Warning: Permanently added '[localhost]:50276' (ECDSA) to the list of known hosts.
2025/09/01 08:40:03 fuzzer started
2025/09/01 08:40:03 dialing manager at localhost:35473
syzkaller login: [ 50.728420] cgroup: Unknown subsys name 'net'
[ 50.798859] cgroup: Unknown subsys name 'cpuset'
[ 50.814244] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:40:14 syscalls: 2214
2025/09/01 08:40:14 code coverage: enabled
2025/09/01 08:40:14 comparison tracing: enabled
2025/09/01 08:40:14 extra coverage: enabled
2025/09/01 08:40:14 setuid sandbox: enabled
2025/09/01 08:40:14 namespace sandbox: enabled
2025/09/01 08:40:14 Android sandbox: enabled
2025/09/01 08:40:14 fault injection: enabled
2025/09/01 08:40:14 leak checking: enabled
2025/09/01 08:40:14 net packet injection: enabled
2025/09/01 08:40:14 net device setup: enabled
2025/09/01 08:40:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:40:14 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:40:14 USB emulation: enabled
2025/09/01 08:40:14 hci packet injection: enabled
2025/09/01 08:40:14 wifi device emulation: enabled
2025/09/01 08:40:14 802.15.4 emulation: enabled
2025/09/01 08:40:14 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:40:14 fetching corpus: 50, signal 27087/30279 (executing program)
2025/09/01 08:40:14 fetching corpus: 100, signal 35997/40409 (executing program)
2025/09/01 08:40:14 fetching corpus: 150, signal 43720/49168 (executing program)
2025/09/01 08:40:14 fetching corpus: 200, signal 49692/56008 (executing program)
2025/09/01 08:40:15 fetching corpus: 250, signal 56154/63174 (executing program)
2025/09/01 08:40:15 fetching corpus: 300, signal 60502/68242 (executing program)
2025/09/01 08:40:15 fetching corpus: 350, signal 66750/74797 (executing program)
2025/09/01 08:40:15 fetching corpus: 400, signal 69922/78558 (executing program)
2025/09/01 08:40:15 fetching corpus: 450, signal 73245/82401 (executing program)
2025/09/01 08:40:15 fetching corpus: 500, signal 76082/85728 (executing program)
2025/09/01 08:40:15 fetching corpus: 550, signal 78910/88899 (executing program)
2025/09/01 08:40:15 fetching corpus: 600, signal 83329/93234 (executing program)
2025/09/01 08:40:16 fetching corpus: 650, signal 88551/98146 (executing program)
2025/09/01 08:40:16 fetching corpus: 700, signal 91101/100747 (executing program)
2025/09/01 08:40:16 fetching corpus: 750, signal 93188/102944 (executing program)
2025/09/01 08:40:16 fetching corpus: 800, signal 95020/104955 (executing program)
2025/09/01 08:40:16 fetching corpus: 850, signal 96716/106765 (executing program)
2025/09/01 08:40:16 fetching corpus: 900, signal 99417/109261 (executing program)
2025/09/01 08:40:16 fetching corpus: 950, signal 101093/110990 (executing program)
2025/09/01 08:40:16 fetching corpus: 1000, signal 103277/112960 (executing program)
2025/09/01 08:40:17 fetching corpus: 1050, signal 104959/114505 (executing program)
2025/09/01 08:40:17 fetching corpus: 1100, signal 105863/115546 (executing program)
2025/09/01 08:40:17 fetching corpus: 1150, signal 107479/117021 (executing program)
2025/09/01 08:40:17 fetching corpus: 1200, signal 109298/118571 (executing program)
2025/09/01 08:40:17 fetching corpus: 1250, signal 110345/119534 (executing program)
2025/09/01 08:40:17 fetching corpus: 1300, signal 111146/120382 (executing program)
2025/09/01 08:40:17 fetching corpus: 1350, signal 113250/121935 (executing program)
2025/09/01 08:40:17 fetching corpus: 1400, signal 114412/122905 (executing program)
2025/09/01 08:40:18 fetching corpus: 1450, signal 115754/123953 (executing program)
2025/09/01 08:40:18 fetching corpus: 1500, signal 116941/124852 (executing program)
2025/09/01 08:40:18 fetching corpus: 1550, signal 117641/125490 (executing program)
2025/09/01 08:40:18 fetching corpus: 1600, signal 119317/126610 (executing program)
2025/09/01 08:40:18 fetching corpus: 1650, signal 120297/127290 (executing program)
2025/09/01 08:40:18 fetching corpus: 1700, signal 121339/127951 (executing program)
2025/09/01 08:40:18 fetching corpus: 1750, signal 122588/128711 (executing program)
2025/09/01 08:40:18 fetching corpus: 1800, signal 123854/129449 (executing program)
2025/09/01 08:40:18 fetching corpus: 1850, signal 125001/130100 (executing program)
2025/09/01 08:40:19 fetching corpus: 1900, signal 125931/130666 (executing program)
2025/09/01 08:40:19 fetching corpus: 1950, signal 126748/131088 (executing program)
2025/09/01 08:40:19 fetching corpus: 2000, signal 127423/131452 (executing program)
2025/09/01 08:40:19 fetching corpus: 2050, signal 128337/131896 (executing program)
2025/09/01 08:40:19 fetching corpus: 2100, signal 129412/132390 (executing program)
2025/09/01 08:40:20 fetching corpus: 2150, signal 130287/132756 (executing program)
2025/09/01 08:40:20 fetching corpus: 2200, signal 130856/133002 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133311 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133353 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133389 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133419 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133453 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133492 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133527 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133564 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133607 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133643 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133682 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133735 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133765 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133810 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133844 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133879 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133917 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133955 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/133985 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/134015 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/134055 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/134059 (executing program)
2025/09/01 08:40:20 fetching corpus: 2244, signal 131716/134059 (executing program)
2025/09/01 08:40:22 starting 8 fuzzer processes
08:40:22 executing program 0:
syz_usb_connect$uac1(0x5, 0x71, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
08:40:22 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0)
sigaltstack(&(0x7f0000ffd000/0x2000)=nil, 0x0)
08:40:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_TXQ_QUANTUM={0x8}]}, 0x1c}}, 0x0)
[ 69.541102] audit: type=1400 audit(1756716022.924:7): avc: denied { execmem } for pid=274 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:40:22 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x12, &(0x7f0000000000)={@ipv4}, 0x14)
08:40:22 executing program 5:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:40:22 executing program 4:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
08:40:22 executing program 7:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x2000)
08:40:23 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0)
[ 70.673816] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 70.676376] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 70.681080] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 70.687417] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 70.692418] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 70.731727] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 70.735845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 70.739086] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 70.740882] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 70.744411] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 70.745903] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 70.748263] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 70.749721] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 70.762949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 70.773886] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 70.889276] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 70.891386] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 70.894075] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 70.899639] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 70.901557] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 70.902814] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 70.906165] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 70.907866] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 70.910442] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 70.919050] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 70.920560] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 70.922962] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 70.924247] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 70.925498] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 70.926752] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 70.928685] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 70.932144] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 70.934357] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 70.952980] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 70.957873] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 70.959084] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 70.961310] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 70.968658] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 70.972017] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 70.995655] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 72.768710] Bluetooth: hci1: command tx timeout
[ 72.769408] Bluetooth: hci0: command tx timeout
[ 72.831040] Bluetooth: hci2: command tx timeout
[ 73.022644] Bluetooth: hci4: command tx timeout
[ 73.023359] Bluetooth: hci5: command tx timeout
[ 73.023933] Bluetooth: hci7: command tx timeout
[ 73.023937] Bluetooth: hci6: command tx timeout
[ 73.088533] Bluetooth: hci3: command tx timeout
[ 74.814572] Bluetooth: hci0: command tx timeout
[ 74.815691] Bluetooth: hci1: command tx timeout
[ 74.878643] Bluetooth: hci2: command tx timeout
[ 75.070681] Bluetooth: hci6: command tx timeout
[ 75.071150] Bluetooth: hci5: command tx timeout
[ 75.072301] Bluetooth: hci4: command tx timeout
[ 75.072830] Bluetooth: hci7: command tx timeout
[ 75.134640] Bluetooth: hci3: command tx timeout
[ 76.862560] Bluetooth: hci1: command tx timeout
[ 76.863028] Bluetooth: hci0: command tx timeout
[ 76.927621] Bluetooth: hci2: command tx timeout
[ 77.118534] Bluetooth: hci5: command tx timeout
[ 77.119709] Bluetooth: hci4: command tx timeout
[ 77.120092] Bluetooth: hci7: command tx timeout
[ 77.120449] Bluetooth: hci6: command tx timeout
[ 77.183533] Bluetooth: hci3: command tx timeout
[ 78.910612] Bluetooth: hci1: command tx timeout
[ 78.910663] Bluetooth: hci0: command tx timeout
[ 78.975651] Bluetooth: hci2: command tx timeout
[ 79.166579] Bluetooth: hci7: command tx timeout
[ 79.167658] Bluetooth: hci6: command tx timeout
[ 79.168074] Bluetooth: hci4: command tx timeout
[ 79.168787] Bluetooth: hci5: command tx timeout
[ 79.231676] Bluetooth: hci3: command tx timeout
[ 107.657246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.658726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.824882] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 107.825800] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 108.287359] audit: type=1400 audit(1756716061.667:8): avc: denied { open } for pid=3820 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 108.304683] audit: type=1400 audit(1756716061.667:9): avc: denied { kernel } for pid=3820 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
08:41:01 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0)
08:41:01 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0)
08:41:02 executing program 6:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/132, 0x84}], 0x1000000000000092, &(0x7f0000000680)=[{&(0x7f0000000800)=""/102400, 0x19000}], 0x1, 0x0)
08:41:02 executing program 6:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000001500), 0x20)
