx_do_exit+0x10/0x10
[ 2345.239079]  ? find_held_lock+0x2b/0x80
[ 2345.239113]  ? get_signal+0x1a05/0x2340
[ 2345.239150]  do_group_exit+0xd3/0x2a0
[ 2345.239179]  get_signal+0x2315/0x2340
[ 2345.239223]  ? __pfx_get_signal+0x10/0x10
[ 2345.239266]  arch_do_signal_or_restart+0x80/0x790
[ 2345.239299]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2345.239350]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2345.239385]  asm_exc_general_protection+0x26/0x30
[ 2345.239408] RIP: 0033:0x7f426ab2ab21
[ 2345.239424] Code: Unable to access opcode bytes at 0x7f426ab2aaf7.
[ 2345.239434] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2345.239452] RAX: 0000000000000000 RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2345.239466] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2345.239480] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2345.239493] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2345.239506] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2345.239537]  </TASK>
[ 2345.239544] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2345.239557] kmemleak:   comm "syz-executor.1", pid 16005, jiffies 4297012065
[ 2345.239571] kmemleak:   min_count = 1
[ 2345.239578] kmemleak:   count = 0
[ 2345.239585] kmemleak:   flags = 0x21
[ 2345.239593] kmemleak:   checksum = 0
[ 2345.239600] kmemleak:   backtrace:
[ 2345.239606]  pcpu_alloc_noprof+0x87a/0x1170
[ 2345.239635]  percpu_ref_init+0x37/0x400
[ 2345.239668]  io_uring_setup+0x44c/0x2000
[ 2345.239689]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2345.239710]  do_syscall_64+0xbf/0x360
[ 2345.239727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:48:43 executing program 4:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:43 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:48:51 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:51 executing program 6:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f00000003c0))

22:48:51 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:51 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:48:51 executing program 4:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:51 executing program 0:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:51 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:48:51 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:01 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 4:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 6:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000003c0))

22:49:01 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 0:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2363.389974] kmemleak: Found object by alias at 0x607f1a638af4
[ 2363.390012] CPU: 1 UID: 0 PID: 16062 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2363.390044] Tainted: [W]=WARN
[ 2363.390051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2363.390063] Call Trace:
[ 2363.390070]  <TASK>
[ 2363.390077]  dump_stack_lvl+0xca/0x120
[ 2363.390117]  __lookup_object+0x94/0xb0
[ 2363.390146]  delete_object_full+0x27/0x70
[ 2363.390175]  free_percpu+0x30/0x1160
[ 2363.390204]  ? arch_uprobe_clear_state+0x16/0x140
[ 2363.390239]  futex_hash_free+0x38/0xc0
[ 2363.390263]  mmput+0x2d3/0x390
[ 2363.390296]  do_exit+0x79d/0x2970
[ 2363.390321]  ? signal_wake_up_state+0x85/0x120
[ 2363.390348]  ? zap_other_threads+0x2b9/0x3a0
[ 2363.390377]  ? __pfx_do_exit+0x10/0x10
[ 2363.390400]  ? do_group_exit+0x1c3/0x2a0
[ 2363.390424]  ? lock_release+0xc8/0x290
[ 2363.390455]  do_group_exit+0xd3/0x2a0
[ 2363.390482]  __x64_sys_exit_group+0x3e/0x50
[ 2363.390507]  x64_sys_call+0x18c5/0x18d0
[ 2363.390534]  do_syscall_64+0xbf/0x360
[ 2363.390555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2363.390575] RIP: 0033:0x7f11f0c47b19
[ 2363.390591] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2363.390600] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2363.390620] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2363.390634] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2363.390647] RBP: 0000000000000000 R08: 0000001b2d22001c R09: 0000000000000000
[ 2363.390659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2363.390671] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2363.390699]  </TASK>
[ 2363.390705] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2363.390717] kmemleak:   comm "syz-executor.2", pid 16068, jiffies 4297030224
[ 2363.390730] kmemleak:   min_count = 1
[ 2363.390737] kmemleak:   count = 0
[ 2363.390743] kmemleak:   flags = 0x21
[ 2363.390750] kmemleak:   checksum = 0
[ 2363.390757] kmemleak:   backtrace:
[ 2363.390763]  pcpu_alloc_noprof+0x87a/0x1170
[ 2363.390789]  percpu_ref_init+0x37/0x400
[ 2363.390820]  io_uring_setup+0x44c/0x2000
[ 2363.390839]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2363.390859]  do_syscall_64+0xbf/0x360
[ 2363.390874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:49:01 executing program 0:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 6:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)

22:49:01 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 4:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:01 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:01 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:02 executing program 6:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)

22:49:02 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 6:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)

22:49:11 executing program 4:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:11 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:11 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 4:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:11 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 4:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 0:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:19 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 0:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:19 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:27 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)

22:49:27 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:27 executing program 7:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:27 executing program 0:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:27 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:27 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:27 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:27 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

[ 2389.759442] kmemleak: Found object by alias at 0x607f1a638af4
[ 2389.759473] CPU: 1 UID: 0 PID: 16229 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2389.759508] Tainted: [W]=WARN
[ 2389.759515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2389.759528] Call Trace:
[ 2389.759535]  <TASK>
[ 2389.759544]  dump_stack_lvl+0xca/0x120
[ 2389.759585]  __lookup_object+0x94/0xb0
[ 2389.759616]  delete_object_full+0x27/0x70
[ 2389.759654]  free_percpu+0x30/0x1160
[ 2389.759684]  ? arch_uprobe_clear_state+0x16/0x140
[ 2389.759722]  futex_hash_free+0x38/0xc0
[ 2389.759748]  mmput+0x2d3/0x390
[ 2389.759783]  do_exit+0x79d/0x2970
[ 2389.759814]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2389.759842]  ? __pfx_do_exit+0x10/0x10
[ 2389.759869]  ? find_held_lock+0x2b/0x80
[ 2389.759903]  ? get_signal+0x1a05/0x2340
[ 2389.759941]  do_group_exit+0xd3/0x2a0
[ 2389.759969]  get_signal+0x2315/0x2340
[ 2389.760013]  ? __pfx_get_signal+0x10/0x10
[ 2389.760056]  arch_do_signal_or_restart+0x80/0x790
[ 2389.760089]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2389.760139]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2389.760175]  asm_exc_general_protection+0x26/0x30
[ 2389.760197] RIP: 0033:0x7f11f0c47b21
[ 2389.760214] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2389.760223] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2389.760242] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2389.760256] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2389.760270] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2389.760283] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2389.760296] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2389.760327]  </TASK>
[ 2389.760334] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2389.760347] kmemleak:   comm "syz-executor.2", pid 16227, jiffies 4297056552
[ 2389.760361] kmemleak:   min_count = 1
[ 2389.760369] kmemleak:   count = 0
[ 2389.760376] kmemleak:   flags = 0x21
[ 2389.760384] kmemleak:   checksum = 0
[ 2389.760392] kmemleak:   backtrace:
[ 2389.760399]  pcpu_alloc_noprof+0x87a/0x1170
[ 2389.760428]  percpu_ref_init+0x37/0x400
[ 2389.760461]  io_uring_setup+0x44c/0x2000
[ 2389.760482]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2389.760503]  do_syscall_64+0xbf/0x360
[ 2389.760520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:49:28 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:28 executing program 7:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, 0x0)

22:49:28 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)

22:49:28 executing program 2:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:28 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)

22:49:28 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, 0x0)

22:49:28 executing program 7:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:37 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 6:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 2:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, 0x0)

22:49:37 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 7:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:49:37 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:49:37 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:37 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)

22:49:37 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:49:37 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:48 executing program 2:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:49:48 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)

22:49:48 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:49:48 executing program 6:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 3:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:48 executing program 7:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)

22:49:48 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

[ 2410.034526] kmemleak: Found object by alias at 0x607f1a638af4
[ 2410.034548] CPU: 0 UID: 0 PID: 16334 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2410.034566] Tainted: [W]=WARN
[ 2410.034570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2410.034577] Call Trace:
[ 2410.034581]  <TASK>
[ 2410.034586]  dump_stack_lvl+0xca/0x120
[ 2410.034612]  __lookup_object+0x94/0xb0
[ 2410.034628]  delete_object_full+0x27/0x70
[ 2410.034643]  free_percpu+0x30/0x1160
[ 2410.034659]  ? arch_uprobe_clear_state+0x16/0x140
[ 2410.034679]  futex_hash_free+0x38/0xc0
[ 2410.034693]  mmput+0x2d3/0x390
[ 2410.034711]  do_exit+0x79d/0x2970
[ 2410.034727]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2410.034742]  ? __pfx_do_exit+0x10/0x10
[ 2410.034756]  ? find_held_lock+0x2b/0x80
[ 2410.034773]  ? get_signal+0x1a05/0x2340
[ 2410.034793]  do_group_exit+0xd3/0x2a0
[ 2410.034807]  get_signal+0x2315/0x2340
[ 2410.034834]  ? __pfx_get_signal+0x10/0x10
[ 2410.034855]  arch_do_signal_or_restart+0x80/0x790
[ 2410.034872]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2410.034898]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2410.034917]  asm_exc_general_protection+0x26/0x30
[ 2410.034928] RIP: 0033:0x7f11f0c47b21
[ 2410.034937] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2410.034942] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2410.034952] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2410.034959] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2410.034966] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2410.034973] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2410.034980] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2410.034995]  </TASK>
[ 2410.034999] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2410.035006] kmemleak:   comm "syz-executor.2", pid 16341, jiffies 4297076919
[ 2410.035013] kmemleak:   min_count = 1
[ 2410.035016] kmemleak:   count = 0
[ 2410.035020] kmemleak:   flags = 0x21
[ 2410.035023] kmemleak:   checksum = 0
[ 2410.035027] kmemleak:   backtrace:
[ 2410.035031]  pcpu_alloc_noprof+0x87a/0x1170
[ 2410.035045]  percpu_ref_init+0x37/0x400
[ 2410.035063]  io_uring_setup+0x44c/0x2000
[ 2410.035074]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2410.035085]  do_syscall_64+0xbf/0x360
[ 2410.035093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2410.106196] kmemleak: Found object by alias at 0x607f1a638af4
[ 2410.106225] CPU: 1 UID: 0 PID: 16331 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2410.106260] Tainted: [W]=WARN
[ 2410.106267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2410.106279] Call Trace:
[ 2410.106286]  <TASK>
[ 2410.106295]  dump_stack_lvl+0xca/0x120
[ 2410.106337]  __lookup_object+0x94/0xb0
[ 2410.106368]  delete_object_full+0x27/0x70
[ 2410.106399]  free_percpu+0x30/0x1160
[ 2410.106428]  ? arch_uprobe_clear_state+0x16/0x140
[ 2410.106466]  futex_hash_free+0x38/0xc0
[ 2410.106492]  mmput+0x2d3/0x390
[ 2410.106527]  do_exit+0x79d/0x2970
[ 2410.106552]  ? lock_release+0xc8/0x290
[ 2410.106584]  ? __pfx_do_exit+0x10/0x10
[ 2410.106611]  ? find_held_lock+0x2b/0x80
[ 2410.106643]  ? get_signal+0x835/0x2340
[ 2410.106681]  do_group_exit+0xd3/0x2a0
[ 2410.106717]  get_signal+0x2315/0x2340
[ 2410.106761]  ? __pfx_get_signal+0x10/0x10
[ 2410.106793]  ? do_futex+0x135/0x370
[ 2410.106819]  ? __pfx_do_futex+0x10/0x10
[ 2410.106848]  arch_do_signal_or_restart+0x80/0x790
[ 2410.106881]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2410.106913]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2410.106936]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2410.106962]  ? exc_page_fault+0xb0/0x180
[ 2410.106994]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2410.107030]  exit_to_user_mode_loop+0x8b/0x110
[ 2410.107054]  do_syscall_64+0x2f7/0x360
[ 2410.107076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2410.107099] RIP: 0033:0x7f11f0c47b19
22:49:48 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

[ 2410.107115] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2410.107125] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2410.107147] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
22:49:48 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

[ 2410.107161] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2410.107175] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2410.107188] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2410.107201] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2410.107232]  </TASK>
[ 2410.107239] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2410.107252] kmemleak:   comm "syz-executor.2", pid 16341, jiffies 4297076919
[ 2410.107266] kmemleak:   min_count = 1
[ 2410.107273] kmemleak:   count = 0
[ 2410.107280] kmemleak:   flags = 0x21
[ 2410.107288] kmemleak:   checksum = 0
[ 2410.107295] kmemleak:   backtrace:
[ 2410.107301]  pcpu_alloc_noprof+0x87a/0x1170
[ 2410.107330]  percpu_ref_init+0x37/0x400
[ 2410.107362]  io_uring_setup+0x44c/0x2000
[ 2410.107383]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2410.107404]  do_syscall_64+0xbf/0x360
[ 2410.107421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:49:48 executing program 3:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:48 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:49:57 executing program 1:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:49:57 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:49:57 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 3:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 6:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:49:57 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:49:57 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:49:57 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:49:57 executing program 7:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631")

22:49:57 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

[ 2419.293414] kmemleak: Found object by alias at 0x607f1a638af4
[ 2419.293445] CPU: 1 UID: 0 PID: 16404 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
22:49:57 executing program 1:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

[ 2419.293479] Tainted: [W]=WARN
[ 2419.293486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2419.293499] Call Trace:
[ 2419.293506]  <TASK>
[ 2419.293515]  dump_stack_lvl+0xca/0x120
[ 2419.293556]  __lookup_object+0x94/0xb0
[ 2419.293586]  delete_object_full+0x27/0x70
[ 2419.293630]  free_percpu+0x30/0x1160
[ 2419.293660]  ? arch_uprobe_clear_state+0x16/0x140
[ 2419.293698]  futex_hash_free+0x38/0xc0
[ 2419.293724]  mmput+0x2d3/0x390
[ 2419.293759]  do_exit+0x79d/0x2970
[ 2419.293790]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2419.293826]  ? __pfx_do_exit+0x10/0x10
[ 2419.293853]  ? find_held_lock+0x2b/0x80
[ 2419.293887]  ? get_signal+0x1a05/0x2340
[ 2419.293925]  do_group_exit+0xd3/0x2a0
[ 2419.293953]  get_signal+0x2315/0x2340
[ 2419.293997]  ? __pfx_get_signal+0x10/0x10
[ 2419.294041]  arch_do_signal_or_restart+0x80/0x790
[ 2419.294076]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2419.294127]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2419.294163]  asm_exc_general_protection+0x26/0x30
[ 2419.294185] RIP: 0033:0x7f11f0c47b21
[ 2419.294201] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2419.294211] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2419.294229] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2419.294243] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2419.294257] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2419.294270] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2419.294284] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2419.294314]  </TASK>
[ 2419.294322] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2419.294334] kmemleak:   comm "syz-executor.3", pid 16412, jiffies 4297086113
[ 2419.294348] kmemleak:   min_count = 1
[ 2419.294355] kmemleak:   count = 0
[ 2419.294362] kmemleak:   flags = 0x21
[ 2419.294370] kmemleak:   checksum = 0
[ 2419.294377] kmemleak:   backtrace:
[ 2419.294383]  pcpu_alloc_noprof+0x87a/0x1170
[ 2419.294412]  percpu_ref_init+0x37/0x400
[ 2419.294445]  io_uring_setup+0x44c/0x2000
[ 2419.294466]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2419.294487]  do_syscall_64+0xbf/0x360
[ 2419.294504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:49:57 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631")

22:49:57 executing program 6:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 7:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:49:57 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631")

22:49:57 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:08 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631")

22:50:08 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:50:08 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:08 executing program 6:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:08 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:50:08 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:08 executing program 1:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:08 executing program 7:
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:08 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:08 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:50:08 executing program 7:
clone(0x200, 0x0, 0x0, 0x0, 0x0)

22:50:08 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:50:08 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:08 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:18 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:18 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:18 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:18 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:18 executing program 6:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x10020)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:18 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:50:18 executing program 7:
clone(0x200, 0x0, 0x0, 0x0, 0x0)

22:50:18 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:50:18 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:18 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

[ 2439.887541] kmemleak: Found object by alias at 0x607f1a638af4
[ 2439.887573] CPU: 0 UID: 0 PID: 16519 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2439.887606] Tainted: [W]=WARN
[ 2439.887613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2439.887626] Call Trace:
[ 2439.887633]  <TASK>
[ 2439.887641]  dump_stack_lvl+0xca/0x120
[ 2439.887681]  __lookup_object+0x94/0xb0
[ 2439.887711]  delete_object_full+0x27/0x70
[ 2439.887740]  free_percpu+0x30/0x1160
[ 2439.887768]  ? arch_uprobe_clear_state+0x16/0x140
[ 2439.887804]  futex_hash_free+0x38/0xc0
[ 2439.887837]  mmput+0x2d3/0x390
[ 2439.887871]  do_exit+0x79d/0x2970
[ 2439.887905]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2439.887933]  ? __pfx_do_exit+0x10/0x10
[ 2439.887958]  ? find_held_lock+0x2b/0x80
[ 2439.887990]  ? get_signal+0x1a05/0x2340
[ 2439.888026]  do_group_exit+0xd3/0x2a0
[ 2439.888053]  get_signal+0x2315/0x2340
[ 2439.888093]  ? __pfx_get_signal+0x10/0x10
[ 2439.888133]  arch_do_signal_or_restart+0x80/0x790
[ 2439.888165]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2439.888212]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2439.888246]  asm_exc_general_protection+0x26/0x30
[ 2439.888268] RIP: 0033:0x7f11f0c47b21
[ 2439.888283] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2439.888292] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2439.888309] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2439.888323] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2439.888336] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2439.888349] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2439.888361] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2439.888391]  </TASK>
[ 2439.888398] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2439.888410] kmemleak:   comm "syz-executor.2", pid 16514, jiffies 4297106660
[ 2439.888423] kmemleak:   min_count = 1
[ 2439.888429] kmemleak:   count = 0
[ 2439.888436] kmemleak:   flags = 0x21
[ 2439.888443] kmemleak:   checksum = 0
[ 2439.888449] kmemleak:   backtrace:
[ 2439.888455]  pcpu_alloc_noprof+0x87a/0x1170
[ 2439.888482]  percpu_ref_init+0x37/0x400
[ 2439.888514]  io_uring_setup+0x44c/0x2000
[ 2439.888534]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2439.888554]  do_syscall_64+0xbf/0x360
[ 2439.888570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:50:28 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:50:28 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:28 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:28 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:28 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:28 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:28 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:28 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:28 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:28 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

[ 2450.537407] kmemleak: Found object by alias at 0x607f1a639184
[ 2450.537430] CPU: 0 UID: 0 PID: 16546 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2450.537449] Tainted: [W]=WARN
[ 2450.537453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2450.537460] Call Trace:
[ 2450.537464]  <TASK>
[ 2450.537469]  dump_stack_lvl+0xca/0x120
[ 2450.537494]  __lookup_object+0x94/0xb0
[ 2450.537511]  delete_object_full+0x27/0x70
[ 2450.537527]  free_percpu+0x30/0x1160
[ 2450.537545]  ? arch_uprobe_clear_state+0x16/0x140
[ 2450.537565]  futex_hash_free+0x38/0xc0
[ 2450.537580]  mmput+0x2d3/0x390
[ 2450.537599]  do_exit+0x79d/0x2970
[ 2450.537612]  ? signal_wake_up_state+0x85/0x120
[ 2450.537628]  ? zap_other_threads+0x2b9/0x3a0
[ 2450.537643]  ? __pfx_do_exit+0x10/0x10
[ 2450.537656]  ? do_group_exit+0x1c3/0x2a0
[ 2450.537669]  ? lock_release+0xc8/0x290
[ 2450.537686]  do_group_exit+0xd3/0x2a0
[ 2450.537700]  __x64_sys_exit_group+0x3e/0x50
[ 2450.537714]  x64_sys_call+0x18c5/0x18d0
[ 2450.537734]  do_syscall_64+0xbf/0x360
[ 2450.537746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2450.537757] RIP: 0033:0x7f426ab2ab19
[ 2450.537766] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2450.537779] RSP: 002b:00007ffe695d2ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2450.537790] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f426ab2ab19
[ 2450.537798] RDX: 00007f426aadd72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2450.537805] RBP: 0000000000000000 R08: 0000001b2cc2001c R09: 0000000000000000
[ 2450.537811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2450.537818] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe695d2bb0
[ 2450.537833]  </TASK>
[ 2450.537837] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2450.537844] kmemleak:   comm "syz-executor.3", pid 16554, jiffies 4297117410
[ 2450.537851] kmemleak:   min_count = 1
[ 2450.537855] kmemleak:   count = 0
[ 2450.537858] kmemleak:   flags = 0x21
[ 2450.537862] kmemleak:   checksum = 0
[ 2450.537866] kmemleak:   backtrace:
[ 2450.537869]  pcpu_alloc_noprof+0x87a/0x1170
[ 2450.537884]  percpu_ref_init+0x37/0x400
[ 2450.537903]  io_uring_setup+0x44c/0x2000
[ 2450.537915]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2450.537925]  do_syscall_64+0xbf/0x360
[ 2450.537934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:50:28 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:29 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2c")

22:50:29 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

[ 2450.705314] kmemleak: Found object by alias at 0x607f1a638af4
[ 2450.705346] CPU: 1 UID: 0 PID: 16559 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2450.705381] Tainted: [W]=WARN
[ 2450.705388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2450.705401] Call Trace:
[ 2450.705408]  <TASK>
[ 2450.705417]  dump_stack_lvl+0xca/0x120
[ 2450.705459]  __lookup_object+0x94/0xb0
[ 2450.705490]  delete_object_full+0x27/0x70
[ 2450.705521]  free_percpu+0x30/0x1160
[ 2450.705552]  ? arch_uprobe_clear_state+0x16/0x140
[ 2450.705590]  futex_hash_free+0x38/0xc0
[ 2450.705616]  mmput+0x2d3/0x390
[ 2450.705652]  do_exit+0x79d/0x2970
[ 2450.705684]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2450.705713]  ? __pfx_do_exit+0x10/0x10
[ 2450.705741]  ? find_held_lock+0x2b/0x80
[ 2450.705786]  ? get_signal+0x1a05/0x2340
[ 2450.705830]  do_group_exit+0xd3/0x2a0
[ 2450.705904]  get_signal+0x2315/0x2340
[ 2450.705949]  ? __pfx_get_signal+0x10/0x10
[ 2450.705993]  arch_do_signal_or_restart+0x80/0x790
[ 2450.706026]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2450.706078]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2450.706114]  asm_exc_general_protection+0x26/0x30
[ 2450.706136] RIP: 0033:0x7f11f0c47b21
[ 2450.706153] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2450.706163] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2450.706181] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2450.706195] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2450.706209] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2450.706223] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2450.706236] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2450.706267]  </TASK>
[ 2450.706274] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2450.706287] kmemleak:   comm "syz-executor.2", pid 16553, jiffies 4297117406
[ 2450.706300] kmemleak:   min_count = 1
[ 2450.706308] kmemleak:   count = 0
[ 2450.706315] kmemleak:   flags = 0x21
[ 2450.706322] kmemleak:   checksum = 0
[ 2450.706329] kmemleak:   backtrace:
[ 2450.706335]  pcpu_alloc_noprof+0x87a/0x1170
[ 2450.706365]  percpu_ref_init+0x37/0x400
[ 2450.706398]  io_uring_setup+0x44c/0x2000
[ 2450.706419]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2450.706441]  do_syscall_64+0xbf/0x360
[ 2450.706458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:50:29 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:29 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:29 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:29 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:29 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:29 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:29 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:37 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f30")

22:50:37 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:37 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:37 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:37 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:37 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:37 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:37 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:37 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:37 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2459.485047] kmemleak: Found object by alias at 0x607f1a638af4
[ 2459.485067] CPU: 0 UID: 0 PID: 16624 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2459.485085] Tainted: [W]=WARN
[ 2459.485089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.485096] Call Trace:
[ 2459.485100]  <TASK>
[ 2459.485105]  dump_stack_lvl+0xca/0x120
[ 2459.485129]  __lookup_object+0x94/0xb0
[ 2459.485145]  delete_object_full+0x27/0x70
[ 2459.485161]  free_percpu+0x30/0x1160
[ 2459.485181]  ? arch_uprobe_clear_state+0x16/0x140
[ 2459.485200]  futex_hash_free+0x38/0xc0
[ 2459.485214]  mmput+0x2d3/0x390
[ 2459.485232]  do_exit+0x79d/0x2970
[ 2459.485248]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2459.485263]  ? __pfx_do_exit+0x10/0x10
[ 2459.485277]  ? find_held_lock+0x2b/0x80
[ 2459.485294]  ? get_signal+0x1a05/0x2340
[ 2459.485313]  do_group_exit+0xd3/0x2a0
[ 2459.485328]  get_signal+0x2315/0x2340
[ 2459.485350]  ? __pfx_get_signal+0x10/0x10
[ 2459.485372]  arch_do_signal_or_restart+0x80/0x790
[ 2459.485389]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2459.485414]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2459.485433]  asm_exc_general_protection+0x26/0x30
[ 2459.485444] RIP: 0033:0x7f11f0c47b21
[ 2459.485453] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2459.485458] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2459.485467] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2459.485475] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000000
[ 2459.485482] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2459.485488] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2459.485495] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2459.485511]  </TASK>
[ 2459.485514] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2459.485521] kmemleak:   comm "syz-executor.3", pid 16621, jiffies 4297126290
[ 2459.485528] kmemleak:   min_count = 1
[ 2459.485532] kmemleak:   count = 0
[ 2459.485535] kmemleak:   flags = 0x21
[ 2459.485539] kmemleak:   checksum = 0
[ 2459.485542] kmemleak:   backtrace:
[ 2459.485546]  pcpu_alloc_noprof+0x87a/0x1170
[ 2459.485560]  percpu_ref_init+0x37/0x400
[ 2459.485578]  io_uring_setup+0x44c/0x2000
[ 2459.485589]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2459.485600]  do_syscall_64+0xbf/0x360
[ 2459.485609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2459.519820] kmemleak: Found object by alias at 0x607f1a638af4
[ 2459.519851] CPU: 1 UID: 0 PID: 16620 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2459.519885] Tainted: [W]=WARN
[ 2459.519892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.519905] Call Trace:
[ 2459.519912]  <TASK>
22:50:37 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

[ 2459.519920]  dump_stack_lvl+0xca/0x120
22:50:37 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

[ 2459.519961]  __lookup_object+0x94/0xb0
[ 2459.519992]  delete_object_full+0x27/0x70
[ 2459.520023]  free_percpu+0x30/0x1160
[ 2459.520052]  ? arch_uprobe_clear_state+0x16/0x140
[ 2459.520090]  futex_hash_free+0x38/0xc0
[ 2459.520115]  mmput+0x2d3/0x390
[ 2459.520152]  do_exit+0x79d/0x2970
[ 2459.520177]  ? lock_release+0xc8/0x290
[ 2459.520209]  ? __pfx_do_exit+0x10/0x10
[ 2459.520236]  ? find_held_lock+0x2b/0x80
[ 2459.520269]  ? get_signal+0x835/0x2340
[ 2459.520308]  do_group_exit+0xd3/0x2a0
[ 2459.520337]  get_signal+0x2315/0x2340
[ 2459.520382]  ? __pfx_get_signal+0x10/0x10
[ 2459.520414]  ? do_futex+0x135/0x370
[ 2459.520441]  ? __pfx_do_futex+0x10/0x10
[ 2459.520470]  arch_do_signal_or_restart+0x80/0x790
[ 2459.520503]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2459.520535]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2459.520559]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2459.520585]  ? exc_page_fault+0xb0/0x180
[ 2459.520617]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2459.520653]  exit_to_user_mode_loop+0x8b/0x110
[ 2459.520678]  do_syscall_64+0x2f7/0x360
[ 2459.520700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2459.520722] RIP: 0033:0x7f11f0c47b19
[ 2459.520739] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2459.520749] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2459.520770] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2459.520785] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2459.520798] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2459.520811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2459.520825] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2459.520856]  </TASK>
[ 2459.520863] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2459.520875] kmemleak:   comm "syz-executor.3", pid 16621, jiffies 4297126290
[ 2459.520889] kmemleak:   min_count = 1
[ 2459.520896] kmemleak:   count = 0
[ 2459.520903] kmemleak:   flags = 0x21
[ 2459.520910] kmemleak:   checksum = 0
[ 2459.520918] kmemleak:   backtrace:
[ 2459.520924]  pcpu_alloc_noprof+0x87a/0x1170
[ 2459.520953]  percpu_ref_init+0x37/0x400
[ 2459.520986]  io_uring_setup+0x44c/0x2000
[ 2459.521006]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2459.521028]  do_syscall_64+0xbf/0x360
[ 2459.521044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:50:37 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2c")

22:50:37 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:38 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:38 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:38 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:38 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:38 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d")

[ 2459.776952] kmemleak: Found object by alias at 0x607f1a638af4
[ 2459.776970] CPU: 0 UID: 0 PID: 16648 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2459.776987] Tainted: [W]=WARN
[ 2459.776991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.776998] Call Trace:
[ 2459.777002]  <TASK>
[ 2459.777006]  dump_stack_lvl+0xca/0x120
[ 2459.777030]  __lookup_object+0x94/0xb0
[ 2459.777046]  delete_object_full+0x27/0x70
[ 2459.777062]  free_percpu+0x30/0x1160
[ 2459.777078]  ? arch_uprobe_clear_state+0x16/0x140
[ 2459.777098]  futex_hash_free+0x38/0xc0
[ 2459.777112]  mmput+0x2d3/0x390
[ 2459.777130]  do_exit+0x79d/0x2970
[ 2459.777143]  ? signal_wake_up_state+0x85/0x120
[ 2459.777158]  ? zap_other_threads+0x2b9/0x3a0
[ 2459.777174]  ? __pfx_do_exit+0x10/0x10
[ 2459.777186]  ? do_group_exit+0x1c3/0x2a0
[ 2459.777199]  ? lock_release+0xc8/0x290
[ 2459.777216]  do_group_exit+0xd3/0x2a0
[ 2459.777231]  __x64_sys_exit_group+0x3e/0x50
[ 2459.777244]  x64_sys_call+0x18c5/0x18d0
[ 2459.777259]  do_syscall_64+0xbf/0x360
[ 2459.777271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2459.777282] RIP: 0033:0x7f11f0c47b19
[ 2459.777290] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2459.777295] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2459.777306] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2459.777314] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2459.777321] RBP: 0000000000000000 R08: 0000001b2d220a04 R09: 0000000000000000
[ 2459.777327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2459.777334] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2459.777349]  </TASK>
[ 2459.777353] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2459.777359] kmemleak:   comm "syz-executor.3", pid 16660, jiffies 4297126655
[ 2459.777366] kmemleak:   min_count = 1
[ 2459.777370] kmemleak:   count = 0
[ 2459.777373] kmemleak:   flags = 0x21
[ 2459.777377] kmemleak:   checksum = 0
[ 2459.777380] kmemleak:   backtrace:
[ 2459.777384]  pcpu_alloc_noprof+0x87a/0x1170
[ 2459.777398]  percpu_ref_init+0x37/0x400
[ 2459.777416]  io_uring_setup+0x44c/0x2000
[ 2459.777427]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2459.777438]  do_syscall_64+0xbf/0x360
[ 2459.777446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2459.853857] kmemleak: Found object by alias at 0x607f1a638af4
[ 2459.853874] CPU: 0 UID: 0 PID: 16656 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2459.853892] Tainted: [W]=WARN
[ 2459.853895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.853902] Call Trace:
[ 2459.853906]  <TASK>
[ 2459.853911]  dump_stack_lvl+0xca/0x120
[ 2459.853935]  __lookup_object+0x94/0xb0
[ 2459.853952]  delete_object_full+0x27/0x70
[ 2459.853967]  free_percpu+0x30/0x1160
[ 2459.853983]  ? arch_uprobe_clear_state+0x16/0x140
[ 2459.854002]  futex_hash_free+0x38/0xc0
[ 2459.854016]  mmput+0x2d3/0x390
[ 2459.854035]  do_exit+0x79d/0x2970
[ 2459.854051]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2459.854066]  ? __pfx_do_exit+0x10/0x10
[ 2459.854079]  ? find_held_lock+0x2b/0x80
[ 2459.854097]  ? get_signal+0x1a05/0x2340
[ 2459.854117]  do_group_exit+0xd3/0x2a0
[ 2459.854131]  get_signal+0x2315/0x2340
[ 2459.854153]  ? __pfx_get_signal+0x10/0x10
[ 2459.854175]  arch_do_signal_or_restart+0x80/0x790
[ 2459.854192]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2459.854217]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2459.854236]  asm_exc_general_protection+0x26/0x30
[ 2459.854248] RIP: 0033:0x7f11f0c47b21
[ 2459.854256] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2459.854261] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2459.854271] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2459.854278] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000000
[ 2459.854285] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2459.854292] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2459.854298] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2459.854314]  </TASK>
[ 2459.854318] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2459.854324] kmemleak:   comm "syz-executor.3", pid 16660, jiffies 4297126655
[ 2459.854331] kmemleak:   min_count = 1
[ 2459.854335] kmemleak:   count = 0
[ 2459.854339] kmemleak:   flags = 0x21
[ 2459.854342] kmemleak:   checksum = 0
[ 2459.854346] kmemleak:   backtrace:
[ 2459.854349]  pcpu_alloc_noprof+0x87a/0x1170
[ 2459.854364]  percpu_ref_init+0x37/0x400
[ 2459.854381]  io_uring_setup+0x44c/0x2000
[ 2459.854392]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2459.854402]  do_syscall_64+0xbf/0x360
[ 2459.854411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:50:46 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:46 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2c")

