Warning: Permanently added '[localhost]:19431' (ECDSA) to the list of known hosts.
2025/09/01 08:46:34 fuzzer started
2025/09/01 08:46:35 dialing manager at localhost:35473
syzkaller login: [ 57.735385] cgroup: Unknown subsys name 'net'
[ 57.853368] cgroup: Unknown subsys name 'cpuset'
[ 57.895059] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:46:45 syscalls: 2214
2025/09/01 08:46:45 code coverage: enabled
2025/09/01 08:46:45 comparison tracing: enabled
2025/09/01 08:46:45 extra coverage: enabled
2025/09/01 08:46:45 setuid sandbox: enabled
2025/09/01 08:46:45 namespace sandbox: enabled
2025/09/01 08:46:45 Android sandbox: enabled
2025/09/01 08:46:45 fault injection: enabled
2025/09/01 08:46:45 leak checking: enabled
2025/09/01 08:46:45 net packet injection: enabled
2025/09/01 08:46:45 net device setup: enabled
2025/09/01 08:46:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:46:45 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:46:45 USB emulation: enabled
2025/09/01 08:46:45 hci packet injection: enabled
2025/09/01 08:46:45 wifi device emulation: enabled
2025/09/01 08:46:45 802.15.4 emulation: enabled
2025/09/01 08:46:45 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:46:45 fetching corpus: 50, signal 24383/27679 (executing program)
2025/09/01 08:46:45 fetching corpus: 100, signal 33759/38265 (executing program)
2025/09/01 08:46:45 fetching corpus: 150, signal 40680/46295 (executing program)
2025/09/01 08:46:45 fetching corpus: 200, signal 48269/54699 (executing program)
2025/09/01 08:46:45 fetching corpus: 250, signal 56916/63823 (executing program)
2025/09/01 08:46:45 fetching corpus: 300, signal 62277/69782 (executing program)
2025/09/01 08:46:45 fetching corpus: 350, signal 64380/72707 (executing program)
2025/09/01 08:46:45 fetching corpus: 400, signal 67771/76683 (executing program)
2025/09/01 08:46:46 fetching corpus: 450, signal 70791/80255 (executing program)
2025/09/01 08:46:46 fetching corpus: 500, signal 76833/86276 (executing program)
2025/09/01 08:46:46 fetching corpus: 550, signal 81354/90856 (executing program)
2025/09/01 08:46:46 fetching corpus: 600, signal 83233/93109 (executing program)
2025/09/01 08:46:46 fetching corpus: 650, signal 88010/97650 (executing program)
2025/09/01 08:46:46 fetching corpus: 700, signal 89539/99568 (executing program)
2025/09/01 08:46:46 fetching corpus: 750, signal 90965/101321 (executing program)
2025/09/01 08:46:46 fetching corpus: 800, signal 93216/103660 (executing program)
2025/09/01 08:46:47 fetching corpus: 850, signal 95539/105982 (executing program)
2025/09/01 08:46:47 fetching corpus: 900, signal 97415/107914 (executing program)
2025/09/01 08:46:47 fetching corpus: 950, signal 98916/109559 (executing program)
2025/09/01 08:46:47 fetching corpus: 1000, signal 100375/111122 (executing program)
2025/09/01 08:46:47 fetching corpus: 1050, signal 102944/113384 (executing program)
2025/09/01 08:46:47 fetching corpus: 1100, signal 104358/114793 (executing program)
2025/09/01 08:46:47 fetching corpus: 1150, signal 105757/116158 (executing program)
2025/09/01 08:46:47 fetching corpus: 1200, signal 107042/117430 (executing program)
2025/09/01 08:46:47 fetching corpus: 1250, signal 108016/118443 (executing program)
2025/09/01 08:46:48 fetching corpus: 1300, signal 109229/119599 (executing program)
2025/09/01 08:46:48 fetching corpus: 1350, signal 110399/120710 (executing program)
2025/09/01 08:46:48 fetching corpus: 1400, signal 111748/121829 (executing program)
2025/09/01 08:46:48 fetching corpus: 1450, signal 113692/123242 (executing program)
2025/09/01 08:46:48 fetching corpus: 1500, signal 114425/124012 (executing program)
2025/09/01 08:46:48 fetching corpus: 1550, signal 115302/124753 (executing program)
2025/09/01 08:46:48 fetching corpus: 1600, signal 116584/125694 (executing program)
2025/09/01 08:46:48 fetching corpus: 1650, signal 117553/126432 (executing program)
2025/09/01 08:46:48 fetching corpus: 1700, signal 118915/127357 (executing program)
2025/09/01 08:46:49 fetching corpus: 1750, signal 120727/128438 (executing program)
2025/09/01 08:46:49 fetching corpus: 1800, signal 122179/129352 (executing program)
2025/09/01 08:46:49 fetching corpus: 1850, signal 122895/129859 (executing program)
2025/09/01 08:46:49 fetching corpus: 1900, signal 124201/130605 (executing program)
2025/09/01 08:46:49 fetching corpus: 1950, signal 125126/131149 (executing program)
2025/09/01 08:46:49 fetching corpus: 2000, signal 126139/131706 (executing program)
2025/09/01 08:46:49 fetching corpus: 2050, signal 127914/132523 (executing program)
2025/09/01 08:46:49 fetching corpus: 2100, signal 128503/132847 (executing program)
2025/09/01 08:46:49 fetching corpus: 2150, signal 129199/133188 (executing program)
2025/09/01 08:46:50 fetching corpus: 2200, signal 130756/133832 (executing program)
2025/09/01 08:46:50 fetching corpus: 2250, signal 131722/134190 (executing program)
2025/09/01 08:46:50 fetching corpus: 2300, signal 132590/134525 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134656 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134694 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134725 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134768 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134812 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134849 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134876 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134909 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134942 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/134971 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135013 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135047 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135089 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135128 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135163 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135203 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135239 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135285 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135308 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135342 (executing program)
2025/09/01 08:46:50 fetching corpus: 2331, signal 132904/135342 (executing program)
2025/09/01 08:46:52 starting 8 fuzzer processes
08:46:52 executing program 0:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x4)
08:46:52 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x400)
pwritev2(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="8c", 0x1}], 0x1, 0x0, 0x0, 0x23)
08:46:52 executing program 1:
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
08:46:52 executing program 2:
r0 = memfd_secret(0x0)
openat$cgroup_subtree(r0, &(0x7f0000000900), 0x2, 0x0)
08:46:52 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x20}, 0xe)
08:46:52 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmsg(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)=[{0x0}], 0x1}, 0x1)
08:46:52 executing program 5:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000a40)=@md0, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='hugetlbfs\x00', 0x0, 0x0)
[ 75.013249] audit: type=1400 audit(1756716412.536:7): avc: denied { execmem } for pid=272 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:46:52 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4)
madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x15)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
[ 76.205951] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.208945] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.210664] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.215571] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.218117] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.280052] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 76.282211] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 76.289371] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 76.290498] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 76.294184] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 76.296414] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 76.302170] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 76.306517] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 76.314328] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 76.325137] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 76.330463] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 76.333925] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 76.336128] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 76.338651] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 76.346563] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 76.348503] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 76.350203] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 76.352354] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 76.361393] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 76.363324] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 76.364872] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 76.365287] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 76.367681] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 76.369421] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 76.372370] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 76.373418] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 76.375329] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 76.376951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 76.379255] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 76.381375] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 76.383695] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 76.390525] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 76.399485] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 76.426371] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 76.448748] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 78.237388] Bluetooth: hci0: command tx timeout
[ 78.365037] Bluetooth: hci3: command tx timeout
[ 78.431046] Bluetooth: hci1: command tx timeout
[ 78.432539] Bluetooth: hci4: command tx timeout
[ 78.493889] Bluetooth: hci5: command tx timeout
[ 78.494613] Bluetooth: hci7: command tx timeout
[ 78.495150] Bluetooth: hci2: command tx timeout
[ 78.558833] Bluetooth: hci6: command tx timeout
[ 80.286334] Bluetooth: hci0: command tx timeout
[ 80.413987] Bluetooth: hci3: command tx timeout
[ 80.477817] Bluetooth: hci4: command tx timeout
[ 80.478280] Bluetooth: hci1: command tx timeout
[ 80.540916] Bluetooth: hci7: command tx timeout