[ 108.958713] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.959736] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:41:02 executing program 6:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000001500), 0x20)
[ 109.127494] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.128141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:41:02 executing program 6:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000001500), 0x20)
08:41:02 executing program 6:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000001500), 0x20)
[ 109.253297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.254153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:41:02 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x0, @fixed, 0x0, 0x3}, 0xe)
[ 109.289871] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.290675] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.342217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.342958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.408736] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.409334] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.433500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.434056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.514510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.515617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.608002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.609382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.630451] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 109.631249] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 109.631791] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 109.632324] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 109.632943] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 109.634451] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.635535] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.636839] Buffer I/O error on dev sr0, logical block 0, async page read
[ 109.641075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.642205] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.645072] Buffer I/O error on dev sr0, logical block 1, async page read
[ 109.647421] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.647993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.649174] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.650358] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.651630] Buffer I/O error on dev sr0, logical block 2, async page read
[ 109.654006] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.655069] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.656518] Buffer I/O error on dev sr0, logical block 3, async page read
[ 109.658638] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.659501] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.660896] Buffer I/O error on dev sr0, logical block 4, async page read
[ 109.673072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.673954] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.675398] Buffer I/O error on dev sr0, logical block 5, async page read
[ 109.683402] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.684581] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.686094] Buffer I/O error on dev sr0, logical block 6, async page read
[ 109.688853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.689322] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.689971] Buffer I/O error on dev sr0, logical block 7, async page read
[ 109.690966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.691602] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 109.692405] Buffer I/O error on dev sr0, logical block 0, async page read
[ 109.693893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.694317] Buffer I/O error on dev sr0, logical block 1, async page read
[ 109.695030] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.695605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.696196] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.696782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.697537] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.698103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.698773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.699305] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.699903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.700507] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.701119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.701691] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.702355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.702934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.703615] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.704225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.704839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.705450] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.706070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.706913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.707524] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.708105] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.738302] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 109.739117] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 109.739760] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 109.740264] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00
[ 109.741209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.742289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.749229] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.750512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.754283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.760879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.764246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.769074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.779857] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.781111] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.782572] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.784770] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.788775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.792663] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.796691] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.809675] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.832918] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.836941] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 109.926338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.927562] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.957979] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.959335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.068136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.068773] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.316592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 110.319364] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 110.825519] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 110.827901] misc raw-gadget: fail, usb_gadget_register_driver returned -16
08:41:04 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0)
sigaltstack(&(0x7f0000ffd000/0x2000)=nil, 0x0)
08:41:04 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x0, @fixed, 0x0, 0x3}, 0xe)
08:41:04 executing program 7:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x2000)
08:41:04 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x12, &(0x7f0000000000)={@ipv4}, 0x14)
08:41:04 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
[ 110.900826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 110.905126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
08:41:04 executing program 4:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
08:41:04 executing program 5:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:04 executing program 0:
syz_usb_connect$uac1(0x5, 0x71, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
[ 110.959175] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 110.961128] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 110.962538] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 110.963709] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 110.965675] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 110.969671] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 110.978600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 110.984115] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 110.991837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 110.997407] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.002013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.008797] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
08:41:04 executing program 7:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x2000)
08:41:04 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x12, &(0x7f0000000000)={@ipv4}, 0x14)
[ 111.022149] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.025435] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
08:41:04 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x0, @fixed, 0x0, 0x3}, 0xe)
[ 111.032966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.037044] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.041650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.042652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.049924] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.056188] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.062695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.065630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.071869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.075164] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.082662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.088823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.090860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
08:41:04 executing program 4:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
08:41:04 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
[ 111.097936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.102872] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.108183] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.112730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.117678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.121098] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.126678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.133348] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.137674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.157033] kmemleak: Found object by alias at 0x607f1a63ec2c
[ 111.157066] CPU: 0 UID: 0 PID: 3936 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.157099] Tainted: [W]=WARN
[ 111.157106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.157119] Call Trace:
[ 111.157126]
[ 111.157135] dump_stack_lvl+0xca/0x120
[ 111.157177] __lookup_object+0x94/0xb0
[ 111.157208] delete_object_full+0x27/0x70
[ 111.157239] free_percpu+0x30/0x1160
[ 111.157269] ? arch_uprobe_clear_state+0x16/0x140
[ 111.157306] futex_hash_free+0x38/0xc0
[ 111.157331] mmput+0x2d3/0x390
[ 111.157366] do_exit+0x79d/0x2970
[ 111.157391] ? lock_release+0xc8/0x290
[ 111.157421] ? __pfx_do_exit+0x10/0x10
[ 111.157447] ? find_held_lock+0x2b/0x80
[ 111.157487] ? get_signal+0x835/0x2340
[ 111.157524] do_group_exit+0xd3/0x2a0
[ 111.157552] get_signal+0x2315/0x2340
[ 111.157594] ? __pfx_get_signal+0x10/0x10
[ 111.157625] ? do_futex+0x135/0x370
[ 111.157650] ? __pfx_do_futex+0x10/0x10
[ 111.157672] ? percpu_is_read_locked+0x180/0x1d0
[ 111.157706] arch_do_signal_or_restart+0x80/0x790
[ 111.157738] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 111.157769] ? __x64_sys_futex+0x1c9/0x4d0
[ 111.157793] ? __x64_sys_futex+0x1d2/0x4d0
[ 111.157819] ? __pfx_loop_control_ioctl+0x10/0x10
[ 111.157848] ? __pfx___x64_sys_futex+0x10/0x10
[ 111.157872] ? selinux_file_ioctl+0xb9/0x280
[ 111.157899] ? xfd_validate_state+0x55/0x180
[ 111.157937] exit_to_user_mode_loop+0x8b/0x110
[ 111.157961] do_syscall_64+0x2f7/0x360
[ 111.157984] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.158006] RIP: 0033:0x7f55223dab19
[ 111.158023] Code: Unable to access opcode bytes at 0x7f55223daaef.