22:50:46 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:46 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:46 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:46 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d")

22:50:46 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:46 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:46 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:46 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7b")

22:50:55 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d")

22:50:55 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:55 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2c")

22:50:55 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:55 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 7:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:55 executing program 7:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c")

22:50:55 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:50:55 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:50:55 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:50:55 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:50:55 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2477.426472] cgroup: fork rejected by pids controller in /syz4
[ 2477.438318] cgroup: fork rejected by pids controller in /syz5
[ 2477.546958] kmemleak: Found object by alias at 0x607f1a638af4
[ 2477.546980] CPU: 1 UID: 0 PID: 16760 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2477.546998] Tainted: [W]=WARN
[ 2477.547002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2477.547009] Call Trace:
[ 2477.547017]  <TASK>
[ 2477.547021]  dump_stack_lvl+0xca/0x120
[ 2477.547046]  __lookup_object+0x94/0xb0
[ 2477.547063]  delete_object_full+0x27/0x70
[ 2477.547079]  free_percpu+0x30/0x1160
[ 2477.547095]  ? arch_uprobe_clear_state+0x16/0x140
[ 2477.547115]  futex_hash_free+0x38/0xc0
[ 2477.547129]  mmput+0x2d3/0x390
[ 2477.547147]  do_exit+0x79d/0x2970
[ 2477.547160]  ? lock_release+0xc8/0x290
[ 2477.547177]  ? __pfx_do_exit+0x10/0x10
[ 2477.547190]  ? find_held_lock+0x2b/0x80
[ 2477.547207]  ? get_signal+0x835/0x2340
[ 2477.547226]  do_group_exit+0xd3/0x2a0
[ 2477.547241]  get_signal+0x2315/0x2340
[ 2477.547263]  ? __pfx_get_signal+0x10/0x10
[ 2477.547279]  ? do_futex+0x135/0x370
[ 2477.547292]  ? __pfx_do_futex+0x10/0x10
[ 2477.547307]  arch_do_signal_or_restart+0x80/0x790
[ 2477.547324]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2477.547339]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2477.547351]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2477.547364]  ? exc_page_fault+0xb0/0x180
[ 2477.547381]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2477.547399]  exit_to_user_mode_loop+0x8b/0x110
[ 2477.547412]  do_syscall_64+0x2f7/0x360
[ 2477.547423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2477.547435] RIP: 0033:0x7f11f0c47b19
[ 2477.547444] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2477.547449] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2477.547460] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2477.547467] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2477.547474] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2477.547481] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2477.547487] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2477.547503]  </TASK>
[ 2477.547506] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2477.547513] kmemleak:   comm "syz-executor.2", pid 16763, jiffies 4297144401
[ 2477.547520] kmemleak:   min_count = 1
[ 2477.547524] kmemleak:   count = 0
[ 2477.547527] kmemleak:   flags = 0x21
[ 2477.547531] kmemleak:   checksum = 0
[ 2477.547534] kmemleak:   backtrace:
[ 2477.547538]  pcpu_alloc_noprof+0x87a/0x1170
[ 2477.547553]  percpu_ref_init+0x37/0x400
[ 2477.547570]  io_uring_setup+0x44c/0x2000
[ 2477.547581]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2477.547592]  do_syscall_64+0xbf/0x360
[ 2477.547600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:05 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:05 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:05 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:05 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198")

22:51:05 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c")

22:51:05 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:05 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:51:05 executing program 7:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2487.548526] kmemleak: Found object by alias at 0x607f1a638af4
[ 2487.548548] CPU: 1 UID: 0 PID: 16785 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2487.548567] Tainted: [W]=WARN
[ 2487.548571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2487.548578] Call Trace:
[ 2487.548582]  <TASK>
[ 2487.548587]  dump_stack_lvl+0xca/0x120
[ 2487.548612]  __lookup_object+0x94/0xb0
[ 2487.548629]  delete_object_full+0x27/0x70
[ 2487.548644]  free_percpu+0x30/0x1160
[ 2487.548660]  ? arch_uprobe_clear_state+0x16/0x140
[ 2487.548680]  futex_hash_free+0x38/0xc0
[ 2487.548694]  mmput+0x2d3/0x390
[ 2487.548713]  do_exit+0x79d/0x2970
[ 2487.548729]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2487.548745]  ? __pfx_do_exit+0x10/0x10
[ 2487.548759]  ? find_held_lock+0x2b/0x80
[ 2487.548777]  ? get_signal+0x1a05/0x2340
[ 2487.548797]  do_group_exit+0xd3/0x2a0
[ 2487.548816]  get_signal+0x2315/0x2340
[ 2487.548838]  ? __pfx_get_signal+0x10/0x10
[ 2487.548854]  ? force_sig_fault+0xb4/0xf0
[ 2487.548870]  ? __pfx_force_sig_fault+0x10/0x10
[ 2487.548889]  arch_do_signal_or_restart+0x80/0x790
[ 2487.548907]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2487.548927]  ? lock_mm_and_find_vma+0xaa/0x6f0
[ 2487.548945]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2487.548963]  exc_page_fault+0xd9/0x180
[ 2487.548979]  asm_exc_page_fault+0x26/0x30
[ 2487.548991] RIP: 0033:0x0
[ 2487.548999] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[ 2487.549004] RSP: 002b:0000000020000188 EFLAGS: 00010217
[ 2487.549014] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2487.549022] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2487.549028] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2487.549035] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2487.549042] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2487.549057]  </TASK>
[ 2487.549061] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2487.549068] kmemleak:   comm "syz-executor.2", pid 16780, jiffies 4297154379
[ 2487.549075] kmemleak:   min_count = 1
[ 2487.549079] kmemleak:   count = 0
[ 2487.549082] kmemleak:   flags = 0x21
[ 2487.549086] kmemleak:   checksum = 0
[ 2487.549089] kmemleak:   backtrace:
[ 2487.549093]  pcpu_alloc_noprof+0x87a/0x1170
[ 2487.549108]  percpu_ref_init+0x37/0x400
[ 2487.549125]  io_uring_setup+0x44c/0x2000
[ 2487.549136]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2487.549147]  do_syscall_64+0xbf/0x360
[ 2487.549156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:06 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:06 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:06 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:51:06 executing program 7:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:06 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c")

22:51:06 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:06 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198")

22:51:06 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:06 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:06 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee24")

22:51:06 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e")

[ 2487.877653] cgroup: fork rejected by pids controller in /syz0
22:51:16 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x0, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:16 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:16 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198")

22:51:16 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:16 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e")

22:51:16 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee24")

22:51:16 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:16 executing program 7:
clone(0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:16 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x0, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:16 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e")

22:51:24 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee24")

22:51:24 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a37157")

22:51:24 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:24 executing program 7:
clone(0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x0, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:24 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce96")

22:51:24 executing program 7:
clone(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce96")

22:51:24 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 7:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:51:24 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:24 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x0, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:24 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:34 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce96")

22:51:34 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a37157")

22:51:34 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x0, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:34 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:34 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

[ 2516.071959] kmemleak: Found object by alias at 0x607f1a639184
[ 2516.071982] CPU: 1 UID: 0 PID: 16945 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2516.072002] Tainted: [W]=WARN
[ 2516.072006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2516.072014] Call Trace:
[ 2516.072018]  <TASK>
[ 2516.072023]  dump_stack_lvl+0xca/0x120
[ 2516.072049]  __lookup_object+0x94/0xb0
[ 2516.072067]  delete_object_full+0x27/0x70
[ 2516.072084]  free_percpu+0x30/0x1160
[ 2516.072102]  ? arch_uprobe_clear_state+0x16/0x140
[ 2516.072123]  futex_hash_free+0x38/0xc0
[ 2516.072139]  mmput+0x2d3/0x390
[ 2516.072159]  copy_process+0x273d/0x73c0
[ 2516.072171]  ? find_held_lock+0x2b/0x80
[ 2516.072198]  ? __pfx_copy_process+0x10/0x10
[ 2516.072219]  kernel_clone+0xea/0x7f0
[ 2516.072233]  ? __pfx_kernel_clone+0x10/0x10
[ 2516.072247]  ? __lock_acquire+0x694/0x1b70
[ 2516.072262]  ? css_rstat_updated+0x1b8/0x4d0
[ 2516.072281]  ? __pfx_css_rstat_updated+0x10/0x10
[ 2516.072301]  __do_sys_clone+0xce/0x120
[ 2516.072314]  ? __pfx___do_sys_clone+0x10/0x10
[ 2516.072325]  ? find_held_lock+0x2b/0x80
[ 2516.072354]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2516.072370]  do_syscall_64+0xbf/0x360
[ 2516.072382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2516.072395] RIP: 0033:0x7f426ab2ab19
[ 2516.072405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2516.072417] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2516.072429] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2516.072438] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000200
[ 2516.072445] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2516.072453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2516.072460] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2516.072476]  </TASK>
[ 2516.072480] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2516.072488] kmemleak:   comm "syz-executor.2", pid 16935, jiffies 4297182854
[ 2516.072495] kmemleak:   min_count = 1
[ 2516.072499] kmemleak:   count = 0
[ 2516.072503] kmemleak:   flags = 0x21
[ 2516.072507] kmemleak:   checksum = 0
[ 2516.072511] kmemleak:   backtrace:
[ 2516.072514]  pcpu_alloc_noprof+0x87a/0x1170
[ 2516.072531]  percpu_ref_init+0x37/0x400
[ 2516.072550]  io_uring_setup+0x44c/0x2000
[ 2516.072562]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2516.072574]  do_syscall_64+0xbf/0x360
[ 2516.072583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:34 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

[ 2516.145761] kmemleak: Found object by alias at 0x607f1a639184
[ 2516.145784] CPU: 1 UID: 0 PID: 16945 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2516.145802] Tainted: [W]=WARN
[ 2516.145811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2516.145818] Call Trace:
[ 2516.145822]  <TASK>
[ 2516.145827]  dump_stack_lvl+0xca/0x120
[ 2516.145854]  __lookup_object+0x94/0xb0
[ 2516.145871]  delete_object_full+0x27/0x70
[ 2516.145887]  free_percpu+0x30/0x1160
[ 2516.145904]  ? arch_uprobe_clear_state+0x16/0x140
[ 2516.145924]  futex_hash_free+0x38/0xc0
[ 2516.145938]  mmput+0x2d3/0x390
[ 2516.145957]  do_exit+0x79d/0x2970
[ 2516.145970]  ? lock_release+0xc8/0x290
[ 2516.145987]  ? __pfx_do_exit+0x10/0x10
[ 2516.146001]  ? find_held_lock+0x2b/0x80
[ 2516.146017]  ? get_signal+0x835/0x2340
[ 2516.146037]  do_group_exit+0xd3/0x2a0
[ 2516.146052]  get_signal+0x2315/0x2340
[ 2516.146074]  ? __pfx_get_signal+0x10/0x10
[ 2516.146089]  ? do_futex+0x135/0x370
[ 2516.146103]  ? __pfx_do_futex+0x10/0x10
[ 2516.146118]  arch_do_signal_or_restart+0x80/0x790
[ 2516.146135]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2516.146151]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2516.146163]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2516.146182]  ? exc_page_fault+0xb0/0x180
[ 2516.146199]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2516.146217]  exit_to_user_mode_loop+0x8b/0x110
[ 2516.146230]  do_syscall_64+0x2f7/0x360
[ 2516.146242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2516.146254] RIP: 0033:0x7f426ab2ab19
[ 2516.146263] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2516.146268] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2516.146280] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2516.146287] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2516.146294] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2516.146301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2516.146308] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2516.146324]  </TASK>
[ 2516.146327] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2516.146334] kmemleak:   comm "syz-executor.2", pid 16935, jiffies 4297182854
[ 2516.146341] kmemleak:   min_count = 1
[ 2516.146345] kmemleak:   count = 0
[ 2516.146349] kmemleak:   flags = 0x21
[ 2516.146352] kmemleak:   checksum = 0
[ 2516.146356] kmemleak:   backtrace:
[ 2516.146360]  pcpu_alloc_noprof+0x87a/0x1170
[ 2516.146375]  percpu_ref_init+0x37/0x400
[ 2516.146392]  io_uring_setup+0x44c/0x2000
[ 2516.146404]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2516.146414]  do_syscall_64+0xbf/0x360
[ 2516.146423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:34 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d24")

22:51:34 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a37157")

22:51:34 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd9")

22:51:34 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x0, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:34 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x0, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:34 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb")

[ 2516.444257] kmemleak: Found object by alias at 0x607f1a638af4
[ 2516.444289] CPU: 0 UID: 0 PID: 16979 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2516.444321] Tainted: [W]=WARN
[ 2516.444328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2516.444340] Call Trace:
[ 2516.444347]  <TASK>
[ 2516.444355]  dump_stack_lvl+0xca/0x120
[ 2516.444393]  __lookup_object+0x94/0xb0
[ 2516.444421]  delete_object_full+0x27/0x70
[ 2516.444450]  free_percpu+0x30/0x1160
[ 2516.444478]  ? arch_uprobe_clear_state+0x16/0x140
[ 2516.444512]  futex_hash_free+0x38/0xc0
[ 2516.444536]  mmput+0x2d3/0x390
[ 2516.444569]  do_exit+0x79d/0x2970
[ 2516.444598]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2516.444624]  ? __pfx_do_exit+0x10/0x10
[ 2516.444648]  ? find_held_lock+0x2b/0x80
[ 2516.444679]  ? get_signal+0x1a05/0x2340
[ 2516.444714]  do_group_exit+0xd3/0x2a0
[ 2516.444740]  get_signal+0x2315/0x2340
[ 2516.444780]  ? __pfx_get_signal+0x10/0x10
[ 2516.444818]  ? force_sig_fault+0xb4/0xf0
[ 2516.444847]  ? __pfx_force_sig_fault+0x10/0x10
[ 2516.444882]  arch_do_signal_or_restart+0x80/0x790
[ 2516.444913]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2516.444949]  ? lock_mm_and_find_vma+0xaa/0x6f0
[ 2516.444980]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2516.445013]  exc_page_fault+0xd9/0x180
[ 2516.445042]  asm_exc_page_fault+0x26/0x30
[ 2516.445062] RIP: 0033:0x0
[ 2516.445075] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[ 2516.445085] RSP: 002b:0000000020000188 EFLAGS: 00010217
[ 2516.445102] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2516.445115] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000200
[ 2516.445128] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2516.445140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2516.445152] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2516.445180]  </TASK>
[ 2516.445187] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2516.445199] kmemleak:   comm "syz-executor.3", pid 16984, jiffies 4297183294
[ 2516.445212] kmemleak:   min_count = 1
[ 2516.445218] kmemleak:   count = 0
[ 2516.445225] kmemleak:   flags = 0x21
[ 2516.445232] kmemleak:   checksum = 0
[ 2516.445238] kmemleak:   backtrace:
[ 2516.445244]  pcpu_alloc_noprof+0x87a/0x1170
[ 2516.445271]  percpu_ref_init+0x37/0x400
[ 2516.445302]  io_uring_setup+0x44c/0x2000
[ 2516.445321]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2516.445340]  do_syscall_64+0xbf/0x360
[ 2516.445356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:43 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:43 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:43 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), 0x0)

22:51:43 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb")

22:51:43 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x0, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:43 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd9")

22:51:43 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d24")

22:51:43 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:44 executing program 5:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb")

[ 2525.685623] kmemleak: Found object by alias at 0x607f1a638af4
[ 2525.685653] CPU: 0 UID: 0 PID: 17017 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2525.685686] Tainted: [W]=WARN
[ 2525.685692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2525.685704] Call Trace:
[ 2525.685711]  <TASK>
[ 2525.685719]  dump_stack_lvl+0xca/0x120
[ 2525.685759]  __lookup_object+0x94/0xb0
[ 2525.685788]  delete_object_full+0x27/0x70
[ 2525.685826]  free_percpu+0x30/0x1160
[ 2525.685855]  ? arch_uprobe_clear_state+0x16/0x140
[ 2525.685890]  futex_hash_free+0x38/0xc0
[ 2525.685915]  mmput+0x2d3/0x390
[ 2525.685948]  do_exit+0x79d/0x2970
[ 2525.685977]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2525.686004]  ? __pfx_do_exit+0x10/0x10
[ 2525.686029]  ? find_held_lock+0x2b/0x80
[ 2525.686060]  ? get_signal+0x1a05/0x2340
[ 2525.686095]  do_group_exit+0xd3/0x2a0
[ 2525.686122]  get_signal+0x2315/0x2340
[ 2525.686163]  ? __pfx_get_signal+0x10/0x10
[ 2525.686194]  ? force_sig_fault+0xb4/0xf0
[ 2525.686237]  ? __pfx_force_sig_fault+0x10/0x10
[ 2525.686273]  arch_do_signal_or_restart+0x80/0x790
[ 2525.686304]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2525.686341]  ? lock_mm_and_find_vma+0xaa/0x6f0
[ 2525.686374]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2525.686407]  exc_page_fault+0xd9/0x180
[ 2525.686437]  asm_exc_page_fault+0x26/0x30
[ 2525.686457] RIP: 0033:0x0
[ 2525.686470] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[ 2525.686480] RSP: 002b:0000000020000188 EFLAGS: 00010217
[ 2525.686497] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2525.686511] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000200
[ 2525.686523] RBP: 00007f11f0ca1f6d R08: 0000000000000000 R09: 0000000000000000
[ 2525.686535] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2525.686548] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2525.686576]  </TASK>
[ 2525.686583] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2525.686595] kmemleak:   comm "syz-executor.3", pid 17005, jiffies 4297192443
[ 2525.686608] kmemleak:   min_count = 1
[ 2525.686614] kmemleak:   count = 0
[ 2525.686621] kmemleak:   flags = 0x21
[ 2525.686628] kmemleak:   checksum = 0
[ 2525.686634] kmemleak:   backtrace:
[ 2525.686640]  pcpu_alloc_noprof+0x87a/0x1170
[ 2525.686667]  percpu_ref_init+0x37/0x400
[ 2525.686698]  io_uring_setup+0x44c/0x2000
[ 2525.686718]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2525.686738]  do_syscall_64+0xbf/0x360
[ 2525.686753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:53 executing program 7:
clone(0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:53 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d24")

22:51:53 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x0, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 0:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd9")

22:51:53 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:53 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), 0x0)

22:51:53 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

[ 2535.303445] kmemleak: Found object by alias at 0x607f1a639184
[ 2535.303468] CPU: 0 UID: 0 PID: 17041 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2535.303488] Tainted: [W]=WARN
[ 2535.303492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2535.303499] Call Trace:
[ 2535.303504]  <TASK>
[ 2535.303509]  dump_stack_lvl+0xca/0x120
[ 2535.303539]  __lookup_object+0x94/0xb0
[ 2535.303557]  delete_object_full+0x27/0x70
[ 2535.303574]  free_percpu+0x30/0x1160
[ 2535.303592]  ? arch_uprobe_clear_state+0x16/0x140
[ 2535.303613]  futex_hash_free+0x38/0xc0
[ 2535.303628]  mmput+0x2d3/0x390
[ 2535.303648]  copy_process+0x273d/0x73c0
[ 2535.303659]  ? find_held_lock+0x2b/0x80
[ 2535.303686]  ? __pfx_copy_process+0x10/0x10
[ 2535.303707]  kernel_clone+0xea/0x7f0
[ 2535.303721]  ? __pfx_kernel_clone+0x10/0x10
[ 2535.303735]  ? __lock_acquire+0x694/0x1b70
[ 2535.303749]  ? css_rstat_updated+0x1b8/0x4d0
[ 2535.303768]  ? __pfx_css_rstat_updated+0x10/0x10
[ 2535.303788]  __do_sys_clone+0xce/0x120
[ 2535.303801]  ? __pfx___do_sys_clone+0x10/0x10
[ 2535.303813]  ? find_held_lock+0x2b/0x80
[ 2535.303841]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2535.303858]  do_syscall_64+0xbf/0x360
[ 2535.303870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2535.303884] RIP: 0033:0x7f426ab2ab19
[ 2535.303893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2535.303905] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2535.303918] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2535.303926] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000200
[ 2535.303933] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2535.303941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2535.303948] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2535.303964]  </TASK>
[ 2535.303968] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2535.303975] kmemleak:   comm "syz-executor.3", pid 17044, jiffies 4297202139
[ 2535.303983] kmemleak:   min_count = 1
[ 2535.303987] kmemleak:   count = 0
[ 2535.303990] kmemleak:   flags = 0x21
[ 2535.303994] kmemleak:   checksum = 0
[ 2535.303998] kmemleak:   backtrace:
[ 2535.304002]  pcpu_alloc_noprof+0x87a/0x1170
[ 2535.304018]  percpu_ref_init+0x37/0x400
[ 2535.304037]  io_uring_setup+0x44c/0x2000
[ 2535.304049]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2535.304061]  do_syscall_64+0xbf/0x360
[ 2535.304070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:51:53 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:53 executing program 7:
clone(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0")

22:51:53 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x0, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:53 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), 0x0)

22:51:53 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:53 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:51:54 executing program 7:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:51:54 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:51:54 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:03 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0x0, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:03 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x0, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:03 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:03 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:03 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:03 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:03 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:03 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2545.041331] kmemleak: Found object by alias at 0x607f1a638af4
[ 2545.041355] CPU: 1 UID: 0 PID: 17105 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2545.041373] Tainted: [W]=WARN
[ 2545.041377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2545.041384] Call Trace:
[ 2545.041388]  <TASK>
[ 2545.041393]  dump_stack_lvl+0xca/0x120
[ 2545.041418]  __lookup_object+0x94/0xb0
[ 2545.041434]  delete_object_full+0x27/0x70
[ 2545.041449]  free_percpu+0x30/0x1160
[ 2545.041465]  ? arch_uprobe_clear_state+0x16/0x140
[ 2545.041485]  futex_hash_free+0x38/0xc0
[ 2545.041499]  mmput+0x2d3/0x390
[ 2545.041517]  do_exit+0x79d/0x2970
[ 2545.041533]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2545.041549]  ? __pfx_do_exit+0x10/0x10
[ 2545.041563]  ? find_held_lock+0x2b/0x80
[ 2545.041580]  ? get_signal+0x1a05/0x2340
[ 2545.041600]  do_group_exit+0xd3/0x2a0
[ 2545.041615]  get_signal+0x2315/0x2340
[ 2545.041637]  ? __pfx_get_signal+0x10/0x10
[ 2545.041659]  arch_do_signal_or_restart+0x80/0x790
[ 2545.041676]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2545.041701]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2545.041720]  asm_exc_general_protection+0x26/0x30
[ 2545.041732] RIP: 0033:0x7f11f0c47b21
[ 2545.041740] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2545.041745] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2545.041755] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2545.041762] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000000
[ 2545.041769] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2545.041776] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2545.041782] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2545.041798]  </TASK>
[ 2545.041802] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2545.041813] kmemleak:   comm "syz-executor.3", pid 17114, jiffies 4297211932
[ 2545.041820] kmemleak:   min_count = 1
[ 2545.041824] kmemleak:   count = 0
[ 2545.041827] kmemleak:   flags = 0x21
[ 2545.041831] kmemleak:   checksum = 0
[ 2545.041835] kmemleak:   backtrace:
[ 2545.041838]  pcpu_alloc_noprof+0x87a/0x1170
[ 2545.041853]  percpu_ref_init+0x37/0x400
[ 2545.041871]  io_uring_setup+0x44c/0x2000
[ 2545.041882]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2545.041893]  do_syscall_64+0xbf/0x360
[ 2545.041901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:03 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:03 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

[ 2545.134668] kmemleak: Found object by alias at 0x607f1a638af4
[ 2545.134687] CPU: 1 UID: 0 PID: 17100 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2545.134705] Tainted: [W]=WARN
[ 2545.134708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2545.134715] Call Trace:
[ 2545.134719]  <TASK>
[ 2545.134724]  dump_stack_lvl+0xca/0x120
[ 2545.134750]  __lookup_object+0x94/0xb0
[ 2545.134766]  delete_object_full+0x27/0x70
[ 2545.134782]  free_percpu+0x30/0x1160
[ 2545.134798]  ? arch_uprobe_clear_state+0x16/0x140
[ 2545.134823]  futex_hash_free+0x38/0xc0
[ 2545.134838]  mmput+0x2d3/0x390
[ 2545.134856]  do_exit+0x79d/0x2970
[ 2545.134869]  ? signal_wake_up_state+0x85/0x120
[ 2545.134885]  ? zap_other_threads+0x2b9/0x3a0
[ 2545.134901]  ? __pfx_do_exit+0x10/0x10
[ 2545.134913]  ? do_group_exit+0x1c3/0x2a0
[ 2545.134927]  ? lock_release+0xc8/0x290
[ 2545.134943]  do_group_exit+0xd3/0x2a0
[ 2545.134958]  __x64_sys_exit_group+0x3e/0x50
[ 2545.134971]  x64_sys_call+0x18c5/0x18d0
[ 2545.134987]  do_syscall_64+0xbf/0x360
[ 2545.134998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2545.135009] RIP: 0033:0x7f11f0c47b19
[ 2545.135018] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2545.135023] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2545.135034] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2545.135042] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2545.135049] RBP: 0000000000000000 R08: 0000001b2d223f24 R09: 0000000000000000
[ 2545.135055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2545.135062] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2545.135077]  </TASK>
[ 2545.135080] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2545.135087] kmemleak:   comm "syz-executor.3", pid 17114, jiffies 4297211932
[ 2545.135094] kmemleak:   min_count = 1
[ 2545.135098] kmemleak:   count = 0
[ 2545.135101] kmemleak:   flags = 0x21
[ 2545.135105] kmemleak:   checksum = 0
[ 2545.135108] kmemleak:   backtrace:
[ 2545.135112]  pcpu_alloc_noprof+0x87a/0x1170
[ 2545.135126]  percpu_ref_init+0x37/0x400
[ 2545.135144]  io_uring_setup+0x44c/0x2000
[ 2545.135155]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2545.135165]  do_syscall_64+0xbf/0x360
[ 2545.135173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:03 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0x0, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

[ 2545.166056] kmemleak: Found object by alias at 0x607f1a639184
[ 2545.166090] CPU: 0 UID: 0 PID: 17113 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2545.166126] Tainted: [W]=WARN
[ 2545.166134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2545.166147] Call Trace:
[ 2545.166155]  <TASK>
[ 2545.166164]  dump_stack_lvl+0xca/0x120
[ 2545.166208]  __lookup_object+0x94/0xb0
[ 2545.166239]  delete_object_full+0x27/0x70
[ 2545.166270]  free_percpu+0x30/0x1160
[ 2545.166302]  ? arch_uprobe_clear_state+0x16/0x140
[ 2545.166341]  futex_hash_free+0x38/0xc0
[ 2545.166381]  mmput+0x2d3/0x390
[ 2545.166418]  copy_process+0x273d/0x73c0
[ 2545.166439]  ? __pfx___futex_wait+0x10/0x10
[ 2545.166483]  ? __pfx_copy_process+0x10/0x10
[ 2545.166507]  ? __lock_acquire+0xc65/0x1b70
[ 2545.166548]  kernel_clone+0xea/0x7f0
[ 2545.166571]  ? finish_task_switch.isra.0+0x201/0x840
[ 2545.166608]  ? __pfx_kernel_clone+0x10/0x10
[ 2545.166633]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2545.166658]  ? finish_task_switch.isra.0+0x206/0x840
[ 2545.166699]  ? do_futex+0x135/0x370
[ 2545.166727]  __do_sys_clone+0xce/0x120
[ 2545.166757]  ? __pfx___do_sys_clone+0x10/0x10
[ 2545.166780]  ? __pfx___schedule+0x10/0x10
[ 2545.166821]  ? __x64_sys_signalfd+0x11d/0x190
[ 2545.166853]  ? xfd_validate_state+0x55/0x180
[ 2545.166896]  do_syscall_64+0xbf/0x360
[ 2545.166919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2545.166942] RIP: 0033:0x7f426ab2ab19
[ 2545.166960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2545.166981] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2545.167004] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2545.167019] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2545.167033] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2545.167047] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2545.167060] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2545.167090]  </TASK>
[ 2545.167097] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
22:52:03 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

[ 2545.167111] kmemleak:   comm "syz-executor.0", pid 17113, jiffies 4297211933
[ 2545.167125] kmemleak:   min_count = 1
[ 2545.167132] kmemleak:   count = 0
[ 2545.167139] kmemleak:   flags = 0x21
[ 2545.167146] kmemleak:   checksum = 0
[ 2545.167154] kmemleak:   backtrace:
[ 2545.167160]  pcpu_alloc_noprof+0x87a/0x1170
[ 2545.167190]  percpu_ref_init+0x37/0x400
[ 2545.167224]  io_uring_setup+0x44c/0x2000
[ 2545.167245]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2545.167267]  do_syscall_64+0xbf/0x360
[ 2545.167284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:03 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x0, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:12 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:52:12 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:12 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:12 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:12 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

22:52:12 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:12 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0x0, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:12 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:12 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)

[ 2554.614945] kmemleak: Found object by alias at 0x607f1a639184
[ 2554.614966] CPU: 1 UID: 0 PID: 17144 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2554.614985] Tainted: [W]=WARN
[ 2554.614989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2554.614996] Call Trace:
[ 2554.615000]  <TASK>
[ 2554.615005]  dump_stack_lvl+0xca/0x120
[ 2554.615030]  __lookup_object+0x94/0xb0
[ 2554.615046]  delete_object_full+0x27/0x70
[ 2554.615062]  free_percpu+0x30/0x1160
[ 2554.615078]  ? arch_uprobe_clear_state+0x16/0x140
[ 2554.615097]  futex_hash_free+0x38/0xc0
[ 2554.615111]  mmput+0x2d3/0x390
[ 2554.615129]  do_exit+0x79d/0x2970
[ 2554.615142]  ? signal_wake_up_state+0x85/0x120
[ 2554.615157]  ? zap_other_threads+0x2b9/0x3a0
[ 2554.615173]  ? __pfx_do_exit+0x10/0x10
[ 2554.615185]  ? do_group_exit+0x1c3/0x2a0
[ 2554.615198]  ? lock_release+0xc8/0x290
[ 2554.615215]  do_group_exit+0xd3/0x2a0
[ 2554.615229]  __x64_sys_exit_group+0x3e/0x50
[ 2554.615243]  x64_sys_call+0x18c5/0x18d0
[ 2554.615258]  do_syscall_64+0xbf/0x360
[ 2554.615270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2554.615281] RIP: 0033:0x7f426ab2ab19
[ 2554.615290] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2554.615295] RSP: 002b:00007ffe695d2ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2554.615306] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f426ab2ab19
[ 2554.615314] RDX: 00007f426aadd72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2554.615321] RBP: 0000000000000000 R08: 0000001b2cc20d58 R09: 0000000000000000
[ 2554.615327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2554.615334] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe695d2bb0
[ 2554.615349]  </TASK>
[ 2554.615353] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2554.615359] kmemleak:   comm "syz-executor.4", pid 17158, jiffies 4297221509
[ 2554.615366] kmemleak:   min_count = 1
[ 2554.615370] kmemleak:   count = 0
[ 2554.615374] kmemleak:   flags = 0x21
[ 2554.615377] kmemleak:   checksum = 0
[ 2554.615381] kmemleak:   backtrace:
[ 2554.615385]  pcpu_alloc_noprof+0x87a/0x1170
[ 2554.615399]  percpu_ref_init+0x37/0x400
[ 2554.615417]  io_uring_setup+0x44c/0x2000
[ 2554.615428]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2554.615439]  do_syscall_64+0xbf/0x360
[ 2554.615447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:13 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xd, 0x0, 0x0)