[ 80.541385] Bluetooth: hci2: command tx timeout
[ 80.541747] Bluetooth: hci5: command tx timeout
[ 80.604853] Bluetooth: hci6: command tx timeout
[ 82.333853] Bluetooth: hci0: command tx timeout
[ 82.460929] Bluetooth: hci3: command tx timeout
[ 82.525903] Bluetooth: hci1: command tx timeout
[ 82.526423] Bluetooth: hci4: command tx timeout
[ 82.589037] Bluetooth: hci5: command tx timeout
[ 82.589573] Bluetooth: hci7: command tx timeout
[ 82.590475] Bluetooth: hci2: command tx timeout
[ 82.652997] Bluetooth: hci6: command tx timeout
[ 84.382010] Bluetooth: hci0: command tx timeout
[ 84.509303] Bluetooth: hci3: command tx timeout
[ 84.573844] Bluetooth: hci4: command tx timeout
[ 84.574591] Bluetooth: hci1: command tx timeout
[ 84.636916] Bluetooth: hci2: command tx timeout
[ 84.637734] Bluetooth: hci7: command tx timeout
[ 84.638676] Bluetooth: hci5: command tx timeout
[ 84.702021] Bluetooth: hci6: command tx timeout
[ 112.943557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.944603] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.094411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.095094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.281923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.282558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.430135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.431255] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.518351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.519020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:47:31 executing program 5:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000a40)=@md0, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='hugetlbfs\x00', 0x0, 0x0)
[ 113.689065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.689719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:47:31 executing program 5:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000a40)=@md0, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='hugetlbfs\x00', 0x0, 0x0)
08:47:31 executing program 5:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000a40)=@md0, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='hugetlbfs\x00', 0x0, 0x0)
08:47:31 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmsg(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)=[{0x0}], 0x1}, 0x1)
08:47:31 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmsg(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)=[{0x0}], 0x1}, 0x1)
08:47:31 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
[ 114.118958] audit: type=1400 audit(1756716451.640:8): avc: denied { open } for pid=3822 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
08:47:31 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmsg(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)=[{0x0}], 0x1}, 0x1)
08:47:31 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4)
madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x15)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
[ 114.130001] audit: type=1400 audit(1756716451.640:9): avc: denied { kernel } for pid=3822 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 114.958313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.959049] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.998875] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.999464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.010410] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.011073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.060323] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.060951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.074631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.075296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.111550] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.112251] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.157660] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.158330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.251098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.251693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.281656] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.282337] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 115.325726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 115.326363] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:47:32 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
08:47:32 executing program 0:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x4)
08:47:32 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
08:47:32 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4)
madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x15)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
08:47:32 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x400)
pwritev2(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="8c", 0x1}], 0x1, 0x0, 0x0, 0x23)
08:47:32 executing program 1:
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
08:47:32 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x20}, 0xe)
08:47:32 executing program 2:
r0 = memfd_secret(0x0)
openat$cgroup_subtree(r0, &(0x7f0000000900), 0x2, 0x0)
08:47:33 executing program 1:
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
08:47:33 executing program 2:
r0 = memfd_secret(0x0)
openat$cgroup_subtree(r0, &(0x7f0000000900), 0x2, 0x0)
08:47:33 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)=' ', 0x1, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7, 0x13, r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4)
madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x15)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
08:47:33 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x20}, 0xe)
08:47:33 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
08:47:33 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
08:47:33 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x400)
pwritev2(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="8c", 0x1}], 0x1, 0x0, 0x0, 0x23)
08:47:33 executing program 1:
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
08:47:33 executing program 0:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x4)
08:47:33 executing program 2:
r0 = memfd_secret(0x0)
openat$cgroup_subtree(r0, &(0x7f0000000900), 0x2, 0x0)
08:47:33 executing program 5:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
08:47:33 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x20}, 0xe)
08:47:33 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x20}, 0xe)
08:47:33 executing program 0:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x4)
08:47:33 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fsetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000140)={{0x0, 0x3, 0x0, 0x0, 0x1}, 0xed37})
08:47:33 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x4d, 0x0, &(0x7f00000018c0))
08:47:33 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @any, 0x20}, 0xe)
08:47:33 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
08:47:33 executing program 3:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x2}]}}}}}, 0x0)
08:47:33 executing program 2:
fstat(0xffffffffffffffff, 0x0)
08:47:33 executing program 7:
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x400)
pwritev2(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="8c", 0x1}], 0x1, 0x0, 0x0, 0x23)
[ 115.872649] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 115.873620] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 115.874218] CPU: 0 UID: 0 PID: 3954 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.876515] Tainted: [W]=WARN
[ 115.877268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.879231] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.881092] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.884299] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 115.884726] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 115.885278] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 115.885850] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 115.886435] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 115.887126] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 115.887823] FS: 00005555768e7400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 115.888611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.889128] CR2: 00007f835efd0019 CR3: 000000000eae7000 CR4: 0000000000350ef0
[ 115.889727] Call Trace:
[ 115.889939]
[ 115.890131] ? __lock_acquire+0x694/0x1b70
[ 115.890491] ? __pfx_perf_tp_event+0x10/0x10
[ 115.890860] ? __lock_acquire+0xc65/0x1b70
[ 115.891207] ? lock_acquire+0x15e/0x2f0
[ 115.891544] ? find_held_lock+0x2b/0x80
[ 115.891880] ? mark_held_locks+0x49/0x80
[ 115.892219] ? perf_trace_run_bpf_submit+0xef/0x180
[ 115.892643] perf_trace_run_bpf_submit+0xef/0x180
[ 115.893047] perf_trace_contention_begin+0x235/0x3e0
[ 115.893471] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 115.893931] ? lock_acquire+0x15e/0x2f0
[ 115.893964] kmemleak: Found object by alias at 0x607f1a63df7c
[ 115.893985] CPU: 1 UID: 0 PID: 3962 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.894004] Tainted: [W]=WARN
[ 115.894007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.894015] Call Trace:
[ 115.894019]
[ 115.894023] dump_stack_lvl+0xca/0x120
[ 115.894049] __lookup_object+0x94/0xb0
[ 115.894066] delete_object_full+0x27/0x70
[ 115.894081] free_percpu+0x30/0x1160
[ 115.894099] ? arch_uprobe_clear_state+0x16/0x140
[ 115.894117] futex_hash_free+0x38/0xc0
[ 115.894131] mmput+0x2d3/0x390
[ 115.894149] do_exit+0x79d/0x2970
[ 115.894163] ? signal_wake_up_state+0x85/0x120
[ 115.894178] ? zap_other_threads+0x2b9/0x3a0
[ 115.894193] ? __pfx_do_exit+0x10/0x10
[ 115.894206] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 115.894222] ? lock_release+0x1c7/0x290
[ 115.894236] do_group_exit+0xd3/0x2a0
[ 115.894250] __x64_sys_exit_group+0x3e/0x50
[ 115.894264] x64_sys_call+0x18c5/0x18d0
[ 115.894280] do_syscall_64+0xbf/0x360
[ 115.894292] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.894303] RIP: 0033:0x7f7bff79bb19
[ 115.894311] Code: Unable to access opcode bytes at 0x7f7bff79baef.
[ 115.894317] RSP: 002b:00007ffc7ef45bf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 115.894328] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f7bff79bb19
[ 115.894336] RDX: 00007f7bff74e72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 115.894343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[ 115.894350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 115.894357] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffc7ef45ce0
[ 115.894367]