[ 111.158032] RSP: 002b:00007f551f950218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 111.158054] RAX: fffffffffffffe00 RBX: 00007f55224edf68 RCX: 00007f55223dab19
[ 111.158068] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f55224edf68
[ 111.158081] RBP: 00007f55224edf60 R08: 0000000000000000 R09: 0000000000000000
[ 111.158094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f55224edf6c
[ 111.158107] R13: 00007ffe1fd0070f R14: 00007f551f950300 R15: 0000000000022000
[ 111.158136]
[ 111.158143] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.158156] kmemleak: comm "syz-executor.3", pid 285, jiffies 4294777728
[ 111.158169] kmemleak: min_count = 1
[ 111.158176] kmemleak: count = 0
[ 111.158183] kmemleak: flags = 0x21
[ 111.158190] kmemleak: checksum = 0
[ 111.158197] kmemleak: backtrace:
[ 111.158203] pcpu_alloc_noprof+0x87a/0x1170
[ 111.158232] mm_init+0x99b/0x1170
[ 111.158247] copy_process+0x3ab7/0x73c0
[ 111.158266] kernel_clone+0xea/0x7f0
[ 111.158285] __do_sys_clone+0xce/0x120
[ 111.158304] do_syscall_64+0xbf/0x360
[ 111.158322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:41:04 executing program 4:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
[ 111.219321] kmemleak: Found object by alias at 0x607f1a63ec24
[ 111.219352] CPU: 0 UID: 0 PID: 3939 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.219386] Tainted: [W]=WARN
[ 111.219393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.219405] Call Trace:
[ 111.219412]
[ 111.219421] dump_stack_lvl+0xca/0x120
[ 111.219472] __lookup_object+0x94/0xb0
[ 111.219502] delete_object_full+0x27/0x70
[ 111.219533] free_percpu+0x30/0x1160
[ 111.219563] ? arch_uprobe_clear_state+0x16/0x140
[ 111.219600] futex_hash_free+0x38/0xc0
[ 111.219626] mmput+0x2d3/0x390
[ 111.219661] do_exit+0x79d/0x2970
[ 111.219686] ? signal_wake_up_state+0x85/0x120
[ 111.219715] ? zap_other_threads+0x2b9/0x3a0
[ 111.219745] ? __pfx_do_exit+0x10/0x10
[ 111.219769] ? do_group_exit+0x1c3/0x2a0
[ 111.219795] ? lock_release+0xc8/0x290
[ 111.219826] do_group_exit+0xd3/0x2a0
[ 111.219854] __x64_sys_exit_group+0x3e/0x50
[ 111.219880] x64_sys_call+0x18c5/0x18d0
[ 111.219909] do_syscall_64+0xbf/0x360
[ 111.219932] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.219953] RIP: 0033:0x7f44e7ab9b19
[ 111.219969] Code: Unable to access opcode bytes at 0x7f44e7ab9aef.
[ 111.219979] RSP: 002b:00007ffd5c582338 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.220000] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f44e7ab9b19
[ 111.220014] RDX: 00007f44e7a6c72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.220028] RBP: 0000000000000000 R08: 0000001b2d8214c4 R09: 0000000000000000
[ 111.220041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.220053] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffd5c582420
[ 111.220082]
[ 111.220089] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.220113] kmemleak: comm "syz-executor.3", pid 285, jiffies 4294777728
[ 111.220126] kmemleak: min_count = 1
[ 111.220133] kmemleak: count = 0
[ 111.220140] kmemleak: flags = 0x21
[ 111.220147] kmemleak: checksum = 0
[ 111.220154] kmemleak: backtrace:
[ 111.220160] pcpu_alloc_noprof+0x87a/0x1170
[ 111.220189] mm_init+0x99b/0x1170
[ 111.220205] copy_process+0x3ab7/0x73c0
[ 111.220224] kernel_clone+0xea/0x7f0
[ 111.220242] __do_sys_clone+0xce/0x120
[ 111.220262] do_syscall_64+0xbf/0x360
[ 111.220279] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.262231] kmemleak: Found object by alias at 0x607f1a63ec28
[ 111.262258] CPU: 0 UID: 0 PID: 3944 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.262291] Tainted: [W]=WARN
[ 111.262298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.262311] Call Trace:
[ 111.262318]
[ 111.262326] dump_stack_lvl+0xca/0x120
[ 111.262366] __lookup_object+0x94/0xb0
[ 111.262396] delete_object_full+0x27/0x70
[ 111.262426] free_percpu+0x30/0x1160
[ 111.262456] ? arch_uprobe_clear_state+0x16/0x140
[ 111.262499] futex_hash_free+0x38/0xc0
[ 111.262524] mmput+0x2d3/0x390
[ 111.262559] do_exit+0x79d/0x2970
[ 111.262591] ? __pfx_do_exit+0x10/0x10
[ 111.262618] ? find_held_lock+0x2b/0x80
[ 111.262650] ? get_signal+0x835/0x2340
[ 111.262687] do_group_exit+0xd3/0x2a0
[ 111.262715] get_signal+0x2315/0x2340
[ 111.262748] ? put_task_stack+0xd2/0x240
[ 111.262776] ? __pfx_get_signal+0x10/0x10
[ 111.262807] ? __schedule+0xe91/0x3590
[ 111.262845] arch_do_signal_or_restart+0x80/0x790
[ 111.262877] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 111.262909] ? __x64_sys_futex+0x1c9/0x4d0
[ 111.262932] ? __x64_sys_futex+0x1d2/0x4d0
[ 111.262958] ? fput_close_sync+0x114/0x240
[ 111.262989] ? __pfx___x64_sys_futex+0x10/0x10
[ 111.263013] ? __pfx_fput_close_sync+0x10/0x10
[ 111.263042] ? dnotify_flush+0x79/0x4c0
[ 111.263062] ? xfd_validate_state+0x55/0x180
[ 111.263101] exit_to_user_mode_loop+0x8b/0x110
[ 111.263124] do_syscall_64+0x2f7/0x360
[ 111.263147] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.263169] RIP: 0033:0x7f1da416bb19
[ 111.263185] Code: Unable to access opcode bytes at 0x7f1da416baef.
[ 111.263194] RSP: 002b:00007f1da16e1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 111.263215] RAX: 0000000000000001 RBX: 00007f1da427ef68 RCX: 00007f1da416bb19
[ 111.263229] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1da427ef6c
[ 111.263242] RBP: 00007f1da427ef60 R08: 0000000000000016 R09: 0000000000000000
[ 111.263255] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f1da427ef6c
[ 111.263268] R13: 00007fff05206ecf R14: 00007f1da16e1300 R15: 0000000000022000
[ 111.263297]
[ 111.263304] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.263316] kmemleak: comm "syz-executor.3", pid 285, jiffies 4294777728
[ 111.263329] kmemleak: min_count = 1
[ 111.263336] kmemleak: count = 0
[ 111.263342] kmemleak: flags = 0x21
[ 111.263350] kmemleak: checksum = 0
[ 111.263356] kmemleak: backtrace:
[ 111.263362] pcpu_alloc_noprof+0x87a/0x1170
[ 111.263391] mm_init+0x99b/0x1170
[ 111.263406] copy_process+0x3ab7/0x73c0
[ 111.263425] kernel_clone+0xea/0x7f0
[ 111.263444] __do_sys_clone+0xce/0x120
[ 111.263463] do_syscall_64+0xbf/0x360
[ 111.263481] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:41:04 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
08:41:04 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x12, &(0x7f0000000000)={@ipv4}, 0x14)
08:41:04 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0)
sigaltstack(&(0x7f0000ffd000/0x2000)=nil, 0x0)
08:41:04 executing program 0:
syz_usb_connect$uac1(0x5, 0x71, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
08:41:04 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000080))
08:41:04 executing program 5:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:04 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:04 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000001b00)={0x1f, 0x0, @fixed, 0x0, 0x3}, 0xe)
08:41:04 executing program 7:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x2000)
08:41:04 executing program 3:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
[ 111.556427] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 111.557429] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 111.558195] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 111.558934] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 111.560169] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.561057] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.567140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.572012] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.573639] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.577799] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.597863] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.600003] kmemleak: Found object by alias at 0x607f1a63ec28
[ 111.600022] CPU: 1 UID: 0 PID: 3959 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.600044] Tainted: [W]=WARN
[ 111.600048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.600057] Call Trace:
[ 111.600062]
[ 111.600067] dump_stack_lvl+0xca/0x120
[ 111.600097] __lookup_object+0x94/0xb0
[ 111.600128] delete_object_full+0x27/0x70
[ 111.600147] free_percpu+0x30/0x1160
[ 111.600167] ? arch_uprobe_clear_state+0x16/0x140
[ 111.600191] futex_hash_free+0x38/0xc0
[ 111.600208] mmput+0x2d3/0x390
[ 111.600230] do_exit+0x79d/0x2970
[ 111.600246] ? signal_wake_up_state+0x85/0x120
[ 111.600265] ? zap_other_threads+0x2b9/0x3a0
[ 111.600284] ? __pfx_do_exit+0x10/0x10
[ 111.600299] ? do_group_exit+0x1c3/0x2a0
[ 111.600315] ? lock_release+0xc8/0x290
[ 111.600335] do_group_exit+0xd3/0x2a0
[ 111.600353] __x64_sys_exit_group+0x3e/0x50
[ 111.600369] x64_sys_call+0x18c5/0x18d0
[ 111.600388] do_syscall_64+0xbf/0x360
[ 111.600403] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.600416] RIP: 0033:0x7f1da416bb19
[ 111.600427] Code: Unable to access opcode bytes at 0x7f1da416baef.