22:52:13 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

[ 2554.663953] kmemleak: Found object by alias at 0x607f1a638af4
[ 2554.663971] CPU: 1 UID: 0 PID: 17143 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2554.663988] Tainted: [W]=WARN
[ 2554.663992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2554.663999] Call Trace:
[ 2554.664003]  <TASK>
[ 2554.664007]  dump_stack_lvl+0xca/0x120
[ 2554.664029]  __lookup_object+0x94/0xb0
[ 2554.664045]  delete_object_full+0x27/0x70
[ 2554.664060]  free_percpu+0x30/0x1160
[ 2554.664075]  ? arch_uprobe_clear_state+0x16/0x140
[ 2554.664094]  futex_hash_free+0x38/0xc0
[ 2554.664108]  mmput+0x2d3/0x390
[ 2554.664125]  do_exit+0x79d/0x2970
[ 2554.664138]  ? signal_wake_up_state+0x85/0x120
[ 2554.664152]  ? zap_other_threads+0x2b9/0x3a0
[ 2554.664168]  ? __pfx_do_exit+0x10/0x10
[ 2554.664180]  ? do_group_exit+0x1c3/0x2a0
[ 2554.664193]  ? lock_release+0xc8/0x290
[ 2554.664209]  do_group_exit+0xd3/0x2a0
[ 2554.664223]  __x64_sys_exit_group+0x3e/0x50
[ 2554.664239]  x64_sys_call+0x18c5/0x18d0
[ 2554.664257]  do_syscall_64+0xbf/0x360
[ 2554.664267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2554.664279] RIP: 0033:0x7f11f0c47b19
[ 2554.664287] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2554.664292] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2554.664303] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2554.664310] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2554.664317] RBP: 0000000000000000 R08: 0000001b2d223f9c R09: 0000000000000000
[ 2554.664324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2554.664330] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2554.664346]  </TASK>
[ 2554.664349] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2554.664355] kmemleak:   comm "syz-executor.3", pid 17159, jiffies 4297221509
[ 2554.664362] kmemleak:   min_count = 1
[ 2554.664366] kmemleak:   count = 0
[ 2554.664370] kmemleak:   flags = 0x21
[ 2554.664373] kmemleak:   checksum = 0
[ 2554.664377] kmemleak:   backtrace:
[ 2554.664380]  pcpu_alloc_noprof+0x87a/0x1170
[ 2554.664395]  percpu_ref_init+0x37/0x400
[ 2554.664412]  io_uring_setup+0x44c/0x2000
[ 2554.664423]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2554.664433]  do_syscall_64+0xbf/0x360
[ 2554.664442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:13 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:13 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

[ 2554.748530] kmemleak: Found object by alias at 0x607f1a638af4
[ 2554.748559] CPU: 0 UID: 0 PID: 17151 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2554.748591] Tainted: [W]=WARN
[ 2554.748598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2554.748610] Call Trace:
[ 2554.748617]  <TASK>
[ 2554.748625]  dump_stack_lvl+0xca/0x120
[ 2554.748666]  __lookup_object+0x94/0xb0
[ 2554.748695]  delete_object_full+0x27/0x70
[ 2554.748724]  free_percpu+0x30/0x1160
[ 2554.748752]  ? arch_uprobe_clear_state+0x16/0x140
[ 2554.748788]  futex_hash_free+0x38/0xc0
[ 2554.748821]  mmput+0x2d3/0x390
[ 2554.748855]  do_exit+0x79d/0x2970
[ 2554.748885]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2554.748912]  ? __pfx_do_exit+0x10/0x10
[ 2554.748937]  ? find_held_lock+0x2b/0x80
[ 2554.748969]  ? get_signal+0x1a05/0x2340
[ 2554.749005]  do_group_exit+0xd3/0x2a0
[ 2554.749032]  get_signal+0x2315/0x2340
[ 2554.749073]  ? __pfx_get_signal+0x10/0x10
[ 2554.749113]  arch_do_signal_or_restart+0x80/0x790
[ 2554.749144]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2554.749191]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2554.749225]  asm_exc_general_protection+0x26/0x30
[ 2554.749246] RIP: 0033:0x7f11f0c47b21
[ 2554.749261] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2554.749271] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2554.749287] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2554.749301] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000000
[ 2554.749313] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2554.749326] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2554.749338] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2554.749367]  </TASK>
[ 2554.749374] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2554.749386] kmemleak:   comm "syz-executor.3", pid 17159, jiffies 4297221509
[ 2554.749399] kmemleak:   min_count = 1
[ 2554.749406] kmemleak:   count = 0
[ 2554.749413] kmemleak:   flags = 0x21
[ 2554.749419] kmemleak:   checksum = 0
[ 2554.749426] kmemleak:   backtrace:
[ 2554.749432]  pcpu_alloc_noprof+0x87a/0x1170
[ 2554.749459]  percpu_ref_init+0x37/0x400
[ 2554.749489]  io_uring_setup+0x44c/0x2000
[ 2554.749509]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2554.749529]  do_syscall_64+0xbf/0x360
[ 2554.749545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2554.799625] kmemleak: Found object by alias at 0x607f1a639184
[ 2554.799647] CPU: 1 UID: 0 PID: 17173 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2554.799665] Tainted: [W]=WARN
[ 2554.799669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2554.799676] Call Trace:
[ 2554.799680]  <TASK>
[ 2554.799685]  dump_stack_lvl+0xca/0x120
[ 2554.799712]  __lookup_object+0x94/0xb0
[ 2554.799729]  delete_object_full+0x27/0x70
[ 2554.799746]  free_percpu+0x30/0x1160
[ 2554.799762]  ? arch_uprobe_clear_state+0x16/0x140
[ 2554.799782]  futex_hash_free+0x38/0xc0
[ 2554.799796]  mmput+0x2d3/0x390
[ 2554.799820]  do_exit+0x79d/0x2970
[ 2554.799833]  ? lock_release+0xc8/0x290
[ 2554.799850]  ? __pfx_do_exit+0x10/0x10
[ 2554.799864]  ? find_held_lock+0x2b/0x80
[ 2554.799881]  ? get_signal+0x835/0x2340
[ 2554.799900]  do_group_exit+0xd3/0x2a0
[ 2554.799915]  get_signal+0x2315/0x2340
22:52:13 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xd, 0x0, 0x0)

[ 2554.799937]  ? __pfx_get_signal+0x10/0x10
[ 2554.799952]  ? do_futex+0x135/0x370
[ 2554.799966]  ? __pfx_do_futex+0x10/0x10
[ 2554.799977]  ? fd_install+0x1d8/0x660
[ 2554.799990]  arch_do_signal_or_restart+0x80/0x790
[ 2554.800007]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2554.800023]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2554.800035]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2554.800049]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2554.800062]  ? __x64_sys_signalfd+0x11d/0x190
[ 2554.800079]  ? __pfx___x64_sys_signalfd+0x10/0x10
[ 2554.800099]  exit_to_user_mode_loop+0x8b/0x110
[ 2554.800111]  do_syscall_64+0x2f7/0x360
[ 2554.800123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2554.800134] RIP: 0033:0x7f426ab2ab19
[ 2554.800143] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2554.800148] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2554.800159] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2554.800167] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2554.800174] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2554.800180] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2554.800187] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2554.800202]  </TASK>
[ 2554.800206] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2554.800213] kmemleak:   comm "syz-executor.4", pid 17158, jiffies 4297221509
[ 2554.800220] kmemleak:   min_count = 1
[ 2554.800223] kmemleak:   count = 0
[ 2554.800227] kmemleak:   flags = 0x21
[ 2554.800230] kmemleak:   checksum = 0
[ 2554.800234] kmemleak:   backtrace:
[ 2554.800237]  pcpu_alloc_noprof+0x87a/0x1170
[ 2554.800252]  percpu_ref_init+0x37/0x400
[ 2554.800270]  io_uring_setup+0x44c/0x2000
[ 2554.800282]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2554.800292]  do_syscall_64+0xbf/0x360
[ 2554.800301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:22 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:22 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

22:52:22 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)

22:52:22 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 5:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:22 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)

[ 2563.835226] kmemleak: Found object by alias at 0x607f1a639184
[ 2563.835259] CPU: 1 UID: 0 PID: 17199 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2563.835294] Tainted: [W]=WARN
[ 2563.835301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2563.835314] Call Trace:
[ 2563.835321]  <TASK>
[ 2563.835330]  dump_stack_lvl+0xca/0x120
[ 2563.835373]  __lookup_object+0x94/0xb0
[ 2563.835403]  delete_object_full+0x27/0x70
[ 2563.835434]  free_percpu+0x30/0x1160
[ 2563.835464]  ? arch_uprobe_clear_state+0x16/0x140
[ 2563.835502]  futex_hash_free+0x38/0xc0
[ 2563.835530]  mmput+0x2d3/0x390
[ 2563.835565]  do_exit+0x79d/0x2970
[ 2563.835590]  ? lock_release+0xc8/0x290
[ 2563.835622]  ? __pfx_do_exit+0x10/0x10
[ 2563.835649]  ? find_held_lock+0x2b/0x80
[ 2563.835690]  ? get_signal+0x835/0x2340
[ 2563.835727]  do_group_exit+0xd3/0x2a0
[ 2563.835756]  get_signal+0x2315/0x2340
22:52:22 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2563.835800]  ? __pfx_get_signal+0x10/0x10
[ 2563.835831]  ? do_futex+0x135/0x370
[ 2563.835858]  ? __pfx_do_futex+0x10/0x10
[ 2563.835880]  ? lock_acquire+0x15e/0x2f0
[ 2563.835909]  arch_do_signal_or_restart+0x80/0x790
[ 2563.835942]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2563.835974]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2563.835997]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2563.836023]  ? __fget_files+0x20d/0x3b0
[ 2563.836045]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2563.836075]  ? fdget_raw+0x154/0x1d0
[ 2563.836102]  exit_to_user_mode_loop+0x8b/0x110
[ 2563.836126]  do_syscall_64+0x2f7/0x360
[ 2563.836148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2563.836171] RIP: 0033:0x7f426ab2ab19
[ 2563.836188] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2563.836198] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2563.836219] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2563.836234] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2563.836248] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2563.836261] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2563.836275] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2563.836305]  </TASK>
[ 2563.836313] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2563.836325] kmemleak:   comm "syz-executor.2", pid 17204, jiffies 4297230717
[ 2563.836339] kmemleak:   min_count = 1
[ 2563.836347] kmemleak:   count = 0
[ 2563.836354] kmemleak:   flags = 0x21
[ 2563.836361] kmemleak:   checksum = 0
[ 2563.836368] kmemleak:   backtrace:
[ 2563.836374]  pcpu_alloc_noprof+0x87a/0x1170
[ 2563.836403]  percpu_ref_init+0x37/0x400
[ 2563.836436]  io_uring_setup+0x44c/0x2000
[ 2563.836456]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2563.836478]  do_syscall_64+0xbf/0x360
[ 2563.836494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:22 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:22 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)

22:52:22 executing program 5:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:31 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 6:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x0, 0x7, 0x3, 0x0, 0x101]})

22:52:31 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

22:52:31 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 5:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:31 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:31 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2573.272981] kmemleak: Found object by alias at 0x607f1a638af4
[ 2573.273003] CPU: 1 UID: 0 PID: 17244 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2573.273021] Tainted: [W]=WARN
[ 2573.273025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2573.273032] Call Trace:
[ 2573.273036]  <TASK>
[ 2573.273041]  dump_stack_lvl+0xca/0x120
[ 2573.273066]  __lookup_object+0x94/0xb0
[ 2573.273083]  delete_object_full+0x27/0x70
[ 2573.273098]  free_percpu+0x30/0x1160
[ 2573.273115]  ? arch_uprobe_clear_state+0x16/0x140
[ 2573.273135]  futex_hash_free+0x38/0xc0
[ 2573.273149]  mmput+0x2d3/0x390
[ 2573.273171]  do_exit+0x79d/0x2970
[ 2573.273187]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2573.273202]  ? __pfx_do_exit+0x10/0x10
[ 2573.273216]  ? find_held_lock+0x2b/0x80
[ 2573.273233]  ? get_signal+0x1a05/0x2340
[ 2573.273253]  do_group_exit+0xd3/0x2a0
[ 2573.273267]  get_signal+0x2315/0x2340
[ 2573.273289]  ? __pfx_get_signal+0x10/0x10
[ 2573.273305]  ? __schedule+0xe91/0x3590
[ 2573.273325]  arch_do_signal_or_restart+0x80/0x790
[ 2573.273342]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2573.273368]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2573.273385]  asm_exc_general_protection+0x26/0x30
[ 2573.273397] RIP: 0033:0x7f11f0c47b21
[ 2573.273405] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2573.273411] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2573.273421] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2573.273428] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000000
[ 2573.273435] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2573.273441] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2573.273448] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2573.273463]  </TASK>
[ 2573.273467] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2573.273474] kmemleak:   comm "syz-executor.2", pid 17248, jiffies 4297240149
[ 2573.273480] kmemleak:   min_count = 1
[ 2573.273484] kmemleak:   count = 0
[ 2573.273488] kmemleak:   flags = 0x21
[ 2573.273491] kmemleak:   checksum = 0
[ 2573.273495] kmemleak:   backtrace:
[ 2573.273499]  pcpu_alloc_noprof+0x87a/0x1170
[ 2573.273513]  percpu_ref_init+0x37/0x400
[ 2573.273531]  io_uring_setup+0x44c/0x2000
[ 2573.273542]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2573.273552]  do_syscall_64+0xbf/0x360
[ 2573.273561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2573.307587] kmemleak: Found object by alias at 0x607f1a638af4
[ 2573.307602] CPU: 1 UID: 0 PID: 17233 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2573.307619] Tainted: [W]=WARN
[ 2573.307623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2573.307629] Call Trace:
[ 2573.307633]  <TASK>
[ 2573.307637]  dump_stack_lvl+0xca/0x120
[ 2573.307659]  __lookup_object+0x94/0xb0
[ 2573.307675]  delete_object_full+0x27/0x70
[ 2573.307691]  free_percpu+0x30/0x1160
[ 2573.307706]  ? arch_uprobe_clear_state+0x16/0x140
[ 2573.307730]  futex_hash_free+0x38/0xc0
[ 2573.307744]  mmput+0x2d3/0x390
[ 2573.307762]  do_exit+0x79d/0x2970
[ 2573.307775]  ? lock_release+0xc8/0x290
[ 2573.307791]  ? __pfx_do_exit+0x10/0x10
[ 2573.307805]  ? find_held_lock+0x2b/0x80
[ 2573.307822]  ? get_signal+0x835/0x2340
[ 2573.307841]  do_group_exit+0xd3/0x2a0
[ 2573.307856]  get_signal+0x2315/0x2340
[ 2573.307878]  ? __pfx_get_signal+0x10/0x10
[ 2573.307895]  ? do_futex+0x135/0x370
[ 2573.307908]  ? __pfx_do_futex+0x10/0x10
[ 2573.307923]  arch_do_signal_or_restart+0x80/0x790
[ 2573.307940]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2573.307956]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2573.307968]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2573.307981]  ? exc_page_fault+0xb0/0x180
[ 2573.307997]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2573.308015]  exit_to_user_mode_loop+0x8b/0x110
[ 2573.308028]  do_syscall_64+0x2f7/0x360
[ 2573.308039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2573.308051] RIP: 0033:0x7f11f0c47b19
[ 2573.308059] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2573.308064] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2573.308075] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2573.308082] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2573.308089] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2573.308095] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2573.308102] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2573.308117]  </TASK>
[ 2573.308121] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2573.308128] kmemleak:   comm "syz-executor.2", pid 17248, jiffies 4297240149
[ 2573.308134] kmemleak:   min_count = 1
[ 2573.308138] kmemleak:   count = 0
22:52:31 executing program 7:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

[ 2573.308142] kmemleak:   flags = 0x21
[ 2573.308145] kmemleak:   checksum = 0
[ 2573.308149] kmemleak:   backtrace:
[ 2573.308152]  pcpu_alloc_noprof+0x87a/0x1170
[ 2573.308167]  percpu_ref_init+0x37/0x400
[ 2573.308183]  io_uring_setup+0x44c/0x2000
[ 2573.308194]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2573.308205]  do_syscall_64+0xbf/0x360
[ 2573.308213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:31 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

22:52:31 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:31 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 6:
clone(0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 5:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d")

22:52:31 executing program 6:
clone(0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x0, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:31 executing program 7:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:32 executing program 0:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

[ 2573.625411] kmemleak: Found object by alias at 0x607f1a638af4
[ 2573.625433] CPU: 1 UID: 0 PID: 17272 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2573.625451] Tainted: [W]=WARN
[ 2573.625454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2573.625462] Call Trace:
[ 2573.625466]  <TASK>
[ 2573.625470]  dump_stack_lvl+0xca/0x120
[ 2573.625495]  __lookup_object+0x94/0xb0
[ 2573.625511]  delete_object_full+0x27/0x70
[ 2573.625526]  free_percpu+0x30/0x1160
[ 2573.625542]  ? arch_uprobe_clear_state+0x16/0x140
[ 2573.625562]  futex_hash_free+0x38/0xc0
[ 2573.625576]  mmput+0x2d3/0x390
[ 2573.625595]  do_exit+0x79d/0x2970
[ 2573.625608]  ? signal_wake_up_state+0x85/0x120
[ 2573.625623]  ? zap_other_threads+0x2b9/0x3a0
[ 2573.625638]  ? __pfx_do_exit+0x10/0x10
[ 2573.625651]  ? do_group_exit+0x1c3/0x2a0
[ 2573.625664]  ? lock_release+0xc8/0x290
[ 2573.625680]  do_group_exit+0xd3/0x2a0
[ 2573.625695]  __x64_sys_exit_group+0x3e/0x50
[ 2573.625708]  x64_sys_call+0x18c5/0x18d0
[ 2573.625723]  do_syscall_64+0xbf/0x360
[ 2573.625735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2573.625746] RIP: 0033:0x7f11f0c47b19
[ 2573.625754] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2573.625759] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2573.625771] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2573.625778] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2573.625785] RBP: 0000000000000000 R08: 0000001b2d22001c R09: 0000000000000000
[ 2573.625792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2573.625798] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2573.625817]  </TASK>
[ 2573.625821] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2573.625827] kmemleak:   comm "syz-executor.3", pid 17277, jiffies 4297240489
[ 2573.625834] kmemleak:   min_count = 1
[ 2573.625838] kmemleak:   count = 0
[ 2573.625841] kmemleak:   flags = 0x21
[ 2573.625845] kmemleak:   checksum = 0
[ 2573.625849] kmemleak:   backtrace:
[ 2573.625852]  pcpu_alloc_noprof+0x87a/0x1170
[ 2573.625867]  percpu_ref_init+0x37/0x400
[ 2573.625885]  io_uring_setup+0x44c/0x2000
[ 2573.625896]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2573.625906]  do_syscall_64+0xbf/0x360
[ 2573.625915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:32 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:32 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:32 executing program 7:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:32 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)

[ 2573.786683] kmemleak: Found object by alias at 0x607f1a639184
[ 2573.786714] CPU: 0 UID: 0 PID: 17290 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2573.786748] Tainted: [W]=WARN
[ 2573.786756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2573.786769] Call Trace:
[ 2573.786776]  <TASK>
[ 2573.786784]  dump_stack_lvl+0xca/0x120
[ 2573.786834]  __lookup_object+0x94/0xb0
[ 2573.786864]  delete_object_full+0x27/0x70
[ 2573.786894]  free_percpu+0x30/0x1160
[ 2573.786925]  ? arch_uprobe_clear_state+0x16/0x140
[ 2573.786962]  futex_hash_free+0x38/0xc0
[ 2573.786987]  mmput+0x2d3/0x390
[ 2573.787023]  do_exit+0x79d/0x2970
[ 2573.787056]  ? __pfx_do_exit+0x10/0x10
[ 2573.787083]  ? find_held_lock+0x2b/0x80
[ 2573.787116]  ? get_signal+0x835/0x2340
[ 2573.787154]  do_group_exit+0xd3/0x2a0
[ 2573.787182]  get_signal+0x2315/0x2340
[ 2573.787216]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2573.787248]  ? __pfx_get_signal+0x10/0x10
[ 2573.787279]  ? __schedule+0xe91/0x3590
[ 2573.787317]  arch_do_signal_or_restart+0x80/0x790
[ 2573.787349]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2573.787380]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2573.787404]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2573.787431]  ? __x64_sys_openat+0x142/0x200
[ 2573.787463]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2573.787499]  exit_to_user_mode_loop+0x8b/0x110
[ 2573.787523]  do_syscall_64+0x2f7/0x360
[ 2573.787545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2573.787567] RIP: 0033:0x7f426ab2ab19
[ 2573.787584] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2573.787594] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2573.787616] RAX: 0000000000000001 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2573.787630] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f426ac3df6c
[ 2573.787644] RBP: 00007f426ac3df60 R08: 000000000000000e R09: 0000000000000000
[ 2573.787657] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2573.787671] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2573.787701]  </TASK>
[ 2573.787709] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2573.787721] kmemleak:   comm "syz-executor.2", pid 17286, jiffies 4297240560
[ 2573.787735] kmemleak:   min_count = 1
[ 2573.787742] kmemleak:   count = 0
[ 2573.787750] kmemleak:   flags = 0x21
[ 2573.787757] kmemleak:   checksum = 0
[ 2573.787764] kmemleak:   backtrace:
[ 2573.787770]  pcpu_alloc_noprof+0x87a/0x1170
[ 2573.787799]  percpu_ref_init+0x37/0x400
[ 2573.787832]  io_uring_setup+0x44c/0x2000
[ 2573.787853]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2573.787874]  do_syscall_64+0xbf/0x360
[ 2573.787890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:32 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)

22:52:32 executing program 6:
clone(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:32 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:32 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 6:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:52:41 executing program 5:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d")

22:52:41 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

22:52:41 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:41 executing program 0:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:41 executing program 0:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

[ 2583.259713] kmemleak: Found object by alias at 0x607f1a638af4
[ 2583.259734] CPU: 1 UID: 0 PID: 17330 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2583.259752] Tainted: [W]=WARN
[ 2583.259755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2583.259763] Call Trace:
[ 2583.259767]  <TASK>
[ 2583.259772]  dump_stack_lvl+0xca/0x120
[ 2583.259798]  __lookup_object+0x94/0xb0
[ 2583.259819]  delete_object_full+0x27/0x70
[ 2583.259834]  free_percpu+0x30/0x1160
[ 2583.259851]  ? arch_uprobe_clear_state+0x16/0x140
[ 2583.259871]  futex_hash_free+0x38/0xc0
[ 2583.259885]  mmput+0x2d3/0x390
[ 2583.259904]  do_exit+0x79d/0x2970
[ 2583.259917]  ? lock_release+0xc8/0x290
[ 2583.259934]  ? __pfx_do_exit+0x10/0x10
[ 2583.259948]  ? find_held_lock+0x2b/0x80
[ 2583.259964]  ? get_signal+0x835/0x2340
[ 2583.259984]  do_group_exit+0xd3/0x2a0
[ 2583.259999]  get_signal+0x2315/0x2340
[ 2583.260021]  ? __pfx_get_signal+0x10/0x10
[ 2583.260037]  ? do_futex+0x135/0x370
[ 2583.260051]  ? __pfx_do_futex+0x10/0x10
[ 2583.260066]  arch_do_signal_or_restart+0x80/0x790
[ 2583.260083]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2583.260099]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2583.260111]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2583.260124]  ? exc_page_fault+0xb0/0x180
[ 2583.260141]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2583.260159]  exit_to_user_mode_loop+0x8b/0x110
[ 2583.260172]  do_syscall_64+0x2f7/0x360
[ 2583.260184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2583.260196] RIP: 0033:0x7f11f0c47b19
[ 2583.260204] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2583.260210] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2583.260221] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2583.260228] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2583.260235] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2583.260242] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2583.260249] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2583.260264]  </TASK>
[ 2583.260268] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2583.260274] kmemleak:   comm "syz-executor.3", pid 17332, jiffies 4297250128
[ 2583.260281] kmemleak:   min_count = 1
[ 2583.260285] kmemleak:   count = 0
[ 2583.260289] kmemleak:   flags = 0x21
[ 2583.260292] kmemleak:   checksum = 0
[ 2583.260296] kmemleak:   backtrace:
[ 2583.260299]  pcpu_alloc_noprof+0x87a/0x1170
[ 2583.260314]  percpu_ref_init+0x37/0x400
[ 2583.260332]  io_uring_setup+0x44c/0x2000
[ 2583.260343]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2583.260354]  do_syscall_64+0xbf/0x360
[ 2583.260362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:41 executing program 1:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:41 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:41 executing program 1:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:41 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, 0x0, 0x0)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2583.493561] kmemleak: Found object by alias at 0x607f1a639184
[ 2583.493585] CPU: 1 UID: 0 PID: 17352 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2583.493609] Tainted: [W]=WARN
[ 2583.493613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2583.493620] Call Trace:
[ 2583.493625]  <TASK>
[ 2583.493630]  dump_stack_lvl+0xca/0x120
[ 2583.493656]  __lookup_object+0x94/0xb0
[ 2583.493673]  delete_object_full+0x27/0x70
[ 2583.493690]  free_percpu+0x30/0x1160
[ 2583.493708]  ? arch_uprobe_clear_state+0x16/0x140
[ 2583.493729]  futex_hash_free+0x38/0xc0
[ 2583.493745]  mmput+0x2d3/0x390
[ 2583.493765]  copy_process+0x273d/0x73c0
[ 2583.493785]  ? __pfx_copy_process+0x10/0x10
[ 2583.493797]  ? __lock_acquire+0xc65/0x1b70
[ 2583.493814]  ? match_held_lock+0xb1/0xd0
[ 2583.493836]  kernel_clone+0xea/0x7f0
[ 2583.493848]  ? finish_task_switch.isra.0+0x201/0x840
[ 2583.493870]  ? __pfx_kernel_clone+0x10/0x10
[ 2583.493883]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2583.493897]  ? finish_task_switch.isra.0+0x206/0x840
[ 2583.493918]  ? trace_sched_exit_tp+0xbf/0x100
[ 2583.493935]  ? __schedule+0xe91/0x3590
[ 2583.493952]  __do_sys_clone+0xce/0x120
[ 2583.493965]  ? __pfx___do_sys_clone+0x10/0x10
[ 2583.493977]  ? __pfx___schedule+0x10/0x10
[ 2583.493999]  ? __x64_sys_signalfd+0x11d/0x190
[ 2583.494017]  ? xfd_validate_state+0x55/0x180
[ 2583.494041]  do_syscall_64+0xbf/0x360
[ 2583.494053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2583.494065] RIP: 0033:0x7f426ab2ab19
[ 2583.494075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2583.494087] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2583.494099] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2583.494107] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2583.494115] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2583.494122] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2583.494129] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2583.494145]  </TASK>
[ 2583.494149] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2583.494156] kmemleak:   comm "syz-executor.0", pid 17352, jiffies 4297250340
[ 2583.494164] kmemleak:   min_count = 1
[ 2583.494168] kmemleak:   count = 0
[ 2583.494171] kmemleak:   flags = 0x21
[ 2583.494175] kmemleak:   checksum = 0
[ 2583.494179] kmemleak:   backtrace:
[ 2583.494183]  pcpu_alloc_noprof+0x87a/0x1170
[ 2583.494199]  percpu_ref_init+0x37/0x400
[ 2583.494218]  io_uring_setup+0x44c/0x2000
[ 2583.494230]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2583.494242]  do_syscall_64+0xbf/0x360
[ 2583.494251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:41 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:51 executing program 5:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d")

22:52:51 executing program 1:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:52:51 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:52:51 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:51 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:51 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, 0x0, 0x0)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:51 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:52:51 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2593.590510] kmemleak: Found object by alias at 0x607f1a639184
[ 2593.590549] CPU: 1 UID: 0 PID: 17381 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2593.590582] Tainted: [W]=WARN
[ 2593.590589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2593.590602] Call Trace:
[ 2593.590609]  <TASK>
[ 2593.590617]  dump_stack_lvl+0xca/0x120
[ 2593.590659]  __lookup_object+0x94/0xb0
[ 2593.590698]  delete_object_full+0x27/0x70
[ 2593.590729]  free_percpu+0x30/0x1160
[ 2593.590758]  ? arch_uprobe_clear_state+0x16/0x140
[ 2593.590795]  futex_hash_free+0x38/0xc0
[ 2593.590820]  mmput+0x2d3/0x390
[ 2593.590854]  copy_process+0x273d/0x73c0
[ 2593.590890]  ? __pfx_copy_process+0x10/0x10
[ 2593.590912]  ? __lock_acquire+0xc65/0x1b70
[ 2593.590942]  ? match_held_lock+0xb1/0xd0
[ 2593.590979]  kernel_clone+0xea/0x7f0
[ 2593.591001]  ? finish_task_switch.isra.0+0x201/0x840
[ 2593.591037]  ? __pfx_kernel_clone+0x10/0x10
[ 2593.591061]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2593.591085]  ? finish_task_switch.isra.0+0x206/0x840
[ 2593.591122]  ? trace_sched_exit_tp+0xbf/0x100
[ 2593.591153]  ? __schedule+0xe91/0x3590
[ 2593.591183]  __do_sys_clone+0xce/0x120
[ 2593.591205]  ? __pfx___do_sys_clone+0x10/0x10
[ 2593.591228]  ? __pfx___schedule+0x10/0x10
[ 2593.591266]  ? __x64_sys_signalfd+0x11d/0x190
[ 2593.591297]  ? xfd_validate_state+0x55/0x180
[ 2593.591338]  do_syscall_64+0xbf/0x360
[ 2593.591360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2593.591381] RIP: 0033:0x7f426ab2ab19
[ 2593.591398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2593.591418] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2593.591440] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2593.591454] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2593.591467] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2593.591481] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2593.591494] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2593.591523]  </TASK>
[ 2593.591529] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2593.591542] kmemleak:   comm "syz-executor.0", pid 17381, jiffies 4297260387
[ 2593.591555] kmemleak:   min_count = 1
[ 2593.591562] kmemleak:   count = 0
[ 2593.591569] kmemleak:   flags = 0x21
[ 2593.591576] kmemleak:   checksum = 0
[ 2593.591582] kmemleak:   backtrace:
[ 2593.591588]  pcpu_alloc_noprof+0x87a/0x1170
[ 2593.591617]  percpu_ref_init+0x37/0x400
[ 2593.591649]  io_uring_setup+0x44c/0x2000
[ 2593.591669]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2593.591690]  do_syscall_64+0xbf/0x360
[ 2593.591706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:52:52 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240))

22:52:52 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

22:53:05 executing program 7:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2c")

22:53:05 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8)

22:53:05 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:53:05 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, 0x0, 0x0)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)