[ 115.894371] kmemleak: Object (percpu) 0x607f1a63df78 (size 8):
[ 115.894378] kmemleak: comm "syz-executor.4", pid 3958, jiffies 4294782583
[ 115.894386] kmemleak: min_count = 1
[ 115.894389] kmemleak: count = 0
[ 115.894393] kmemleak: flags = 0x21
[ 115.894397] kmemleak: checksum = 0
[ 115.894400] kmemleak: backtrace:
[ 115.894404] pcpu_alloc_noprof+0x87a/0x1170
[ 115.894420] perf_trace_event_init+0x366/0xa10
[ 115.894434] perf_trace_init+0x1a4/0x2f0
[ 115.894446] perf_tp_event_init+0xa6/0x120
[ 115.894463] perf_try_init_event+0x140/0x9f0
[ 115.894476] perf_event_alloc.part.0+0x118e/0x45f0
[ 115.894493] __do_sys_perf_event_open+0x719/0x2c20
[ 115.894507] do_syscall_64+0xbf/0x360
[ 115.894516] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.912904] ? arch_jump_label_transform_queue+0x70/0x110
[ 115.913359] trace_contention_begin+0xae/0x110
[ 115.913753] __mutex_lock+0x14b/0x1020
[ 115.914083] ? arch_jump_label_transform_queue+0x70/0x110
[ 115.914546] ? arch_jump_label_transform_queue+0x70/0x110
[ 115.914999] ? __mutex_unlock_slowpath+0x157/0x750
[ 115.915418] ? __pfx___mutex_lock+0x10/0x10
[ 115.915782] ? trace_contention_begin+0x4/0x110
[ 115.916165] ? __jump_label_patch+0x1db/0x400
[ 115.916537] arch_jump_label_transform_queue+0x70/0x110
[ 115.916962] __jump_label_update+0x12e/0x410
[ 115.917325] jump_label_update+0x376/0x550
[ 115.917682] static_key_disable_cpuslocked+0x15a/0x1c0
[ 115.918102] static_key_disable+0x1a/0x20
[ 115.918442] tracepoint_probe_unregister+0x711/0xc90
[ 115.918845] trace_event_reg+0x185/0x350
[ 115.919172] perf_trace_event_unreg.isra.0+0xae/0x1d0
[ 115.919594] perf_trace_destroy+0xc8/0x1c0
[ 115.919931] ? __pfx_tp_perf_event_destroy+0x10/0x10
[ 115.920341] __free_event+0x255/0xc20
[ 115.920661] perf_event_release_kernel+0x3ef/0x540
[ 115.921051] ? __pfx_perf_release+0x10/0x10
[ 115.921397] perf_release+0x31/0x40
[ 115.921698] __fput+0x401/0xb50
[ 115.921978] fput_close_sync+0x10f/0x240
[ 115.922307] ? __pfx_fput_close_sync+0x10/0x10
[ 115.922681] ? dnotify_flush+0x79/0x4c0
[ 115.922998] __x64_sys_close+0x8f/0x120
[ 115.923328] do_syscall_64+0xbf/0x360
[ 115.923646] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.924050] RIP: 0033:0x7f4fb834772b
[ 115.924349] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 115.925771] RSP: 002b:00007ffff70a80a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 115.926357] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f4fb834772b
[ 115.926913] RDX: 00007f4fb84acbb8 RSI: ffffffff84bb774c RDI: 0000000000000003
[ 115.927472] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b2d7241d4
[ 115.928024] R10: 0000000000001a85 R11: 0000000000000293 R12: 000000000001c3d4
[ 115.928591] R13: 00000000000003e8 R14: 00007f4fb84a7f60 R15: 000000000001c3c9
[ 115.929145] ? do_syscall_64+0x12c/0x360
[ 115.929474]
[ 115.929672] Modules linked in:
[ 115.930127] ---[ end trace 0000000000000000 ]---
[ 115.930510] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.930910] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.932353] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 115.932850] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 115.933414] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 115.933995] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 115.934559] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 115.935130] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 115.935696] FS: 00005555768e7400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 115.936340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.936829] CR2: 00007f835efd0019 CR3: 000000000eae7000 CR4: 0000000000350ef0
[ 115.937393] note: syz-executor.4[3954] exited with preempt_count 2
[ 115.938311] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 115.939196] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 115.939799] CPU: 0 UID: 0 PID: 3961 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.940733] Tainted: [D]=DIE, [W]=WARN
[ 115.941032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.941696] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.942074] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.943931] RSP: 0018:ffff888045d4f980 EFLAGS: 00010212
[ 115.944352] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: ffffc9000262c000
[ 115.944905] RDX: 0000000000040000 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 115.945459] RBP: ffff888045d4fbf0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 115.946021] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 115.946573] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 115.947129] FS: 00007f57d2534700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 115.947751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.948204] CR2: 0000000000000000 CR3: 0000000014377000 CR4: 0000000000350ef0
[ 115.948756] Call Trace:
[ 115.948961]
[ 115.949142] ? __schedule+0xe91/0x3590
[ 115.949459] ? __pfx_perf_tp_event+0x10/0x10
[ 115.949822] ? lock_release+0x1c7/0x290
[ 115.950137] ? lock_acquire+0x18c/0x2f0
[ 115.950453] ? futex_private_hash_put+0x127/0x2d0
[ 115.950836] ? lock_acquire+0x18c/0x2f0
[ 115.951151] ? lock_acquire+0x18c/0x2f0
[ 115.951469] ? lock_release+0x1c7/0x290
[ 115.951785] ? lock_release+0x1c7/0x290
[ 115.952105] ? avc_has_extended_perms+0x378/0xf20
[ 115.952493] ? __pfx___futex_wait+0x10/0x10
[ 115.952839] ? __pfx_avc_has_extended_perms+0x10/0x10
[ 115.953253] ? __pfx_futex_wake_mark+0x10/0x10
[ 115.953628] ? perf_trace_run_bpf_submit+0xef/0x180
[ 115.954027] ? lock_release+0x1c7/0x290
[ 115.954342] perf_trace_run_bpf_submit+0xef/0x180
[ 115.954729] perf_trace_contention_begin+0x235/0x3e0
[ 115.955134] ? futex_wait+0x10e/0x380
[ 115.955441] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 115.955879] ? __pfx_futex_wake+0x10/0x10
[ 115.956209] ? copy_siginfo_to_user+0xb9/0xd0
[ 115.956566] ? lock_acquire+0x18c/0x2f0
[ 115.956882] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 115.957291] trace_contention_begin+0xae/0x110
[ 115.957663] __mutex_lock+0x14b/0x1020
[ 115.957976] ? snd_timer_user_ioctl+0x4a/0xd0
[ 115.958335] ? snd_timer_user_ioctl+0x4a/0xd0
[ 115.958692] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 115.959173] ? blk_log_remap+0x134/0x150
[ 115.959493] ? __pfx___mutex_lock+0x10/0x10
[ 115.959837] ? lock_acquire+0x18c/0x2f0
[ 115.960156] ? lock_release+0x1c7/0x290
[ 115.960474] snd_timer_user_ioctl+0x4a/0xd0
[ 115.960812] ? __pfx_snd_timer_user_ioctl+0x10/0x10
[ 115.961208] __x64_sys_ioctl+0x18f/0x210
[ 115.961538] do_syscall_64+0xbf/0x360
[ 115.961849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.962257] RIP: 0033:0x7f57d4fbeb19
[ 115.962550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 115.963957] RSP: 002b:00007f57d2534188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 115.964546] RAX: ffffffffffffffda RBX: 00007f57d50d1f60 RCX: 00007f57d4fbeb19
[ 115.965101] RDX: 0000000020000140 RSI: 0000000040485404 RDI: 0000000000000004
[ 115.965659] RBP: 00007f57d5018f6d R08: 0000000000000000 R09: 0000000000000000
[ 115.966211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 115.966761] R13: 00007ffe99527b0f R14: 00007f57d2534300 R15: 0000000000022000
[ 115.967318]
[ 115.967504] Modules linked in:
[ 115.968491] ---[ end trace 0000000000000000 ]---
[ 115.969355] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.969744] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.971175] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 115.971593] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 115.972165] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 115.972720] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 115.973298] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 115.973872] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 115.974644] FS: 00007f57d2534700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 115.975346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.975952] CR2: 0000000000000000 CR3: 0000000014377000 CR4: 0000000000350ef0
[ 115.976647] note: syz-executor.1[3961] exited with preempt_count 2
[ 115.977493] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#3] SMP KASAN NOPTI
[ 115.978373] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 115.978965] CPU: 0 UID: 0 PID: 3960 Comm: syz-executor.6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.979891] Tainted: [D]=DIE, [W]=WARN
[ 115.980194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.980834] RIP: 0010:perf_tp_event+0x175/0xe70
[ 115.981210] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 115.982619] RSP: 0018:ffff88800fd3f6c0 EFLAGS: 00010212
[ 115.983034] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 115.983588] RDX: ffff88800fcb0000 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 115.984145] RBP: ffff88800fd3f930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 115.984696] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 115.985250] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 115.985279] kmemleak: Found object by alias at 0x607f1a63e1c4
[ 115.985300] CPU: 1 UID: 0 PID: 3965 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 115.985320] Tainted: [D]=DIE, [W]=WARN
[ 115.985324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 115.985331] Call Trace:
[ 115.985334]
[ 115.985339] dump_stack_lvl+0xca/0x120
[ 115.985365] __lookup_object+0x94/0xb0
[ 115.985382] delete_object_full+0x27/0x70
[ 115.985398] free_percpu+0x30/0x1160
[ 115.985415] ? arch_uprobe_clear_state+0x16/0x140
[ 115.985433] futex_hash_free+0x38/0xc0
[ 115.985448] mmput+0x2d3/0x390
[ 115.985466] do_exit+0x79d/0x2970
[ 115.985480] ? lock_release+0x1c7/0x290
[ 115.985494] ? __pfx_do_exit+0x10/0x10
[ 115.985507] ? do_raw_spin_lock+0x123/0x260
[ 115.985527] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 115.985543] do_group_exit+0xd3/0x2a0
[ 115.985557] get_signal+0x2315/0x2340
[ 115.985586] ? lock_acquire+0x18c/0x2f0
[ 115.985599] ? __pfx_get_signal+0x10/0x10
[ 115.985615] ? do_futex+0x135/0x370
[ 115.985628] ? __pfx_do_futex+0x10/0x10
[ 115.985642] arch_do_signal_or_restart+0x80/0x790
[ 115.985659] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 115.985676] ? __x64_sys_futex+0x1c9/0x4d0
[ 115.985688] ? __x64_sys_futex+0x1d2/0x4d0
[ 115.985701] ? __pfx_do_pwritev+0x10/0x10
[ 115.985713] ? __pfx___x64_sys_futex+0x10/0x10
[ 115.985726] ? selinux_file_fcntl+0x92/0x170
[ 115.985738] ? xfd_validate_state+0x55/0x180
[ 115.985756] exit_to_user_mode_loop+0x8b/0x110
[ 115.985769] do_syscall_64+0x2f7/0x360
[ 115.985780] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.985793] RIP: 0033:0x7f6c27a9bb19
[ 115.985801] Code: Unable to access opcode bytes at 0x7f6c27a9baef.