[ 111.600433] RSP: 002b:00007fff052070f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.600447] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f1da416bb19
[ 111.600460] RDX: 00007f1da411e72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.600469] RBP: 0000000000000000 R08: 0000001b2d524174 R09: 0000000000000000
[ 111.600477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.600485] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff052071e0
[ 111.600503]
[ 111.600507] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.600516] kmemleak: comm "syz-executor.7", pid 289, jiffies 4294778171
[ 111.600524] kmemleak: min_count = 1
[ 111.600528] kmemleak: count = 0
[ 111.600533] kmemleak: flags = 0x21
[ 111.600537] kmemleak: checksum = 0
[ 111.600541] kmemleak: backtrace:
[ 111.600545] pcpu_alloc_noprof+0x87a/0x1170
[ 111.600564] mm_init+0x99b/0x1170
[ 111.600574] copy_process+0x3ab7/0x73c0
[ 111.600586] kernel_clone+0xea/0x7f0
[ 111.600598] __do_sys_clone+0xce/0x120
[ 111.600610] do_syscall_64+0xbf/0x360
[ 111.600621] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.613997] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.629049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 111.634115] kmemleak: Found object by alias at 0x607f1a63ec2c
[ 111.634130] CPU: 1 UID: 0 PID: 3956 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.634150] Tainted: [W]=WARN
[ 111.634154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.634162] Call Trace:
[ 111.634166]
[ 111.634170] dump_stack_lvl+0xca/0x120
[ 111.634193] __lookup_object+0x94/0xb0
[ 111.634211] delete_object_full+0x27/0x70
[ 111.634229] free_percpu+0x30/0x1160
[ 111.634247] ? arch_uprobe_clear_state+0x16/0x140
[ 111.634269] futex_hash_free+0x38/0xc0
[ 111.634283] mmput+0x2d3/0x390
[ 111.634304] do_exit+0x79d/0x2970
[ 111.634320] ? signal_wake_up_state+0x85/0x120
[ 111.634336] ? zap_other_threads+0x2b9/0x3a0
[ 111.634355] ? __pfx_do_exit+0x10/0x10
[ 111.634370] ? do_group_exit+0x1c3/0x2a0
[ 111.634386] ? lock_release+0xc8/0x290
[ 111.634405] do_group_exit+0xd3/0x2a0
[ 111.634422] __x64_sys_exit_group+0x3e/0x50
[ 111.634438] x64_sys_call+0x18c5/0x18d0
[ 111.634460] do_syscall_64+0xbf/0x360
[ 111.634474] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.634487] RIP: 0033:0x7f55223dab19
[ 111.634497] Code: Unable to access opcode bytes at 0x7f55223daaef.
[ 111.634503] RSP: 002b:00007ffe1fd00938 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.634515] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f55223dab19
[ 111.634524] RDX: 00007f552238d72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.634532] RBP: 0000000000000000 R08: 0000001b2d729398 R09: 0000000000000000
[ 111.634540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.634548] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe1fd00a20
[ 111.634565]
[ 111.634569] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.634577] kmemleak: comm "syz-executor.7", pid 289, jiffies 4294778171
[ 111.634585] kmemleak: min_count = 1
[ 111.634589] kmemleak: count = 0
[ 111.634593] kmemleak: flags = 0x21
[ 111.634598] kmemleak: checksum = 0
[ 111.634602] kmemleak: backtrace:
[ 111.634605] pcpu_alloc_noprof+0x87a/0x1170
[ 111.634623] mm_init+0x99b/0x1170
[ 111.634632] copy_process+0x3ab7/0x73c0
[ 111.634644] kernel_clone+0xea/0x7f0
[ 111.634655] __do_sys_clone+0xce/0x120
[ 111.634667] do_syscall_64+0xbf/0x360
[ 111.634678] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.636346] kmemleak: Found object by alias at 0x607f1a63ec24
[ 111.636375] CPU: 0 UID: 0 PID: 3958 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.636409] Tainted: [W]=WARN
[ 111.636416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.636429] Call Trace:
[ 111.636436]
[ 111.636444] dump_stack_lvl+0xca/0x120
[ 111.636494] __lookup_object+0x94/0xb0
[ 111.636525] delete_object_full+0x27/0x70
[ 111.636556] free_percpu+0x30/0x1160
[ 111.636586] ? arch_uprobe_clear_state+0x16/0x140
[ 111.636634] futex_hash_free+0x38/0xc0
[ 111.636660] mmput+0x2d3/0x390
[ 111.636695] do_exit+0x79d/0x2970
[ 111.636720] ? signal_wake_up_state+0x85/0x120
[ 111.636749] ? zap_other_threads+0x2b9/0x3a0
[ 111.636778] ? __pfx_do_exit+0x10/0x10
[ 111.636803] ? do_group_exit+0x1c3/0x2a0
[ 111.636828] ? lock_release+0xc8/0x290
[ 111.636859] do_group_exit+0xd3/0x2a0
[ 111.636887] __x64_sys_exit_group+0x3e/0x50
[ 111.636914] x64_sys_call+0x18c5/0x18d0
[ 111.636942] do_syscall_64+0xbf/0x360
[ 111.636966] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.636987] RIP: 0033:0x7f44e7ab9b19
[ 111.637003] Code: Unable to access opcode bytes at 0x7f44e7ab9aef.
[ 111.637013] RSP: 002b:00007ffd5c582338 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.637034] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f44e7ab9b19
[ 111.637048] RDX: 00007f44e7a6c72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.637062] RBP: 0000000000000000 R08: 0000001b2d821500 R09: 0000000000000000
[ 111.637074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.637087] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffd5c582420
[ 111.637115]
[ 111.637122] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.637135] kmemleak: comm "syz-executor.7", pid 289, jiffies 4294778171
[ 111.637148] kmemleak: min_count = 1
[ 111.637155] kmemleak: count = 0
[ 111.637162] kmemleak: flags = 0x21
[ 111.637169] kmemleak: checksum = 0
[ 111.637175] kmemleak: backtrace:
[ 111.637181] pcpu_alloc_noprof+0x87a/0x1170
[ 111.637211] mm_init+0x99b/0x1170
[ 111.637226] copy_process+0x3ab7/0x73c0
[ 111.637245] kernel_clone+0xea/0x7f0
[ 111.637264] __do_sys_clone+0xce/0x120
[ 111.637283] do_syscall_64+0xbf/0x360
[ 111.637301] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.646402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 111.649420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.701317] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.701971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.704275] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.704962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.705824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.706423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.707435] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.708372] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.709274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.710005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.710876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.711735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.712394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.713247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.714111] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.715696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
08:41:05 executing program 3:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:05 executing program 5:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
[ 111.717558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.719590] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.720206] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.723029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.726573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.727175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 111.727966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
08:41:05 executing program 6:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
08:41:05 executing program 1:
r0 = epoll_create1(0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x40000005})
08:41:05 executing program 7:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:05 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
[ 111.852126] kmemleak: Found object by alias at 0x607f1a63ec2c
[ 111.852145] CPU: 1 UID: 0 PID: 3972 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.852164] Tainted: [W]=WARN
[ 111.852167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.852174] Call Trace:
[ 111.852178]
[ 111.852183] dump_stack_lvl+0xca/0x120
[ 111.852209] __lookup_object+0x94/0xb0
[ 111.852227] delete_object_full+0x27/0x70
[ 111.852244] free_percpu+0x30/0x1160
[ 111.852261] ? arch_uprobe_clear_state+0x16/0x140
[ 111.852282] futex_hash_free+0x38/0xc0
[ 111.852297] mmput+0x2d3/0x390
[ 111.852316] do_exit+0x79d/0x2970
[ 111.852330] ? signal_wake_up_state+0x85/0x120
[ 111.852346] ? zap_other_threads+0x2b9/0x3a0
[ 111.852362] ? __pfx_do_exit+0x10/0x10
[ 111.852375] ? do_group_exit+0x1c3/0x2a0
[ 111.852389] ? lock_release+0xc8/0x290
[ 111.852406] do_group_exit+0xd3/0x2a0
[ 111.852421] __x64_sys_exit_group+0x3e/0x50
[ 111.852435] x64_sys_call+0x18c5/0x18d0
[ 111.852451] do_syscall_64+0xbf/0x360
[ 111.852468] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.852479] RIP: 0033:0x7f55223dab19
[ 111.852489] Code: Unable to access opcode bytes at 0x7f55223daaef.