[ 2607.345997] kmemleak: Found object by alias at 0x607f1a639184
[ 2607.346022] CPU: 0 UID: 0 PID: 17414 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2607.346042] Tainted: [W]=WARN
[ 2607.346046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.346054] Call Trace:
[ 2607.346058]  <TASK>
[ 2607.346063]  dump_stack_lvl+0xca/0x120
[ 2607.346089]  __lookup_object+0x94/0xb0
[ 2607.346107]  delete_object_full+0x27/0x70
[ 2607.346124]  free_percpu+0x30/0x1160
[ 2607.346143]  ? arch_uprobe_clear_state+0x16/0x140
[ 2607.346164]  futex_hash_free+0x38/0xc0
[ 2607.346179]  mmput+0x2d3/0x390
[ 2607.346199]  copy_process+0x273d/0x73c0
[ 2607.346219]  ? __pfx_copy_process+0x10/0x10
[ 2607.346232]  ? __lock_acquire+0xc65/0x1b70
[ 2607.346249]  ? match_held_lock+0xb1/0xd0
[ 2607.346271]  kernel_clone+0xea/0x7f0
[ 2607.346283]  ? finish_task_switch.isra.0+0x201/0x840
[ 2607.346304]  ? __pfx_kernel_clone+0x10/0x10
[ 2607.346318]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2607.346332]  ? finish_task_switch.isra.0+0x206/0x840
[ 2607.346357]  ? trace_sched_exit_tp+0xbf/0x100
[ 2607.346374]  ? __schedule+0xe91/0x3590
[ 2607.346392]  __do_sys_clone+0xce/0x120
[ 2607.346404]  ? __pfx___do_sys_clone+0x10/0x10
[ 2607.346417]  ? __pfx___schedule+0x10/0x10
[ 2607.346439]  ? __x64_sys_signalfd+0x11d/0x190
[ 2607.346457]  ? xfd_validate_state+0x55/0x180
[ 2607.346481]  do_syscall_64+0xbf/0x360
[ 2607.346493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2607.346506] RIP: 0033:0x7f426ab2ab19
[ 2607.346515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2607.346527] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2607.346539] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2607.346548] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2607.346555] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2607.346563] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2607.346570] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2607.346586]  </TASK>
[ 2607.346590] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2607.346597] kmemleak:   comm "syz-executor.0", pid 17414, jiffies 4297274195
[ 2607.346605] kmemleak:   min_count = 1
[ 2607.346609] kmemleak:   count = 0
[ 2607.346613] kmemleak:   flags = 0x21
[ 2607.346617] kmemleak:   checksum = 0
[ 2607.346621] kmemleak:   backtrace:
[ 2607.346625]  pcpu_alloc_noprof+0x87a/0x1170
[ 2607.346641]  percpu_ref_init+0x37/0x400
[ 2607.346660]  io_uring_setup+0x44c/0x2000
[ 2607.346672]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2607.346684]  do_syscall_64+0xbf/0x360
[ 2607.346693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:53:05 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:05 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2607.502594] kmemleak: Found object by alias at 0x607f1a639184
[ 2607.502616] CPU: 0 UID: 0 PID: 17414 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2607.502635] Tainted: [W]=WARN
[ 2607.502638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.502645] Call Trace:
[ 2607.502650]  <TASK>
[ 2607.502655]  dump_stack_lvl+0xca/0x120
[ 2607.502679]  __lookup_object+0x94/0xb0
[ 2607.502697]  delete_object_full+0x27/0x70
[ 2607.502713]  free_percpu+0x30/0x1160
[ 2607.502730]  ? arch_uprobe_clear_state+0x16/0x140
[ 2607.502750]  futex_hash_free+0x38/0xc0
[ 2607.502772]  mmput+0x2d3/0x390
[ 2607.502791]  do_exit+0x79d/0x2970
[ 2607.502813]  ? __pfx_do_exit+0x10/0x10
[ 2607.502827]  ? find_held_lock+0x2b/0x80
[ 2607.502849]  ? get_signal+0x835/0x2340
[ 2607.502869]  do_group_exit+0xd3/0x2a0
[ 2607.502883]  get_signal+0x2315/0x2340
[ 2607.502906]  ? __pfx_get_signal+0x10/0x10
[ 2607.502922]  ? do_futex+0x135/0x370
[ 2607.502936]  ? __pfx_do_futex+0x10/0x10
[ 2607.502950]  arch_do_signal_or_restart+0x80/0x790
[ 2607.502968]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2607.502984]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2607.502996]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2607.503009]  ? exc_page_fault+0xb0/0x180
[ 2607.503026]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2607.503044]  exit_to_user_mode_loop+0x8b/0x110
[ 2607.503057]  do_syscall_64+0x2f7/0x360
[ 2607.503068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2607.503081] RIP: 0033:0x7f426ab2ab19
[ 2607.503089] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2607.503094] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2607.503105] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2607.503113] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2607.503120] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2607.503126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2607.503133] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2607.503148]  </TASK>
[ 2607.503152] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2607.503159] kmemleak:   comm "syz-executor.5", pid 17431, jiffies 4297274388
[ 2607.503166] kmemleak:   min_count = 1
[ 2607.503170] kmemleak:   count = 0
[ 2607.503173] kmemleak:   flags = 0x21
[ 2607.503177] kmemleak:   checksum = 0
[ 2607.503180] kmemleak:   backtrace:
[ 2607.503184]  pcpu_alloc_noprof+0x87a/0x1170
[ 2607.503199]  percpu_ref_init+0x37/0x400
[ 2607.503217]  io_uring_setup+0x44c/0x2000
[ 2607.503228]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2607.503239]  do_syscall_64+0xbf/0x360
[ 2607.503247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2607.530653] kmemleak: Found object by alias at 0x607f1a638af4
[ 2607.530681] CPU: 1 UID: 0 PID: 17403 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2607.530713] Tainted: [W]=WARN
[ 2607.530720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.530733] Call Trace:
[ 2607.530739]  <TASK>
[ 2607.530748]  dump_stack_lvl+0xca/0x120
[ 2607.530800]  __lookup_object+0x94/0xb0
[ 2607.530835]  delete_object_full+0x27/0x70
[ 2607.530865]  free_percpu+0x30/0x1160
[ 2607.530893]  ? arch_uprobe_clear_state+0x16/0x140
[ 2607.530929]  futex_hash_free+0x38/0xc0
[ 2607.530953]  mmput+0x2d3/0x390
[ 2607.530986]  do_exit+0x79d/0x2970
[ 2607.531010]  ? signal_wake_up_state+0x85/0x120
[ 2607.531038]  ? zap_other_threads+0x2b9/0x3a0
[ 2607.531066]  ? __pfx_do_exit+0x10/0x10
[ 2607.531089]  ? do_group_exit+0x1c3/0x2a0
[ 2607.531114]  ? lock_release+0xc8/0x290
[ 2607.531144]  do_group_exit+0xd3/0x2a0
[ 2607.531171]  __x64_sys_exit_group+0x3e/0x50
[ 2607.531195]  x64_sys_call+0x18c5/0x18d0
[ 2607.531223]  do_syscall_64+0xbf/0x360
[ 2607.531244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2607.531264] RIP: 0033:0x7f11f0c47b19
[ 2607.531280] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2607.531289] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2607.531309] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2607.531322] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2607.531335] RBP: 0000000000000000 R08: 0000001b2d2239e4 R09: 0000000000000000
[ 2607.531347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2607.531359] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2607.531388]  </TASK>
[ 2607.531394] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2607.531406] kmemleak:   comm "syz-executor.7", pid 17427, jiffies 4297274349
[ 2607.531419] kmemleak:   min_count = 1
[ 2607.531426] kmemleak:   count = 0
[ 2607.531432] kmemleak:   flags = 0x21
[ 2607.531439] kmemleak:   checksum = 0
[ 2607.531446] kmemleak:   backtrace:
[ 2607.531451]  pcpu_alloc_noprof+0x87a/0x1170
[ 2607.531479]  percpu_ref_init+0x37/0x400
[ 2607.531510]  io_uring_setup+0x44c/0x2000
[ 2607.531530]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2607.531549]  do_syscall_64+0xbf/0x360
[ 2607.531565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:53:06 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:06 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:06 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:16 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

22:53:16 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:16 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:16 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:16 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:16 executing program 6:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:53:16 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:16 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:16 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

[ 2618.156203] kmemleak: Found object by alias at 0x607f1a639184
[ 2618.156239] CPU: 1 UID: 0 PID: 17455 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2618.156276] Tainted: [W]=WARN
[ 2618.156284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2618.156298] Call Trace:
[ 2618.156306]  <TASK>
[ 2618.156315]  dump_stack_lvl+0xca/0x120
[ 2618.156361]  __lookup_object+0x94/0xb0
[ 2618.156393]  delete_object_full+0x27/0x70
[ 2618.156427]  free_percpu+0x30/0x1160
[ 2618.156460]  ? arch_uprobe_clear_state+0x16/0x140
[ 2618.156500]  futex_hash_free+0x38/0xc0
[ 2618.156528]  mmput+0x2d3/0x390
[ 2618.156566]  do_exit+0x79d/0x2970
[ 2618.156601]  ? __pfx_do_exit+0x10/0x10
[ 2618.156630]  ? find_held_lock+0x2b/0x80
[ 2618.156666]  ? get_signal+0x835/0x2340
22:53:16 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

[ 2618.156707]  do_group_exit+0xd3/0x2a0
[ 2618.156738]  get_signal+0x2315/0x2340
[ 2618.156774]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2618.156817]  ? __pfx_get_signal+0x10/0x10
[ 2618.156850]  ? __schedule+0xe91/0x3590
[ 2618.156891]  arch_do_signal_or_restart+0x80/0x790
[ 2618.156926]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2618.156960]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2618.156986]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2618.157017]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2618.157044]  ? __x64_sys_signalfd+0x11d/0x190
[ 2618.157077]  ? xfd_validate_state+0x55/0x180
[ 2618.157120]  exit_to_user_mode_loop+0x8b/0x110
[ 2618.157145]  do_syscall_64+0x2f7/0x360
[ 2618.157169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2618.157194] RIP: 0033:0x7f426ab2ab19
[ 2618.157211] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2618.157222] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2618.157245] RAX: 0000000000000001 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2618.157260] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f426ac3df6c
[ 2618.157275] RBP: 00007f426ac3df60 R08: 000000000000000e R09: 0000000000000000
[ 2618.157289] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2618.157303] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2618.157336]  </TASK>
[ 2618.157344] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2618.157358] kmemleak:   comm "syz-executor.7", pid 17462, jiffies 4297284982
[ 2618.157372] kmemleak:   min_count = 1
[ 2618.157380] kmemleak:   count = 0
[ 2618.157388] kmemleak:   flags = 0x21
[ 2618.157395] kmemleak:   checksum = 0
[ 2618.157403] kmemleak:   backtrace:
[ 2618.157409]  pcpu_alloc_noprof+0x87a/0x1170
[ 2618.157440]  percpu_ref_init+0x37/0x400
[ 2618.157476]  io_uring_setup+0x44c/0x2000
[ 2618.157498]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2618.157521]  do_syscall_64+0xbf/0x360
[ 2618.157538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:53:27 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:53:27 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080), 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:27 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:27 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:27 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:27 executing program 4:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:53:27 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:27 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:27 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)

22:53:27 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:28 executing program 4:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

[ 2629.665670] kmemleak: Found object by alias at 0x607f1a639184
[ 2629.665703] CPU: 1 UID: 0 PID: 17502 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2629.665737] Tainted: [W]=WARN
[ 2629.665745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2629.665758] Call Trace:
[ 2629.665764]  <TASK>
[ 2629.665773]  dump_stack_lvl+0xca/0x120
[ 2629.665822]  __lookup_object+0x94/0xb0
[ 2629.665853]  delete_object_full+0x27/0x70
[ 2629.665884]  free_percpu+0x30/0x1160
[ 2629.665914]  ? arch_uprobe_clear_state+0x16/0x140
[ 2629.665951]  futex_hash_free+0x38/0xc0
[ 2629.665977]  mmput+0x2d3/0x390
[ 2629.666012]  do_exit+0x79d/0x2970
[ 2629.666038]  ? signal_wake_up_state+0x85/0x120
[ 2629.666067]  ? zap_other_threads+0x2b9/0x3a0
[ 2629.666098]  ? __pfx_do_exit+0x10/0x10
[ 2629.666122]  ? do_group_exit+0x1c3/0x2a0
[ 2629.666149]  ? lock_release+0xc8/0x290
[ 2629.666180]  do_group_exit+0xd3/0x2a0
[ 2629.666209]  __x64_sys_exit_group+0x3e/0x50
[ 2629.666236]  x64_sys_call+0x18c5/0x18d0
[ 2629.666265]  do_syscall_64+0xbf/0x360
[ 2629.666287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2629.666308] RIP: 0033:0x7f426ab2ab19
[ 2629.666326] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2629.666336] RSP: 002b:00007ffe695d2ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2629.666357] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f426ab2ab19
[ 2629.666372] RDX: 00007f426aadd72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2629.666385] RBP: 0000000000000000 R08: 0000001b2cc20b3c R09: 0000000000000000
[ 2629.666399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2629.666412] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe695d2bb0
[ 2629.666442]  </TASK>
[ 2629.666449] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2629.666462] kmemleak:   comm "syz-executor.7", pid 17495, jiffies 4297296404
[ 2629.666475] kmemleak:   min_count = 1
[ 2629.666483] kmemleak:   count = 0
[ 2629.666490] kmemleak:   flags = 0x21
[ 2629.666497] kmemleak:   checksum = 0
[ 2629.666504] kmemleak:   backtrace:
[ 2629.666510]  pcpu_alloc_noprof+0x87a/0x1170
[ 2629.666539]  percpu_ref_init+0x37/0x400
[ 2629.666572]  io_uring_setup+0x44c/0x2000
[ 2629.666592]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2629.666614]  do_syscall_64+0xbf/0x360
[ 2629.666630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:53:28 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:28 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:28 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:28 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

22:53:28 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)

22:53:28 executing program 6:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:53:28 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:28 executing program 4:
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)

22:53:28 executing program 1:
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:28 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:28 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

[ 2630.110704] kmemleak: Found object by alias at 0x607f1a638af4
[ 2630.110735] CPU: 1 UID: 0 PID: 17524 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2630.110770] Tainted: [W]=WARN
[ 2630.110777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2630.110790] Call Trace:
[ 2630.110797]  <TASK>
[ 2630.110806]  dump_stack_lvl+0xca/0x120
[ 2630.110852]  __lookup_object+0x94/0xb0
[ 2630.110882]  delete_object_full+0x27/0x70
[ 2630.110924]  free_percpu+0x30/0x1160
[ 2630.110954]  ? arch_uprobe_clear_state+0x16/0x140
[ 2630.110991]  futex_hash_free+0x38/0xc0
[ 2630.111017]  mmput+0x2d3/0x390
[ 2630.111052]  do_exit+0x79d/0x2970
[ 2630.111078]  ? lock_release+0xc8/0x290
[ 2630.111109]  ? __pfx_do_exit+0x10/0x10
[ 2630.111136]  ? find_held_lock+0x2b/0x80
[ 2630.111169]  ? get_signal+0x835/0x2340
[ 2630.111207]  do_group_exit+0xd3/0x2a0
[ 2630.111236]  get_signal+0x2315/0x2340
[ 2630.111279]  ? __pfx_get_signal+0x10/0x10
[ 2630.111311]  ? do_futex+0x135/0x370
[ 2630.111338]  ? __pfx_do_futex+0x10/0x10
[ 2630.111367]  arch_do_signal_or_restart+0x80/0x790
[ 2630.111400]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2630.111431]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2630.111455]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2630.111481]  ? exc_page_fault+0xb0/0x180
[ 2630.111512]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2630.111548]  exit_to_user_mode_loop+0x8b/0x110
[ 2630.111572]  do_syscall_64+0x2f7/0x360
[ 2630.111595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2630.111617] RIP: 0033:0x7f11f0c47b19
[ 2630.111634] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2630.111644] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2630.111665] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2630.111680] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2630.111693] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2630.111707] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2630.111720] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2630.111751]  </TASK>
[ 2630.111758] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2630.111771] kmemleak:   comm "syz-executor.2", pid 17535, jiffies 4297296973
[ 2630.111785] kmemleak:   min_count = 1
[ 2630.111792] kmemleak:   count = 0
[ 2630.111799] kmemleak:   flags = 0x21
[ 2630.111806] kmemleak:   checksum = 0
[ 2630.111814] kmemleak:   backtrace:
[ 2630.111820]  pcpu_alloc_noprof+0x87a/0x1170
[ 2630.111848]  percpu_ref_init+0x37/0x400
[ 2630.111881]  io_uring_setup+0x44c/0x2000
[ 2630.111902]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2630.111924]  do_syscall_64+0xbf/0x360
[ 2630.111940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:53:39 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)

22:53:39 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:39 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:53:39 executing program 0:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0)

22:53:39 executing program 1:
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:39 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:39 executing program 6:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:39 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x0, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:39 executing program 1:
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:39 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:39 executing program 0:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0)

22:53:39 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:53:39 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:39 executing program 6:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:39 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:39 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

22:53:49 executing program 4:
clone(0x200, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240))

22:53:49 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x0, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:49 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:49 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:49 executing program 0:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0)

22:53:49 executing program 7:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:49 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:53:49 executing program 6:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:53:49 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)

22:53:49 executing program 7:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:49 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:49 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:49 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)

22:53:49 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)

22:53:49 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)

22:53:49 executing program 7:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:49 executing program 4:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:49 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x0, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:58 executing program 4:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:58 executing program 6:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:53:58 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x0, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:58 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0)

22:53:58 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:58 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:58 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:53:58 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, 0x0)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:53:58 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0)

22:53:58 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)

22:53:58 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

[ 2660.586605] kmemleak: Found object by alias at 0x607f1a638af4
[ 2660.586629] CPU: 1 UID: 0 PID: 17654 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2660.586647] Tainted: [W]=WARN
[ 2660.586651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2660.586658] Call Trace:
[ 2660.586662]  <TASK>
[ 2660.586666]  dump_stack_lvl+0xca/0x120
[ 2660.586690]  __lookup_object+0x94/0xb0
[ 2660.586707]  delete_object_full+0x27/0x70
[ 2660.586723]  free_percpu+0x30/0x1160
[ 2660.586739]  ? arch_uprobe_clear_state+0x16/0x140
[ 2660.586759]  futex_hash_free+0x38/0xc0
[ 2660.586773]  mmput+0x2d3/0x390
[ 2660.586791]  do_exit+0x79d/0x2970
[ 2660.586805]  ? lock_release+0xc8/0x290
[ 2660.586821]  ? __pfx_do_exit+0x10/0x10
[ 2660.586835]  ? find_held_lock+0x2b/0x80
[ 2660.586852]  ? get_signal+0x835/0x2340
[ 2660.586871]  do_group_exit+0xd3/0x2a0
[ 2660.586885]  get_signal+0x2315/0x2340
[ 2660.586907]  ? __pfx_get_signal+0x10/0x10
[ 2660.586923]  ? do_futex+0x135/0x370
[ 2660.586936]  ? __pfx_do_futex+0x10/0x10
[ 2660.586951]  arch_do_signal_or_restart+0x80/0x790
[ 2660.586968]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2660.586984]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2660.586996]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2660.587009]  ? exc_page_fault+0xb0/0x180
[ 2660.587025]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2660.587043]  exit_to_user_mode_loop+0x8b/0x110
[ 2660.587056]  do_syscall_64+0x2f7/0x360
[ 2660.587068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2660.587080] RIP: 0033:0x7f11f0c47b19
[ 2660.587089] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2660.587094] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2660.587105] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2660.587112] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2660.587119] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2660.587136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2660.587142] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2660.587158]  </TASK>
[ 2660.587161] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2660.587168] kmemleak:   comm "syz-executor.2", pid 17656, jiffies 4297327428
[ 2660.587175] kmemleak:   min_count = 1
[ 2660.587179] kmemleak:   count = 0
[ 2660.587182] kmemleak:   flags = 0x21
[ 2660.587186] kmemleak:   checksum = 0
[ 2660.587190] kmemleak:   backtrace:
[ 2660.587193]  pcpu_alloc_noprof+0x87a/0x1170
[ 2660.587207]  percpu_ref_init+0x37/0x400
[ 2660.587225]  io_uring_setup+0x44c/0x2000
[ 2660.587236]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2660.587247]  do_syscall_64+0xbf/0x360
[ 2660.587255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:08 executing program 4:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:08 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:08 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x0, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:08 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, 0x0)

22:54:08 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:08 executing program 1:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)

22:54:08 executing program 5:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:08 executing program 6:
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:08 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(r0, 0x0, 0x0)

22:54:08 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

[ 2669.831901] kmemleak: Found object by alias at 0x607f1a639184
[ 2669.831922] CPU: 0 UID: 0 PID: 17682 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2669.831939] Tainted: [W]=WARN
[ 2669.831943] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2669.831950] Call Trace:
[ 2669.831954]  <TASK>
[ 2669.831958]  dump_stack_lvl+0xca/0x120
[ 2669.831982]  __lookup_object+0x94/0xb0
[ 2669.831998]  delete_object_full+0x27/0x70
[ 2669.832014]  free_percpu+0x30/0x1160
[ 2669.832029]  ? arch_uprobe_clear_state+0x16/0x140
[ 2669.832049]  futex_hash_free+0x38/0xc0
[ 2669.832062]  mmput+0x2d3/0x390
[ 2669.832081]  do_exit+0x79d/0x2970
[ 2669.832094]  ? signal_wake_up_state+0x9f/0x120
[ 2669.832109]  ? zap_other_threads+0x2b9/0x3a0
[ 2669.832124]  ? __pfx_do_exit+0x10/0x10
[ 2669.832137]  ? do_group_exit+0x1c3/0x2a0
[ 2669.832150]  ? lock_release+0xc8/0x290
[ 2669.832167]  do_group_exit+0xd3/0x2a0
[ 2669.832181]  __x64_sys_exit_group+0x3e/0x50
[ 2669.832195]  x64_sys_call+0x18c5/0x18d0
[ 2669.832209]  do_syscall_64+0xbf/0x360
[ 2669.832221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2669.832232] RIP: 0033:0x7f426ab2ab19
[ 2669.832240] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2669.832245] RSP: 002b:00007ffe695d2ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2669.832256] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f426ab2ab19
[ 2669.832264] RDX: 00007f426aadd72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2669.832271] RBP: 0000000000000000 R08: 0000001b2cc20a00 R09: 0000000000000000
[ 2669.832277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2669.832284] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe695d2bb0
[ 2669.832299]  </TASK>
[ 2669.832302] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2669.832309] kmemleak:   comm "syz-executor.4", pid 17690, jiffies 4297336716
[ 2669.832316] kmemleak:   min_count = 1
[ 2669.832320] kmemleak:   count = 0
[ 2669.832323] kmemleak:   flags = 0x21
[ 2669.832327] kmemleak:   checksum = 0
[ 2669.832331] kmemleak:   backtrace:
[ 2669.832334]  pcpu_alloc_noprof+0x87a/0x1170
[ 2669.832351]  percpu_ref_init+0x37/0x400
[ 2669.832370]  io_uring_setup+0x44c/0x2000
[ 2669.832382]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2669.832392]  do_syscall_64+0xbf/0x360
[ 2669.832401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:08 executing program 5:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:08 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:08 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:54:08 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:08 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(r0, 0x0, 0x0)

22:54:08 executing program 7:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

[ 2669.988016] kmemleak: Found object by alias at 0x607f1a639184
[ 2669.988037] CPU: 0 UID: 0 PID: 17700 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2669.988057] Tainted: [W]=WARN
[ 2669.988061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2669.988068] Call Trace:
[ 2669.988073]  <TASK>
[ 2669.988078]  dump_stack_lvl+0xca/0x120
[ 2669.988106]  __lookup_object+0x94/0xb0
[ 2669.988125]  delete_object_full+0x27/0x70
[ 2669.988142]  free_percpu+0x30/0x1160
[ 2669.988160]  ? arch_uprobe_clear_state+0x16/0x140
[ 2669.988181]  futex_hash_free+0x38/0xc0
[ 2669.988196]  mmput+0x2d3/0x390
[ 2669.988216]  copy_process+0x273d/0x73c0
[ 2669.988228]  ? __pfx___futex_wait+0x10/0x10
[ 2669.988252]  ? __pfx_copy_process+0x10/0x10
[ 2669.988268]  ? futex_private_hash_put+0x127/0x2d0
[ 2669.988285]  kernel_clone+0xea/0x7f0
[ 2669.988298]  ? __pfx_futex_wake+0x10/0x10
[ 2669.988314]  ? __pfx_kernel_clone+0x10/0x10
[ 2669.988329]  ? alloc_file_pseudo+0x1a9/0x220
[ 2669.988350]  ? do_futex+0x135/0x370
[ 2669.988365]  __do_sys_clone+0xce/0x120
[ 2669.988378]  ? __pfx___do_sys_clone+0x10/0x10
[ 2669.988398]  ? __x64_sys_signalfd+0x11d/0x190
[ 2669.988416]  ? xfd_validate_state+0x55/0x180
[ 2669.988441]  do_syscall_64+0xbf/0x360
[ 2669.988454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2669.988467] RIP: 0033:0x7f426ab2ab19
[ 2669.988476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2669.988488] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2669.988501] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2669.988509] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2669.988517] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2669.988525] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2669.988532] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2669.988549]  </TASK>
[ 2669.988553] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2669.988560] kmemleak:   comm "syz-executor.4", pid 17690, jiffies 4297336716
[ 2669.988568] kmemleak:   min_count = 1
[ 2669.988572] kmemleak:   count = 0
[ 2669.988576] kmemleak:   flags = 0x21
[ 2669.988580] kmemleak:   checksum = 0
[ 2669.988584] kmemleak:   backtrace:
[ 2669.988587]  pcpu_alloc_noprof+0x87a/0x1170
[ 2669.988604]  percpu_ref_init+0x37/0x400
[ 2669.988623]  io_uring_setup+0x44c/0x2000
[ 2669.988636]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2669.988648]  do_syscall_64+0xbf/0x360
[ 2669.988657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:08 executing program 4:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:08 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:54:08 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(r0, 0x0, 0x0)

22:54:18 executing program 5:
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:18 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:54:18 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:18 executing program 4:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:18 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x0, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:18 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)

22:54:18 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
signalfd(r0, &(0x7f0000000080), 0x8)

22:54:18 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:18 executing program 7:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:18 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2679.778486] kmemleak: Found object by alias at 0x607f1a639184
[ 2679.778508] CPU: 0 UID: 0 PID: 17838 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2679.778527] Tainted: [W]=WARN
[ 2679.778531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2679.778539] Call Trace:
[ 2679.778543]  <TASK>
[ 2679.778548]  dump_stack_lvl+0xca/0x120
[ 2679.778573]  __lookup_object+0x94/0xb0
[ 2679.778591]  delete_object_full+0x27/0x70
[ 2679.778608]  free_percpu+0x30/0x1160
[ 2679.778625]  ? arch_uprobe_clear_state+0x16/0x140
[ 2679.778646]  futex_hash_free+0x38/0xc0
[ 2679.778661]  mmput+0x2d3/0x390
[ 2679.778681]  copy_process+0x273d/0x73c0
[ 2679.778693]  ? __pfx___futex_wait+0x10/0x10
[ 2679.778717]  ? __pfx_copy_process+0x10/0x10
[ 2679.778732]  ? futex_private_hash_put+0x127/0x2d0
[ 2679.778750]  kernel_clone+0xea/0x7f0
[ 2679.778762]  ? __pfx_futex_wake+0x10/0x10
[ 2679.778783]  ? __pfx_kernel_clone+0x10/0x10
[ 2679.778798]  ? alloc_file_pseudo+0x1a9/0x220
[ 2679.778818]  ? do_futex+0x135/0x370
[ 2679.778833]  __do_sys_clone+0xce/0x120
[ 2679.778846]  ? __pfx___do_sys_clone+0x10/0x10
[ 2679.778866]  ? __x64_sys_signalfd+0x11d/0x190
[ 2679.778884]  ? xfd_validate_state+0x55/0x180
[ 2679.778908]  do_syscall_64+0xbf/0x360
[ 2679.778921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2679.778934] RIP: 0033:0x7f426ab2ab19
[ 2679.778943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2679.778955] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2679.778968] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2679.778976] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2679.778983] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2679.778991] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2679.778998] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2679.779015]  </TASK>
[ 2679.779019] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2679.779026] kmemleak:   comm "syz-executor.6", pid 17839, jiffies 4297346608
[ 2679.779033] kmemleak:   min_count = 1
[ 2679.779037] kmemleak:   count = 0
[ 2679.779041] kmemleak:   flags = 0x21
[ 2679.779045] kmemleak:   checksum = 0
[ 2679.779049] kmemleak:   backtrace:
[ 2679.779052]  pcpu_alloc_noprof+0x87a/0x1170
[ 2679.779068]  percpu_ref_init+0x37/0x400
[ 2679.779087]  io_uring_setup+0x44c/0x2000
[ 2679.779100]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2679.779111]  do_syscall_64+0xbf/0x360
[ 2679.779120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2679.799032] kmemleak: Found object by alias at 0x607f1a638af4
[ 2679.799047] CPU: 0 UID: 0 PID: 17845 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2679.799064] Tainted: [W]=WARN
[ 2679.799068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2679.799074] Call Trace:
[ 2679.799078]  <TASK>
[ 2679.799082]  dump_stack_lvl+0xca/0x120
[ 2679.799107]  __lookup_object+0x94/0xb0
[ 2679.799124]  delete_object_full+0x27/0x70
[ 2679.799140]  free_percpu+0x30/0x1160
[ 2679.799155]  ? arch_uprobe_clear_state+0x16/0x140
[ 2679.799173]  futex_hash_free+0x38/0xc0
[ 2679.799187]  mmput+0x2d3/0x390
[ 2679.799205]  do_exit+0x79d/0x2970
[ 2679.799221]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2679.799236]  ? __pfx_do_exit+0x10/0x10
[ 2679.799250]  ? find_held_lock+0x2b/0x80
[ 2679.799275]  ? get_signal+0x1a05/0x2340
[ 2679.799294]  do_group_exit+0xd3/0x2a0
[ 2679.799309]  get_signal+0x2315/0x2340
[ 2679.799331]  ? __pfx_get_signal+0x10/0x10
[ 2679.799353]  arch_do_signal_or_restart+0x80/0x790
[ 2679.799370]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2679.799396]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2679.799415]  asm_exc_general_protection+0x26/0x30
[ 2679.799426] RIP: 0033:0x7f11f0c47b21
[ 2679.799435] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2679.799440] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2679.799449] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2679.799456] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2679.799463] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2679.799470] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2679.799477] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2679.799493]  </TASK>
[ 2679.799497] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2679.799503] kmemleak:   comm "syz-executor.2", pid 17832, jiffies 4297346583
[ 2679.799510] kmemleak:   min_count = 1
[ 2679.799514] kmemleak:   count = 0
[ 2679.799518] kmemleak:   flags = 0x21
[ 2679.799521] kmemleak:   checksum = 0
[ 2679.799525] kmemleak:   backtrace:
[ 2679.799528]  pcpu_alloc_noprof+0x87a/0x1170
[ 2679.799543]  percpu_ref_init+0x37/0x400
[ 2679.799559]  io_uring_setup+0x44c/0x2000
[ 2679.799569]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2679.799580]  do_syscall_64+0xbf/0x360
[ 2679.799589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:18 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:27 executing program 0:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:54:27 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:27 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:27 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:27 executing program 4:
clone(0x200, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:27 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:27 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:27 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x0, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:27 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

[ 2689.383650] kmemleak: Found object by alias at 0x607f1a639184
[ 2689.383677] CPU: 1 UID: 0 PID: 17972 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2689.383697] Tainted: [W]=WARN
[ 2689.383700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2689.383708] Call Trace:
[ 2689.383712]  <TASK>
[ 2689.383717]  dump_stack_lvl+0xca/0x120
[ 2689.383744]  __lookup_object+0x94/0xb0
[ 2689.383761]  delete_object_full+0x27/0x70
[ 2689.383778]  free_percpu+0x30/0x1160
[ 2689.383795]  ? arch_uprobe_clear_state+0x16/0x140
[ 2689.383814]  futex_hash_free+0x38/0xc0
[ 2689.383829]  mmput+0x2d3/0x390
[ 2689.383847]  copy_process+0x273d/0x73c0
[ 2689.383858]  ? __pfx___futex_wait+0x10/0x10
[ 2689.383881]  ? __pfx_copy_process+0x10/0x10
[ 2689.383896]  ? futex_private_hash_put+0x127/0x2d0
[ 2689.383912]  kernel_clone+0xea/0x7f0
[ 2689.383924]  ? __pfx_futex_wake+0x10/0x10
[ 2689.383939]  ? __pfx_kernel_clone+0x10/0x10
[ 2689.383953]  ? alloc_file_pseudo+0x1a9/0x220
[ 2689.383972]  ? do_futex+0x135/0x370
[ 2689.383986]  __do_sys_clone+0xce/0x120
[ 2689.383998]  ? __pfx___do_sys_clone+0x10/0x10
[ 2689.384017]  ? __x64_sys_signalfd+0x11d/0x190
[ 2689.384034]  ? xfd_validate_state+0x55/0x180
[ 2689.384056]  do_syscall_64+0xbf/0x360
[ 2689.384068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2689.384080] RIP: 0033:0x7f426ab2ab19
[ 2689.384089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2689.384101] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2689.384113] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2689.384121] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2689.384128] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2689.384135] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2689.384142] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2689.384158]  </TASK>
[ 2689.384162] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2689.384169] kmemleak:   comm "syz-executor.3", pid 17975, jiffies 4297356246
[ 2689.384176] kmemleak:   min_count = 1
[ 2689.384180] kmemleak:   count = 0
[ 2689.384184] kmemleak:   flags = 0x21
[ 2689.384187] kmemleak:   checksum = 0
[ 2689.384191] kmemleak:   backtrace:
[ 2689.384195]  pcpu_alloc_noprof+0x87a/0x1170
[ 2689.384210]  percpu_ref_init+0x37/0x400
[ 2689.384228]  io_uring_setup+0x44c/0x2000
[ 2689.384240]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2689.384250]  do_syscall_64+0xbf/0x360
[ 2689.384259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:27 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2689.467469] kmemleak: Found object by alias at 0x607f1a638af4
[ 2689.467486] CPU: 1 UID: 0 PID: 17979 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2689.467503] Tainted: [W]=WARN
[ 2689.467507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2689.467514] Call Trace:
[ 2689.467518]  <TASK>
[ 2689.467523]  dump_stack_lvl+0xca/0x120
[ 2689.467545]  __lookup_object+0x94/0xb0
[ 2689.467562]  delete_object_full+0x27/0x70
[ 2689.467577]  free_percpu+0x30/0x1160
[ 2689.467593]  ? arch_uprobe_clear_state+0x16/0x140
[ 2689.467612]  futex_hash_free+0x38/0xc0
[ 2689.467626]  mmput+0x2d3/0x390
[ 2689.467644]  do_exit+0x79d/0x2970
[ 2689.467660]  ? proc_coredump_connector+0x2bf/0x4e0
22:54:27 executing program 7:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2689.467676]  ? __pfx_do_exit+0x10/0x10
[ 2689.467689]  ? find_held_lock+0x2b/0x80
[ 2689.467707]  ? get_signal+0x1a05/0x2340
[ 2689.467726]  do_group_exit+0xd3/0x2a0
[ 2689.467741]  get_signal+0x2315/0x2340
[ 2689.467763]  ? __pfx_get_signal+0x10/0x10
[ 2689.467785]  arch_do_signal_or_restart+0x80/0x790
[ 2689.467806]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2689.467832]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2689.467852]  asm_exc_general_protection+0x26/0x30
[ 2689.467864] RIP: 0033:0x7f11f0c47b21
[ 2689.467872] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2689.467877] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2689.467887] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2689.467894] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2689.467901] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2689.467908] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2689.467914] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2689.467930]  </TASK>
[ 2689.467933] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2689.467940] kmemleak:   comm "syz-executor.6", pid 17977, jiffies 4297356244
[ 2689.467947] kmemleak:   min_count = 1
[ 2689.467951] kmemleak:   count = 0
[ 2689.467954] kmemleak:   flags = 0x21
[ 2689.467958] kmemleak:   checksum = 0
[ 2689.467962] kmemleak:   backtrace:
[ 2689.467965]  pcpu_alloc_noprof+0x87a/0x1170
[ 2689.467980]  percpu_ref_init+0x37/0x400
[ 2689.467997]  io_uring_setup+0x44c/0x2000
[ 2689.468009]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2689.468019]  do_syscall_64+0xbf/0x360
[ 2689.468028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2689.539145] kmemleak: Found object by alias at 0x607f1a638af4
[ 2689.539162] CPU: 1 UID: 0 PID: 17977 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2689.539180] Tainted: [W]=WARN
[ 2689.539184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2689.539191] Call Trace:
[ 2689.539195]  <TASK>
[ 2689.539199]  dump_stack_lvl+0xca/0x120
[ 2689.539223]  __lookup_object+0x94/0xb0
[ 2689.539240]  delete_object_full+0x27/0x70
[ 2689.539259]  free_percpu+0x30/0x1160
[ 2689.539274]  ? arch_uprobe_clear_state+0x16/0x140
[ 2689.539294]  futex_hash_free+0x38/0xc0
[ 2689.539308]  mmput+0x2d3/0x390
[ 2689.539326]  do_exit+0x79d/0x2970
[ 2689.539349]  ? lock_release+0xc8/0x290
[ 2689.539366]  ? __pfx_do_exit+0x10/0x10
[ 2689.539380]  ? find_held_lock+0x2b/0x80
[ 2689.539396]  ? get_signal+0x835/0x2340
[ 2689.539416]  do_group_exit+0xd3/0x2a0
[ 2689.539431]  get_signal+0x2315/0x2340
[ 2689.539453]  ? __pfx_get_signal+0x10/0x10
[ 2689.539468]  ? do_futex+0x135/0x370
[ 2689.539482]  ? __pfx_do_futex+0x10/0x10
[ 2689.539497]  arch_do_signal_or_restart+0x80/0x790
[ 2689.539514]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2689.539530]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2689.539541]  ? __x64_sys_futex+0x1d2/0x4d0
22:54:27 executing program 1:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2689.539554]  ? exc_page_fault+0xb0/0x180
[ 2689.539571]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2689.539589]  exit_to_user_mode_loop+0x8b/0x110
[ 2689.539602]  do_syscall_64+0x2f7/0x360
[ 2689.539614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2689.539626] RIP: 0033:0x7f11f0c47b19
[ 2689.539634] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2689.539639] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2689.539650] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2689.539658] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2689.539665] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2689.539671] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2689.539678] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2689.539693]  </TASK>
[ 2689.539697] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2689.539704] kmemleak:   comm "syz-executor.6", pid 17977, jiffies 4297356244
[ 2689.539711] kmemleak:   min_count = 1
[ 2689.539714] kmemleak:   count = 0
[ 2689.539718] kmemleak:   flags = 0x21
[ 2689.539721] kmemleak:   checksum = 0
[ 2689.539725] kmemleak:   backtrace:
[ 2689.539728]  pcpu_alloc_noprof+0x87a/0x1170
[ 2689.539743]  percpu_ref_init+0x37/0x400
[ 2689.539760]  io_uring_setup+0x44c/0x2000
[ 2689.539772]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2689.539782]  do_syscall_64+0xbf/0x360
[ 2689.539791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:27 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x0, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:28 executing program 7:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:28 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 5:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})