[ 115.985807] RSP: 002b:00007f6c25011218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 115.985819] RAX: fffffffffffffe00 RBX: 00007f6c27baef68 RCX: 00007f6c27a9bb19
[ 115.985827] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6c27baef68
[ 115.985834] RBP: 00007f6c27baef60 R08: 0000000000000000 R09: 0000000000000000
[ 115.985841] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6c27baef6c
[ 115.985847] R13: 00007ffc275b9e9f R14: 00007f6c25011300 R15: 0000000000022000
[ 115.985858]
[ 115.985862] kmemleak: Object (percpu) 0x607f1a63e1c0 (size 8):
[ 115.985869] kmemleak: comm "syz-executor.1", pid 3961, jiffies 4294782590
[ 115.985876] kmemleak: min_count = 1
[ 115.985879] kmemleak: count = 0
[ 115.985883] kmemleak: flags = 0x21
[ 115.985887] kmemleak: checksum = 0
[ 115.985891] kmemleak: backtrace:
[ 115.985894] pcpu_alloc_noprof+0x87a/0x1170
[ 115.985910] perf_trace_event_init+0x366/0xa10
[ 115.985924] perf_trace_init+0x1a4/0x2f0
[ 115.985936] perf_tp_event_init+0xa6/0x120
[ 115.985953] perf_try_init_event+0x140/0x9f0
[ 115.985966] perf_event_alloc.part.0+0x118e/0x45f0
[ 115.985983] __do_sys_perf_event_open+0x719/0x2c20
[ 115.985997] do_syscall_64+0xbf/0x360
[ 115.986006] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.007548] FS: 0000555566b0e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.008187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.008649] CR2: 0000000000000000 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.009218] Call Trace:
[ 116.009425]
[ 116.009613] ? set_normalized_timespec64+0x69/0xc0
[ 116.010015] ? __pfx_perf_tp_event+0x10/0x10
[ 116.010376] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.010631] kmemleak: Cannot insert 0x607f1a63df7c into the object search tree (overlaps existing)
[ 116.010650] CPU: 1 UID: 0 PID: 3971 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.010669] Tainted: [D]=DIE, [W]=WARN
[ 116.010673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.010680] Call Trace:
[ 116.010683]
[ 116.010687] dump_stack_lvl+0xca/0x120
[ 116.010710] __link_object+0x190/0x210
[ 116.010727] __create_object+0x48/0x80
[ 116.010743] pcpu_alloc_noprof+0x87a/0x1170
[ 116.010763] __percpu_init_rwsem+0x2d/0x160
[ 116.010786] ? security_sb_alloc+0x75/0x140
[ 116.010802] alloc_super+0x29e/0xb80
[ 116.010815] sget_fc+0xfe/0xb80
[ 116.010826] ? __pfx_set_anon_super_fc+0x10/0x10
[ 116.010844] ? __pfx_proc_fill_super+0x10/0x10
[ 116.010863] get_tree_nodev+0x28/0x190
[ 116.010874] vfs_get_tree+0x93/0x340
[ 116.010890] path_mount+0x132d/0x1dd0
[ 116.010904] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.010917] ? __pfx_path_mount+0x10/0x10
[ 116.010930] ? kmem_cache_free+0x2a1/0x540
[ 116.010941] ? putname.part.0+0x11b/0x160
[ 116.010957] ? getname_flags.part.0+0x1c6/0x540
[ 116.010974] ? putname.part.0+0x11b/0x160
[ 116.010990] __x64_sys_mount+0x27b/0x300
[ 116.011003] ? __pfx___x64_sys_mount+0x10/0x10
[ 116.011018] do_syscall_64+0xbf/0x360
[ 116.011029] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.011041] RIP: 0033:0x7f7bff79bb19
[ 116.011049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.011061] RSP: 002b:00007f7bfcd11188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 116.011072] RAX: ffffffffffffffda RBX: 00007f7bff8aef60 RCX: 00007f7bff79bb19
[ 116.011080] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000
[ 116.011087] RBP: 00007f7bff7f5f6d R08: 0000000000000000 R09: 0000000000000000
[ 116.011094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 116.011101] R13: 00007ffc7ef459cf R14: 00007f7bfcd11300 R15: 0000000000022000
[ 116.011112]
08:47:33 executing program 3:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x2}]}}}}}, 0x0)
08:47:33 executing program 2:
syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0/file0\x00', 0x0)
08:47:33 executing program 3:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x2}]}}}}}, 0x0)
[ 116.011123] kmemleak: Kernel memory leak detector disabled
08:47:33 executing program 3:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x2}]}}}}}, 0x0)
[ 116.011126] kmemleak: Object (percpu) 0x607f1a63df78 (size 8):
[ 116.011133] kmemleak: comm "syz-executor.4", pid 3958, jiffies 4294782583
[ 116.011140] kmemleak: min_count = 1
[ 116.011144] kmemleak: count = 0
[ 116.011148] kmemleak: flags = 0x21
[ 116.011151] kmemleak: checksum = 0
[ 116.011155] kmemleak: backtrace:
[ 116.011159] pcpu_alloc_noprof+0x87a/0x1170
[ 116.011174] perf_trace_event_init+0x366/0xa10
[ 116.011188] perf_trace_init+0x1a4/0x2f0
[ 116.011200] perf_tp_event_init+0xa6/0x120
[ 116.011215] perf_try_init_event+0x140/0x9f0
[ 116.011230] perf_event_alloc.part.0+0x118e/0x45f0
[ 116.011246] __do_sys_perf_event_open+0x719/0x2c20
[ 116.011259] do_syscall_64+0xbf/0x360
[ 116.011269] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.032480] ? lock_acquire+0x18c/0x2f0
[ 116.032801] ? lock_release+0x1c7/0x290
[ 116.033122] ? lock_release+0x1c7/0x290
[ 116.033443] ? avc_has_perm_noaudit+0x150/0x3d0
[ 116.033842] ? lock_acquire+0x18c/0x2f0
[ 116.034162] ? avc_has_perm+0x12b/0x1d0
[ 116.034484] ? lock_acquire+0x18c/0x2f0
[ 116.034806] ? lock_release+0x1c7/0x290
[ 116.035127] ? lock_acquire+0x18c/0x2f0
[ 116.035449] ? lock_acquire+0x18c/0x2f0
[ 116.035769] ? lock_release+0x1c7/0x290
[ 116.036092] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.036489] ? kernel_text_address+0x5b/0xc0
[ 116.036847] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 116.037283] ? __kernel_text_address+0xd/0x40
[ 116.037651] perf_trace_run_bpf_submit+0xef/0x180
[ 116.038042] perf_trace_contention_begin+0x235/0x3e0
[ 116.038449] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.038894] ? stack_trace_save+0x8e/0xc0
[ 116.039230] ? lock_acquire+0x18c/0x2f0
[ 116.039554] trace_contention_begin+0xae/0x110
[ 116.039923] __mutex_lock+0x14b/0x1020
[ 116.040241] ? __set_oom_adj.isra.0+0x68/0xf40
[ 116.040616] ? __set_oom_adj.isra.0+0x68/0xf40
[ 116.040982] ? putname+0x3c/0x50
[ 116.041267] ? do_sys_openat2+0x13c/0x1b0
[ 116.041611] ? __x64_sys_openat+0x142/0x200
[ 116.041960] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.042386] ? __pfx___mutex_lock+0x10/0x10
[ 116.042738] ? lock_acquire+0x18c/0x2f0
[ 116.043057] ? lock_release+0x1c7/0x290
[ 116.043378] __set_oom_adj.isra.0+0x68/0xf40
[ 116.043737] oom_score_adj_write+0x1ba/0x200
[ 116.044090] ? __pfx_oom_score_adj_write+0x10/0x10
[ 116.044487] ? lock_acquire+0x18c/0x2f0
[ 116.044806] ? security_file_permission+0x22/0x90
[ 116.045202] vfs_write+0x2b7/0x1150
[ 116.045500] ? __pfx_oom_score_adj_write+0x10/0x10
[ 116.045899] ? __pfx_vfs_write+0x10/0x10
[ 116.046227] ? putname+0x3c/0x50
[ 116.046515] ? do_sys_openat2+0x141/0x1b0
[ 116.046892] ? __pfx_do_sys_openat2+0x10/0x10
[ 116.047281] ? putname.part.0+0x11b/0x160
[ 116.047633] ksys_write+0x121/0x240
[ 116.047951] ? __pfx_ksys_write+0x10/0x10
[ 116.048300] do_syscall_64+0xbf/0x360
[ 116.048615] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.049023] RIP: 0033:0x7f835ef285ff
[ 116.049321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 116.050757] RSP: 002b:00007ffce067f920 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 116.051356] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f835ef285ff
[ 116.051922] RDX: 0000000000000004 RSI: 00007ffce067f970 RDI: 0000000000000003
[ 116.052487] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffce067f8c0
[ 116.053048] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f835efcfff5
[ 116.053612] R13: 00007ffce067f970 R14: 0000000000000000 R15: 00007ffce067ff10
[ 116.054182]
[ 116.054373] Modules linked in:
[ 116.054883] ---[ end trace 0000000000000000 ]---
[ 116.055266] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.055647] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.055698] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#4] SMP KASAN NOPTI
[ 116.058281] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197]
[ 116.059153] CPU: 1 UID: 0 PID: 175 Comm: in:imklog Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.059766] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.060195] Tainted: [D]=DIE, [W]=WARN
[ 116.061066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.061916] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.062306]
[ 116.062302] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.062316] RSP: 0018:ffff888018fff440 EFLAGS: 00010212
[ 116.062458] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.063874]
[ 116.063878] RAX: 0000000040000032 RBX: 00000001ffffffa0 RCX: 0000000000000002
[ 116.063886] RDX: ffff888016e0b700 RSI: ffffffff8189a4e7 RDI: 0000000200000190
[ 116.064872] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.065091] RBP: ffff888018fff6b0 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.065233] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.065830] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.065839] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.065850] FS: 00007f1726d07700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.066424] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.067001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.067010] CR2: 00007fab049b99c0 CR3: 000000000d4c6000 CR4: 0000000000350ef0
[ 116.067554] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.068102] Call Trace:
[ 116.068108]
[ 116.068114] ? lock_release+0x1c7/0x290
[ 116.068660] FS: 0000555566b0e400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.069208] ? __pfx_perf_tp_event+0x10/0x10
[ 116.069848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.070384] ? lock_release+0x1c7/0x290
[ 116.070842] CR2: 0000000000000000 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.071376] ? lock_acquire+0x18c/0x2f0
[ 116.071935] note: syz-executor.6[3960] exited with preempt_count 2
[ 116.072124] ? lock_acquire+0x18c/0x2f0
[ 116.075961] ? lock_release+0x1c7/0x290
[ 116.076295] ? __is_insn_slot_addr+0x140/0x290
[ 116.076681] ? kernel_text_address+0x5b/0xc0
[ 116.077032] ? __kernel_text_address+0xd/0x40
[ 116.077388] ? css_rstat_updated+0x1b8/0x4d0
[ 116.077748] ? __pfx_css_rstat_updated+0x10/0x10
[ 116.078130] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.078527] perf_trace_run_bpf_submit+0xef/0x180
[ 116.078912] perf_trace_contention_end+0x235/0x3e0
[ 116.079302] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.079726] ? __mutex_trylock_common+0xf9/0x260
[ 116.080112] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.080524] trace_contention_end+0xae/0x110