[ 111.852494] RSP: 002b:00007ffe1fd00938 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 111.852506] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f55223dab19
[ 111.852513] RDX: 00007f552238d72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 111.852520] RBP: 0000000000000000 R08: 0000001b2d7293bc R09: 0000000000000000
[ 111.852527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 111.852534] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe1fd00a20
[ 111.852549]
[ 111.852553] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 111.852560] kmemleak: comm "syz-executor.3", pid 285, jiffies 4294778433
[ 111.852567] kmemleak: min_count = 1
[ 111.852571] kmemleak: count = 0
[ 111.852575] kmemleak: flags = 0x21
[ 111.852578] kmemleak: checksum = 0
[ 111.852582] kmemleak: backtrace:
[ 111.852586] pcpu_alloc_noprof+0x87a/0x1170
[ 111.852601] mm_init+0x99b/0x1170
[ 111.852610] copy_process+0x3ab7/0x73c0
[ 111.852620] kernel_clone+0xea/0x7f0
[ 111.852630] __do_sys_clone+0xce/0x120
[ 111.852640] do_syscall_64+0xbf/0x360
[ 111.852650] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.980599] kmemleak: Found object by alias at 0x607f1a63ec24
[ 111.980628] CPU: 0 UID: 0 PID: 3980 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 111.980659] Tainted: [W]=WARN
[ 111.980666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 111.980678] Call Trace:
[ 111.980685]
[ 111.980692] dump_stack_lvl+0xca/0x120
[ 111.980733] __lookup_object+0x94/0xb0
[ 111.980762] delete_object_full+0x27/0x70
[ 111.980791] free_percpu+0x30/0x1160
[ 111.980820] ? arch_uprobe_clear_state+0x16/0x140
[ 111.980854] futex_hash_free+0x38/0xc0
[ 111.980878] mmput+0x2d3/0x390
[ 111.980911] do_exit+0x79d/0x2970
[ 111.980935] ? lock_release+0xc8/0x290
[ 111.980963] ? __pfx_do_exit+0x10/0x10
[ 111.980988] ? find_held_lock+0x2b/0x80
[ 111.981018] ? get_signal+0x835/0x2340
[ 111.981053] do_group_exit+0xd3/0x2a0
[ 111.981080] get_signal+0x2315/0x2340
[ 111.981120] ? __pfx_get_signal+0x10/0x10
[ 111.981155] ? do_futex+0x135/0x370
[ 111.981179] ? __pfx_do_futex+0x10/0x10
[ 111.981201] ? percpu_is_read_locked+0x180/0x1d0
[ 111.981233] arch_do_signal_or_restart+0x80/0x790
[ 111.981263] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 111.981292] ? __x64_sys_futex+0x1c9/0x4d0
[ 111.981314] ? __x64_sys_futex+0x1d2/0x4d0
[ 111.981338] ? __pfx_loop_control_ioctl+0x10/0x10
[ 111.981367] ? __pfx___x64_sys_futex+0x10/0x10
[ 111.981389] ? selinux_file_ioctl+0xb9/0x280
[ 111.981424] exit_to_user_mode_loop+0x8b/0x110
[ 111.981447] do_syscall_64+0x2f7/0x360
[ 111.981468] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 111.981489] RIP: 0033:0x7f44e7ab9b19
[ 111.981504] Code: Unable to access opcode bytes at 0x7f44e7ab9aef.
[ 111.981513] RSP: 002b:00007f44e502f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 111.981533] RAX: fffffffffffffe00 RBX: 00007f44e7bccf68 RCX: 00007f44e7ab9b19
[ 111.981546] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f44e7bccf68
[ 111.981559] RBP: 00007f44e7bccf60 R08: 0000000000000000 R09: 0000000000000000
[ 111.981571] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f44e7bccf6c
[ 111.981583] R13: 00007ffd5c58210f R14: 00007f44e502f300 R15: 0000000000022000
[ 111.981610]
[ 111.981617] kmemleak: Object (percpu) 0x607f1a63ec20 (size 8):
[ 111.981629] kmemleak: comm "syz-executor.4", pid 3984, jiffies 4294778614
[ 111.981641] kmemleak: min_count = 1
[ 111.981648] kmemleak: count = 0
[ 111.981654] kmemleak: flags = 0x21
[ 111.981661] kmemleak: checksum = 0
[ 111.981667] kmemleak: backtrace:
[ 111.981673] pcpu_alloc_noprof+0x87a/0x1170
[ 111.981700] percpu_ref_init+0x37/0x400
[ 111.981717] blk_alloc_queue+0x571/0x750
[ 111.981747] blk_mq_alloc_queue+0x170/0x280
[ 111.981768] __blk_mq_alloc_disk+0x2a/0x120
[ 111.981788] loop_add+0x494/0xb60
[ 111.981809] loop_control_ioctl+0x13b/0x640
[ 111.981831] __x64_sys_ioctl+0x18f/0x210
[ 111.981858] do_syscall_64+0xbf/0x360
[ 111.981875] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:41:05 executing program 2:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x4840, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x12, r0, 0x0)
sigaltstack(&(0x7f0000ffd000/0x2000)=nil, 0x0)
08:41:05 executing program 5:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000001c0))
08:41:05 executing program 3:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:05 executing program 6:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
08:41:05 executing program 7:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:05 executing program 4:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:05 executing program 0:
syz_usb_connect$uac1(0x5, 0x71, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
08:41:05 executing program 1:
r0 = epoll_create1(0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x40000005})
[ 112.287041] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[ 112.287844] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current]
[ 112.288393] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 112.288942] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 112.289911] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.290494] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.291090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.291711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.292322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.293091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.297526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 112.301580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.302144] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.303977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 112.308184] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.311901] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.312832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.326640] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.327454] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.343102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.351836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.356222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.365704] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.366450] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.375394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.377343] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.389695] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.390418] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.393608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.394337] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.397636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.398363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.399382] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.400702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.401409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.402871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.403669] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 112.405602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
08:41:06 executing program 1:
r0 = epoll_create1(0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x40000005})
08:41:06 executing program 6:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x20, 0x0, 0xffffffff000)
08:41:06 executing program 4:
keyctl$clear(0x7, 0xfffffffffffffffd)
08:41:06 executing program 5:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000001c0))
08:41:06 executing program 7:
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xc)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x155842, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x8100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$CDROM_SELECT_DISK(0xffffffffffffffff, 0x5322, 0xfffffffc)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x4080, 0x0)
mq_open(&(0x7f0000000140)='/dev/autofs\x00', 0x40, 0x44, &(0x7f0000000340)={0x8, 0x3, 0x6, 0x9})
r2 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000580)={{0x80, 0x3}, 0x100, './file0\x00'})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x559e82, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
08:41:06 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
writev(r0, &(0x7f00000000c0)=[{}, {&(0x7f0000000040)="ca74af528a8c7fced14b6addc57cadb344919fd061007429a606ba08958a1aa5b8f50427d1384f17fd636bf5b9e104f1ba17b6bbc4686dc7ccc22682f7b6da050fbd8ced52a48bd2fe015187885af35e7407d41f9753f0b169", 0x59}], 0x2)
08:41:06 executing program 4:
keyctl$clear(0x7, 0xfffffffffffffffd)
08:41:06 executing program 1:
r0 = epoll_create1(0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x40000005})
[ 112.927726] kmemleak: Found object by alias at 0x607f1a63ec2c
[ 112.927747] CPU: 1 UID: 0 PID: 4010 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 112.927765] Tainted: [W]=WARN
[ 112.927769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.927776] Call Trace:
[ 112.927780]
[ 112.927785] dump_stack_lvl+0xca/0x120
[ 112.927812] __lookup_object+0x94/0xb0
[ 112.927829] delete_object_full+0x27/0x70
[ 112.927846] free_percpu+0x30/0x1160
[ 112.927863] ? arch_uprobe_clear_state+0x16/0x140
[ 112.927884] futex_hash_free+0x38/0xc0
[ 112.927899] mmput+0x2d3/0x390
[ 112.927919] do_exit+0x79d/0x2970
[ 112.927933] ? lock_release+0xc8/0x290
[ 112.927948] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 112.927963] ? __pfx_do_exit+0x10/0x10
[ 112.927977] ? find_held_lock+0x2b/0x80
[ 112.927994] ? get_signal+0x835/0x2340
[ 112.928014] do_group_exit+0xd3/0x2a0
[ 112.928030] get_signal+0x2315/0x2340
[ 112.928048] ? _copy_to_user+0x4b/0xd0
[ 112.928067] ? __pfx_get_signal+0x10/0x10
[ 112.928083] ? do_futex+0x135/0x370
[ 112.928097] ? __pfx_do_futex+0x10/0x10
[ 112.928113] arch_do_signal_or_restart+0x80/0x790
[ 112.928141] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 112.928158] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 112.928173] ? __pfx___x64_sys_futex+0x10/0x10
[ 112.928185] ? selinux_file_ioctl+0xb9/0x280
[ 112.928206] exit_to_user_mode_loop+0x8b/0x110
[ 112.928219] do_syscall_64+0x2f7/0x360
[ 112.928232] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.928244] RIP: 0033:0x7f55223dab19
[ 112.928253] Code: Unable to access opcode bytes at 0x7f55223daaef.