22:54:28 executing program 7:
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2689.863451] kmemleak: Found object by alias at 0x607f1a639184
[ 2689.863472] CPU: 1 UID: 0 PID: 18109 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2689.863492] Tainted: [W]=WARN
[ 2689.863496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2689.863507] Call Trace:
[ 2689.863511]  <TASK>
[ 2689.863516]  dump_stack_lvl+0xca/0x120
[ 2689.863541]  __lookup_object+0x94/0xb0
[ 2689.863559]  delete_object_full+0x27/0x70
[ 2689.863577]  free_percpu+0x30/0x1160
[ 2689.863594]  ? arch_uprobe_clear_state+0x16/0x140
[ 2689.863615]  futex_hash_free+0x38/0xc0
[ 2689.863631]  mmput+0x2d3/0x390
[ 2689.863651]  copy_process+0x273d/0x73c0
[ 2689.863662]  ? __pfx___futex_wait+0x10/0x10
[ 2689.863687]  ? __pfx_copy_process+0x10/0x10
[ 2689.863702]  ? futex_private_hash_put+0x127/0x2d0
[ 2689.863720]  kernel_clone+0xea/0x7f0
[ 2689.863732]  ? __pfx_futex_wake+0x10/0x10
[ 2689.863748]  ? __pfx_kernel_clone+0x10/0x10
[ 2689.863763]  ? alloc_file_pseudo+0x1a9/0x220
[ 2689.863784]  ? do_futex+0x135/0x370
[ 2689.863799]  __do_sys_clone+0xce/0x120
[ 2689.863811]  ? __pfx___do_sys_clone+0x10/0x10
[ 2689.863832]  ? __x64_sys_signalfd+0x11d/0x190
[ 2689.863850]  ? xfd_validate_state+0x55/0x180
[ 2689.863875]  do_syscall_64+0xbf/0x360
[ 2689.863887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2689.863900] RIP: 0033:0x7f426ab2ab19
[ 2689.863910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2689.863921] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2689.863934] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2689.863942] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2689.863949] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2689.863957] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2689.863964] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2689.863981]  </TASK>
[ 2689.863985] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2689.863992] kmemleak:   comm "syz-executor.6", pid 18107, jiffies 4297356647
[ 2689.863999] kmemleak:   min_count = 1
[ 2689.864003] kmemleak:   count = 0
[ 2689.864007] kmemleak:   flags = 0x21
[ 2689.864011] kmemleak:   checksum = 0
[ 2689.864015] kmemleak:   backtrace:
[ 2689.864018]  pcpu_alloc_noprof+0x87a/0x1170
[ 2689.864034]  percpu_ref_init+0x37/0x400
[ 2689.864053]  io_uring_setup+0x44c/0x2000
[ 2689.864065]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2689.864077]  do_syscall_64+0xbf/0x360
[ 2689.864087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:28 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, 0x0)

[ 2689.947882] kmemleak: Found object by alias at 0x607f1a638af4
[ 2689.947910] CPU: 0 UID: 0 PID: 18115 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2689.947945] Tainted: [W]=WARN
[ 2689.947953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2689.947966] Call Trace:
[ 2689.947973]  <TASK>
[ 2689.947981]  dump_stack_lvl+0xca/0x120
[ 2689.948022]  __lookup_object+0x94/0xb0
[ 2689.948052]  delete_object_full+0x27/0x70
[ 2689.948083]  free_percpu+0x30/0x1160
[ 2689.948112]  ? arch_uprobe_clear_state+0x16/0x140
[ 2689.948157]  futex_hash_free+0x38/0xc0
[ 2689.948182]  mmput+0x2d3/0x390
[ 2689.948218]  do_exit+0x79d/0x2970
[ 2689.948249]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2689.948278]  ? __pfx_do_exit+0x10/0x10
[ 2689.948305]  ? find_held_lock+0x2b/0x80
[ 2689.948339]  ? get_signal+0x1a05/0x2340
[ 2689.948376]  do_group_exit+0xd3/0x2a0
[ 2689.948406]  get_signal+0x2315/0x2340
[ 2689.948450]  ? __pfx_get_signal+0x10/0x10
[ 2689.948493]  arch_do_signal_or_restart+0x80/0x790
[ 2689.948527]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2689.948578]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2689.948614]  asm_exc_general_protection+0x26/0x30
[ 2689.948637] RIP: 0033:0x7f11f0c47b21
[ 2689.948654] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2689.948664] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2689.948682] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2689.948696] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2689.948710] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2689.948724] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2689.948738] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2689.948769]  </TASK>
[ 2689.948776] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2689.948789] kmemleak:   comm "syz-executor.3", pid 18097, jiffies 4297356596
[ 2689.948803] kmemleak:   min_count = 1
[ 2689.948811] kmemleak:   count = 0
[ 2689.948818] kmemleak:   flags = 0x21
[ 2689.948826] kmemleak:   checksum = 0
[ 2689.948833] kmemleak:   backtrace:
[ 2689.948839]  pcpu_alloc_noprof+0x87a/0x1170
[ 2689.948868]  percpu_ref_init+0x37/0x400
[ 2689.948901]  io_uring_setup+0x44c/0x2000
[ 2689.948922]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2689.948943]  do_syscall_64+0xbf/0x360
[ 2689.948960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:28 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:28 executing program 7:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 1:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x0, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})

22:54:38 executing program 7:
clone(0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:38 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

[ 2700.601295] kmemleak: Found object by alias at 0x607f1a639184
[ 2700.601333] CPU: 0 UID: 0 PID: 18159 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2700.601372] Tainted: [W]=WARN
[ 2700.601380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2700.601394] Call Trace:
[ 2700.601402]  <TASK>
[ 2700.601411]  dump_stack_lvl+0xca/0x120
[ 2700.601455]  __lookup_object+0x94/0xb0
[ 2700.601489]  delete_object_full+0x27/0x70
[ 2700.601523]  free_percpu+0x30/0x1160
[ 2700.601556]  ? arch_uprobe_clear_state+0x16/0x140
[ 2700.601597]  futex_hash_free+0x38/0xc0
[ 2700.601626]  mmput+0x2d3/0x390
[ 2700.601665]  copy_process+0x273d/0x73c0
[ 2700.601688]  ? __pfx___futex_wait+0x10/0x10
[ 2700.601736]  ? __pfx_copy_process+0x10/0x10
[ 2700.601768]  ? futex_private_hash_put+0x127/0x2d0
[ 2700.601811]  kernel_clone+0xea/0x7f0
[ 2700.601836]  ? __pfx_futex_wake+0x10/0x10
[ 2700.601868]  ? __pfx_kernel_clone+0x10/0x10
[ 2700.601899]  ? alloc_file_pseudo+0x1a9/0x220
[ 2700.601939]  ? do_futex+0x135/0x370
[ 2700.601969]  __do_sys_clone+0xce/0x120
[ 2700.601995]  ? __pfx___do_sys_clone+0x10/0x10
[ 2700.602036]  ? __x64_sys_signalfd+0x11d/0x190
[ 2700.602071]  ? xfd_validate_state+0x55/0x180
[ 2700.602118]  do_syscall_64+0xbf/0x360
[ 2700.602142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2700.602167] RIP: 0033:0x7f426ab2ab19
[ 2700.602186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2700.602211] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2700.602235] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2700.602252] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2700.602267] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2700.602282] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2700.602297] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2700.602330]  </TASK>
[ 2700.602338] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2700.602352] kmemleak:   comm "syz-executor.2", pid 18155, jiffies 4297367399
[ 2700.602368] kmemleak:   min_count = 1
22:54:39 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x0, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2700.602376] kmemleak:   count = 0
[ 2700.602384] kmemleak:   flags = 0x21
[ 2700.602392] kmemleak:   checksum = 0
[ 2700.602400] kmemleak:   backtrace:
[ 2700.602407]  pcpu_alloc_noprof+0x87a/0x1170
[ 2700.602439]  percpu_ref_init+0x37/0x400
[ 2700.602475]  io_uring_setup+0x44c/0x2000
[ 2700.602499]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2700.602522]  do_syscall_64+0xbf/0x360
[ 2700.602548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:48 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:48 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x0, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:48 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:48 executing program 1:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:48 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:48 executing program 7:
clone(0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:48 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
fcntl$getown(0xffffffffffffffff, 0x9)

22:54:48 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2710.665701] kmemleak: Found object by alias at 0x607f1a638af4
[ 2710.665737] CPU: 0 UID: 0 PID: 18188 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2710.665772] Tainted: [W]=WARN
[ 2710.665779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2710.665792] Call Trace:
[ 2710.665806]  <TASK>
[ 2710.665815]  dump_stack_lvl+0xca/0x120
[ 2710.665861]  __lookup_object+0x94/0xb0
[ 2710.665891]  delete_object_full+0x27/0x70
[ 2710.665921]  free_percpu+0x30/0x1160
[ 2710.665951]  ? arch_uprobe_clear_state+0x16/0x140
[ 2710.665988]  futex_hash_free+0x38/0xc0
[ 2710.666014]  mmput+0x2d3/0x390
[ 2710.666047]  do_exit+0x79d/0x2970
[ 2710.666073]  ? signal_wake_up_state+0x85/0x120
[ 2710.666101]  ? zap_other_threads+0x2b9/0x3a0
[ 2710.666131]  ? __pfx_do_exit+0x10/0x10
[ 2710.666155]  ? do_group_exit+0x1c3/0x2a0
[ 2710.666181]  ? lock_release+0xc8/0x290
[ 2710.666212]  do_group_exit+0xd3/0x2a0
[ 2710.666240]  __x64_sys_exit_group+0x3e/0x50
[ 2710.666266]  x64_sys_call+0x18c5/0x18d0
[ 2710.666295]  do_syscall_64+0xbf/0x360
[ 2710.666317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2710.666338] RIP: 0033:0x7f11f0c47b19
[ 2710.666355] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2710.666364] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2710.666385] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2710.666400] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2710.666414] RBP: 0000000000000000 R08: 0000001b2d220794 R09: 0000000000000000
[ 2710.666427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2710.666440] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2710.666469]  </TASK>
[ 2710.666476] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2710.666489] kmemleak:   comm "syz-executor.2", pid 18197, jiffies 4297377521
[ 2710.666503] kmemleak:   min_count = 1
[ 2710.666511] kmemleak:   count = 0
[ 2710.666518] kmemleak:   flags = 0x21
[ 2710.666525] kmemleak:   checksum = 0
[ 2710.666532] kmemleak:   backtrace:
[ 2710.666538]  pcpu_alloc_noprof+0x87a/0x1170
[ 2710.666566]  percpu_ref_init+0x37/0x400
[ 2710.666598]  io_uring_setup+0x44c/0x2000
[ 2710.666619]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2710.666640]  do_syscall_64+0xbf/0x360
[ 2710.666656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:49 executing program 7:
clone(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:49 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x0, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 7:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:54:59 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 6:
fcntl$getown(0xffffffffffffffff, 0x9)

22:54:59 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 1:
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

22:54:59 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

22:54:59 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2720.857964] kmemleak: Found object by alias at 0x607f1a638af4
[ 2720.857999] CPU: 0 UID: 0 PID: 18218 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2720.858037] Tainted: [W]=WARN
[ 2720.858045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2720.858058] Call Trace:
[ 2720.858066]  <TASK>
[ 2720.858081]  dump_stack_lvl+0xca/0x120
[ 2720.858126]  __lookup_object+0x94/0xb0
[ 2720.858158]  delete_object_full+0x27/0x70
[ 2720.858190]  free_percpu+0x30/0x1160
[ 2720.858222]  ? arch_uprobe_clear_state+0x16/0x140
[ 2720.858262]  futex_hash_free+0x38/0xc0
[ 2720.858290]  mmput+0x2d3/0x390
[ 2720.858327]  do_exit+0x79d/0x2970
[ 2720.858354]  ? signal_wake_up_state+0x85/0x120
[ 2720.858385]  ? zap_other_threads+0x2b9/0x3a0
[ 2720.858417]  ? __pfx_do_exit+0x10/0x10
[ 2720.858444]  ? do_group_exit+0x1c3/0x2a0
[ 2720.858472]  ? lock_release+0xc8/0x290
[ 2720.858506]  do_group_exit+0xd3/0x2a0
[ 2720.858537]  __x64_sys_exit_group+0x3e/0x50
[ 2720.858565]  x64_sys_call+0x18c5/0x18d0
[ 2720.858597]  do_syscall_64+0xbf/0x360
[ 2720.858620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2720.858643] RIP: 0033:0x7f11f0c47b19
[ 2720.858661] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2720.858672] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2720.858695] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2720.858711] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2720.858726] RBP: 0000000000000000 R08: 0000001b2d22001c R09: 0000000000000000
[ 2720.858740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2720.858754] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2720.858786]  </TASK>
[ 2720.858794] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2720.858808] kmemleak:   comm "syz-executor.0", pid 18229, jiffies 4297387694
[ 2720.858823] kmemleak:   min_count = 1
[ 2720.858831] kmemleak:   count = 0
[ 2720.858839] kmemleak:   flags = 0x21
[ 2720.858846] kmemleak:   checksum = 0
[ 2720.858854] kmemleak:   backtrace:
[ 2720.858861]  pcpu_alloc_noprof+0x87a/0x1170
[ 2720.858892]  percpu_ref_init+0x37/0x400
[ 2720.858927]  io_uring_setup+0x44c/0x2000
[ 2720.858949]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2720.858972]  do_syscall_64+0xbf/0x360
[ 2720.858989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2720.963955] kmemleak: Found object by alias at 0x607f1a639184
[ 2720.963986] CPU: 1 UID: 0 PID: 18229 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2720.964022] Tainted: [W]=WARN
[ 2720.964030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2720.964043] Call Trace:
[ 2720.964051]  <TASK>
[ 2720.964060]  dump_stack_lvl+0xca/0x120
[ 2720.964102]  __lookup_object+0x94/0xb0
[ 2720.964134]  delete_object_full+0x27/0x70
[ 2720.964166]  free_percpu+0x30/0x1160
[ 2720.964197]  ? arch_uprobe_clear_state+0x16/0x140
[ 2720.964236]  futex_hash_free+0x38/0xc0
[ 2720.964263]  mmput+0x2d3/0x390
[ 2720.964299]  copy_process+0x273d/0x73c0
[ 2720.964338]  ? __pfx_copy_process+0x10/0x10
[ 2720.964361]  ? __lock_acquire+0xc65/0x1b70
[ 2720.964393]  ? lock_is_held_type+0x9e/0x120
[ 2720.964434]  kernel_clone+0xea/0x7f0
[ 2720.964457]  ? finish_task_switch.isra.0+0x201/0x840
[ 2720.964502]  ? __pfx_kernel_clone+0x10/0x10
[ 2720.964528]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2720.964553]  ? finish_task_switch.isra.0+0x206/0x840
[ 2720.964592]  ? trace_sched_exit_tp+0xbf/0x100
[ 2720.964625]  ? __schedule+0xe91/0x3590
[ 2720.964658]  __do_sys_clone+0xce/0x120
[ 2720.964682]  ? __pfx___do_sys_clone+0x10/0x10
[ 2720.964706]  ? __pfx___schedule+0x10/0x10
[ 2720.964748]  ? xfd_validate_state+0x55/0x180
[ 2720.964791]  do_syscall_64+0xbf/0x360
[ 2720.964815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2720.964837] RIP: 0033:0x7f426ab2ab19
[ 2720.964855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2720.964878] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2720.964901] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2720.964916] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2720.964931] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2720.964945] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2720.964958] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2720.964990]  </TASK>
[ 2720.964997] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2720.965010] kmemleak:   comm "syz-executor.4", pid 18231, jiffies 4297387729
[ 2720.965025] kmemleak:   min_count = 1
[ 2720.965032] kmemleak:   count = 0
[ 2720.965039] kmemleak:   flags = 0x21
[ 2720.965047] kmemleak:   checksum = 0
[ 2720.965054] kmemleak:   backtrace:
[ 2720.965061]  pcpu_alloc_noprof+0x87a/0x1170
[ 2720.965091]  percpu_ref_init+0x37/0x400
[ 2720.965125]  io_uring_setup+0x44c/0x2000
[ 2720.965147]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2720.965168]  do_syscall_64+0xbf/0x360
[ 2720.965185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:54:59 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 1:
clone(0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

22:54:59 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:54:59 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

22:54:59 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:54:59 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:54:59 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

22:54:59 executing program 1:
clone(0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:54:59 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:54:59 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:00 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:00 executing program 1:
clone(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2721.844698] kmemleak: Found object by alias at 0x607f1a639184
[ 2721.844727] CPU: 1 UID: 0 PID: 18503 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2721.844761] Tainted: [W]=WARN
[ 2721.844768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2721.844781] Call Trace:
[ 2721.844788]  <TASK>
[ 2721.844796]  dump_stack_lvl+0xca/0x120
[ 2721.844845]  __lookup_object+0x94/0xb0
[ 2721.844874]  delete_object_full+0x27/0x70
[ 2721.844904]  free_percpu+0x30/0x1160
[ 2721.844933]  ? arch_uprobe_clear_state+0x16/0x140
[ 2721.844968]  futex_hash_free+0x38/0xc0
[ 2721.844994]  mmput+0x2d3/0x390
[ 2721.845027]  do_exit+0x79d/0x2970
[ 2721.845051]  ? lock_release+0xc8/0x290
[ 2721.845081]  ? __pfx_do_exit+0x10/0x10
[ 2721.845107]  ? find_held_lock+0x2b/0x80
[ 2721.845138]  ? get_signal+0x835/0x2340
[ 2721.845173]  do_group_exit+0xd3/0x2a0
[ 2721.845200]  get_signal+0x2315/0x2340
[ 2721.845241]  ? __pfx_get_signal+0x10/0x10
[ 2721.845271]  ? do_futex+0x135/0x370
[ 2721.845296]  ? __pfx_do_futex+0x10/0x10
[ 2721.845324]  arch_do_signal_or_restart+0x80/0x790
[ 2721.845355]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2721.845389]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2721.845411]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2721.845436]  ? exc_page_fault+0xb0/0x180
[ 2721.845465]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2721.845499]  exit_to_user_mode_loop+0x8b/0x110
[ 2721.845522]  do_syscall_64+0x2f7/0x360
[ 2721.845544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2721.845566] RIP: 0033:0x7f426ab2ab19
[ 2721.845582] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2721.845592] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2721.845613] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2721.845627] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2721.845640] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2721.845653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2721.845666] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2721.845696]  </TASK>
[ 2721.845702] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2721.845715] kmemleak:   comm "syz-executor.6", pid 18648, jiffies 4297388623
[ 2721.845728] kmemleak:   min_count = 1
[ 2721.845735] kmemleak:   count = 0
[ 2721.845742] kmemleak:   flags = 0x21
[ 2721.845749] kmemleak:   checksum = 0
[ 2721.845756] kmemleak:   backtrace:
[ 2721.845762]  pcpu_alloc_noprof+0x87a/0x1170
[ 2721.845789]  percpu_ref_init+0x37/0x400
[ 2721.845820]  io_uring_setup+0x44c/0x2000
[ 2721.845841]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2721.845861]  do_syscall_64+0xbf/0x360
[ 2721.845876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:10 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

22:55:10 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:10 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:10 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))

22:55:10 executing program 1:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:55:10 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:10 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:10 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

[ 2732.236750] kmemleak: Found object by alias at 0x607f1a639184
[ 2732.236773] CPU: 1 UID: 0 PID: 18710 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2732.236793] Tainted: [W]=WARN
[ 2732.236802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2732.236810] Call Trace:
[ 2732.236815]  <TASK>
[ 2732.236820]  dump_stack_lvl+0xca/0x120
[ 2732.236846]  __lookup_object+0x94/0xb0
[ 2732.236865]  delete_object_full+0x27/0x70
[ 2732.236882]  free_percpu+0x30/0x1160
[ 2732.236900]  ? arch_uprobe_clear_state+0x16/0x140
[ 2732.236921]  futex_hash_free+0x38/0xc0
[ 2732.236936]  mmput+0x2d3/0x390
[ 2732.236957]  copy_process+0x273d/0x73c0
[ 2732.236969]  ? __pfx___futex_wait+0x10/0x10
[ 2732.236993]  ? __pfx_copy_process+0x10/0x10
[ 2732.237009]  ? futex_private_hash_put+0x127/0x2d0
[ 2732.237027]  kernel_clone+0xea/0x7f0
[ 2732.237039]  ? __pfx_futex_wake+0x10/0x10
[ 2732.237056]  ? __pfx_kernel_clone+0x10/0x10
[ 2732.237071]  ? io_uring_setup+0x16e0/0x2000
[ 2732.237088]  ? do_futex+0x135/0x370
[ 2732.237104]  __do_sys_clone+0xce/0x120
[ 2732.237117]  ? __pfx___do_sys_clone+0x10/0x10
[ 2732.237137]  ? __x64_sys_signalfd+0x11d/0x190
[ 2732.237155]  ? xfd_validate_state+0x55/0x180
[ 2732.237180]  do_syscall_64+0xbf/0x360
[ 2732.237193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2732.237206] RIP: 0033:0x7f426ab2ab19
[ 2732.237216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2732.237229] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2732.237242] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2732.237250] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2732.237258] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2732.237266] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2732.237273] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2732.237290]  </TASK>
[ 2732.237294] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2732.237301] kmemleak:   comm "syz-executor.4", pid 18705, jiffies 4297399091
[ 2732.237309] kmemleak:   min_count = 1
[ 2732.237313] kmemleak:   count = 0
[ 2732.237318] kmemleak:   flags = 0x21
[ 2732.237322] kmemleak:   checksum = 0
[ 2732.237326] kmemleak:   backtrace:
[ 2732.237330]  pcpu_alloc_noprof+0x87a/0x1170
[ 2732.237346]  percpu_ref_init+0x37/0x400
[ 2732.237365]  io_uring_setup+0x44c/0x2000
[ 2732.237376]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2732.237388]  do_syscall_64+0xbf/0x360
[ 2732.237397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:10 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:10 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x0, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:10 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:10 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:10 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:10 executing program 5:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r0, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:10 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', 0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})

22:55:10 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2732.549512] kmemleak: Found object by alias at 0x607f1a638af4
[ 2732.549533] CPU: 1 UID: 0 PID: 18931 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2732.549551] Tainted: [W]=WARN
[ 2732.549555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2732.549563] Call Trace:
[ 2732.549567]  <TASK>
[ 2732.549572]  dump_stack_lvl+0xca/0x120
[ 2732.549599]  __lookup_object+0x94/0xb0
[ 2732.549616]  delete_object_full+0x27/0x70
[ 2732.549632]  free_percpu+0x30/0x1160
[ 2732.549648]  ? arch_uprobe_clear_state+0x16/0x140
[ 2732.549668]  futex_hash_free+0x38/0xc0
[ 2732.549682]  mmput+0x2d3/0x390
[ 2732.549701]  do_exit+0x79d/0x2970
[ 2732.549718]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2732.549733]  ? __pfx_do_exit+0x10/0x10
[ 2732.549747]  ? find_held_lock+0x2b/0x80
[ 2732.549765]  ? get_signal+0x1a05/0x2340
[ 2732.549785]  do_group_exit+0xd3/0x2a0
[ 2732.549804]  get_signal+0x2315/0x2340
[ 2732.549826]  ? __pfx_get_signal+0x10/0x10
[ 2732.549848]  arch_do_signal_or_restart+0x80/0x790
[ 2732.549866]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2732.549892]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2732.549911]  asm_exc_general_protection+0x26/0x30
[ 2732.549923] RIP: 0033:0x7f11f0c47b21
[ 2732.549931] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2732.549937] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2732.549947] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2732.549954] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2732.549962] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2732.549969] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2732.549976] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2732.549992]  </TASK>
[ 2732.549996] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2732.550003] kmemleak:   comm "syz-executor.6", pid 18911, jiffies 4297399375
[ 2732.550010] kmemleak:   min_count = 1
[ 2732.550014] kmemleak:   count = 0
[ 2732.550018] kmemleak:   flags = 0x21
[ 2732.550022] kmemleak:   checksum = 0
[ 2732.550025] kmemleak:   backtrace:
[ 2732.550029]  pcpu_alloc_noprof+0x87a/0x1170
[ 2732.550044]  percpu_ref_init+0x37/0x400
[ 2732.550062]  io_uring_setup+0x44c/0x2000
[ 2732.550074]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2732.550084]  do_syscall_64+0xbf/0x360
[ 2732.550093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:19 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:19 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab0715", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:19 executing program 5:
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
signalfd(r0, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:19 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:19 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:19 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:19 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
getpeername$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:19 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:19 executing program 5:
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
signalfd(r0, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:19 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab0715", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:19 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:19 executing program 5:
r0 = signalfd(0xffffffffffffffff, 0x0, 0x0)
signalfd(r0, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:30 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:55:30 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:30 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:30 executing program 5:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(r0, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:30 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:30 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab0715", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:30 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:30 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

[ 2752.287079] kmemleak: Found object by alias at 0x607f1a639184
[ 2752.287104] CPU: 0 UID: 0 PID: 19195 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2752.287124] Tainted: [W]=WARN
[ 2752.287128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2752.287136] Call Trace:
[ 2752.287140]  <TASK>
[ 2752.287146]  dump_stack_lvl+0xca/0x120
[ 2752.287172]  __lookup_object+0x94/0xb0
[ 2752.287190]  delete_object_full+0x27/0x70
[ 2752.287207]  free_percpu+0x30/0x1160
[ 2752.287225]  ? arch_uprobe_clear_state+0x16/0x140
[ 2752.287247]  futex_hash_free+0x38/0xc0
[ 2752.287262]  mmput+0x2d3/0x390
[ 2752.287282]  copy_process+0x273d/0x73c0
[ 2752.287293]  ? __pfx___futex_wait+0x10/0x10
[ 2752.287317]  ? __pfx_copy_process+0x10/0x10
[ 2752.287330]  ? __lock_acquire+0xc65/0x1b70
[ 2752.287352]  kernel_clone+0xea/0x7f0
[ 2752.287365]  ? finish_task_switch.isra.0+0x201/0x840
[ 2752.287386]  ? __pfx_kernel_clone+0x10/0x10
[ 2752.287400]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2752.287414]  ? finish_task_switch.isra.0+0x206/0x840
[ 2752.287436]  ? do_futex+0x135/0x370
[ 2752.287452]  __do_sys_clone+0xce/0x120
[ 2752.287465]  ? __pfx___do_sys_clone+0x10/0x10
[ 2752.287478]  ? __pfx___schedule+0x10/0x10
[ 2752.287500]  ? __x64_sys_signalfd+0x11d/0x190
[ 2752.287518]  ? xfd_validate_state+0x55/0x180
[ 2752.287542]  do_syscall_64+0xbf/0x360
[ 2752.287558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2752.287571] RIP: 0033:0x7f426ab2ab19
[ 2752.287581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2752.287594] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2752.287606] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2752.287615] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2752.287623] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2752.287631] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2752.287638] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2752.287655]  </TASK>
[ 2752.287659] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2752.287666] kmemleak:   comm "syz-executor.4", pid 19203, jiffies 4297419173
[ 2752.287674] kmemleak:   min_count = 1
[ 2752.287678] kmemleak:   count = 0
[ 2752.287682] kmemleak:   flags = 0x21
[ 2752.287686] kmemleak:   checksum = 0
[ 2752.287690] kmemleak:   backtrace:
[ 2752.287694]  pcpu_alloc_noprof+0x87a/0x1170
[ 2752.287710]  percpu_ref_init+0x37/0x400
[ 2752.287730]  io_uring_setup+0x44c/0x2000
[ 2752.287742]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2752.287753]  do_syscall_64+0xbf/0x360
[ 2752.287763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:30 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d80", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2752.358105] kmemleak: Found object by alias at 0x607f1a638af4
[ 2752.358125] CPU: 0 UID: 0 PID: 19212 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2752.358143] Tainted: [W]=WARN
[ 2752.358147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2752.358155] Call Trace:
[ 2752.358159]  <TASK>
[ 2752.358164]  dump_stack_lvl+0xca/0x120
[ 2752.358190]  __lookup_object+0x94/0xb0
[ 2752.358206]  delete_object_full+0x27/0x70
[ 2752.358222]  free_percpu+0x30/0x1160
[ 2752.358238]  ? arch_uprobe_clear_state+0x16/0x140
[ 2752.358258]  futex_hash_free+0x38/0xc0
[ 2752.358272]  mmput+0x2d3/0x390
[ 2752.358290]  do_exit+0x79d/0x2970
[ 2752.358307]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2752.358322]  ? __pfx_do_exit+0x10/0x10
[ 2752.358336]  ? find_held_lock+0x2b/0x80
[ 2752.358354]  ? get_signal+0x1a05/0x2340
[ 2752.358373]  do_group_exit+0xd3/0x2a0
[ 2752.358387]  get_signal+0x2315/0x2340
[ 2752.358410]  ? __pfx_get_signal+0x10/0x10
[ 2752.358427]  ? arch_do_signal_or_restart+0x533/0x790
[ 2752.358447]  arch_do_signal_or_restart+0x80/0x790
[ 2752.358463]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2752.358488]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2752.358507]  asm_exc_general_protection+0x26/0x30
[ 2752.358519] RIP: 0033:0x7f11f0c47b21
[ 2752.358528] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2752.358533] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2752.358543] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2752.358555] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2752.358562] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2752.358568] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2752.358575] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2752.358591]  </TASK>
[ 2752.358595] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2752.358601] kmemleak:   comm "syz-executor.0", pid 19195, jiffies 4297419133
[ 2752.358608] kmemleak:   min_count = 1
[ 2752.358612] kmemleak:   count = 0
[ 2752.358616] kmemleak:   flags = 0x21
[ 2752.358620] kmemleak:   checksum = 0
[ 2752.358624] kmemleak:   backtrace:
[ 2752.358627]  pcpu_alloc_noprof+0x87a/0x1170
[ 2752.358642]  percpu_ref_init+0x37/0x400
[ 2752.358660]  io_uring_setup+0x44c/0x2000
[ 2752.358671]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2752.358682]  do_syscall_64+0xbf/0x360
[ 2752.358690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:30 executing program 5:
signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