[ 116.080876] __mutex_lock+0x166/0x1020
[ 116.081193] ? syslog_print+0x244/0x5c0
[ 116.081511] ? __pfx___mutex_lock+0x10/0x10
[ 116.081865] ? prb_read_valid+0x78/0xa0
[ 116.082183] ? __pfx_prb_read_valid+0x10/0x10
[ 116.082539] syslog_print+0x244/0x5c0
[ 116.082846] ? __pfx_syslog_print+0x10/0x10
[ 116.083187] ? __cgroup_account_cputime+0x88/0xc0
[ 116.083571] ? __pfx_autoremove_wake_function+0x10/0x10
[ 116.083989] ? css_rstat_updated+0x1b8/0x4d0
[ 116.084344] ? lock_acquire+0x18c/0x2f0
[ 116.084660] ? place_entity+0x300/0x410
[ 116.084990] do_syslog.part.0+0x20b/0x5b0
[ 116.085346] ? __pfx_do_syslog.part.0+0x10/0x10
[ 116.085752] ? avc_has_perm+0x12b/0x1d0
[ 116.086091] ? __pfx_avc_has_perm+0x10/0x10
[ 116.086455] ? wakeup_preempt+0x140/0x2a0
[ 116.086783] ? lock_acquire+0x18c/0x2f0
[ 116.087099] do_syslog+0xcd/0x110
[ 116.087380] kmsg_read+0x8e/0xc0
[ 116.087653] ? __pfx_kmsg_read+0x10/0x10
[ 116.087970] proc_reg_read+0x120/0x310
[ 116.088285] ? __pfx_proc_reg_read+0x10/0x10
[ 116.088637] vfs_read+0x1eb/0xc70
[ 116.088916] ? __pfx_vfs_read+0x10/0x10
[ 116.089228] ? lock_release+0x1c7/0x290
[ 116.089548] ? __fget_files+0x20d/0x3b0
[ 116.089870] ksys_read+0x121/0x240
[ 116.090156] ? __pfx_ksys_read+0x10/0x10
[ 116.090477] do_syscall_64+0xbf/0x360
[ 116.090780] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.091182] RIP: 0033:0x7f172774a08c
[ 116.091475] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 89 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf fc ff ff 48
[ 116.092876] RSP: 002b:00007f1726ce64d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 116.093468] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f172774a08c
[ 116.094028] RDX: 0000000000001fa0 RSI: 00007f1726ce6d00 RDI: 0000000000000005
[ 116.094579] RBP: 000055940c5ff4c0 R08: 0000000000000000 R09: 000055940c5fbe88
[ 116.095132] R10: a3d70a3d70a3d70b R11: 0000000000000246 R12: 00007f1726ce6d00
[ 116.095684] R13: 0000000000001fa0 R14: 00007f1726ce6d00 R15: 00007f1726ce71ea
[ 116.096236]
[ 116.096422] Modules linked in:
[ 116.096678] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#5] SMP KASAN NOPTI
[ 116.097226] ---[ end trace 0000000000000000 ]---
[ 116.097531] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.098523] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.098528] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.098550] Tainted: [D]=DIE, [W]=WARN
[ 116.098964] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.099829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.099839] Workqueue: mld mld_dad_work
[ 116.100146] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.101562]
[ 116.101567] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.102247]
[ 116.102552] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.102979] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.103108] RSP: 0018:ffff8880095e7700 EFLAGS: 00010212
[ 116.103471] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.103609]
[ 116.105044] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.105600] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.106027] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.106572] RDX: ffff8880095d8000 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.106710] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.107263] RBP: ffff8880095e7970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.107272] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.107280] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.107290] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.107304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.107313] CR2: 0000000000000000 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.107320] Call Trace:
[ 116.107325]
[ 116.107330] ? mark_held_locks+0x49/0x80
[ 116.107897] FS: 00007f1726d07700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.108442] ? __local_bh_enable_ip+0xa1/0x110
[ 116.109015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.109568] ? __pfx_perf_tp_event+0x10/0x10
[ 116.110145] CR2: 00007fab049b99c0 CR3: 000000000d4c6000 CR4: 0000000000350ef0
[ 116.110689] ? selinux_ip_postroute+0x629/0xcd0
[ 116.111260] note: in:imklog[175] exited with preempt_count 2
[ 116.111873] ? __pfx_selinux_ip_postroute+0x10/0x10
[ 116.117124] ? __pfx___dev_queue_xmit+0x10/0x10
[ 116.117512] ? __lock_acquire+0x694/0x1b70
[ 116.117868] ? __lock_acquire+0xc65/0x1b70
[ 116.118215] ? lock_acquire+0x15e/0x2f0
[ 116.118544] ? ipv6_chk_mcast_addr+0x38/0x990
[ 116.118909] ? lock_acquire+0x15e/0x2f0
[ 116.119232] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.119638] ? mark_held_locks+0x49/0x80
[ 116.119970] perf_trace_run_bpf_submit+0xef/0x180
[ 116.120364] perf_trace_contention_begin+0x235/0x3e0
[ 116.120771] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.121231] ? sched_clock+0x37/0x60
[ 116.121551] ? lock_acquire+0x18c/0x2f0
[ 116.121902] trace_contention_begin+0xae/0x110
[ 116.122272] __mutex_lock+0x14b/0x1020
[ 116.122594] ? mld_dad_work+0x2a/0x1e0
[ 116.122911] ? mld_dad_work+0x2a/0x1e0
[ 116.123225] ? __perf_event_task_sched_in+0x235/0x5e0
[ 116.123642] ? __pfx___mutex_lock+0x10/0x10
[ 116.123991] ? xfd_validate_state+0x55/0x180
[ 116.124356] ? lock_release+0x1c7/0x290
[ 116.124677] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.125097] ? lock_acquire+0x18c/0x2f0
[ 116.125421] mld_dad_work+0x2a/0x1e0
[ 116.125729] process_one_work+0x8e1/0x19c0
[ 116.126076] ? __pfx_process_one_work+0x10/0x10
[ 116.126456] ? move_linked_works+0x172/0x270
[ 116.126818] ? assign_work+0x196/0x240
[ 116.127133] worker_thread+0x67e/0xe90
[ 116.127451] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.127868] ? __pfx_worker_thread+0x10/0x10
[ 116.128225] kthread+0x3c8/0x740
[ 116.128504] ? __pfx_kthread+0x10/0x10
[ 116.128816] ? ret_from_fork+0x23/0x430
[ 116.129143] ? lock_release+0xc8/0x290
[ 116.129460] ? __pfx_kthread+0x10/0x10
[ 116.129780] ret_from_fork+0x34b/0x430
[ 116.130097] ? __pfx_kthread+0x10/0x10
[ 116.130412] ret_from_fork_asm+0x1a/0x30
[ 116.130751]
[ 116.130941] Modules linked in:
[ 116.131202] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#6] SMP KASAN NOPTI
[ 116.131443] ---[ end trace 0000000000000000 ]---
[ 116.132140] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197]
[ 116.132154] CPU: 1 UID: 0 PID: 49 Comm: kworker/u10:2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.132172] Tainted: [D]=DIE, [W]=WARN
[ 116.132176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.132184] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.132556] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.133228]
[ 116.133233] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.134165] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.134461] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.135119] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.135534] RSP: 0018:ffff88800afb7700 EFLAGS: 00010212
[ 116.135912]
[ 116.136040]
[ 116.136044] RAX: 0000000040000032 RBX: 00000001ffffffa0 RCX: 0000000000000002
[ 116.136405] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.137824] RDX: ffff88800afa8000 RSI: ffffffff8189a4e7 RDI: 0000000200000190
[ 116.137833] RBP: ffff88800afb7970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.139263] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.139663] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.140089] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.140216] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.140354] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.140903] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.140915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.141465] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.142031] CR2: 00007fab049b99c0 CR3: 000000000d4c6000 CR4: 0000000000350ef0
[ 116.142040] Call Trace:
[ 116.142044]
[ 116.142597] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.143154] ? __pfx_perf_tp_event+0x10/0x10
[ 116.143715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.144269] ? ret_from_fork_asm+0x1a/0x30
[ 116.144842] CR2: 0000000000000000 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.145383] ? stack_trace_save+0x8e/0xc0
[ 116.146030] note: kworker/0:0[9] exited with preempt_count 2
[ 116.146466] ? stack_depot_save_flags+0x2c/0xa20
[ 116.151363] ? kasan_save_stack+0x34/0x50
[ 116.151705] ? kasan_save_stack+0x24/0x50
[ 116.152034] ? kasan_save_track+0x14/0x30
[ 116.152366] ? __kasan_save_free_info+0x3a/0x60
[ 116.152736] ? __kasan_slab_free+0x3f/0x50
[ 116.153073] ? kmem_cache_free+0x2a1/0x540
[ 116.153408] ? kfree_skbmem+0x18a/0x1f0
[ 116.153739] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.154100] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.154500] perf_trace_run_bpf_submit+0xef/0x180
[ 116.154891] perf_trace_contention_end+0x235/0x3e0
[ 116.155283] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.155714] ? __mutex_trylock_common+0xf9/0x260
[ 116.156094] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.156504] trace_contention_end+0xae/0x110
[ 116.156865] __mutex_lock+0x166/0x1020
[ 116.157179] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.157539] ? lock_release+0x1c7/0x290
[ 116.157861] ? lock_release+0x1c7/0x290
[ 116.158181] ? __pfx___mutex_lock+0x10/0x10
[ 116.158531] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.158944] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.159304] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.159727] cfg80211_wiphy_work+0x7e/0x480
[ 116.160073] process_one_work+0x8e1/0x19c0
[ 116.160415] ? __pfx_process_one_work+0x10/0x10
[ 116.160789] ? move_linked_works+0x172/0x270
[ 116.161146] ? assign_work+0x196/0x240
[ 116.161455] worker_thread+0x67e/0xe90
[ 116.161793] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.162207] ? __pfx_worker_thread+0x10/0x10
[ 116.162559] kthread+0x3c8/0x740
[ 116.162834] ? __pfx_kthread+0x10/0x10
[ 116.163147] ? ret_from_fork+0x23/0x430
[ 116.163469] ? lock_release+0xc8/0x290
[ 116.163785] ? __pfx_kthread+0x10/0x10
[ 116.164096] ret_from_fork+0x34b/0x430
[ 116.164410] ? __pfx_kthread+0x10/0x10
[ 116.164722] ret_from_fork_asm+0x1a/0x30
[ 116.165052]
[ 116.165238] Modules linked in:
[ 116.165501] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#7] SMP KASAN NOPTI
[ 116.165923] ---[ end trace 0000000000000000 ]---