[ 112.928258] RSP: 002b:00007f551f950218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 112.928270] RAX: fffffffffffffe00 RBX: 00007f55224edf68 RCX: 00007f55223dab19
[ 112.928279] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f55224edf68
[ 112.928286] RBP: 00007f55224edf60 R08: 0000000000000000 R09: 0000000000000000
[ 112.928292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f55224edf6c
[ 112.928299] R13: 00007ffe1fd0070f R14: 00007f551f950300 R15: 0000000000022000
[ 112.928315]
[ 112.928319] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 112.928326] kmemleak: comm "systemd-udevd", pid 112, jiffies 4294779513
[ 112.928333] kmemleak: min_count = 1
[ 112.928337] kmemleak: count = 0
[ 112.928341] kmemleak: flags = 0x21
[ 112.928345] kmemleak: checksum = 0
[ 112.928348] kmemleak: backtrace:
[ 112.928352] pcpu_alloc_noprof+0x87a/0x1170
[ 112.928368] mm_init+0x99b/0x1170
[ 112.928376] copy_process+0x3ab7/0x73c0
[ 112.928386] kernel_clone+0xea/0x7f0
[ 112.928396] __do_sys_clone+0xce/0x120
[ 112.928407] do_syscall_64+0xbf/0x360
[ 112.928416] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.938312] kmemleak: Found object by alias at 0x607f1a63ec28
[ 112.938331] CPU: 0 UID: 0 PID: 4002 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 112.938353] Tainted: [W]=WARN
[ 112.938357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.938365] Call Trace:
[ 112.938369]
[ 112.938374] dump_stack_lvl+0xca/0x120
[ 112.938402] __lookup_object+0x94/0xb0
[ 112.938420] delete_object_full+0x27/0x70
[ 112.938437] free_percpu+0x30/0x1160
[ 112.938454] ? arch_uprobe_clear_state+0x16/0x140
[ 112.938475] futex_hash_free+0x38/0xc0
[ 112.938491] mmput+0x2d3/0x390
[ 112.938511] do_exit+0x79d/0x2970
[ 112.938524] ? signal_wake_up_state+0x85/0x120
[ 112.938541] ? zap_other_threads+0x2b9/0x3a0
[ 112.938558] ? __pfx_do_exit+0x10/0x10
[ 112.938571] ? do_group_exit+0x1c3/0x2a0
[ 112.938585] ? lock_release+0xc8/0x290
[ 112.938602] do_group_exit+0xd3/0x2a0
[ 112.938617] __x64_sys_exit_group+0x3e/0x50
[ 112.938632] x64_sys_call+0x18c5/0x18d0
[ 112.938648] do_syscall_64+0xbf/0x360
[ 112.938661] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.938673] RIP: 0033:0x7f1da416bb19
[ 112.938682] Code: Unable to access opcode bytes at 0x7f1da416baef.
[ 112.938687] RSP: 002b:00007fff052070f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 112.938699] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f1da416bb19
[ 112.938707] RDX: 00007f1da411e72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 112.938714] RBP: 0000000000000000 R08: 0000001b2d526714 R09: 0000000000000000
[ 112.938721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 112.938727] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff052071e0
[ 112.938743]
[ 112.938746] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 112.938753] kmemleak: comm "systemd-udevd", pid 112, jiffies 4294779513
[ 112.938760] kmemleak: min_count = 1
[ 112.938764] kmemleak: count = 0
[ 112.938768] kmemleak: flags = 0x21
[ 112.938771] kmemleak: checksum = 0
[ 112.938775] kmemleak: backtrace:
[ 112.938779] pcpu_alloc_noprof+0x87a/0x1170
[ 112.938795] mm_init+0x99b/0x1170
[ 112.938803] copy_process+0x3ab7/0x73c0
[ 112.938813] kernel_clone+0xea/0x7f0
[ 112.938823] __do_sys_clone+0xce/0x120
[ 112.938833] do_syscall_64+0xbf/0x360
[ 112.938843] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.966256] kmemleak: Found object by alias at 0x607f1a63ec24
[ 112.966268] CPU: 1 UID: 0 PID: 4006 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 112.966285] Tainted: [W]=WARN
[ 112.966288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 112.966295] Call Trace:
[ 112.966298]
[ 112.966302] dump_stack_lvl+0xca/0x120
[ 112.966321] __lookup_object+0x94/0xb0
[ 112.966336] delete_object_full+0x27/0x70
[ 112.966353] free_percpu+0x30/0x1160
[ 112.966368] ? arch_uprobe_clear_state+0x16/0x140
[ 112.966387] futex_hash_free+0x38/0xc0
[ 112.966400] mmput+0x2d3/0x390
[ 112.966418] do_exit+0x79d/0x2970
[ 112.966431] ? signal_wake_up_state+0x85/0x120
[ 112.966446] ? zap_other_threads+0x2b9/0x3a0
[ 112.966468] ? __pfx_do_exit+0x10/0x10
[ 112.966481] ? do_group_exit+0x1c3/0x2a0
[ 112.966495] ? lock_release+0xc8/0x290
[ 112.966511] do_group_exit+0xd3/0x2a0
[ 112.966526] __x64_sys_exit_group+0x3e/0x50
[ 112.966540] x64_sys_call+0x18c5/0x18d0
[ 112.966555] do_syscall_64+0xbf/0x360
[ 112.966567] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.966578] RIP: 0033:0x7f44e7ab9b19
[ 112.966587] Code: Unable to access opcode bytes at 0x7f44e7ab9aef.