[ 2752.411900] kmemleak: Found object by alias at 0x607f1a638af4
[ 2752.411920] CPU: 0 UID: 0 PID: 19204 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2752.411942] Tainted: [W]=WARN
[ 2752.411946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2752.411954] Call Trace:
[ 2752.411958]  <TASK>
[ 2752.411962]  dump_stack_lvl+0xca/0x120
[ 2752.411988]  __lookup_object+0x94/0xb0
[ 2752.412005]  delete_object_full+0x27/0x70
[ 2752.412021]  free_percpu+0x30/0x1160
[ 2752.412038]  ? arch_uprobe_clear_state+0x16/0x140
[ 2752.412058]  futex_hash_free+0x38/0xc0
[ 2752.412072]  mmput+0x2d3/0x390
[ 2752.412091]  do_exit+0x79d/0x2970
[ 2752.412104]  ? lock_release+0xc8/0x290
[ 2752.412121]  ? __pfx_do_exit+0x10/0x10
[ 2752.412135]  ? find_held_lock+0x2b/0x80
[ 2752.412152]  ? get_signal+0x835/0x2340
[ 2752.412172]  do_group_exit+0xd3/0x2a0
[ 2752.412187]  get_signal+0x2315/0x2340
[ 2752.412209]  ? __pfx_get_signal+0x10/0x10
[ 2752.412226]  ? do_futex+0x135/0x370
[ 2752.412239]  ? __pfx_do_futex+0x10/0x10
[ 2752.412254]  arch_do_signal_or_restart+0x80/0x790
[ 2752.412272]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2752.412288]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2752.412300]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2752.412317]  ? find_get_task_by_vpid+0x1a4/0x310
[ 2752.412334]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2752.412349]  ? syscall_user_dispatch+0x78/0x140
[ 2752.412366]  exit_to_user_mode_loop+0x8b/0x110
[ 2752.412377]  do_syscall_64+0x2f7/0x360
[ 2752.412389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2752.412402] RIP: 0033:0x7f11f0c47b19
[ 2752.412410] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2752.412416] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2752.412427] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2752.412435] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2752.412442] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2752.412448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2752.412455] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2752.412472]  </TASK>
[ 2752.412475] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2752.412482] kmemleak:   comm "syz-executor.0", pid 19195, jiffies 4297419133
[ 2752.412489] kmemleak:   min_count = 1
[ 2752.412493] kmemleak:   count = 0
[ 2752.412497] kmemleak:   flags = 0x21
[ 2752.412500] kmemleak:   checksum = 0
[ 2752.412504] kmemleak:   backtrace:
[ 2752.412508]  pcpu_alloc_noprof+0x87a/0x1170
[ 2752.412523]  percpu_ref_init+0x37/0x400
[ 2752.412541]  io_uring_setup+0x44c/0x2000
[ 2752.412552]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2752.412563]  do_syscall_64+0xbf/0x360
[ 2752.412571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:30 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

22:55:30 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:30 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab0715", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:30 executing program 5:
signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:40 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:40 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab0715", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:40 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000004100)={0x1f, @none}, 0x8)

22:55:40 executing program 5:
signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)

22:55:40 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:55:40 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d80", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:40 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:40 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:41 executing program 5:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(r0, 0x0, 0x0)

22:55:41 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:52 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:52 executing program 7:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
socketpair(0x2c, 0x3, 0x3f, &(0x7f00000040c0)={<r6=>0xffffffffffffffff})
bind$bt_sco(r6, &(0x7f0000004100)={0x1f, @none}, 0x8)
ioctl$F2FS_IOC_GET_PIN_FILE(r6, 0x8004f50e, &(0x7f0000004140))
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f0000004280)={&(0x7f0000004180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004240)={&(0x7f00000041c0)={0x44, 0x0, 0x724469f4053571e0, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x19c2}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8804}, 0x2004c081)

22:55:52 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:52 executing program 6:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
bind$bt_sco(0xffffffffffffffff, &(0x7f0000004100)={0x1f, @none}, 0x8)

22:55:52 executing program 5:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(r0, 0x0, 0x0)

22:55:52 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:52 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:55:52 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:52 executing program 5:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(r0, 0x0, 0x0)

22:55:53 executing program 5:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
signalfd(r0, &(0x7f00000000c0), 0x8)

22:55:53 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:53 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:53 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:53 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:55:53 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:53 executing program 7:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2774.962161] kmemleak: Found object by alias at 0x607f1a638af4
[ 2774.962193] CPU: 0 UID: 0 PID: 19691 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2774.962227] Tainted: [W]=WARN
[ 2774.962234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2774.962246] Call Trace:
[ 2774.962253]  <TASK>
[ 2774.962262]  dump_stack_lvl+0xca/0x120
[ 2774.962304]  __lookup_object+0x94/0xb0
[ 2774.962333]  delete_object_full+0x27/0x70
[ 2774.962363]  free_percpu+0x30/0x1160
[ 2774.962398]  ? arch_uprobe_clear_state+0x16/0x140
[ 2774.962434]  futex_hash_free+0x38/0xc0
[ 2774.962458]  mmput+0x2d3/0x390
[ 2774.962492]  do_exit+0x79d/0x2970
[ 2774.962516]  ? lock_release+0xc8/0x290
[ 2774.962546]  ? __pfx_do_exit+0x10/0x10
[ 2774.962571]  ? find_held_lock+0x2b/0x80
[ 2774.962601]  ? get_signal+0x835/0x2340
[ 2774.962637]  do_group_exit+0xd3/0x2a0
[ 2774.962664]  get_signal+0x2315/0x2340
[ 2774.962700]  ? __call_rcu_common.constprop.0+0x4c1/0x960
[ 2774.962729]  ? __pfx_get_signal+0x10/0x10
[ 2774.962759]  ? do_futex+0x135/0x370
[ 2774.962783]  ? __pfx_do_futex+0x10/0x10
[ 2774.962811]  arch_do_signal_or_restart+0x80/0x790
[ 2774.962842]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2774.962871]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2774.962893]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2774.962918]  ? fput_close_sync+0x114/0x240
[ 2774.962947]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2774.962970]  ? __pfx_fput_close_sync+0x10/0x10
[ 2774.962997]  ? dnotify_flush+0x79/0x4c0
[ 2774.963025]  exit_to_user_mode_loop+0x8b/0x110
[ 2774.963048]  do_syscall_64+0x2f7/0x360
[ 2774.963069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2774.963090] RIP: 0033:0x7f11f0c47b19
[ 2774.963106] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2774.963116] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2774.963136] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2774.963151] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2774.963164] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2774.963177] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2774.963190] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2774.963219]  </TASK>
[ 2774.963226] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2774.963238] kmemleak:   comm "syz-executor.3", pid 19919, jiffies 4297441778
[ 2774.963251] kmemleak:   min_count = 1
[ 2774.963258] kmemleak:   count = 0
[ 2774.963265] kmemleak:   flags = 0x21
[ 2774.963272] kmemleak:   checksum = 0
[ 2774.963279] kmemleak:   backtrace:
[ 2774.963285]  pcpu_alloc_noprof+0x87a/0x1170
[ 2774.963313]  percpu_ref_init+0x37/0x400
[ 2774.963344]  io_uring_setup+0x44c/0x2000
[ 2774.963364]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2774.963384]  do_syscall_64+0xbf/0x360
[ 2774.963400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:55:53 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:55:53 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:55:53 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:55:53 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2775.426077] kmemleak: Found object by alias at 0x607f1a639184
[ 2775.426110] CPU: 1 UID: 0 PID: 19934 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2775.426148] Tainted: [W]=WARN
[ 2775.426156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2775.426171] Call Trace:
[ 2775.426178]  <TASK>
[ 2775.426188]  dump_stack_lvl+0xca/0x120
[ 2775.426232]  __lookup_object+0x94/0xb0
[ 2775.426265]  delete_object_full+0x27/0x70
[ 2775.426300]  free_percpu+0x30/0x1160
[ 2775.426333]  ? arch_uprobe_clear_state+0x16/0x140
[ 2775.426374]  futex_hash_free+0x38/0xc0
[ 2775.426403]  mmput+0x2d3/0x390
[ 2775.426452]  copy_process+0x273d/0x73c0
[ 2775.426482]  ? __pfx___futex_wait+0x10/0x10
[ 2775.426548]  ? __pfx_copy_process+0x10/0x10
[ 2775.426585]  ? futex_private_hash_put+0x127/0x2d0
[ 2775.426629]  kernel_clone+0xea/0x7f0
[ 2775.426662]  ? __pfx_futex_wake+0x10/0x10
[ 2775.426707]  ? __pfx_kernel_clone+0x10/0x10
[ 2775.426752]  ? io_uring_setup+0x16e0/0x2000
[ 2775.426809]  ? do_futex+0x135/0x370
[ 2775.426848]  __do_sys_clone+0xce/0x120
[ 2775.426874]  ? __pfx___do_sys_clone+0x10/0x10
[ 2775.426914]  ? __x64_sys_signalfd+0x11d/0x190
[ 2775.426950]  ? xfd_validate_state+0x55/0x180
[ 2775.426998]  do_syscall_64+0xbf/0x360
[ 2775.427022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2775.427047] RIP: 0033:0x7f426ab2ab19
[ 2775.427067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2775.427091] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2775.427115] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2775.427132] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2775.427147] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2775.427163] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2775.427178] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2775.427211]  </TASK>
[ 2775.427219] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2775.427233] kmemleak:   comm "syz-executor.5", pid 19936, jiffies 4297442048
[ 2775.427248] kmemleak:   min_count = 1
[ 2775.427256] kmemleak:   count = 0
[ 2775.427264] kmemleak:   flags = 0x21
[ 2775.427272] kmemleak:   checksum = 0
[ 2775.427280] kmemleak:   backtrace:
[ 2775.427287]  pcpu_alloc_noprof+0x87a/0x1170
[ 2775.427319]  percpu_ref_init+0x37/0x400
[ 2775.427356]  io_uring_setup+0x44c/0x2000
[ 2775.427379]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2775.427405]  do_syscall_64+0xbf/0x360
[ 2775.427426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2775.459069] kmemleak: Found object by alias at 0x607f1a638af4
[ 2775.459097] CPU: 0 UID: 0 PID: 20063 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2775.459129] Tainted: [W]=WARN
[ 2775.459136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2775.459147] Call Trace:
[ 2775.459154]  <TASK>
[ 2775.459161]  dump_stack_lvl+0xca/0x120
[ 2775.459199]  __lookup_object+0x94/0xb0
[ 2775.459226]  delete_object_full+0x27/0x70
[ 2775.459254]  free_percpu+0x30/0x1160
[ 2775.459281]  ? arch_uprobe_clear_state+0x16/0x140
[ 2775.459315]  futex_hash_free+0x38/0xc0
[ 2775.459339]  mmput+0x2d3/0x390
[ 2775.459371]  do_exit+0x79d/0x2970
[ 2775.459399]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2775.459425]  ? __pfx_do_exit+0x10/0x10
[ 2775.459449]  ? find_held_lock+0x2b/0x80
[ 2775.459479]  ? get_signal+0x1a05/0x2340
[ 2775.459513]  do_group_exit+0xd3/0x2a0
[ 2775.459539]  get_signal+0x2315/0x2340
[ 2775.459578]  ? __pfx_get_signal+0x10/0x10
[ 2775.459616]  arch_do_signal_or_restart+0x80/0x790
[ 2775.459646]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2775.459691]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2775.459723]  asm_exc_general_protection+0x26/0x30
[ 2775.459744] RIP: 0033:0x7f11f0c47b21
[ 2775.459759] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2775.459768] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2775.459784] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2775.459804] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2775.459817] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2775.459829] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2775.459841] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2775.459869]  </TASK>
[ 2775.459875] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2775.459887] kmemleak:   comm "syz-executor.2", pid 20012, jiffies 4297442185
[ 2775.459900] kmemleak:   min_count = 1
[ 2775.459907] kmemleak:   count = 0
[ 2775.459913] kmemleak:   flags = 0x21
[ 2775.459920] kmemleak:   checksum = 0
[ 2775.459927] kmemleak:   backtrace:
[ 2775.459932]  pcpu_alloc_noprof+0x87a/0x1170
[ 2775.459958]  percpu_ref_init+0x37/0x400
[ 2775.460013]  io_uring_setup+0x44c/0x2000
[ 2775.460032]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2775.460051]  do_syscall_64+0xbf/0x360
[ 2775.460066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:02 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:02 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:56:02 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:02 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

22:56:02 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:56:02 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:56:02 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:02 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

[ 2784.784464] kmemleak: Found object by alias at 0x607f1a639184
[ 2784.784497] CPU: 1 UID: 0 PID: 20270 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2784.784533] Tainted: [W]=WARN
[ 2784.784540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2784.784553] Call Trace:
[ 2784.784560]  <TASK>
[ 2784.784568]  dump_stack_lvl+0xca/0x120
[ 2784.784608]  __lookup_object+0x94/0xb0
[ 2784.784638]  delete_object_full+0x27/0x70
[ 2784.784670]  free_percpu+0x30/0x1160
[ 2784.784700]  ? arch_uprobe_clear_state+0x16/0x140
[ 2784.784737]  futex_hash_free+0x38/0xc0
[ 2784.784763]  mmput+0x2d3/0x390
[ 2784.784806]  copy_process+0x273d/0x73c0
[ 2784.784843]  ? __pfx_copy_process+0x10/0x10
[ 2784.784866]  ? __lock_acquire+0xc65/0x1b70
[ 2784.784896]  ? match_held_lock+0xb1/0xd0
[ 2784.784936]  kernel_clone+0xea/0x7f0
[ 2784.784958]  ? finish_task_switch.isra.0+0x201/0x840
[ 2784.784996]  ? __pfx_kernel_clone+0x10/0x10
[ 2784.785022]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2784.785046]  ? finish_task_switch.isra.0+0x206/0x840
[ 2784.785085]  ? trace_sched_exit_tp+0xbf/0x100
[ 2784.785118]  ? __schedule+0xe91/0x3590
[ 2784.785150]  __do_sys_clone+0xce/0x120
[ 2784.785174]  ? __pfx___do_sys_clone+0x10/0x10
[ 2784.785197]  ? __pfx___schedule+0x10/0x10
[ 2784.785237]  ? __x64_sys_signalfd+0x11d/0x190
[ 2784.785269]  ? xfd_validate_state+0x55/0x180
[ 2784.785312]  do_syscall_64+0xbf/0x360
[ 2784.785334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2784.785357] RIP: 0033:0x7f426ab2ab19
[ 2784.785374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2784.785396] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2784.785419] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2784.785434] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2784.785449] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2784.785463] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2784.785477] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2784.785507]  </TASK>
[ 2784.785514] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2784.785527] kmemleak:   comm "syz-executor.0", pid 20270, jiffies 4297451530
[ 2784.785541] kmemleak:   min_count = 1
[ 2784.785549] kmemleak:   count = 0
[ 2784.785556] kmemleak:   flags = 0x21
[ 2784.785564] kmemleak:   checksum = 0
[ 2784.785571] kmemleak:   backtrace:
[ 2784.785578]  pcpu_alloc_noprof+0x87a/0x1170
[ 2784.785608]  percpu_ref_init+0x37/0x400
[ 2784.785641]  io_uring_setup+0x44c/0x2000
[ 2784.785662]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2784.785685]  do_syscall_64+0xbf/0x360
[ 2784.785701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:03 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:03 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), 0x0, &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:03 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:03 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:56:03 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

22:56:03 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
socketpair(0x2c, 0x3, 0x3f, &(0x7f00000040c0)={<r6=>0xffffffffffffffff})
bind$bt_sco(r6, &(0x7f0000004100)={0x1f, @none}, 0x8)
ioctl$F2FS_IOC_GET_PIN_FILE(r6, 0x8004f50e, &(0x7f0000004140))
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f0000004280)={&(0x7f0000004180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004240)={&(0x7f00000041c0)={0x44, 0x0, 0x724469f4053571e0, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x19c2}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8804}, 0x2004c081)

22:56:03 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

[ 2785.157267] kmemleak: Found object by alias at 0x607f1a639184
[ 2785.157296] CPU: 1 UID: 0 PID: 20270 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2785.157329] Tainted: [W]=WARN
[ 2785.157337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2785.157357] Call Trace:
[ 2785.157364]  <TASK>
[ 2785.157372]  dump_stack_lvl+0xca/0x120
[ 2785.157414]  __lookup_object+0x94/0xb0
[ 2785.157443]  delete_object_full+0x27/0x70
[ 2785.157473]  free_percpu+0x30/0x1160
[ 2785.157501]  ? arch_uprobe_clear_state+0x16/0x140
[ 2785.157537]  futex_hash_free+0x38/0xc0
[ 2785.157563]  mmput+0x2d3/0x390
[ 2785.157596]  do_exit+0x79d/0x2970
[ 2785.157620]  ? lock_release+0xc8/0x290
[ 2785.157650]  ? __pfx_do_exit+0x10/0x10
[ 2785.157676]  ? find_held_lock+0x2b/0x80
[ 2785.157707]  ? get_signal+0x835/0x2340
[ 2785.157742]  do_group_exit+0xd3/0x2a0
[ 2785.157769]  get_signal+0x2315/0x2340
[ 2785.157810]  ? __pfx_get_signal+0x10/0x10
[ 2785.157840]  ? do_futex+0x135/0x370
[ 2785.157865]  ? __pfx_do_futex+0x10/0x10
[ 2785.157892]  arch_do_signal_or_restart+0x80/0x790
[ 2785.157924]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2785.157953]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2785.157976]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2785.158000]  ? exc_page_fault+0xb0/0x180
[ 2785.158031]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2785.158064]  exit_to_user_mode_loop+0x8b/0x110
[ 2785.158087]  do_syscall_64+0x2f7/0x360
[ 2785.158109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2785.158130] RIP: 0033:0x7f426ab2ab19
[ 2785.158146] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2785.158156] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2785.158176] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2785.158191] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2785.158204] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2785.158217] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2785.158229] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2785.158259]  </TASK>
[ 2785.158266] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2785.158278] kmemleak:   comm "syz-executor.2", pid 20564, jiffies 4297451914
[ 2785.158291] kmemleak:   min_count = 1
[ 2785.158298] kmemleak:   count = 0
[ 2785.158305] kmemleak:   flags = 0x21
[ 2785.158312] kmemleak:   checksum = 0
[ 2785.158319] kmemleak:   backtrace:
[ 2785.158325]  pcpu_alloc_noprof+0x87a/0x1170
[ 2785.158352]  percpu_ref_init+0x37/0x400
[ 2785.158383]  io_uring_setup+0x44c/0x2000
[ 2785.158403]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2785.158423]  do_syscall_64+0xbf/0x360
[ 2785.158439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:15 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:56:15 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:15 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:15 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
socketpair(0x2c, 0x3, 0x3f, &(0x7f00000040c0)={<r6=>0xffffffffffffffff})
bind$bt_sco(r6, &(0x7f0000004100)={0x1f, @none}, 0x8)
ioctl$F2FS_IOC_GET_PIN_FILE(r6, 0x8004f50e, &(0x7f0000004140))
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f0000004280)={&(0x7f0000004180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004240)={&(0x7f00000041c0)={0x44, 0x0, 0x724469f4053571e0, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x19c2}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8804}, 0x2004c081)

22:56:15 executing program 7:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
socketpair(0x2c, 0x3, 0x3f, &(0x7f00000040c0)={<r6=>0xffffffffffffffff})
bind$bt_sco(r6, &(0x7f0000004100)={0x1f, @none}, 0x8)
ioctl$F2FS_IOC_GET_PIN_FILE(r6, 0x8004f50e, &(0x7f0000004140))
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f0000004280)={&(0x7f0000004180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004240)={&(0x7f00000041c0)={0x44, 0x0, 0x724469f4053571e0, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x19c2}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8804}, 0x2004c081)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r7)

22:56:15 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:15 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:15 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2796.815059] kmemleak: Found object by alias at 0x607f1a639184
[ 2796.815092] CPU: 1 UID: 0 PID: 20813 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2796.815128] Tainted: [W]=WARN
[ 2796.815135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2796.815149] Call Trace:
[ 2796.815156]  <TASK>
[ 2796.815165]  dump_stack_lvl+0xca/0x120
[ 2796.815206]  __lookup_object+0x94/0xb0
[ 2796.815236]  delete_object_full+0x27/0x70
[ 2796.815266]  free_percpu+0x30/0x1160
[ 2796.815296]  ? arch_uprobe_clear_state+0x16/0x140
[ 2796.815333]  futex_hash_free+0x38/0xc0
[ 2796.815358]  mmput+0x2d3/0x390
[ 2796.815393]  copy_process+0x273d/0x73c0
[ 2796.815415]  ? __pfx___futex_wait+0x10/0x10
[ 2796.815457]  ? __pfx_copy_process+0x10/0x10
[ 2796.815480]  ? __lock_acquire+0xc65/0x1b70
[ 2796.815520]  kernel_clone+0xea/0x7f0
[ 2796.815542]  ? finish_task_switch.isra.0+0x201/0x840
[ 2796.815579]  ? __pfx_kernel_clone+0x10/0x10
[ 2796.815603]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2796.815628]  ? finish_task_switch.isra.0+0x206/0x840
[ 2796.815668]  ? do_futex+0x135/0x370
[ 2796.815695]  __do_sys_clone+0xce/0x120
[ 2796.815718]  ? __pfx___do_sys_clone+0x10/0x10
[ 2796.815741]  ? __pfx___schedule+0x10/0x10
[ 2796.815780]  ? __x64_sys_signalfd+0x11d/0x190
[ 2796.815818]  ? xfd_validate_state+0x55/0x180
[ 2796.815860]  do_syscall_64+0xbf/0x360
[ 2796.815882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2796.815904] RIP: 0033:0x7f426ab2ab19
[ 2796.815921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2796.815942] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2796.815963] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2796.815978] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2796.815992] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2796.816005] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2796.816018] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2796.816046]  </TASK>
[ 2796.816054] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2796.816066] kmemleak:   comm "syz-executor.2", pid 20823, jiffies 4297463631
[ 2796.816080] kmemleak:   min_count = 1
[ 2796.816087] kmemleak:   count = 0
[ 2796.816094] kmemleak:   flags = 0x21
[ 2796.816101] kmemleak:   checksum = 0
[ 2796.816108] kmemleak:   backtrace:
[ 2796.816114]  pcpu_alloc_noprof+0x87a/0x1170
[ 2796.816152]  percpu_ref_init+0x37/0x400
[ 2796.816185]  io_uring_setup+0x44c/0x2000
[ 2796.816206]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2796.816227]  do_syscall_64+0xbf/0x360
[ 2796.816243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2796.891447] kmemleak: Found object by alias at 0x607f1a638af4
[ 2796.891470] CPU: 1 UID: 0 PID: 20828 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2796.891501] Tainted: [W]=WARN
[ 2796.891507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2796.891519] Call Trace:
[ 2796.891525]  <TASK>
[ 2796.891532]  dump_stack_lvl+0xca/0x120
[ 2796.891566]  __lookup_object+0x94/0xb0
[ 2796.891591]  delete_object_full+0x27/0x70
[ 2796.891618]  free_percpu+0x30/0x1160
[ 2796.891643]  ? arch_uprobe_clear_state+0x16/0x140
[ 2796.891674]  futex_hash_free+0x38/0xc0
[ 2796.891696]  mmput+0x2d3/0x390
[ 2796.891726]  do_exit+0x79d/0x2970
[ 2796.891754]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2796.891779]  ? __pfx_do_exit+0x10/0x10
[ 2796.891810]  ? find_held_lock+0x2b/0x80
[ 2796.891840]  ? get_signal+0x1a05/0x2340
[ 2796.891874]  do_group_exit+0xd3/0x2a0
[ 2796.891899]  get_signal+0x2315/0x2340
[ 2796.891936]  ? __pfx_get_signal+0x10/0x10
[ 2796.891974]  arch_do_signal_or_restart+0x80/0x790
[ 2796.892002]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2796.892046]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2796.892076]  asm_exc_general_protection+0x26/0x30
[ 2796.892095] RIP: 0033:0x7f11f0c47b21
[ 2796.892109] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2796.892118] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2796.892144] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2796.892157] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2796.892169] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2796.892181] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2796.892194] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2796.892221]  </TASK>
[ 2796.892227] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2796.892238] kmemleak:   comm "syz-executor.6", pid 20815, jiffies 4297463600
[ 2796.892251] kmemleak:   min_count = 1
[ 2796.892257] kmemleak:   count = 0
[ 2796.892263] kmemleak:   flags = 0x21
[ 2796.892270] kmemleak:   checksum = 0
[ 2796.892276] kmemleak:   backtrace:
[ 2796.892281]  pcpu_alloc_noprof+0x87a/0x1170
[ 2796.892306]  percpu_ref_init+0x37/0x400
[ 2796.892335]  io_uring_setup+0x44c/0x2000
[ 2796.892353]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2796.892371]  do_syscall_64+0xbf/0x360
[ 2796.892385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:15 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), 0x0, &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:15 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:15 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:15 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:15 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:15 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/95, &(0x7f0000000080)=0x5f)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, &(0x7f00000000c0)=""/127, &(0x7f0000000140)=0x7f)
bind$bt_sco(r0, &(0x7f0000000180)={0x1f, @none}, 0x8)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xd25940e6d74d2b}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7fffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x10001)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003900)={'syztnl1\x00', &(0x7f0000003880)={'syztnl0\x00', <r3=>0x0, 0x80, 0x20, 0x10000, 0x7fe, {{0xe, 0x4, 0x1, 0xb, 0x38, 0x66, 0x0, 0x6, 0x4, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x1c, 0x5c, 0x3, 0x6, [{@loopback, 0x8}, {@multicast1, 0x6}, {@rand_addr=0x64010101, 0x734}]}, @ssrr={0x89, 0x7, 0xf9, [@broadcast]}, @end]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000003a40)={'erspan0\x00', &(0x7f0000003a00)={'gre0\x00', <r4=>0x0, 0x7, 0x10, 0x1, 0x80, {{0x7, 0x4, 0x3, 0x26, 0x1c, 0x65, 0x0, 0x81, 0x2f, 0x0, @local, @multicast1, {[@generic={0x86, 0x8, "84e31fa048bc"}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000004000)={&(0x7f0000003a80)={0x574, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x27c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_BITS={0xa0, 0x3, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71f}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_VALUE={0xd0, 0x4, "e240106a5076757c6fb3c18ad464cf5e536daf5538084635dada226e58ec200be473406e8f711422f5d22cedd207ec04abc3663d1385ec89fa823a9aeaec98fd9519808f91b1dca70d63c67c69c60e0e4103ccc6733edac53651e9d4df42eee8e1eff5e505bbd71ad862c7d382d3aac6057143b5225ed0d516db77c051293a5f8a58f7f17a76944c2700d76f7406e7cec63fdc724a94d9f82df2e489184ba422290ee32183b1b81e48246cd521343e8abd273c2d98ba4a4ed45f149b226ca3aa79f9c38b604728178c04fe48"}, @ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "6393c2d142b210a79f8752d10f468b68225adcdae2962ac91654458b388aad72c2987fe67cbf5e8a76f05866c7bfc79d3d2d99c6dc227939bba04d5569ab81da812e977ff12cf06d0cd3253d5746dec530a4df8fcd9b1207658c88ad93fcec52ae7a5bd2f543aff3823a222b7e7961be837a8a5814efe0bd29e6d97ea05626f14ea1bdd94b90172530c63bf7e02263ac147fe2709f48918e21a31df067bded7f066ef776c9f420acb92b2ea0ba938afae0fcde9f01f2d10f5562b3fb59dcfcddaabf804d3a6917e67cee7aed127a0fa80e455d4874dbf7e07df7d08c4cce5f"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x154, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x13c, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, ',*\'/\xce^\'%\xca*$&{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '/:{{*,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '(\\#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xce8}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'batadv\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x78}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '\xff\xff\xff\xff\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x574}, 0x1, 0x0, 0x0, 0x40040b2}, 0x8000)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000004080), 0x640503, 0x0)
socketpair(0x2c, 0x3, 0x3f, &(0x7f00000040c0)={<r6=>0xffffffffffffffff})
bind$bt_sco(r6, &(0x7f0000004100)={0x1f, @none}, 0x8)
ioctl$F2FS_IOC_GET_PIN_FILE(r6, 0x8004f50e, &(0x7f0000004140))
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f0000004280)={&(0x7f0000004180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004240)={&(0x7f00000041c0)={0x44, 0x0, 0x724469f4053571e0, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x19c2}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8804}, 0x2004c081)

[ 2797.248472] kmemleak: Found object by alias at 0x607f1a639184
[ 2797.248507] CPU: 0 UID: 0 PID: 20813 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2797.248543] Tainted: [W]=WARN
[ 2797.248550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2797.248562] Call Trace:
[ 2797.248569]  <TASK>
[ 2797.248577]  dump_stack_lvl+0xca/0x120
[ 2797.248620]  __lookup_object+0x94/0xb0
[ 2797.248649]  delete_object_full+0x27/0x70
[ 2797.248678]  free_percpu+0x30/0x1160
[ 2797.248706]  ? arch_uprobe_clear_state+0x16/0x140
[ 2797.248742]  futex_hash_free+0x38/0xc0
[ 2797.248766]  mmput+0x2d3/0x390
[ 2797.248807]  do_exit+0x79d/0x2970
[ 2797.248835]  ? lock_release+0xc8/0x290
[ 2797.248865]  ? __pfx_do_exit+0x10/0x10
[ 2797.248890]  ? find_held_lock+0x2b/0x80
[ 2797.248922]  ? get_signal+0x835/0x2340
[ 2797.248957]  do_group_exit+0xd3/0x2a0
[ 2797.248984]  get_signal+0x2315/0x2340
[ 2797.249025]  ? __pfx_get_signal+0x10/0x10
[ 2797.249054]  ? do_futex+0x135/0x370
[ 2797.249079]  ? __pfx_do_futex+0x10/0x10
[ 2797.249107]  arch_do_signal_or_restart+0x80/0x790
[ 2797.249137]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2797.249167]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2797.249189]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2797.249213]  ? exc_page_fault+0xb0/0x180
[ 2797.249243]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2797.249277]  exit_to_user_mode_loop+0x8b/0x110
[ 2797.249300]  do_syscall_64+0x2f7/0x360
[ 2797.249321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2797.249343] RIP: 0033:0x7f426ab2ab19
[ 2797.249359] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2797.249368] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2797.249389] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2797.249404] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2797.249417] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2797.249429] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2797.249442] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2797.249472]  </TASK>
[ 2797.249479] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2797.249491] kmemleak:   comm "syz-executor.2", pid 21125, jiffies 4297464039
[ 2797.249504] kmemleak:   min_count = 1
[ 2797.249511] kmemleak:   count = 0
[ 2797.249518] kmemleak:   flags = 0x21
[ 2797.249525] kmemleak:   checksum = 0
[ 2797.249531] kmemleak:   backtrace:
[ 2797.249537]  pcpu_alloc_noprof+0x87a/0x1170
[ 2797.249565]  percpu_ref_init+0x37/0x400
[ 2797.249596]  io_uring_setup+0x44c/0x2000
[ 2797.249616]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2797.249636]  do_syscall_64+0xbf/0x360
[ 2797.249652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:25 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:25 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), 0x0)