[ 116.166384] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.166758] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.167348] CPU: 0 UID: 0 PID: 3874 Comm: systemd-udevd Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.167711] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.168626] Tainted: [D]=DIE, [W]=WARN
[ 116.168631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.170064] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.170358] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.171019]
[ 116.171419] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.171791] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.171918] RSP: 0018:ffff888044a976c0 EFLAGS: 00010212
[ 116.173351] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.173901]
[ 116.173906] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.174319] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.174869] RDX: ffff888015e11b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.174879] RBP: ffff888044a97930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.175016] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.175572] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.176148] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.176691] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.177258] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.177809] FS: 00007f5aff3348c0(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.178374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.178925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.178935] CR2: 0000000000000000 CR3: 0000000044ba9000 CR4: 0000000000350ef0
[ 116.179492] CR2: 00007fab049b99c0 CR3: 000000000d4c6000 CR4: 0000000000350ef0
[ 116.180123] Call Trace:
[ 116.180129]
[ 116.180136] ? __pfx_perf_tp_event+0x10/0x10
[ 116.180761] note: kworker/u10:2[49] exited with preempt_count 2
[ 116.181214] ? __alloc_skb+0x161/0x370
[ 116.184343] ? __lock_acquire+0xc65/0x1b70
[ 116.184706] ? trace_sched_set_need_resched_tp+0xd4/0x110
[ 116.185171] ? __resched_curr+0x2a2/0x330
[ 116.185509] ? __pfx___resched_curr+0x10/0x10
[ 116.185878] ? update_se+0x1ba/0x670
[ 116.186183] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.186583] perf_trace_run_bpf_submit+0xef/0x180
[ 116.186973] perf_trace_contention_begin+0x235/0x3e0
[ 116.187380] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.187825] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.188239] ? lock_acquire+0x18c/0x2f0
[ 116.188560] trace_contention_begin+0xae/0x110
[ 116.188928] __mutex_lock+0x14b/0x1020
[ 116.189247] ? ep_send_events+0xff/0xaa0
[ 116.189583] ? ep_send_events+0xff/0xaa0
[ 116.189911] ? __pfx___mutex_lock+0x10/0x10
[ 116.190262] ? lock_acquire+0x15e/0x2f0
[ 116.190582] ? find_held_lock+0x2b/0x80
[ 116.190910] ? schedule+0x2c7/0x390
[ 116.191214] ? lock_release+0xc8/0x290
[ 116.191527] ep_send_events+0xff/0xaa0
[ 116.191842] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 116.192294] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 116.192765] ? __pfx_ep_send_events+0x10/0x10
[ 116.193127] ? lock_release+0xc8/0x290
[ 116.193441] do_epoll_wait+0x42e/0xee0
[ 116.193767] ? __pfx_sock_write_iter+0x10/0x10
[ 116.194141] ? __pfx_do_epoll_wait+0x10/0x10
[ 116.194496] ? populate_seccomp_data+0x213/0x540
[ 116.194881] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 116.195327] ? __pfx___seccomp_filter+0x10/0x10
[ 116.195703] __x64_sys_epoll_wait+0x15b/0x280
[ 116.196076] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 116.196476] ? ksys_write+0x1a3/0x240
[ 116.196791] ? __secure_computing+0x18d/0x290
[ 116.197162] do_syscall_64+0xbf/0x360
[ 116.197474] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.197915] RIP: 0033:0x7f5aff7f30d6
[ 116.198219] Code: 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 18 48 89 74 24
[ 116.199657] RSP: 002b:00007ffe67d67168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8
[ 116.200257] RAX: ffffffffffffffda RBX: 0000564d56f926d0 RCX: 00007f5aff7f30d6
[ 116.200825] RDX: 0000000000000002 RSI: 0000564d56fb5770 RDI: 0000000000000003
[ 116.201386] RBP: ffffffffffffffff R08: 0000000000000002 R09: 0000000000000004
[ 116.201955] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001
[ 116.202518] R13: 0000000000000002 R14: 0000564d2ece32e6 R15: 0000000000000000
[ 116.203083]
[ 116.203278] Modules linked in:
[ 116.203535] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#8] SMP KASAN NOPTI
[ 116.204051] ---[ end trace 0000000000000000 ]---
[ 116.204401] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197]
[ 116.205091] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.205433] CPU: 1 UID: 60929 PID: 3964 Comm: syz-executor.0 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.205815] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.206734] Tainted: [D]=DIE, [W]=WARN
[ 116.208138] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.208425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.208427]
[ 116.208435] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.208850] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.209474] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.209618] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.209973] RSP: 0018:ffff88800a2f7640 EFLAGS: 00010212
[ 116.209984] RAX: 0000000040000032 RBX: 00000001ffffffa0 RCX: 0000000000000002
[ 116.210531] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.211931] RDX: ffff888044d8d280 RSI: ffffffff8189a4e7 RDI: 0000000200000190
[ 116.211940] RBP: ffff88800a2f78b0 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.212490] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.212897] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.212906] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.213452] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.214005] FS: 00007f8b03cd8700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.214017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.214561] FS: 00007f5aff3348c0(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.215111] CR2: 00007fab049b99c0 CR3: 0000000016a34000 CR4: 0000000000350ef0
[ 116.215120] Call Trace:
[ 116.215125]
[ 116.215667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.216215] ? __pfx_perf_tp_event+0x10/0x10
[ 116.216789] CR2: 0000000000000000 CR3: 0000000044ba9000 CR4: 0000000000350ef0
[ 116.217327] ? css_rstat_updated+0x1b8/0x4d0
[ 116.217961] note: systemd-udevd[3874] exited with preempt_count 2
[ 116.218395] ? kvm_sched_clock_read+0x16/0x30
[ 116.222441] ? sched_clock+0x37/0x60
[ 116.222741] ? sched_clock_cpu+0x6c/0x4e0
[ 116.223072] ? lock_acquire+0x18c/0x2f0
[ 116.223389] ? __update_load_avg_se+0x428/0xa40
[ 116.223761] ? lock_release+0x1c7/0x290
[ 116.224077] ? __perf_event_task_sched_in+0x235/0x5e0
[ 116.224488] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.224890] ? xfd_validate_state+0x55/0x180
[ 116.225244] ? lock_release+0x1c7/0x290
[ 116.225563] perf_trace_run_bpf_submit+0xef/0x180
[ 116.225960] perf_trace_contention_end+0x235/0x3e0
[ 116.226348] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.226773] ? __mutex_trylock_common+0xf9/0x260
[ 116.227148] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.227554] trace_contention_end+0xae/0x110
[ 116.227906] __mutex_lock+0x166/0x1020
[ 116.228220] ? perf_event_exit_task+0x46/0x510
[ 116.228586] ? do_raw_spin_lock+0x123/0x260
[ 116.228932] ? lock_acquire+0x18c/0x2f0
[ 116.229248] ? __pfx___mutex_lock+0x10/0x10
[ 116.229598] ? _raw_spin_unlock_irq+0x23/0x40
[ 116.229956] ? lock_release+0x1c7/0x290
[ 116.230271] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.230682] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 116.231080] ? taskstats_exit+0x8c/0xba0
[ 116.231402] perf_event_exit_task+0x46/0x510
[ 116.231757] do_exit+0x626/0x2970
[ 116.232039] ? lock_release+0x1c7/0x290
[ 116.232353] ? __pfx_do_exit+0x10/0x10
[ 116.232663] ? do_raw_spin_lock+0x123/0x260
[ 116.233006] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.233378] do_group_exit+0xd3/0x2a0
[ 116.233689] get_signal+0x2315/0x2340
[ 116.234002] ? __pfx_get_signal+0x10/0x10
[ 116.234335] ? do_futex+0x135/0x370
[ 116.234629] ? __pfx_do_futex+0x10/0x10
[ 116.234944] arch_do_signal_or_restart+0x80/0x790
[ 116.235328] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 116.235754] ? __x64_sys_futex+0x1c9/0x4d0
[ 116.236086] ? __x64_sys_futex+0x1d2/0x4d0
[ 116.236422] ? __pfx___x64_sys_futex+0x10/0x10
[ 116.236784] ? set_cred_ucounts+0x110/0x210
[ 116.237128] exit_to_user_mode_loop+0x8b/0x110
[ 116.237490] do_syscall_64+0x2f7/0x360
[ 116.237803] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.238206] RIP: 0033:0x7f8b06762b19
[ 116.238500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.239906] RSP: 002b:00007f8b03cd8218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 116.240498] RAX: fffffffffffffe00 RBX: 00007f8b06875f68 RCX: 00007f8b06762b19
[ 116.241054] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8b06875f68
[ 116.241615] RBP: 00007f8b06875f60 R08: 0000000000000000 R09: 0000000000000000
[ 116.242165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8b06875f6c
[ 116.242716] R13: 00007ffc535ed0bf R14: 00007f8b03cd8300 R15: 0000000000022000
[ 116.243272]
[ 116.243460] Modules linked in:
[ 116.243719] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#9] SMP KASAN NOPTI
[ 116.244013] ---[ end trace 0000000000000000 ]---
[ 116.244586] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.245173] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.245537] CPU: 0 UID: 0 PID: 286 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.246105] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.246807] Tainted: [D]=DIE, [W]=WARN
[ 116.246813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.246821] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.246840] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.246852] RSP: 0018:ffff8880175bf6c0 EFLAGS: 00010212
[ 116.246862] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.246870] RDX: ffff88801c118000 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.246878] RBP: ffff8880175bf930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.246886] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.246894] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.246904] FS: 0000555588162400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.246915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.246923] CR2: 0000000000000000 CR3: 000000003ea6a000 CR4: 0000000000350ef0