[ 112.966592] RSP: 002b:00007ffd5c582338 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 112.966603] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f44e7ab9b19
[ 112.966610] RDX: 00007f44e7a6c72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 112.966617] RBP: 0000000000000000 R08: 0000001b2d825360 R09: 0000000000000000
[ 112.966624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 112.966631] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffd5c582420
[ 112.966646]
[ 112.966650] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 112.966657] kmemleak: comm "systemd-udevd", pid 112, jiffies 4294779513
[ 112.966663] kmemleak: min_count = 1
[ 112.966667] kmemleak: count = 0
[ 112.966671] kmemleak: flags = 0x21
[ 112.966674] kmemleak: checksum = 0
[ 112.966678] kmemleak: backtrace:
[ 112.966681] pcpu_alloc_noprof+0x87a/0x1170
[ 112.966696] mm_init+0x99b/0x1170
[ 112.966705] copy_process+0x3ab7/0x73c0
[ 112.966715] kernel_clone+0xea/0x7f0
[ 112.966725] __do_sys_clone+0xce/0x120
[ 112.966735] do_syscall_64+0xbf/0x360
[ 112.966745] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:41:06 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
writev(r0, &(0x7f00000000c0)=[{}, {&(0x7f0000000040)="ca74af528a8c7fced14b6addc57cadb344919fd061007429a606ba08958a1aa5b8f50427d1384f17fd636bf5b9e104f1ba17b6bbc4686dc7ccc22682f7b6da050fbd8ced52a48bd2fe015187885af35e7407d41f9753f0b169", 0x59}], 0x2)
[ 113.026975] kmemleak: Cannot insert 0x607f1a63ec28 into the object search tree (overlaps existing)
[ 113.026994] CPU: 1 UID: 0 PID: 4020 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 113.027012] Tainted: [W]=WARN
[ 113.027016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.027023] Call Trace:
[ 113.027027]
[ 113.027032] dump_stack_lvl+0xca/0x120
[ 113.027057] __link_object+0x190/0x210
[ 113.027076] __create_object+0x48/0x80
[ 113.027094] pcpu_alloc_noprof+0x87a/0x1170
[ 113.027119] perf_trace_event_init+0x366/0xa10
[ 113.027134] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 113.027157] perf_trace_init+0x1a4/0x2f0
[ 113.027173] perf_tp_event_init+0xa6/0x120
[ 113.027191] perf_try_init_event+0x140/0x9f0
[ 113.027210] perf_event_alloc.part.0+0x118e/0x45f0
[ 113.027228] ? perf_event_alloc.part.0+0x1074/0x45f0
[ 113.027250] ? __fget_files+0x203/0x3b0
[ 113.027266] ? __pfx_perf_event_alloc.part.0+0x10/0x10
[ 113.027285] ? find_held_lock+0x2b/0x80
[ 113.027304] ? __do_sys_perf_event_open+0x11df/0x2c20
[ 113.027322] __do_sys_perf_event_open+0x719/0x2c20
[ 113.027340] ? __pfx_do_futex+0x10/0x10
[ 113.027355] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 113.027377] ? xfd_validate_state+0x55/0x180
[ 113.027401] do_syscall_64+0xbf/0x360
[ 113.027414] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.027426] RIP: 0033:0x7fb88e3e9b19
[ 113.027435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.027447] RSP: 002b:00007fb88b95f188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 113.027465] RAX: ffffffffffffffda RBX: 00007fb88e4fcf60 RCX: 00007fb88e3e9b19
[ 113.027472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[ 113.027479] RBP: 00007fb88e443f6d R08: 0000000000000000 R09: 0000000000000000
[ 113.027486] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 113.027493] R13: 00007ffe76340ecf R14: 00007fb88b95f300 R15: 0000000000022000
[ 113.027510]
[ 113.028127] kmemleak: Kernel memory leak detector disabled
[ 113.028131] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 113.028138] kmemleak: comm "systemd-udevd", pid 112, jiffies 4294779513
[ 113.028145] kmemleak: min_count = 1
[ 113.028149] kmemleak: count = 0
[ 113.028152] kmemleak: flags = 0x21
[ 113.028156] kmemleak: checksum = 0
[ 113.028160] kmemleak: backtrace:
[ 113.028164] pcpu_alloc_noprof+0x87a/0x1170
[ 113.028180] mm_init+0x99b/0x1170
[ 113.028189] copy_process+0x3ab7/0x73c0
[ 113.028199] kernel_clone+0xea/0x7f0
[ 113.028209] __do_sys_clone+0xce/0x120
[ 113.028220] do_syscall_64+0xbf/0x360
[ 113.028230] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.040825] kmemleak: Found object by alias at 0x607f1a63ec2c
[ 113.040847] CPU: 0 UID: 0 PID: 4021 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 113.040865] Tainted: [W]=WARN
[ 113.040869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.040877] Call Trace:
[ 113.040881]
[ 113.040886] dump_stack_lvl+0xca/0x120
[ 113.040912] __lookup_object+0x94/0xb0
[ 113.040930] delete_object_full+0x27/0x70
[ 113.040946] free_percpu+0x30/0x1160
[ 113.040964] ? arch_uprobe_clear_state+0x16/0x140
[ 113.040985] futex_hash_free+0x38/0xc0
[ 113.041000] mmput+0x2d3/0x390
[ 113.041020] do_exit+0x79d/0x2970
[ 113.041034] ? signal_wake_up_state+0x85/0x120
[ 113.041050] ? zap_other_threads+0x2b9/0x3a0
[ 113.041067] ? __pfx_do_exit+0x10/0x10
[ 113.041080] ? do_group_exit+0x1c3/0x2a0
[ 113.041093] ? lock_release+0xc8/0x290
[ 113.041110] do_group_exit+0xd3/0x2a0
[ 113.041130] __x64_sys_exit_group+0x3e/0x50
[ 113.041144] x64_sys_call+0x18c5/0x18d0
[ 113.041161] do_syscall_64+0xbf/0x360
[ 113.041174] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.041186] RIP: 0033:0x7f55223dab19
[ 113.041197] Code: Unable to access opcode bytes at 0x7f55223daaef.
[ 113.041202] RSP: 002b:00007ffe1fd00938 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 113.041217] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f55223dab19
[ 113.041224] RDX: 00007f552238d72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 113.041231] RBP: 0000000000000000 R08: 0000001b2d7217c8 R09: 0000000000000000
[ 113.041238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 113.041245] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe1fd00a20
[ 113.041260]
[ 113.041264] kmemleak: Object (percpu) 0x607f1a63ec20 (size 16):
[ 113.041271] kmemleak: comm "systemd-udevd", pid 112, jiffies 4294779513
[ 113.041278] kmemleak: min_count = 1
[ 113.041282] kmemleak: count = 0
[ 113.041286] kmemleak: flags = 0x21
[ 113.041290] kmemleak: checksum = 0
[ 113.041293] kmemleak: backtrace:
[ 113.041297] pcpu_alloc_noprof+0x87a/0x1170
[ 113.041312] mm_init+0x99b/0x1170
[ 113.041321] copy_process+0x3ab7/0x73c0
[ 113.041331] kernel_clone+0xea/0x7f0
[ 113.041341] __do_sys_clone+0xce/0x120
[ 113.041352] do_syscall_64+0xbf/0x360
[ 113.041361] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:41:06 executing program 5:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000001c0))
08:41:06 executing program 4:
keyctl$clear(0x7, 0xfffffffffffffffd)
08:41:06 executing program 5:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000001c0))
08:41:06 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)
pread64(r0, &(0x7f0000000100)=""/201, 0xc9, 0x8001)
08:41:06 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000001c0)={0x28, 0x66, 0x1, 0x0, 0x0, "", [@nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}]}, 0x28}], 0x1}, 0x0)
08:41:06 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffe37, 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100)
setfsuid(r0)
rename(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file1\x00')
08:41:06 executing program 6:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0)
ioctl$VT_ACTIVATE(r0, 0x1267, 0x4000000000000)
[ 113.112757] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 113.113652] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 113.114268] CPU: 0 UID: 0 PID: 4034 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 113.115246] Tainted: [W]=WARN
[ 113.115769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.117625] RIP: 0010:perf_tp_event+0x175/0xe70
08:41:06 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x73, 0x0)
[ 113.118677] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.123138] RSP: 0018:ffff88804669f780 EFLAGS: 00010012
[ 113.124102] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90006e2c000
[ 113.124689] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 113.125264] RBP: ffff88804669f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc16c28
[ 113.125842] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 113.126420] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.126996] FS: 00007f1da16e1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 113.127642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.128126] CR2: 00007f1afaf442e8 CR3: 000000000e7f2000 CR4: 0000000000350ef0
[ 113.128716] Call Trace:
[ 113.128927]
[ 113.129117] ? __pfx_perf_tp_event+0x10/0x10
[ 113.129486] ? lock_acquire+0x15e/0x2f0
[ 113.129819] ? __is_insn_slot_addr+0x2e/0x290
[ 113.130194] ? find_held_lock+0x2b/0x80
[ 113.130526] ? __is_insn_slot_addr+0x136/0x290
[ 113.130913] ? lock_release+0xc8/0x290
[ 113.131236] ? css_rstat_updated+0x1b8/0x4d0
[ 113.131608] ? __pfx_css_rstat_updated+0x10/0x10
[ 113.132006] ? lock_is_held_type+0x9e/0x120
[ 113.132382] ? trace_pelt_se_tp+0xdf/0x130
[ 113.132740] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.133154] ? lock_is_held_type+0x9e/0x120
[ 113.133520] perf_trace_run_bpf_submit+0xef/0x180
[ 113.133927] perf_trace_preemptirq_template+0x259/0x430
[ 113.134366] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 113.134844] ? check_preempt_wakeup_fair+0x406/0x950