[ 2806.840472] kmemleak: Found object by alias at 0x607f1a638af4
[ 2806.840494] CPU: 0 UID: 0 PID: 21378 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2806.840513] Tainted: [W]=WARN
[ 2806.840517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2806.840528] Call Trace:
[ 2806.840532]  <TASK>
[ 2806.840537]  dump_stack_lvl+0xca/0x120
[ 2806.840564]  __lookup_object+0x94/0xb0
[ 2806.840584]  delete_object_full+0x27/0x70
[ 2806.840599]  free_percpu+0x30/0x1160
[ 2806.840616]  ? arch_uprobe_clear_state+0x16/0x140
[ 2806.840636]  futex_hash_free+0x38/0xc0
[ 2806.840650]  mmput+0x2d3/0x390
[ 2806.840668]  do_exit+0x79d/0x2970
[ 2806.840684]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2806.840700]  ? __pfx_do_exit+0x10/0x10
[ 2806.840713]  ? find_held_lock+0x2b/0x80
[ 2806.840731]  ? get_signal+0x1a05/0x2340
[ 2806.840750]  do_group_exit+0xd3/0x2a0
[ 2806.840765]  get_signal+0x2315/0x2340
[ 2806.840787]  ? __pfx_get_signal+0x10/0x10
[ 2806.840809]  arch_do_signal_or_restart+0x80/0x790
[ 2806.840826]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2806.840852]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2806.840871]  asm_exc_general_protection+0x26/0x30
[ 2806.840882] RIP: 0033:0x7f11f0c47b21
[ 2806.840891] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2806.840896] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2806.840906] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2806.840914] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2806.840921] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2806.840928] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2806.840935] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2806.840951]  </TASK>
[ 2806.840955] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2806.840961] kmemleak:   comm "syz-executor.5", pid 21371, jiffies 4297473670
[ 2806.840969] kmemleak:   min_count = 1
[ 2806.840973] kmemleak:   count = 0
[ 2806.840976] kmemleak:   flags = 0x21
[ 2806.840980] kmemleak:   checksum = 0
[ 2806.840983] kmemleak:   backtrace:
[ 2806.840987]  pcpu_alloc_noprof+0x87a/0x1170
[ 2806.841002]  percpu_ref_init+0x37/0x400
[ 2806.841019]  io_uring_setup+0x44c/0x2000
[ 2806.841030]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2806.841040]  do_syscall_64+0xbf/0x360
[ 2806.841050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2806.866329] kmemleak: Found object by alias at 0x607f1a639184
[ 2806.866346] CPU: 0 UID: 0 PID: 21373 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2806.866366] Tainted: [W]=WARN
[ 2806.866370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2806.866378] Call Trace:
[ 2806.866382]  <TASK>
[ 2806.866387]  dump_stack_lvl+0xca/0x120
[ 2806.866412]  __lookup_object+0x94/0xb0
[ 2806.866430]  delete_object_full+0x27/0x70
[ 2806.866447]  free_percpu+0x30/0x1160
[ 2806.866464]  ? arch_uprobe_clear_state+0x16/0x140
[ 2806.866485]  futex_hash_free+0x38/0xc0
[ 2806.866500]  mmput+0x2d3/0x390
[ 2806.866520]  copy_process+0x273d/0x73c0
[ 2806.866544]  ? __pfx_copy_process+0x10/0x10
[ 2806.866557]  ? __lock_acquire+0xc65/0x1b70
[ 2806.866574]  ? match_held_lock+0xb1/0xd0
[ 2806.866596]  kernel_clone+0xea/0x7f0
[ 2806.866610]  ? finish_task_switch.isra.0+0x201/0x840
[ 2806.866634]  ? __pfx_kernel_clone+0x10/0x10
[ 2806.866648]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2806.866662]  ? finish_task_switch.isra.0+0x206/0x840
[ 2806.866682]  ? trace_sched_exit_tp+0xbf/0x100
[ 2806.866700]  ? __schedule+0xe91/0x3590
[ 2806.866717]  __do_sys_clone+0xce/0x120
[ 2806.866730]  ? __pfx___do_sys_clone+0x10/0x10
[ 2806.866743]  ? __pfx___schedule+0x10/0x10
[ 2806.866764]  ? __x64_sys_signalfd+0x11d/0x190
[ 2806.866783]  ? xfd_validate_state+0x55/0x180
[ 2806.866807]  do_syscall_64+0xbf/0x360
[ 2806.866819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2806.866832] RIP: 0033:0x7f426ab2ab19
[ 2806.866841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2806.866854] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2806.866866] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2806.866874] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2806.866882] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2806.866891] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2806.866898] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2806.866915]  </TASK>
[ 2806.866919] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2806.866926] kmemleak:   comm "syz-executor.0", pid 21373, jiffies 4297473674
[ 2806.866934] kmemleak:   min_count = 1
[ 2806.866938] kmemleak:   count = 0
[ 2806.866942] kmemleak:   flags = 0x21
[ 2806.866946] kmemleak:   checksum = 0
[ 2806.866950] kmemleak:   backtrace:
[ 2806.866954]  pcpu_alloc_noprof+0x87a/0x1170
[ 2806.866970]  percpu_ref_init+0x37/0x400
[ 2806.866990]  io_uring_setup+0x44c/0x2000
[ 2806.867001]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2806.867013]  do_syscall_64+0xbf/0x360
[ 2806.867022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:25 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:25 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2806.967019] kmemleak: Found object by alias at 0x607f1a638af4
[ 2806.967038] CPU: 0 UID: 0 PID: 21370 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2806.967056] Tainted: [W]=WARN
[ 2806.967060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2806.967067] Call Trace:
[ 2806.967071]  <TASK>
[ 2806.967076]  dump_stack_lvl+0xca/0x120
[ 2806.967101]  __lookup_object+0x94/0xb0
[ 2806.967117]  delete_object_full+0x27/0x70
[ 2806.967133]  free_percpu+0x30/0x1160
[ 2806.967150]  ? arch_uprobe_clear_state+0x16/0x140
[ 2806.967169]  futex_hash_free+0x38/0xc0
[ 2806.967183]  mmput+0x2d3/0x390
[ 2806.967201]  do_exit+0x79d/0x2970
[ 2806.967215]  ? lock_release+0xc8/0x290
[ 2806.967232]  ? __pfx_do_exit+0x10/0x10
[ 2806.967245]  ? find_held_lock+0x2b/0x80
[ 2806.967262]  ? get_signal+0x835/0x2340
[ 2806.967282]  do_group_exit+0xd3/0x2a0
[ 2806.967297]  get_signal+0x2315/0x2340
[ 2806.967316]  ? do_vfs_ioctl+0x125/0x1470
[ 2806.967334]  ? __pfx_get_signal+0x10/0x10
[ 2806.967350]  ? do_futex+0x135/0x370
[ 2806.967364]  ? __pfx_do_futex+0x10/0x10
[ 2806.967379]  arch_do_signal_or_restart+0x80/0x790
[ 2806.967396]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2806.967412]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2806.967424]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2806.967437]  ? find_get_task_by_vpid+0x1a4/0x310
[ 2806.967451]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2806.967465]  ? syscall_user_dispatch+0x78/0x140
[ 2806.967482]  exit_to_user_mode_loop+0x8b/0x110
[ 2806.967493]  do_syscall_64+0x2f7/0x360
[ 2806.967505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2806.967518] RIP: 0033:0x7f11f0c47b19
[ 2806.967526] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2806.967532] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2806.967543] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2806.967551] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2806.967558] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2806.967565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2806.967572] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2806.967588]  </TASK>
[ 2806.967591] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2806.967598] kmemleak:   comm "syz-executor.5", pid 21488, jiffies 4297473865
[ 2806.967605] kmemleak:   min_count = 1
[ 2806.967609] kmemleak:   count = 0
[ 2806.967612] kmemleak:   flags = 0x21
[ 2806.967616] kmemleak:   checksum = 0
[ 2806.967620] kmemleak:   backtrace:
[ 2806.967623]  pcpu_alloc_noprof+0x87a/0x1170
[ 2806.967638]  percpu_ref_init+0x37/0x400
[ 2806.967655]  io_uring_setup+0x44c/0x2000
[ 2806.967671]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2806.967682]  do_syscall_64+0xbf/0x360
[ 2806.967690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:25 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:25 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), 0x0)

22:56:25 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:25 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

[ 2807.178079] kmemleak: Found object by alias at 0x607f1a638af4
[ 2807.178099] CPU: 0 UID: 0 PID: 21551 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2807.178118] Tainted: [W]=WARN
[ 2807.178122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2807.178129] Call Trace:
[ 2807.178133]  <TASK>
[ 2807.178138]  dump_stack_lvl+0xca/0x120
[ 2807.178163]  __lookup_object+0x94/0xb0
[ 2807.178180]  delete_object_full+0x27/0x70
[ 2807.178198]  free_percpu+0x30/0x1160
[ 2807.178217]  ? arch_uprobe_clear_state+0x16/0x140
[ 2807.178237]  futex_hash_free+0x38/0xc0
[ 2807.178252]  mmput+0x2d3/0x390
[ 2807.178270]  do_exit+0x79d/0x2970
[ 2807.178283]  ? signal_wake_up_state+0x85/0x120
[ 2807.178299]  ? zap_other_threads+0x2b9/0x3a0
[ 2807.178315]  ? __pfx_do_exit+0x10/0x10
[ 2807.178327]  ? do_group_exit+0x1c3/0x2a0
[ 2807.178340]  ? lock_release+0xc8/0x290
[ 2807.178357]  do_group_exit+0xd3/0x2a0
[ 2807.178372]  __x64_sys_exit_group+0x3e/0x50
[ 2807.178386]  x64_sys_call+0x18c5/0x18d0
[ 2807.178401]  do_syscall_64+0xbf/0x360
[ 2807.178413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2807.178425] RIP: 0033:0x7f11f0c47b19
[ 2807.178433] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2807.178440] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2807.178456] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2807.178463] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2807.178470] RBP: 0000000000000000 R08: 0000001b2d22413c R09: 0000000000000000
[ 2807.178477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2807.178484] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2807.178500]  </TASK>
[ 2807.178503] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2807.178510] kmemleak:   comm "syz-executor.3", pid 21602, jiffies 4297474003
[ 2807.178517] kmemleak:   min_count = 1
[ 2807.178521] kmemleak:   count = 0
[ 2807.178525] kmemleak:   flags = 0x21
[ 2807.178529] kmemleak:   checksum = 0
[ 2807.178533] kmemleak:   backtrace:
[ 2807.178537]  pcpu_alloc_noprof+0x87a/0x1170
[ 2807.178551]  percpu_ref_init+0x37/0x400
[ 2807.178569]  io_uring_setup+0x44c/0x2000
[ 2807.178580]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2807.178591]  do_syscall_64+0xbf/0x360
[ 2807.178599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:25 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

[ 2807.232423] kmemleak: Found object by alias at 0x607f1a639184
22:56:25 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

[ 2807.232442] CPU: 0 UID: 0 PID: 21616 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2807.232463] Tainted: [W]=WARN
[ 2807.232466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2807.232474] Call Trace:
[ 2807.232479]  <TASK>
[ 2807.232483]  dump_stack_lvl+0xca/0x120
[ 2807.232510]  __lookup_object+0x94/0xb0
[ 2807.232527]  delete_object_full+0x27/0x70
[ 2807.232544]  free_percpu+0x30/0x1160
[ 2807.232563]  ? arch_uprobe_clear_state+0x16/0x140
[ 2807.232584]  futex_hash_free+0x38/0xc0
[ 2807.232599]  mmput+0x2d3/0x390
[ 2807.232619]  copy_process+0x273d/0x73c0
[ 2807.232640]  ? __pfx_copy_process+0x10/0x10
[ 2807.232652]  ? __lock_acquire+0xc65/0x1b70
[ 2807.232670]  ? match_held_lock+0xb1/0xd0
[ 2807.232692]  kernel_clone+0xea/0x7f0
[ 2807.232704]  ? finish_task_switch.isra.0+0x201/0x840
[ 2807.232729]  ? __pfx_kernel_clone+0x10/0x10
[ 2807.232743]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2807.232757]  ? finish_task_switch.isra.0+0x206/0x840
[ 2807.232778]  ? trace_sched_exit_tp+0xbf/0x100
[ 2807.232796]  ? __schedule+0xe91/0x3590
[ 2807.232813]  __do_sys_clone+0xce/0x120
[ 2807.232826]  ? __pfx___do_sys_clone+0x10/0x10
[ 2807.232839]  ? __pfx___schedule+0x10/0x10
[ 2807.232861]  ? __x64_sys_signalfd+0x11d/0x190
[ 2807.232879]  ? xfd_validate_state+0x55/0x180
[ 2807.232903]  do_syscall_64+0xbf/0x360
[ 2807.232916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2807.232929] RIP: 0033:0x7f426ab2ab19
[ 2807.232938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2807.232951] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2807.232964] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2807.232972] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2807.232980] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2807.232988] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2807.232995] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2807.233011]  </TASK>
[ 2807.233016] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2807.233023] kmemleak:   comm "syz-executor.2", pid 21610, jiffies 4297474010
[ 2807.233030] kmemleak:   min_count = 1
[ 2807.233034] kmemleak:   count = 0
[ 2807.233038] kmemleak:   flags = 0x21
[ 2807.233042] kmemleak:   checksum = 0
[ 2807.233047] kmemleak:   backtrace:
[ 2807.233050]  pcpu_alloc_noprof+0x87a/0x1170
[ 2807.233066]  percpu_ref_init+0x37/0x400
[ 2807.233085]  io_uring_setup+0x44c/0x2000
[ 2807.233098]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2807.233110]  do_syscall_64+0xbf/0x360
[ 2807.233119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2807.241546] kmemleak: Found object by alias at 0x607f1a638af4
[ 2807.241569] CPU: 1 UID: 0 PID: 21595 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2807.241604] Tainted: [W]=WARN
[ 2807.241611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2807.241624] Call Trace:
[ 2807.241630]  <TASK>
[ 2807.241639]  dump_stack_lvl+0xca/0x120
[ 2807.241674]  __lookup_object+0x94/0xb0
[ 2807.241702]  delete_object_full+0x27/0x70
[ 2807.241733]  free_percpu+0x30/0x1160
[ 2807.241762]  ? arch_uprobe_clear_state+0x16/0x140
[ 2807.241805]  futex_hash_free+0x38/0xc0
[ 2807.241829]  mmput+0x2d3/0x390
[ 2807.241864]  do_exit+0x79d/0x2970
[ 2807.241895]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2807.241924]  ? __pfx_do_exit+0x10/0x10
[ 2807.241960]  do_group_exit+0xd3/0x2a0
[ 2807.241989]  get_signal+0x2315/0x2340
[ 2807.242035]  ? __pfx_get_signal+0x10/0x10
[ 2807.242079]  arch_do_signal_or_restart+0x80/0x790
[ 2807.242112]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2807.242164]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2807.242199]  asm_exc_general_protection+0x26/0x30
[ 2807.242220] RIP: 0033:0x7f11f0c47b21
[ 2807.242237] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2807.242247] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2807.242265] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2807.242280] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2807.242294] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2807.242308] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2807.242322] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2807.242354]  </TASK>
[ 2807.242361] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2807.242374] kmemleak:   comm "syz-executor.3", pid 21602, jiffies 4297474003
[ 2807.242388] kmemleak:   min_count = 1
[ 2807.242396] kmemleak:   count = 0
[ 2807.242403] kmemleak:   flags = 0x21
[ 2807.242411] kmemleak:   checksum = 0
[ 2807.242418] kmemleak:   backtrace:
[ 2807.242424]  pcpu_alloc_noprof+0x87a/0x1170
[ 2807.242453]  percpu_ref_init+0x37/0x400
[ 2807.242484]  io_uring_setup+0x44c/0x2000
[ 2807.242504]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2807.242525]  do_syscall_64+0xbf/0x360
[ 2807.242542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:35 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:35 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:35 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), 0x0)

22:56:35 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:56:35 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:35 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:35 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:35 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

[ 2817.688354] kmemleak: Found object by alias at 0x607f1a638af4
[ 2817.688384] CPU: 0 UID: 0 PID: 21943 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2817.688414] Tainted: [W]=WARN
[ 2817.688419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2817.688430] Call Trace:
[ 2817.688436]  <TASK>
[ 2817.688443]  dump_stack_lvl+0xca/0x120
[ 2817.688478]  __lookup_object+0x94/0xb0
[ 2817.688504]  delete_object_full+0x27/0x70
[ 2817.688529]  free_percpu+0x30/0x1160
[ 2817.688554]  ? arch_uprobe_clear_state+0x16/0x140
[ 2817.688584]  futex_hash_free+0x38/0xc0
[ 2817.688605]  mmput+0x2d3/0x390
[ 2817.688634]  do_exit+0x79d/0x2970
[ 2817.688659]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2817.688684]  ? __pfx_do_exit+0x10/0x10
[ 2817.688706]  ? find_held_lock+0x2b/0x80
[ 2817.688733]  ? get_signal+0x1a05/0x2340
[ 2817.688764]  do_group_exit+0xd3/0x2a0
[ 2817.688787]  get_signal+0x2315/0x2340
[ 2817.688829]  ? __pfx_get_signal+0x10/0x10
[ 2817.688864]  arch_do_signal_or_restart+0x80/0x790
[ 2817.688890]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2817.688931]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2817.688960]  asm_exc_general_protection+0x26/0x30
[ 2817.688978] RIP: 0033:0x7f11f0c47b21
[ 2817.688992] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2817.689000] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2817.689016] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2817.689028] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2817.689039] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2817.689052] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2817.689064] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2817.689092]  </TASK>
[ 2817.689098] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2817.689109] kmemleak:   comm "syz-executor.6", pid 21933, jiffies 4297484412
[ 2817.689120] kmemleak:   min_count = 1
[ 2817.689126] kmemleak:   count = 0
[ 2817.689132] kmemleak:   flags = 0x21
[ 2817.689138] kmemleak:   checksum = 0
[ 2817.689144] kmemleak:   backtrace:
[ 2817.689149]  pcpu_alloc_noprof+0x87a/0x1170
[ 2817.689173]  percpu_ref_init+0x37/0x400
[ 2817.689200]  io_uring_setup+0x44c/0x2000
[ 2817.689217]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2817.689234]  do_syscall_64+0xbf/0x360
[ 2817.689248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:36 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

22:56:36 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd81", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2817.778280] kmemleak: Found object by alias at 0x607f1a638af4
[ 2817.778303] CPU: 0 UID: 0 PID: 21933 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2817.778330] Tainted: [W]=WARN
[ 2817.778336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2817.778346] Call Trace:
[ 2817.778352]  <TASK>
[ 2817.778359]  dump_stack_lvl+0xca/0x120
[ 2817.778393]  __lookup_object+0x94/0xb0
[ 2817.778416]  delete_object_full+0x27/0x70
[ 2817.778440]  free_percpu+0x30/0x1160
[ 2817.778464]  ? arch_uprobe_clear_state+0x16/0x140
[ 2817.778493]  futex_hash_free+0x38/0xc0
[ 2817.778513]  mmput+0x2d3/0x390
[ 2817.778540]  do_exit+0x79d/0x2970
[ 2817.778560]  ? lock_release+0xc8/0x290
[ 2817.778584]  ? __pfx_do_exit+0x10/0x10
[ 2817.778604]  ? find_held_lock+0x2b/0x80
[ 2817.778630]  ? get_signal+0x835/0x2340
[ 2817.778659]  do_group_exit+0xd3/0x2a0
[ 2817.778681]  get_signal+0x2315/0x2340
[ 2817.778714]  ? __pfx_get_signal+0x10/0x10
[ 2817.778738]  ? do_futex+0x135/0x370
[ 2817.778758]  ? __pfx_do_futex+0x10/0x10
[ 2817.778781]  arch_do_signal_or_restart+0x80/0x790
[ 2817.778813]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2817.778836]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2817.778855]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2817.778877]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2817.778897]  ? syscall_user_dispatch+0x78/0x140
[ 2817.778922]  exit_to_user_mode_loop+0x8b/0x110
[ 2817.778940]  do_syscall_64+0x2f7/0x360
[ 2817.778958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2817.778975] RIP: 0033:0x7f11f0c47b19
[ 2817.778988] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2817.778996] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2817.779013] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2817.779024] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2817.779035] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2817.779045] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2817.779056] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2817.779080]  </TASK>
[ 2817.779085] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2817.779095] kmemleak:   comm "syz-executor.6", pid 21933, jiffies 4297484412
[ 2817.779106] kmemleak:   min_count = 1
[ 2817.779112] kmemleak:   count = 0
[ 2817.779117] kmemleak:   flags = 0x21
[ 2817.779123] kmemleak:   checksum = 0
[ 2817.779129] kmemleak:   backtrace:
[ 2817.779134]  pcpu_alloc_noprof+0x87a/0x1170
[ 2817.779156]  percpu_ref_init+0x37/0x400
[ 2817.779180]  io_uring_setup+0x44c/0x2000
[ 2817.779197]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2817.779213]  do_syscall_64+0xbf/0x360
[ 2817.779226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:36 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240))

22:56:36 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:36 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:36 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:36 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:36 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:56:36 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

[ 2818.180655] kmemleak: Found object by alias at 0x607f1a639184
[ 2818.180678] CPU: 0 UID: 0 PID: 22260 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2818.180698] Tainted: [W]=WARN
[ 2818.180702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.180711] Call Trace:
[ 2818.180715]  <TASK>
[ 2818.180721]  dump_stack_lvl+0xca/0x120
[ 2818.180748]  __lookup_object+0x94/0xb0
[ 2818.180766]  delete_object_full+0x27/0x70
[ 2818.180784]  free_percpu+0x30/0x1160
[ 2818.180806]  ? arch_uprobe_clear_state+0x16/0x140
[ 2818.180829]  futex_hash_free+0x38/0xc0
[ 2818.180844]  mmput+0x2d3/0x390
[ 2818.180865]  do_exit+0x79d/0x2970
[ 2818.180879]  ? lock_release+0xc8/0x290
[ 2818.180898]  ? __pfx_do_exit+0x10/0x10
[ 2818.180913]  ? find_held_lock+0x2b/0x80
[ 2818.180931]  ? get_signal+0x835/0x2340
[ 2818.180953]  do_group_exit+0xd3/0x2a0
[ 2818.180969]  get_signal+0x2315/0x2340
[ 2818.180994]  ? __pfx_get_signal+0x10/0x10
[ 2818.181011]  ? do_futex+0x135/0x370
[ 2818.181026]  ? __pfx_do_futex+0x10/0x10
[ 2818.181043]  arch_do_signal_or_restart+0x80/0x790
[ 2818.181062]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2818.181080]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2818.181093]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2818.181108]  ? exc_page_fault+0xb0/0x180
[ 2818.181126]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2818.181146]  exit_to_user_mode_loop+0x8b/0x110
[ 2818.181160]  do_syscall_64+0x2f7/0x360
[ 2818.181173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2818.181187] RIP: 0033:0x7f426ab2ab19
[ 2818.181197] Code: Unable to access opcode bytes at 0x7f426ab2aaef.
[ 2818.181202] RSP: 002b:00007f42680a0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2818.181215] RAX: fffffffffffffe00 RBX: 00007f426ac3df68 RCX: 00007f426ab2ab19
[ 2818.181224] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f426ac3df68
[ 2818.181232] RBP: 00007f426ac3df60 R08: 0000000000000000 R09: 0000000000000000
[ 2818.181239] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f426ac3df6c
[ 2818.181247] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2818.181265]  </TASK>
[ 2818.181269] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2818.181276] kmemleak:   comm "syz-executor.1", pid 22332, jiffies 4297484999
[ 2818.181284] kmemleak:   min_count = 1
[ 2818.181288] kmemleak:   count = 0
[ 2818.181292] kmemleak:   flags = 0x21
[ 2818.181296] kmemleak:   checksum = 0
[ 2818.181300] kmemleak:   backtrace:
[ 2818.181304]  pcpu_alloc_noprof+0x87a/0x1170
[ 2818.181321]  percpu_ref_init+0x37/0x400
[ 2818.181340]  io_uring_setup+0x44c/0x2000
[ 2818.181352]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2818.181364]  do_syscall_64+0xbf/0x360
[ 2818.181373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:45 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:45 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

22:56:45 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:45 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:45 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:45 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:56:45 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:56:45 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240))

[ 2827.807073] kmemleak: Found object by alias at 0x607f1a638af4
[ 2827.807096] CPU: 0 UID: 0 PID: 22604 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2827.807116] Tainted: [W]=WARN
[ 2827.807120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2827.807128] Call Trace:
[ 2827.807132]  <TASK>
[ 2827.807137]  dump_stack_lvl+0xca/0x120
[ 2827.807163]  __lookup_object+0x94/0xb0
[ 2827.807182]  delete_object_full+0x27/0x70
[ 2827.807199]  free_percpu+0x30/0x1160
[ 2827.807216]  ? arch_uprobe_clear_state+0x16/0x140
[ 2827.807237]  futex_hash_free+0x38/0xc0
[ 2827.807252]  mmput+0x2d3/0x390
[ 2827.807271]  do_exit+0x79d/0x2970
[ 2827.807289]  ? proc_coredump_connector+0x2bf/0x4e0
22:56:46 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2827.807305]  ? __pfx_do_exit+0x10/0x10
[ 2827.807320]  ? find_held_lock+0x2b/0x80
[ 2827.807339]  ? get_signal+0x1a05/0x2340
[ 2827.807360]  do_group_exit+0xd3/0x2a0
[ 2827.807375]  get_signal+0x2315/0x2340
[ 2827.807399]  ? __pfx_get_signal+0x10/0x10
[ 2827.807423]  arch_do_signal_or_restart+0x80/0x790
[ 2827.807441]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2827.807469]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2827.807489]  asm_exc_general_protection+0x26/0x30
[ 2827.807502] RIP: 0033:0x7f11f0c47b21
[ 2827.807511] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2827.807517] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2827.807528] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2827.807536] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2827.807543] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2827.807551] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2827.807558] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2827.807575]  </TASK>
[ 2827.807579] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2827.807587] kmemleak:   comm "syz-executor.0", pid 22587, jiffies 4297494547
[ 2827.807594] kmemleak:   min_count = 1
[ 2827.807598] kmemleak:   count = 0
[ 2827.807602] kmemleak:   flags = 0x21
[ 2827.807606] kmemleak:   checksum = 0
[ 2827.807610] kmemleak:   backtrace:
[ 2827.807614]  pcpu_alloc_noprof+0x87a/0x1170
[ 2827.807630]  percpu_ref_init+0x37/0x400
[ 2827.807651]  io_uring_setup+0x44c/0x2000
[ 2827.807663]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2827.807675]  do_syscall_64+0xbf/0x360
[ 2827.807684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:46 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240))

22:56:46 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:56:46 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

22:56:46 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:46 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:56:46 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:56:46 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:46 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:46 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})

22:56:46 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:56:46 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

[ 2828.255087] kmemleak: Found object by alias at 0x607f1a638af4
[ 2828.255107] CPU: 0 UID: 0 PID: 22955 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2828.255126] Tainted: [W]=WARN
[ 2828.255129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2828.255137] Call Trace:
[ 2828.255141]  <TASK>
[ 2828.255146]  dump_stack_lvl+0xca/0x120
[ 2828.255169]  __lookup_object+0x94/0xb0
[ 2828.255186]  delete_object_full+0x27/0x70
[ 2828.255202]  free_percpu+0x30/0x1160
[ 2828.255218]  ? arch_uprobe_clear_state+0x16/0x140
[ 2828.255238]  futex_hash_free+0x38/0xc0
[ 2828.255252]  mmput+0x2d3/0x390
[ 2828.255271]  do_exit+0x79d/0x2970
[ 2828.255287]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2828.255303]  ? __pfx_do_exit+0x10/0x10
[ 2828.255316]  ? find_held_lock+0x2b/0x80
[ 2828.255334]  ? get_signal+0x1a05/0x2340
[ 2828.255354]  do_group_exit+0xd3/0x2a0
[ 2828.255368]  get_signal+0x2315/0x2340
[ 2828.255391]  ? __pfx_get_signal+0x10/0x10
[ 2828.255413]  arch_do_signal_or_restart+0x80/0x790
[ 2828.255430]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2828.255456]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2828.255475]  asm_exc_general_protection+0x26/0x30
[ 2828.255487] RIP: 0033:0x7f11f0c47b21
[ 2828.255496] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2828.255501] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2828.255512] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2828.255520] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2828.255527] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2828.255534] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2828.255541] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2828.255557]  </TASK>
[ 2828.255560] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2828.255567] kmemleak:   comm "syz-executor.2", pid 22939, jiffies 4297495076
[ 2828.255574] kmemleak:   min_count = 1
[ 2828.255578] kmemleak:   count = 0
[ 2828.255582] kmemleak:   flags = 0x21
[ 2828.255586] kmemleak:   checksum = 0
[ 2828.255590] kmemleak:   backtrace:
[ 2828.255593]  pcpu_alloc_noprof+0x87a/0x1170
[ 2828.255608]  percpu_ref_init+0x37/0x400
[ 2828.255625]  io_uring_setup+0x44c/0x2000
[ 2828.255637]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2828.255648]  do_syscall_64+0xbf/0x360
[ 2828.255657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2828.335683] kmemleak: Found object by alias at 0x607f1a638af4
[ 2828.335699] CPU: 0 UID: 0 PID: 22942 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2828.335717] Tainted: [W]=WARN
[ 2828.335721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2828.335728] Call Trace:
[ 2828.335732]  <TASK>
[ 2828.335736]  dump_stack_lvl+0xca/0x120
[ 2828.335760]  __lookup_object+0x94/0xb0
[ 2828.335776]  delete_object_full+0x27/0x70
[ 2828.335795]  free_percpu+0x30/0x1160
[ 2828.335811]  ? arch_uprobe_clear_state+0x16/0x140
[ 2828.335830]  futex_hash_free+0x38/0xc0
[ 2828.335844]  mmput+0x2d3/0x390
[ 2828.335862]  do_exit+0x79d/0x2970
[ 2828.335876]  ? lock_release+0xc8/0x290
[ 2828.335893]  ? __pfx_do_exit+0x10/0x10
[ 2828.335907]  ? find_held_lock+0x2b/0x80
[ 2828.335924]  ? get_signal+0x835/0x2340
[ 2828.335943]  do_group_exit+0xd3/0x2a0
[ 2828.335958]  get_signal+0x2315/0x2340
[ 2828.335977]  ? __call_rcu_common.constprop.0+0x4c1/0x960
[ 2828.335994]  ? __pfx_get_signal+0x10/0x10
[ 2828.336010]  ? do_futex+0x135/0x370
[ 2828.336024]  ? __pfx_do_futex+0x10/0x10
[ 2828.336039]  arch_do_signal_or_restart+0x80/0x790
[ 2828.336056]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2828.336072]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2828.336084]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2828.336100]  ? find_get_task_by_vpid+0x1a4/0x310
[ 2828.336116]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2828.336130]  ? syscall_user_dispatch+0x78/0x140
[ 2828.336146]  exit_to_user_mode_loop+0x8b/0x110
[ 2828.336159]  do_syscall_64+0x2f7/0x360
[ 2828.336171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2828.336183] RIP: 0033:0x7f11f0c47b19
[ 2828.336192] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2828.336197] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2828.336209] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2828.336217] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2828.336224] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2828.336231] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2828.336238] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2828.336254]  </TASK>
[ 2828.336258] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2828.336265] kmemleak:   comm "syz-executor.2", pid 22939, jiffies 4297495076
[ 2828.336272] kmemleak:   min_count = 1
[ 2828.336276] kmemleak:   count = 0
[ 2828.336280] kmemleak:   flags = 0x21
[ 2828.336283] kmemleak:   checksum = 0
[ 2828.336287] kmemleak:   backtrace:
[ 2828.336290]  pcpu_alloc_noprof+0x87a/0x1170
[ 2828.336305]  percpu_ref_init+0x37/0x400
[ 2828.336323]  io_uring_setup+0x44c/0x2000
[ 2828.336334]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2828.336344]  do_syscall_64+0xbf/0x360
[ 2828.336353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:57 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:56:57 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000840))

22:56:57 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:56:57 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:56:57 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:56:57 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:56:57 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)