[ 116.246931] Call Trace:
[ 116.246935]
[ 116.246940] ? kasan_save_stack+0x34/0x50
[ 116.246958] ? __do_wait+0x218/0x8f0
[ 116.246975] ? __pfx_perf_tp_event+0x10/0x10
[ 116.246991] ? delete_node+0x20e/0x730
[ 116.248571] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.248699] ? __radix_tree_delete+0x13e/0x380
[ 116.249526]
[ 116.249714] ? radix_tree_delete_item+0xef/0x230
[ 116.251382] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.251557] ? lock_acquire+0x18c/0x2f0
[ 116.252350] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.252668] ? lock_acquire+0x18c/0x2f0
[ 116.253425] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.253773] ? lock_release+0x1c7/0x290
[ 116.253789] ? __virt_addr_valid+0x100/0x5d0
[ 116.253809] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.253825] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.253841] perf_trace_run_bpf_submit+0xef/0x180
[ 116.253859] perf_trace_contention_begin+0x235/0x3e0
[ 116.253875] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.253890] ? __pfx_release_task+0x10/0x10
[ 116.253905] ? lock_acquire+0x18c/0x2f0
[ 116.253918] ? lock_release+0x1c7/0x290
[ 116.253931] trace_contention_begin+0xae/0x110
[ 116.253947] __mutex_lock+0x14b/0x1020
[ 116.253965] ? anon_pipe_write+0x12a/0x1a80
[ 116.253979] ? anon_pipe_write+0x12a/0x1a80
[ 116.253991] ? avc_has_perm+0x12b/0x1d0
[ 116.254012] ? __pfx___mutex_lock+0x10/0x10
[ 116.254031] ? __pfx_wait_consider_task+0x10/0x10
[ 116.254045] ? lock_acquire+0x18c/0x2f0
[ 116.254059] ? inode_has_perm+0x170/0x1c0
[ 116.254072] anon_pipe_write+0x12a/0x1a80
[ 116.254086] ? lock_release+0x1c7/0x290
[ 116.254099] ? lock_acquire+0x18c/0x2f0
[ 116.254113] ? __pfx_anon_pipe_write+0x10/0x10
[ 116.254126] ? selinux_file_permission+0x99/0x600
[ 116.254143] ? security_file_permission+0x22/0x90
[ 116.254165] vfs_write+0xbe9/0x1150
[ 116.254178] ? __pfx_anon_pipe_write+0x10/0x10
[ 116.254192] ? __pfx_vfs_write+0x10/0x10
[ 116.254205] ? __do_sys_wait4+0xb3/0x150
[ 116.254221] ? common_nsleep+0xaa/0xd0
[ 116.254237] ksys_write+0x1ef/0x240
[ 116.254250] ? __pfx_ksys_write+0x10/0x10
[ 116.254265] do_syscall_64+0xbf/0x360
[ 116.254277] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.254289] RIP: 0033:0x7f69e3c045ff
[ 116.254299] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 116.254310] RSP: 002b:00007fff1a646130 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 116.254321] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 00007f69e3c045ff
[ 116.254329] RDX: 000000000000000c RSI: 00007fff1a646220 RDI: 00000000000000f8
[ 116.254337] RBP: 00007fff1a6461bc R08: 0000000000000000 R09: 00007f69e3d41000
[ 116.254345] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 116.254352] R13: 000000000001c3cc R14: 0000000000000002 R15: 00007fff1a646220
[ 116.254363]
[ 116.254367] Modules linked in:
[ 116.254440] ---[ end trace 0000000000000000 ]---
[ 116.255240] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.255596] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.256353] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.256622] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.257102] FS: 00007f8b03cd8700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.257359] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.257657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.258014]
[ 116.258019] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.258028] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.258036] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.258044] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.258052] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.258062] FS: 0000555588162400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.258073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.258081] CR2: 0000000000000000 CR3: 000000003ea6a000 CR4: 0000000000350ef0
[ 116.258090] note: syz-executor.5[286] exited with preempt_count 2
[ 116.260367] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#10] SMP KASAN NOPTI
[ 116.260381] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.260392] CPU: 0 UID: 0 PID: 3970 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.260411] Tainted: [D]=DIE, [W]=WARN
[ 116.260416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.260423] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.260440] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.260451] RSP: 0018:ffff888018e27880 EFLAGS: 00010212
[ 116.260461] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.260469] RDX: ffff888017659b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.260477] RBP: ffff888018e27af0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.260485] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.260492] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.260502] FS: 00005555562b1400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.260513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.260521] CR2: 0000000000000000 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.260528] Call Trace:
[ 116.260532]
[ 116.260536] ? lock_release+0x1c7/0x290
[ 116.260551] ? __pfx_perf_tp_event+0x10/0x10
[ 116.260567] ? unwind_get_return_address+0x59/0xa0
[ 116.260586] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 116.260603] ? arch_stack_walk+0x9c/0xf0
[ 116.260618] ? stack_trace_save+0x8e/0xc0
[ 116.260632] ? stack_depot_save_flags+0x2c/0xa20
[ 116.260648] ? kasan_save_stack+0x34/0x50
[ 116.260662] ? kasan_save_stack+0x24/0x50
[ 116.261966] CR2: 00007fab049b99c0 CR3: 0000000016a34000 CR4: 0000000000350ef0
[ 116.262156] ? kasan_save_track+0x14/0x30
[ 116.262483] note: syz-executor.0[3964] exited with preempt_count 2
[ 116.263061] ? __kasan_slab_alloc+0x59/0x70
[ 116.263078] ? kmem_cache_alloc_noprof+0x205/0x690
[ 116.263092] ? taskstats_exit+0x672/0xba0
[ 116.263104] ? do_exit+0x5d1/0x2970
[ 116.263117] ? do_group_exit+0xd3/0x2a0
[ 116.263132] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.263148] perf_trace_run_bpf_submit+0xef/0x180
[ 116.263166] perf_trace_contention_begin+0x235/0x3e0
[ 116.263180] ? lock_acquire+0x18c/0x2f0
[ 116.263194] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.263209] ? lock_acquire+0x18c/0x2f0
[ 116.263223] trace_contention_begin+0xae/0x110
[ 116.263238] __mutex_lock+0x14b/0x1020
[ 116.263255] ? perf_event_exit_task+0x46/0x510
[ 116.263272] ? perf_event_exit_task+0x46/0x510
[ 116.263288] ? do_raw_spin_lock+0x123/0x260
[ 116.263305] ? lock_acquire+0x18c/0x2f0
[ 116.263318] ? __pfx___mutex_lock+0x10/0x10
[ 116.263336] ? _raw_spin_unlock_irq+0x23/0x40
[ 116.263351] ? lock_release+0x1c7/0x290
[ 116.263365] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.263377] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 116.263393] ? taskstats_exit+0x8c/0xba0
[ 116.263405] perf_event_exit_task+0x46/0x510
[ 116.263423] do_exit+0x626/0x2970
[ 116.263436] ? signal_wake_up_state+0x9f/0x120
[ 116.263453] ? zap_other_threads+0x2b9/0x3a0
[ 116.263767] Fixing recursive fault but reboot is needed!
[ 116.264108] ? __pfx_do_exit+0x10/0x10
[ 116.314764] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.315142] ? lock_release+0x1c7/0x290
[ 116.315468] do_group_exit+0xd3/0x2a0
[ 116.315779] __x64_sys_exit_group+0x3e/0x50
[ 116.316124] x64_sys_call+0x18c5/0x18d0
[ 116.316453] do_syscall_64+0xbf/0x360
[ 116.316758] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.317166] RIP: 0033:0x7f7bff79bb19
[ 116.317467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.318903] RSP: 002b:00007ffc7ef45bf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 116.319501] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f7bff79bb19
[ 116.320063] RDX: 00007f7bff74e72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 116.320623] RBP: 0000000000000000 R08: 00007f7bff8b31d0 R09: 0000000000000001
[ 116.321182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 116.321749] R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffc7ef45ce0
[ 116.322314]
[ 116.322501] Modules linked in:
[ 116.322764] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#11] SMP KASAN NOPTI
[ 116.323284] ---[ end trace 0000000000000000 ]---
[ 116.323651] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197]
[ 116.324384] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.324710] CPU: 1 UID: 0 PID: 359 Comm: kworker/u9:6 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.325144] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.325994] Tainted: [D]=DIE, [W]=WARN
[ 116.325999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.326006] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.326022] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.326039] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.327471] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.327762] RSP: 0018:ffff888016917700 EFLAGS: 00010212
[ 116.328416]
[ 116.328829]
[ 116.328833] RAX: 0000000040000032 RBX: 00000001ffffffa0 RCX: 0000000000000002
[ 116.328841] RDX: ffff888015de3700 RSI: ffffffff8189a4e7 RDI: 0000000200000190
[ 116.329200] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.330619] RBP: ffff888016917970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.330628] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.331050] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.331453] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.331593] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.331731] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.332300] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.332843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.332853] CR2: 00007fab049b99c0 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.333408] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.333965] Call Trace:
[ 116.333969]
[ 116.333976] ? __pfx_perf_tp_event+0x10/0x10
[ 116.334537] FS: 00005555562b1400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.335092] ? ret_from_fork_asm+0x1a/0x30
[ 116.335661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.336221] ? stack_trace_save+0x8e/0xc0
[ 116.336865] CR2: 0000000000000000 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.337410] ? stack_depot_save_flags+0x2c/0xa20
[ 116.337890] note: syz-executor.2[3970] exited with preempt_count 2
[ 116.338436] ? kasan_save_stack+0x34/0x50
[ 116.339009] Fixing recursive fault but reboot is needed!