[ 113.135265] ? find_held_lock+0x2b/0x80
[ 113.135594] ? try_to_wake_up+0x8ae/0x11d0
[ 113.135948] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 113.136372] trace_irq_enable.constprop.0+0xa6/0x100
[ 113.136785] trace_hardirqs_on+0x26/0x40
[ 113.137117] _raw_spin_unlock_irqrestore+0x2c/0x50
[ 113.137527] try_to_wake_up+0x8ae/0x11d0
[ 113.137870] ? __pfx_try_to_wake_up+0x10/0x10
[ 113.138243] ? plist_del+0x122/0x270
[ 113.138556] ? find_held_lock+0x2b/0x80
[ 113.138892] ? futex_wake+0x474/0x540
[ 113.139211] wake_up_q+0xa1/0x130
[ 113.139507] futex_wake+0x47e/0x540
[ 113.139815] ? __pfx_futex_wake+0x10/0x10
[ 113.140167] ? kmem_cache_free+0x2a1/0x540
[ 113.140522] ? fd_install+0x1d8/0x660
[ 113.140814] ? putname.part.0+0x11b/0x160
[ 113.141164] do_futex+0x26d/0x370
[ 113.141454] ? __pfx_do_futex+0x10/0x10
[ 113.141777] __x64_sys_futex+0x1c9/0x4d0
[ 113.142102] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 113.142569] ? __x64_sys_openat+0x142/0x200
[ 113.142922] ? __pfx___x64_sys_futex+0x10/0x10
[ 113.143290] ? xfd_validate_state+0x55/0x180
[ 113.143651] do_syscall_64+0xbf/0x360
[ 113.143962] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.144378] RIP: 0033:0x7f1da416bb19
[ 113.144677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.146104] RSP: 002b:00007f1da16e1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 113.146705] RAX: ffffffffffffffda RBX: 00007f1da427ef68 RCX: 00007f1da416bb19
[ 113.147272] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1da427ef6c
[ 113.147835] RBP: 00007f1da427ef60 R08: 000000000000000e R09: 0000000000000000
[ 113.148400] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f1da427ef6c
[ 113.148961] R13: 00007fff05206ecf R14: 00007f1da16e1300 R15: 0000000000022000
[ 113.149535]
[ 113.149728] Modules linked in:
[ 113.149990] ---[ end trace 0000000000000000 ]---
[ 113.150362] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.150740] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.152178] RSP: 0018:ffff88804669f780 EFLAGS: 00010012
[ 113.152603] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90006e2c000
[ 113.153163] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 113.153726] RBP: ffff88804669f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc16c28
[ 113.154288] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 113.154851] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.155415] FS: 00007f1da16e1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 113.156049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.156517] CR2: 00007f1afaf442e8 CR3: 000000000e7f2000 CR4: 0000000000350ef0
[ 113.157098] note: syz-executor.6[4034] exited with irqs disabled
[ 113.157632] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 113.158515] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 113.159116] CPU: 0 UID: 0 PID: 4034 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 113.160052] Tainted: [D]=DIE, [W]=WARN
[ 113.160366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 113.161023] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.161401] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.162833] RSP: 0018:ffff88806ce08b80 EFLAGS: 00010012
[ 113.163253] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 113.163824] RDX: ffff888014563700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 113.164395] RBP: ffff88806ce08df0 R08: ffff88806ce313e8 R09: ffffe8ffffc16c28
[ 113.164961] R10: 0000000000000000 R11: 00000000000204d5 R12: dffffc0000000000
[ 113.165523] R13: 0000000000000014 R14: ffff88806ce313e8 R15: dffffc0000000000
[ 113.166092] FS: 00007f1da16e1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 113.166724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.167183] CR2: 00007f1afaf442e8 CR3: 000000000e7f2000 CR4: 0000000000350ef0
[ 113.167753] Call Trace:
[ 113.167960]
[ 113.168146] ? css_rstat_updated+0x1b8/0x4d0
[ 113.168509] ? __pfx_perf_tp_event+0x10/0x10
[ 113.168870] ? trace_pelt_se_tp+0xdf/0x130
[ 113.169210] ? __cgroup_account_cputime+0x31/0xc0
[ 113.169619] ? do_raw_spin_lock+0x123/0x260
[ 113.169988] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 113.170383] ? lock_acquire+0x18c/0x2f0
[ 113.170727] ? update_cfs_group+0x11d/0x260
[ 113.171087] ? lock_release+0x1c7/0x290
[ 113.171432] ? do_raw_spin_unlock+0x53/0x220
[ 113.171812] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 113.172245] ? try_to_wake_up+0x128/0x11d0
[ 113.172592] ? do_raw_spin_lock+0x123/0x260
[ 113.172951] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 113.173328] ? perf_trace_run_bpf_submit+0xef/0x180
[ 113.173734] perf_trace_run_bpf_submit+0xef/0x180
[ 113.174124] perf_trace_preemptirq_template+0x259/0x430
[ 113.174544] ? read_tsc+0x9/0x20
[ 113.174823] ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[ 113.175284] ? clockevents_program_event+0x135/0x360
[ 113.175693] ? tick_program_event+0xac/0x140
[ 113.176044] ? handle_softirqs+0x16e/0x770
[ 113.176395] trace_irq_enable.constprop.0+0xa6/0x100
[ 113.176802] trace_hardirqs_on+0x26/0x40
[ 113.177127] handle_softirqs+0x16e/0x770
[ 113.177457] __irq_exit_rcu+0xc4/0x100
[ 113.177777] irq_exit_rcu+0x9/0x20
[ 113.178063] sysvec_apic_timer_interrupt+0x70/0x80
[ 113.178467]
[ 113.178654]
[ 113.178839] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 113.179254] RIP: 0010:make_task_dead+0xa2/0x3b0
[ 113.179628] Code: 38 00 85 db 0f 84 21 01 00 00 e8 09 a6 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 a1 38 00 48 85 db 0f 84 17 01 00 00 e9 a5 38 00 31 ff 65 8b 1d 60 2f 49 06 81 e3 ff ff ff 7f 89 de
[ 113.181059] RSP: 0018:ffff88804669ff28 EFLAGS: 00000246
[ 113.181480] RAX: 0000000000000001 RBX: ffff888014563700 RCX: ffffffff817c3ab6
[ 113.182042] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[ 113.182604] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 113.183165] R10: ffffffff8643b457 R11: 0000000000000001 R12: ffff888014563700
[ 113.183730] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 113.184299] ? trace_irq_enable.constprop.0+0x26/0x100
[ 113.184716] ? make_task_dead+0x214/0x3b0
[ 113.185049] ? make_task_dead+0x214/0x3b0
[ 113.185386] ? do_syscall_64+0xbf/0x360
[ 113.185706] rewind_stack_and_make_dead+0x16/0x20
[ 113.186093] RIP: 0033:0x7f1da416bb19
[ 113.186391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 113.187823] RSP: 002b:00007f1da16e1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 113.188429] RAX: ffffffffffffffda RBX: 00007f1da427ef68 RCX: 00007f1da416bb19
[ 113.188997] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1da427ef6c
[ 113.189560] RBP: 00007f1da427ef60 R08: 000000000000000e R09: 0000000000000000
[ 113.190123] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f1da427ef6c
[ 113.190684] R13: 00007fff05206ecf R14: 00007f1da16e1300 R15: 0000000000022000
[ 113.191251]
[ 113.191449] Modules linked in:
[ 113.191722] ---[ end trace 0000000000000000 ]---
[ 113.192107] RIP: 0010:perf_tp_event+0x175/0xe70
[ 113.192510] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 113.194006] RSP: 0018:ffff88804669f780 EFLAGS: 00010012
[ 113.194440] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90006e2c000
[ 113.195010] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 113.195569] RBP: ffff88804669f9f0 R08: ffff88806ce31340 R09: ffffe8ffffc16c28
[ 113.196137] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 113.196703] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000
[ 113.197261] FS: 00007f1da16e1700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 113.197889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.198344] CR2: 00007f1afaf442e8 CR3: 000000000e7f2000 CR4: 0000000000350ef0
[ 113.198912] Kernel panic - not syncing: Fatal exception in interrupt
[ 113.199495] Kernel Offset: disabled
[ 113.199785] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
08:41:06 Registers:
info registers vcpu 0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88804669f070
R8 =0000000000000000 R9 =ffffed10014ed046 R10=0000000000000020 R11=0000000065646f43
R12=0000000000000020 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f1da16e1700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe1600000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f1afaf442e8 CR3=000000000e7f2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f1da42527c000007f1da42527c8
XMM02=00007f1da42527e000007f1da42527c0 XMM03=00007f1da42527c800007f1da42527c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=00000000bc3bb132 RBX=00000000cefabac4 RCX=ffff88801461d290 RDX=0000000000000008
RSI=00000000016e6f37 RDI=0000000000000001 RBP=0000000000000001 RSP=ffff88801c07fba8
R8 =00000000f46c965d R9 =ffff88806c5bac40 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000cc0 R14=ffff88801c07fc10 R15=0000000000000008
RIP=ffffffff825ee216 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555568797400 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe0e00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00005555687a8c98 CR3=0000000037415000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000