22:56:57 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

[ 2839.434121] kmemleak: Found object by alias at 0x607f1a639184
[ 2839.434157] CPU: 1 UID: 0 PID: 23055 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2839.434196] Tainted: [W]=WARN
[ 2839.434204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2839.434219] Call Trace:
[ 2839.434227]  <TASK>
[ 2839.434237]  dump_stack_lvl+0xca/0x120
[ 2839.434283]  __lookup_object+0x94/0xb0
[ 2839.434323]  delete_object_full+0x27/0x70
[ 2839.434357]  free_percpu+0x30/0x1160
[ 2839.434390]  ? arch_uprobe_clear_state+0x16/0x140
[ 2839.434431]  futex_hash_free+0x38/0xc0
[ 2839.434459]  mmput+0x2d3/0x390
[ 2839.434497]  copy_process+0x273d/0x73c0
[ 2839.434538]  ? __pfx_copy_process+0x10/0x10
[ 2839.434563]  ? __lock_acquire+0xc65/0x1b70
[ 2839.434596]  ? lock_is_held_type+0x9e/0x120
[ 2839.434639]  kernel_clone+0xea/0x7f0
[ 2839.434663]  ? finish_task_switch.isra.0+0x201/0x840
[ 2839.434704]  ? __pfx_kernel_clone+0x10/0x10
[ 2839.434732]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2839.434758]  ? finish_task_switch.isra.0+0x206/0x840
[ 2839.434801]  ? trace_sched_exit_tp+0xbf/0x100
[ 2839.434836]  ? __schedule+0xe91/0x3590
[ 2839.434870]  __do_sys_clone+0xce/0x120
[ 2839.434895]  ? __pfx___do_sys_clone+0x10/0x10
[ 2839.434921]  ? __pfx___schedule+0x10/0x10
[ 2839.434964]  ? __x64_sys_signalfd+0x11d/0x190
[ 2839.435000]  ? xfd_validate_state+0x55/0x180
[ 2839.435047]  do_syscall_64+0xbf/0x360
[ 2839.435071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2839.435095] RIP: 0033:0x7f426ab2ab19
[ 2839.435114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2839.435139] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2839.435163] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2839.435180] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2839.435195] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2839.435210] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2839.435225] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2839.435258]  </TASK>
[ 2839.435266] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2839.435280] kmemleak:   comm "syz-executor.6", pid 23064, jiffies 4297506223
[ 2839.435296] kmemleak:   min_count = 1
[ 2839.435304] kmemleak:   count = 0
[ 2839.435312] kmemleak:   flags = 0x21
[ 2839.435319] kmemleak:   checksum = 0
[ 2839.435327] kmemleak:   backtrace:
[ 2839.435334]  pcpu_alloc_noprof+0x87a/0x1170
[ 2839.435366]  percpu_ref_init+0x37/0x400
[ 2839.435402]  io_uring_setup+0x44c/0x2000
[ 2839.435425]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2839.435448]  do_syscall_64+0xbf/0x360
[ 2839.435467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2839.473334] kmemleak: Found object by alias at 0x607f1a638af4
[ 2839.473367] CPU: 0 UID: 0 PID: 23079 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2839.473400] Tainted: [W]=WARN
[ 2839.473407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2839.473420] Call Trace:
[ 2839.473427]  <TASK>
[ 2839.473435]  dump_stack_lvl+0xca/0x120
[ 2839.473484]  __lookup_object+0x94/0xb0
[ 2839.473513]  delete_object_full+0x27/0x70
[ 2839.473541]  free_percpu+0x30/0x1160
[ 2839.473568]  ? arch_uprobe_clear_state+0x16/0x140
[ 2839.473603]  futex_hash_free+0x38/0xc0
[ 2839.473628]  mmput+0x2d3/0x390
[ 2839.473660]  do_exit+0x79d/0x2970
[ 2839.473687]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2839.473714]  ? __pfx_do_exit+0x10/0x10
[ 2839.473738]  ? find_held_lock+0x2b/0x80
[ 2839.473769]  ? get_signal+0x1a05/0x2340
[ 2839.473803]  do_group_exit+0xd3/0x2a0
[ 2839.473829]  get_signal+0x2315/0x2340
[ 2839.473868]  ? __pfx_get_signal+0x10/0x10
[ 2839.473906]  arch_do_signal_or_restart+0x80/0x790
[ 2839.473937]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2839.473983]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2839.474015]  asm_exc_general_protection+0x26/0x30
[ 2839.474036] RIP: 0033:0x7f11f0c47b21
[ 2839.474052] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2839.474061] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2839.474079] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2839.474094] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2839.474107] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2839.474120] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2839.474132] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2839.474159]  </TASK>
[ 2839.474166] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2839.474178] kmemleak:   comm "syz-executor.1", pid 23056, jiffies 4297506194
[ 2839.474190] kmemleak:   min_count = 1
[ 2839.474197] kmemleak:   count = 0
[ 2839.474203] kmemleak:   flags = 0x21
[ 2839.474210] kmemleak:   checksum = 0
[ 2839.474216] kmemleak:   backtrace:
[ 2839.474222]  pcpu_alloc_noprof+0x87a/0x1170
[ 2839.474248]  percpu_ref_init+0x37/0x400
[ 2839.474279]  io_uring_setup+0x44c/0x2000
[ 2839.474298]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2839.474317]  do_syscall_64+0xbf/0x360
[ 2839.474333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2839.498268] kmemleak: Found object by alias at 0x607f1a638af4
[ 2839.498297] CPU: 0 UID: 0 PID: 23064 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2839.498327] Tainted: [W]=WARN
[ 2839.498333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2839.498345] Call Trace:
[ 2839.498351]  <TASK>
[ 2839.498359]  dump_stack_lvl+0xca/0x120
[ 2839.498394]  __lookup_object+0x94/0xb0
[ 2839.498420]  delete_object_full+0x27/0x70
[ 2839.498447]  free_percpu+0x30/0x1160
[ 2839.498473]  ? arch_uprobe_clear_state+0x16/0x140
[ 2839.498506]  futex_hash_free+0x38/0xc0
[ 2839.498528]  mmput+0x2d3/0x390
[ 2839.498560]  do_exit+0x79d/0x2970
[ 2839.498582]  ? lock_release+0xc8/0x290
[ 2839.498610]  ? __pfx_do_exit+0x10/0x10
[ 2839.498635]  ? find_held_lock+0x2b/0x80
[ 2839.498663]  ? get_signal+0x835/0x2340
[ 2839.498696]  do_group_exit+0xd3/0x2a0
[ 2839.498722]  get_signal+0x2315/0x2340
[ 2839.498756]  ? __call_rcu_common.constprop.0+0x4c1/0x960
[ 2839.498784]  ? __pfx_get_signal+0x10/0x10
[ 2839.498812]  ? do_futex+0x135/0x370
[ 2839.498836]  ? __pfx_do_futex+0x10/0x10
[ 2839.498862]  arch_do_signal_or_restart+0x80/0x790
[ 2839.498891]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2839.498919]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2839.498940]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2839.498964]  ? find_get_task_by_vpid+0x1a4/0x310
[ 2839.498987]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2839.499011]  ? syscall_user_dispatch+0x78/0x140
[ 2839.499039]  exit_to_user_mode_loop+0x8b/0x110
[ 2839.499060]  do_syscall_64+0x2f7/0x360
[ 2839.499080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2839.499100] RIP: 0033:0x7f11f0c47b19
[ 2839.499114] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2839.499123] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2839.499142] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2839.499156] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2839.499169] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2839.499181] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2839.499193] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2839.499221]  </TASK>
[ 2839.499227] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2839.499239] kmemleak:   comm "syz-executor.1", pid 23056, jiffies 4297506194
[ 2839.499251] kmemleak:   min_count = 1
[ 2839.499258] kmemleak:   count = 0
[ 2839.499264] kmemleak:   flags = 0x21
[ 2839.499270] kmemleak:   checksum = 0
[ 2839.499277] kmemleak:   backtrace:
[ 2839.499282]  pcpu_alloc_noprof+0x87a/0x1170
[ 2839.499308]  percpu_ref_init+0x37/0x400
[ 2839.499336]  io_uring_setup+0x44c/0x2000
[ 2839.499354]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2839.499373]  do_syscall_64+0xbf/0x360
[ 2839.499388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:56:57 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
ptrace$peekuser(0x3, r1, 0x1)

22:56:57 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

[ 2839.834837] kmemleak: Found object by alias at 0x607f1a638af4
[ 2839.834863] CPU: 0 UID: 0 PID: 23373 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2839.834891] Tainted: [W]=WARN
[ 2839.834898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2839.834909] Call Trace:
[ 2839.834915]  <TASK>
[ 2839.834922]  dump_stack_lvl+0xca/0x120
[ 2839.834960]  __lookup_object+0x94/0xb0
[ 2839.834985]  delete_object_full+0x27/0x70
[ 2839.835010]  free_percpu+0x30/0x1160
[ 2839.835034]  ? arch_uprobe_clear_state+0x16/0x140
[ 2839.835063]  futex_hash_free+0x38/0xc0
[ 2839.835085]  mmput+0x2d3/0x390
[ 2839.835113]  do_exit+0x79d/0x2970
[ 2839.835133]  ? lock_release+0xc8/0x290
[ 2839.835158]  ? __pfx_do_exit+0x10/0x10
[ 2839.835180]  ? find_held_lock+0x2b/0x80
[ 2839.835206]  ? get_signal+0x835/0x2340
[ 2839.835236]  do_group_exit+0xd3/0x2a0
[ 2839.835259]  get_signal+0x2315/0x2340
[ 2839.835293]  ? __pfx_get_signal+0x10/0x10
[ 2839.835323]  ? do_futex+0x135/0x370
[ 2839.835345]  ? __pfx_do_futex+0x10/0x10
[ 2839.835368]  arch_do_signal_or_restart+0x80/0x790
[ 2839.835394]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2839.835419]  ? __x64_sys_futex+0x1c9/0x4d0
[ 2839.835438]  ? __x64_sys_futex+0x1d2/0x4d0
[ 2839.835459]  ? find_get_task_by_vpid+0x1a4/0x310
[ 2839.835480]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2839.835502]  ? syscall_user_dispatch+0x78/0x140
[ 2839.835526]  exit_to_user_mode_loop+0x8b/0x110
[ 2839.835545]  do_syscall_64+0x2f7/0x360
[ 2839.835563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2839.835582] RIP: 0033:0x7f11f0c47b19
[ 2839.835595] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2839.835603] RSP: 002b:00007f11ee1bd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 2839.835621] RAX: fffffffffffffe00 RBX: 00007f11f0d5af68 RCX: 00007f11f0c47b19
[ 2839.835632] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f11f0d5af68
[ 2839.835643] RBP: 00007f11f0d5af60 R08: 0000000000000000 R09: 0000000000000000
[ 2839.835654] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f0d5af6c
[ 2839.835665] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2839.835690]  </TASK>
[ 2839.835696] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2839.835706] kmemleak:   comm "syz-executor.6", pid 23373, jiffies 4297506652
[ 2839.835717] kmemleak:   min_count = 1
[ 2839.835723] kmemleak:   count = 0
[ 2839.835729] kmemleak:   flags = 0x21
[ 2839.835735] kmemleak:   checksum = 0
[ 2839.835741] kmemleak:   backtrace:
[ 2839.835747]  pcpu_alloc_noprof+0x87a/0x1170
[ 2839.835769]  percpu_ref_init+0x37/0x400
[ 2839.835796]  io_uring_setup+0x44c/0x2000
[ 2839.835813]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2839.835830]  do_syscall_64+0xbf/0x360
[ 2839.835843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2839.847856] kmemleak: Found object by alias at 0x607f1a638af4
[ 2839.847888] CPU: 1 UID: 0 PID: 23383 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2839.847923] Tainted: [W]=WARN
[ 2839.847930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2839.847944] Call Trace:
[ 2839.847951]  <TASK>
[ 2839.847960]  dump_stack_lvl+0xca/0x120
[ 2839.848003]  __lookup_object+0x94/0xb0
[ 2839.848034]  delete_object_full+0x27/0x70
[ 2839.848065]  free_percpu+0x30/0x1160
[ 2839.848096]  ? arch_uprobe_clear_state+0x16/0x140
[ 2839.848134]  futex_hash_free+0x38/0xc0
[ 2839.848160]  mmput+0x2d3/0x390
[ 2839.848196]  do_exit+0x79d/0x2970
[ 2839.848227]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2839.848257]  ? __pfx_do_exit+0x10/0x10
[ 2839.848284]  ? find_held_lock+0x2b/0x80
[ 2839.848318]  ? get_signal+0x1a05/0x2340
[ 2839.848356]  do_group_exit+0xd3/0x2a0
[ 2839.848386]  get_signal+0x2315/0x2340
[ 2839.848430]  ? __pfx_get_signal+0x10/0x10
[ 2839.848486]  arch_do_signal_or_restart+0x80/0x790
[ 2839.848519]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2839.848571]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2839.848607]  asm_exc_general_protection+0x26/0x30
[ 2839.848630] RIP: 0033:0x7f11f0c47b21
[ 2839.848647] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2839.848658] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2839.848676] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2839.848691] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2839.848706] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2839.848720] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2839.848733] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2839.848765]  </TASK>
[ 2839.848772] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2839.848785] kmemleak:   comm "syz-executor.6", pid 23373, jiffies 4297506652
[ 2839.848807] kmemleak:   min_count = 1
[ 2839.848814] kmemleak:   count = 0
[ 2839.848821] kmemleak:   flags = 0x21
[ 2839.848829] kmemleak:   checksum = 0
[ 2839.848836] kmemleak:   backtrace:
[ 2839.848843]  pcpu_alloc_noprof+0x87a/0x1170
[ 2839.848872]  percpu_ref_init+0x37/0x400
[ 2839.848905]  io_uring_setup+0x44c/0x2000
[ 2839.848927]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2839.848949]  do_syscall_64+0xbf/0x360
[ 2839.848966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:57:07 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:57:07 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
ptrace$peekuser(0x3, r1, 0x1)

22:57:07 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, 0x3f7, 0x400, 0x70bd2b, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x880)

22:57:07 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f")

22:57:07 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:57:07 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:57:07 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:57:07 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})

22:57:08 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:57:08 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})

[ 2849.664167] kmemleak: Found object by alias at 0x607f1a638af4
[ 2849.664189] CPU: 0 UID: 0 PID: 23405 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2849.664208] Tainted: [W]=WARN
[ 2849.664212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2849.664219] Call Trace:
[ 2849.664224]  <TASK>
[ 2849.664229]  dump_stack_lvl+0xca/0x120
[ 2849.664254]  __lookup_object+0x94/0xb0
[ 2849.664271]  delete_object_full+0x27/0x70
[ 2849.664287]  free_percpu+0x30/0x1160
[ 2849.664307]  ? arch_uprobe_clear_state+0x16/0x140
[ 2849.664329]  futex_hash_free+0x38/0xc0
[ 2849.664343]  mmput+0x2d3/0x390
[ 2849.664362]  do_exit+0x79d/0x2970
[ 2849.664379]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2849.664395]  ? __pfx_do_exit+0x10/0x10
[ 2849.664408]  ? find_held_lock+0x2b/0x80
[ 2849.664427]  ? get_signal+0x1a05/0x2340
[ 2849.664447]  do_group_exit+0xd3/0x2a0
[ 2849.664462]  get_signal+0x2315/0x2340
[ 2849.664484]  ? __pfx_get_signal+0x10/0x10
[ 2849.664506]  arch_do_signal_or_restart+0x80/0x790
[ 2849.664524]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2849.664558]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2849.664577]  asm_exc_general_protection+0x26/0x30
[ 2849.664590] RIP: 0033:0x7f11f0c47b21
[ 2849.664599] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2849.664604] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2849.664614] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2849.664622] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2849.664629] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2849.664636] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2849.664643] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2849.664659]  </TASK>
[ 2849.664663] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2849.664670] kmemleak:   comm "syz-executor.7", pid 23404, jiffies 4297516480
[ 2849.664677] kmemleak:   min_count = 1
[ 2849.664681] kmemleak:   count = 0
[ 2849.664685] kmemleak:   flags = 0x21
[ 2849.664689] kmemleak:   checksum = 0
[ 2849.664692] kmemleak:   backtrace:
[ 2849.664696]  pcpu_alloc_noprof+0x87a/0x1170
[ 2849.664711]  percpu_ref_init+0x37/0x400
[ 2849.664729]  io_uring_setup+0x44c/0x2000
[ 2849.664740]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2849.664751]  do_syscall_64+0xbf/0x360
[ 2849.664761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2849.719489] kmemleak: Found object by alias at 0x607f1a638af4
[ 2849.719508] CPU: 0 UID: 0 PID: 23395 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2849.719531] Tainted: [W]=WARN
[ 2849.719535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2849.719542] Call Trace:
[ 2849.719547]  <TASK>
[ 2849.719551]  dump_stack_lvl+0xca/0x120
[ 2849.719576]  __lookup_object+0x94/0xb0
[ 2849.719593]  delete_object_full+0x27/0x70
[ 2849.719609]  free_percpu+0x30/0x1160
[ 2849.719624]  ? arch_uprobe_clear_state+0x16/0x140
[ 2849.719643]  futex_hash_free+0x38/0xc0
[ 2849.719658]  mmput+0x2d3/0x390
[ 2849.719676]  do_exit+0x79d/0x2970
[ 2849.719690]  ? signal_wake_up_state+0x85/0x120
[ 2849.719706]  ? zap_other_threads+0x2b9/0x3a0
[ 2849.719721]  ? __pfx_do_exit+0x10/0x10
[ 2849.719734]  ? do_group_exit+0x1c3/0x2a0
[ 2849.719748]  ? lock_release+0xc8/0x290
[ 2849.719764]  do_group_exit+0xd3/0x2a0
[ 2849.719779]  __x64_sys_exit_group+0x3e/0x50
[ 2849.719793]  x64_sys_call+0x18c5/0x18d0
[ 2849.719808]  do_syscall_64+0xbf/0x360
[ 2849.719820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2849.719831] RIP: 0033:0x7f11f0c47b19
[ 2849.719840] Code: Unable to access opcode bytes at 0x7f11f0c47aef.
[ 2849.719846] RSP: 002b:00007ffe4ba62a88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 2849.719857] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f11f0c47b19
[ 2849.719865] RDX: 00007f11f0bfa72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 2849.719872] RBP: 0000000000000000 R08: 0000001b2d222980 R09: 0000000000000000
[ 2849.719880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2849.719886] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4ba62b70
[ 2849.719902]  </TASK>
[ 2849.719906] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2849.719913] kmemleak:   comm "syz-executor.7", pid 23404, jiffies 4297516480
[ 2849.719920] kmemleak:   min_count = 1
[ 2849.719924] kmemleak:   count = 0
[ 2849.719927] kmemleak:   flags = 0x21
[ 2849.719931] kmemleak:   checksum = 0
[ 2849.719935] kmemleak:   backtrace:
[ 2849.719938]  pcpu_alloc_noprof+0x87a/0x1170
[ 2849.719953]  percpu_ref_init+0x37/0x400
[ 2849.719970]  io_uring_setup+0x44c/0x2000
[ 2849.719982]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2849.719992]  do_syscall_64+0xbf/0x360
[ 2849.720001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:57:08 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)

22:57:08 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
ptrace$peekuser(0x3, r1, 0x1)

[ 2849.769737] kmemleak: Found object by alias at 0x607f1a639184
[ 2849.769768] CPU: 1 UID: 0 PID: 23390 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2849.769813] Tainted: [W]=WARN
[ 2849.769820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2849.769835] Call Trace:
[ 2849.769842]  <TASK>
[ 2849.769851]  dump_stack_lvl+0xca/0x120
[ 2849.769895]  __lookup_object+0x94/0xb0
[ 2849.769926]  delete_object_full+0x27/0x70
[ 2849.769957]  free_percpu+0x30/0x1160
[ 2849.769989]  ? arch_uprobe_clear_state+0x16/0x140
[ 2849.770027]  futex_hash_free+0x38/0xc0
[ 2849.770054]  mmput+0x2d3/0x390
[ 2849.770090]  copy_process+0x273d/0x73c0
[ 2849.770111]  ? __pfx___futex_wait+0x10/0x10
[ 2849.770156]  ? __pfx_copy_process+0x10/0x10
[ 2849.770185]  ? futex_private_hash_put+0x127/0x2d0
[ 2849.770217]  kernel_clone+0xea/0x7f0
[ 2849.770240]  ? __pfx_futex_wake+0x10/0x10
[ 2849.770271]  ? __pfx_kernel_clone+0x10/0x10
[ 2849.770300]  ? io_uring_setup+0x16e0/0x2000
[ 2849.770330]  ? do_futex+0x135/0x370
[ 2849.770359]  __do_sys_clone+0xce/0x120
[ 2849.770382]  ? __pfx___do_sys_clone+0x10/0x10
[ 2849.770420]  ? __x64_sys_signalfd+0x11d/0x190
[ 2849.770452]  ? xfd_validate_state+0x55/0x180
[ 2849.770496]  do_syscall_64+0xbf/0x360
[ 2849.770519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2849.770542] RIP: 0033:0x7f426ab2ab19
[ 2849.770561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2849.770584] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2849.770606] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2849.770622] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2849.770636] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2849.770650] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2849.770664] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2849.770695]  </TASK>
[ 2849.770702] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2849.770715] kmemleak:   comm "syz-executor.0", pid 23390, jiffies 4297516433
[ 2849.770729] kmemleak:   min_count = 1
[ 2849.770737] kmemleak:   count = 0
[ 2849.770744] kmemleak:   flags = 0x21
[ 2849.770752] kmemleak:   checksum = 0
[ 2849.770759] kmemleak:   backtrace:
[ 2849.770766]  pcpu_alloc_noprof+0x87a/0x1170
[ 2849.770796]  percpu_ref_init+0x37/0x400
[ 2849.770829]  io_uring_setup+0x44c/0x2000
[ 2849.770850]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2849.770872]  do_syscall_64+0xbf/0x360
[ 2849.770889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:57:08 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:57:08 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240))

22:57:08 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)

22:57:08 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:57:08 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)

22:57:08 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
getpeername(r2, &(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000700)=0x80)

22:57:08 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:57:08 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

22:57:08 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240))

22:57:18 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

22:57:18 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
ptrace$peekuser(0x3, r1, 0x1)

22:57:18 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)

22:57:18 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})

22:57:18 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:57:18 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240))

22:57:18 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:57:18 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7ce", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

[ 2860.058234] kmemleak: Found object by alias at 0x607f1a639184
[ 2860.058270] CPU: 1 UID: 0 PID: 24068 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2860.058310] Tainted: [W]=WARN
[ 2860.058317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2860.058332] Call Trace:
[ 2860.058339]  <TASK>
[ 2860.058349]  dump_stack_lvl+0xca/0x120
[ 2860.058393]  __lookup_object+0x94/0xb0
[ 2860.058426]  delete_object_full+0x27/0x70
[ 2860.058460]  free_percpu+0x30/0x1160
[ 2860.058494]  ? arch_uprobe_clear_state+0x16/0x140
[ 2860.058535]  futex_hash_free+0x38/0xc0
[ 2860.058564]  mmput+0x2d3/0x390
[ 2860.058602]  copy_process+0x273d/0x73c0
[ 2860.058643]  ? __pfx_copy_process+0x10/0x10
[ 2860.058668]  ? __lock_acquire+0xc65/0x1b70
[ 2860.058702]  ? lock_is_held_type+0x9e/0x120
[ 2860.058745]  kernel_clone+0xea/0x7f0
[ 2860.058770]  ? finish_task_switch.isra.0+0x201/0x840
[ 2860.058818]  ? __pfx_kernel_clone+0x10/0x10
[ 2860.058845]  ? trace_irq_enable.constprop.0+0xc2/0x100
[ 2860.058872]  ? finish_task_switch.isra.0+0x206/0x840
[ 2860.058914]  ? trace_sched_exit_tp+0xbf/0x100
[ 2860.058950]  ? __schedule+0xe91/0x3590
[ 2860.058984]  __do_sys_clone+0xce/0x120
[ 2860.059010]  ? __pfx___do_sys_clone+0x10/0x10
[ 2860.059036]  ? __pfx___schedule+0x10/0x10
[ 2860.059079]  ? __x64_sys_signalfd+0x11d/0x190
[ 2860.059114]  ? xfd_validate_state+0x55/0x180
[ 2860.059161]  do_syscall_64+0xbf/0x360
[ 2860.059185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2860.059210] RIP: 0033:0x7f426ab2ab19
[ 2860.059228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2860.059253] RSP: 002b:00007f42680a0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2860.059277] RAX: ffffffffffffffda RBX: 00007f426ac3df60 RCX: 00007f426ab2ab19
[ 2860.059293] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2860.059309] RBP: 00007f426ab84f6d R08: 0000000020000240 R09: 0000000000000000
[ 2860.059324] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2860.059339] R13: 00007ffe695d289f R14: 00007f42680a0300 R15: 0000000000022000
[ 2860.059371]  </TASK>
[ 2860.059379] kmemleak: Object (percpu) 0x607f1a639180 (size 8):
[ 2860.059393] kmemleak:   comm "syz-executor.3", pid 24067, jiffies 4297526798
[ 2860.059408] kmemleak:   min_count = 1
[ 2860.059417] kmemleak:   count = 0
[ 2860.059424] kmemleak:   flags = 0x21
[ 2860.059433] kmemleak:   checksum = 0
[ 2860.059440] kmemleak:   backtrace:
[ 2860.059447]  pcpu_alloc_noprof+0x87a/0x1170
[ 2860.059480]  percpu_ref_init+0x37/0x400
[ 2860.059516]  io_uring_setup+0x44c/0x2000
[ 2860.059539]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2860.059563]  do_syscall_64+0xbf/0x360
[ 2860.059581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:57:18 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:57:18 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:57:18 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
ptrace$peekuser(0x3, r1, 0x1)

22:57:18 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)

22:57:18 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:57:28 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:57:28 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

22:57:28 executing program 4:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:57:28 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

22:57:28 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)

22:57:28 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})

22:57:28 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
ptrace$peekuser(0x3, r1, 0x1)

22:57:28 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:57:28 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
ptrace$peekuser(0x3, r1, 0x1)

[ 2869.905411] kmemleak: Found object by alias at 0x607f1a638af4
[ 2869.905435] CPU: 1 UID: 0 PID: 24408 Comm: syz-executor.6 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2869.905456] Tainted: [W]=WARN
[ 2869.905460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2869.905468] Call Trace:
[ 2869.905472]  <TASK>
[ 2869.905476]  dump_stack_lvl+0xca/0x120
[ 2869.905501]  __lookup_object+0x94/0xb0
[ 2869.905518]  delete_object_full+0x27/0x70
[ 2869.905534]  free_percpu+0x30/0x1160
[ 2869.905550]  ? arch_uprobe_clear_state+0x16/0x140
[ 2869.905570]  futex_hash_free+0x38/0xc0
[ 2869.905585]  mmput+0x2d3/0x390
[ 2869.905604]  do_exit+0x79d/0x2970
[ 2869.905620]  ? proc_coredump_connector+0x2bf/0x4e0
[ 2869.905636]  ? __pfx_do_exit+0x10/0x10
[ 2869.905650]  ? find_held_lock+0x2b/0x80
[ 2869.905667]  ? get_signal+0x1a05/0x2340
[ 2869.905688]  do_group_exit+0xd3/0x2a0
[ 2869.905702]  get_signal+0x2315/0x2340
[ 2869.905725]  ? __pfx_get_signal+0x10/0x10
[ 2869.905747]  arch_do_signal_or_restart+0x80/0x790
[ 2869.905764]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2869.905794]  irqentry_exit_to_user_mode+0x106/0x1c0
[ 2869.905813]  asm_exc_general_protection+0x26/0x30
[ 2869.905825] RIP: 0033:0x7f11f0c47b21
[ 2869.905834] Code: Unable to access opcode bytes at 0x7f11f0c47af7.
[ 2869.905839] RSP: 002b:0000000020000180 EFLAGS: 00010217
[ 2869.905852] RAX: 0000000000000000 RBX: 00007f11f0d5af60 RCX: 00007f11f0c47b19
[ 2869.905861] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000200
[ 2869.905869] RBP: 00007f11f0ca1f6d R08: 0000000020000240 R09: 0000000000000000
[ 2869.905878] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000000
[ 2869.905885] R13: 00007ffe4ba6285f R14: 00007f11ee1bd300 R15: 0000000000022000
[ 2869.905901]  </TASK>
[ 2869.905905] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2869.905912] kmemleak:   comm "syz-executor.2", pid 24410, jiffies 4297536794
[ 2869.905919] kmemleak:   min_count = 1
[ 2869.905923] kmemleak:   count = 0
[ 2869.905927] kmemleak:   flags = 0x21
[ 2869.905930] kmemleak:   checksum = 0
[ 2869.905934] kmemleak:   backtrace:
[ 2869.905938]  pcpu_alloc_noprof+0x87a/0x1170
[ 2869.905957]  percpu_ref_init+0x37/0x400
[ 2869.905975]  io_uring_setup+0x44c/0x2000
[ 2869.905987]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2869.905997]  do_syscall_64+0xbf/0x360
[ 2869.906007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2869.938575] kmemleak: Cannot insert 0x607f1a638af4 into the object search tree (overlaps existing)
[ 2869.938609] CPU: 0 UID: 0 PID: 24421 Comm: syz-executor.4 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[ 2869.938647] Tainted: [W]=WARN
[ 2869.938656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2869.938670] Call Trace:
[ 2869.938678]  <TASK>
[ 2869.938688]  dump_stack_lvl+0xca/0x120
[ 2869.938733]  __link_object+0x190/0x210
[ 2869.938770]  __create_object+0x48/0x80
[ 2869.938816]  pcpu_alloc_noprof+0x87a/0x1170
[ 2869.938866]  __percpu_counter_init_many+0x44/0x360
[ 2869.938897]  ? kasan_save_track+0x14/0x30
[ 2869.938931]  io_uring_alloc_task_context+0xce/0x650
[ 2869.938968]  ? file_init_path+0x506/0x770
[ 2869.939003]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[ 2869.939042]  ? alloc_file_pseudo+0x1a9/0x220
[ 2869.939082]  __io_uring_add_tctx_node+0x291/0x4c0
[ 2869.939119]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[ 2869.939160]  ? __anon_inode_getfile+0x177/0x280
[ 2869.939200]  io_uring_setup+0x1527/0x2000
[ 2869.939230]  ? __pfx_io_uring_setup+0x10/0x10
[ 2869.939279]  ? __pfx___x64_sys_futex+0x10/0x10
[ 2869.939309]  ? __x64_sys_signalfd+0x11d/0x190
[ 2869.939344]  ? xfd_validate_state+0x55/0x180
[ 2869.939388]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2869.939417]  do_syscall_64+0xbf/0x360
[ 2869.939441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2869.939466] RIP: 0033:0x7f08c849fb19
[ 2869.939485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2869.939509] RSP: 002b:00007f08c5a15188 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[ 2869.939533] RAX: ffffffffffffffda RBX: 00007f08c85b2f60 RCX: 00007f08c849fb19
[ 2869.939550] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 00000000000050eb
[ 2869.939565] RBP: 00007f08c84f9f6d R08: 0000000000000000 R09: 0000000000000000
[ 2869.939580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2869.939595] R13: 00007fff18a1813f R14: 00007f08c5a15300 R15: 0000000000022000
[ 2869.939629]  </TASK>
[ 2869.940365] kmemleak: Kernel memory leak detector disabled
[ 2869.940374] kmemleak: Object (percpu) 0x607f1a638af0 (size 8):
[ 2869.940388] kmemleak:   comm "syz-executor.2", pid 24410, jiffies 4297536794
[ 2869.940404] kmemleak:   min_count = 1
[ 2869.940412] kmemleak:   count = 0
[ 2869.940420] kmemleak:   flags = 0x21
[ 2869.940428] kmemleak:   checksum = 0
[ 2869.940436] kmemleak:   backtrace:
[ 2869.940443]  pcpu_alloc_noprof+0x87a/0x1170
[ 2869.940475]  percpu_ref_init+0x37/0x400
[ 2869.940514]  io_uring_setup+0x44c/0x2000
[ 2869.940536]  __x64_sys_io_uring_setup+0xc8/0x170
[ 2869.940560]  do_syscall_64+0xbf/0x360
[ 2869.940579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
22:57:28 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")

22:57:28 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438ab")

22:57:28 executing program 5:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r3 = signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r3, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ptrace$peekuser(0x3, r1, 0x1)
ptrace$setsig(0x4203, r1, 0xcc5, &(0x7f0000000400)={0x37, 0xfff})
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x6c, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0xc044}, 0x20008080)
ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000880))

[ 2870.050084] kmemleak: Automatic memory scanning thread ended
22:57:28 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
signalfd(r2, &(0x7f00000000c0)={[0x8001]}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
ptrace$peekuser(0x3, r1, 0x1)

22:57:28 executing program 7:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
fcntl$getown(0xffffffffffffffff, 0x9)
r1 = signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
r2 = signalfd(r1, &(0x7f00000000c0)={[0x8001]}, 0x8)
io_uring_setup(0x50eb, &(0x7f0000000100)={0x0, 0x69d4, 0x10, 0x1, 0xbb})
clone(0x200, &(0x7f0000000180)="2b3c6e9b5c5461f7cecd8103ee8bab071568a4758c1c742d8050608b311d7ce403", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="2d25cf7fe4b198c2a371577bfb7ba576a31f9d203013c02ea9ff8f302b6431bc210332392836574e0c36a2d51e03940c8eec8bfbb3d438abd1bae59924ee248b49ce963d247d487d27425bc5302524d9b478ea2cda91e27e56c9a6f82f16a04d421c8cb11aa3ed572e8d6dbcb0cbd91f582ff62549b5e081520729e2704f2d62ee3ece8a4550dfb19f50610cfe0d275526853b039e95c366c7cc49087db7116f363c66caff565631338bbf7aad929f09907a1cb13e823fdc46a43fe8ae85821885b9415c4944d12b9de4776c87c1ba74848762e96914b07ee260d898ead5b44c")
ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f0000000340))
setsockopt$packet_buf(r2, 0x107, 0xd, &(0x7f0000000380)="abca8cbbb5a80594dbd4df6d774452008ba361c17f635ea632115d886d234532e7ea2ed9fc5fdbf35a6a898c", 0x2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))

22:57:28 executing program 6:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10020)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0xf30, [0x7fff, 0x7fff, 0x7, 0x3, 0x0, 0x101]})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
signalfd(r0, &(0x7f0000000080)={[0x101]}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100000001, 0x1, &(0x7f00000003c0))
ptrace$peekuser(0x3, r1, 0x1)

SYZFAIL: failed to write(kmemleak, "scan")
 (errno 1: Operation not permitted)
BUG: leak checking failed

VM DIAGNOSIS:
22:57:28  Registers:
info registers vcpu 0
RAX=0000000080010104 RBX=ffff88800a6d8000 RCX=ffffffff82549146 RDX=000000000001c062
RSI=ffffffff82549154 RDI=0000000000000007 RBP=ffff88800a6d8180 RSP=ffff88806ce08df0
R8 =0000000000000001 R9 =ffffed100d9c11b8 R10=000000000001c062 R11=0000000000000001
R12=000000000001c062 R13=ffff88800a6dc8c8 R14=ffff88800e6a0000 R15=ffff88800a6d8008
RIP=ffffffff82549158 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe5800000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff18a16ff8 CR3=000000000e265000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffff000000000000
XMM02=000055b23903e010000055b2398d97a0 XMM03=000000000000000000006b636f6c622f
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=000055b2398c94500000000200000004 XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000200000000000000020000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff81686a4d RDX=fffffbfff0c8758b
RSI=0000000000000008 RDI=ffffffff8643ac50 RBP=ffffffff8136fa00 RSP=ffff8880164a78b0
R8 =0000000000000000 R9 =fffffbfff0c8758a R10=ffffffff8643ac57 R11=1ffff1100d9e6bb1
R12=0000000000000000 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88806cf37fc8
RIP=ffffffff81aff05f RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f1755a8b8c0 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe6000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055b23991fe88 CR3=000000000e265000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffff000000ff00000000000000000000
XMM02=000055b23900317570632f302f716d2f XMM03=7269762f736563697665642f7379732f
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=000055b2398c94500000000200000004 XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000200000000000000020000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000