[ 116.339207] ? kasan_save_stack+0x24/0x50
[ 116.343903] ? kasan_save_track+0x14/0x30
[ 116.344236] ? __kasan_save_free_info+0x3a/0x60
[ 116.344608] ? __kasan_slab_free+0x3f/0x50
[ 116.344954] ? kmem_cache_free+0x2a1/0x540
[ 116.345290] ? kfree_skbmem+0x18a/0x1f0
[ 116.345619] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.345982] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.346384] perf_trace_run_bpf_submit+0xef/0x180
[ 116.346773] perf_trace_contention_end+0x235/0x3e0
[ 116.347166] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.347596] ? __mutex_trylock_common+0xf9/0x260
[ 116.347981] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.348391] trace_contention_end+0xae/0x110
[ 116.348747] __mutex_lock+0x166/0x1020
[ 116.349064] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.349425] ? lock_release+0x1c7/0x290
[ 116.349751] ? __pfx___mutex_lock+0x10/0x10
[ 116.350104] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.350508] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.350877] cfg80211_wiphy_work+0x7e/0x480
[ 116.351224] process_one_work+0x8e1/0x19c0
[ 116.351566] ? __pfx_process_one_work+0x10/0x10
[ 116.351942] ? move_linked_works+0x172/0x270
[ 116.352306] ? assign_work+0x196/0x240
[ 116.352619] worker_thread+0x67e/0xe90
[ 116.352933] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.353349] ? __pfx_worker_thread+0x10/0x10
[ 116.353739] kthread+0x3c8/0x740
[ 116.354056] ? __pfx_kthread+0x10/0x10
[ 116.354460] ? ret_from_fork+0x23/0x430
[ 116.354817] ? lock_release+0xc8/0x290
[ 116.355132] ? __pfx_kthread+0x10/0x10
[ 116.355442] ret_from_fork+0x34b/0x430
[ 116.355760] ? __pfx_kthread+0x10/0x10
[ 116.356072] ret_from_fork_asm+0x1a/0x30
[ 116.356405]
[ 116.356599] Modules linked in:
[ 116.356860] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#12] SMP KASAN NOPTI
[ 116.357151] ---[ end trace 0000000000000000 ]---
[ 116.357747] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.358362] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.358719] CPU: 0 UID: 0 PID: 346 Comm: kworker/u10:5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.359289] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.359992] Tainted: [D]=DIE, [W]=WARN
[ 116.359998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.360006] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.360027] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.360044] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.360056] RSP: 0018:ffff88800f227700 EFLAGS: 00010212
[ 116.360065] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.360073] RDX: ffff888015edb700 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.360081] RBP: ffff88800f227970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.360089] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.360097] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.360107] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.360118] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.360126] CR2: 0000000000000000 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.360134] Call Trace:
[ 116.360138]
[ 116.360145] ? __pfx_perf_tp_event+0x10/0x10
[ 116.360163] ? ret_from_fork_asm+0x1a/0x30
[ 116.360180] ? stack_trace_save+0x8e/0xc0
[ 116.360195] ? stack_depot_save_flags+0x2c/0xa20
[ 116.360211] ? kasan_save_stack+0x34/0x50
[ 116.361878] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.361955] ? kasan_save_stack+0x24/0x50
[ 116.362597]
[ 116.363021] ? kasan_save_track+0x14/0x30
[ 116.363036] ? __kasan_save_free_info+0x3a/0x60
[ 116.363050] ? __kasan_slab_free+0x3f/0x50
[ 116.363065] ? kmem_cache_free+0x2a1/0x540
[ 116.363077] ? kfree_skbmem+0x18a/0x1f0
[ 116.363092] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.363104] ? ieee80211_iface_work+0x43c/0x1220
[ 116.363122] ? cfg80211_wiphy_work+0x245/0x480
[ 116.363134] ? process_one_work+0x8e1/0x19c0
[ 116.363150] ? worker_thread+0x67e/0xe90
[ 116.363163] ? kthread+0x3c8/0x740
[ 116.363176] ? ret_from_fork+0x34b/0x430
[ 116.363197] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.363213] perf_trace_run_bpf_submit+0xef/0x180
[ 116.363232] perf_trace_contention_begin+0x235/0x3e0
[ 116.364187] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.365023] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.365041] ? lock_acquire+0x18c/0x2f0
[ 116.365056] trace_contention_begin+0xae/0x110
[ 116.365071] __mutex_lock+0x14b/0x1020
[ 116.365088] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.365101] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.365114] ? lock_release+0x1c7/0x290
[ 116.365127] ? __pfx___mutex_lock+0x10/0x10
[ 116.365145] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.365163] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.365182] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.365196] cfg80211_wiphy_work+0x7e/0x480
[ 116.365210] process_one_work+0x8e1/0x19c0
[ 116.365228] ? __pfx_process_one_work+0x10/0x10
[ 116.365242] ? move_linked_works+0x172/0x270
[ 116.365261] ? assign_work+0x196/0x240
[ 116.365275] worker_thread+0x67e/0xe90
[ 116.365289] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.365303] ? __pfx_worker_thread+0x10/0x10
[ 116.365318] kthread+0x3c8/0x740
[ 116.365330] ? __pfx_kthread+0x10/0x10
[ 116.365342] ? ret_from_fork+0x23/0x430
[ 116.365360] ? lock_release+0xc8/0x290
[ 116.365373] ? __pfx_kthread+0x10/0x10
[ 116.365386] ret_from_fork+0x34b/0x430
[ 116.365403] ? __pfx_kthread+0x10/0x10
[ 116.365416] ret_from_fork_asm+0x1a/0x30
[ 116.365434]
[ 116.365438] Modules linked in:
[ 116.365720] ---[ end trace 0000000000000000 ]---
[ 116.366184] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.366194] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.366763] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.367529] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.367902] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.367916] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.367926] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.367934] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.367942] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.367951] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.367958] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.367968] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.367979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.367987] CR2: 0000000000000000 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.367996] note: kworker/u10:5[346] exited with preempt_count 2
[ 116.370598] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#13] SMP KASAN NOPTI
[ 116.370728] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.371304] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.371316] CPU: 0 UID: 0 PID: 97 Comm: systemd-journal Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.371335] Tainted: [D]=DIE, [W]=WARN
[ 116.371340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.371346] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.371364] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.371376] RSP: 0018:ffff888015e0f6c0 EFLAGS: 00010212
[ 116.371386] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.371394] RDX: ffff888015e10000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.371402] RBP: ffff888015e0f930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.371410] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.371418] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.371427] FS: 00007fab054b2900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.371438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.371446] CR2: 0000000000000000 CR3: 000000000c71c000 CR4: 0000000000350ef0
[ 116.371454] Call Trace:
[ 116.371459]
[ 116.371463] ? kasan_save_stack+0x34/0x50
[ 116.371478] ? path_openat+0x19f8/0x2880
[ 116.371493] ? __pfx_perf_tp_event+0x10/0x10
[ 116.371509] ? __fput_deferred+0x3d9/0x490
[ 116.371727] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.371908] ? __x64_sys_openat+0x142/0x200
[ 116.371929] ? do_syscall_64+0xbf/0x360
[ 116.371941] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.371953] ? lock_acquire+0x18c/0x2f0
[ 116.371966] ? do_raw_spin_lock+0x123/0x260
[ 116.371982] ? lock_release+0x1c7/0x290
[ 116.371996] ? lock_acquire+0x18c/0x2f0
[ 116.372010] ? lock_release+0x1c7/0x290
[ 116.372023] ? lock_acquire+0x18c/0x2f0
[ 116.372036] ? lock_acquire+0x18c/0x2f0
[ 116.372049] ? lock_acquire+0x18c/0x2f0
[ 116.372062] ? lock_release+0x1c7/0x290
[ 116.372075] ? lock_release+0x1c7/0x290
[ 116.372088] ? lock_acquire+0x18c/0x2f0
[ 116.372101] ? lock_acquire+0x18c/0x2f0
[ 116.372455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.372785] ? lock_release+0x1c7/0x290
[ 116.372801] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.372817] perf_trace_run_bpf_submit+0xef/0x180
[ 116.372835] perf_trace_contention_begin+0x235/0x3e0
[ 116.372850] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.372866] ? lock_acquire+0x18c/0x2f0
[ 116.372880] trace_contention_begin+0xae/0x110
[ 116.372895] __mutex_lock+0x14b/0x1020
[ 116.372913] ? ep_send_events+0xff/0xaa0
[ 116.372929] ? ep_send_events+0xff/0xaa0
[ 116.372943] ? kasan_save_stack+0x34/0x50
[ 116.372957] ? kasan_save_stack+0x24/0x50
[ 116.372971] ? kasan_save_track+0x14/0x30
[ 116.373302] CR2: 00007fab049b99c0 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.373676] ? __kasan_save_free_info+0x3a/0x60
[ 116.374180] note: kworker/u9:6[359] exited with preempt_count 2
[ 116.374420] ? kmem_cache_free+0x2a1/0x540
[ 116.423159] ? __pfx___mutex_lock+0x10/0x10
[ 116.423520] ? __x64_sys_openat+0x142/0x200
[ 116.423878] ? do_syscall_64+0xbf/0x360
[ 116.424194] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.424616] ? do_raw_spin_lock+0x123/0x260
[ 116.424963] ? __pfx_path_openat+0x10/0x10
[ 116.425302] ? lock_acquire+0x18c/0x2f0
[ 116.425623] ep_send_events+0xff/0xaa0
[ 116.425946] ? do_filp_open+0x333/0x450
[ 116.426289] ? __pfx_do_filp_open+0x10/0x10
[ 116.426642] ? do_raw_spin_lock+0x123/0x260
[ 116.427000] ? __pfx_ep_send_events+0x10/0x10
[ 116.427378] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.427767] do_epoll_wait+0x42e/0xee0
[ 116.428086] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.428481] ? __pfx_do_epoll_wait+0x10/0x10
[ 116.428846] ? putname.part.0+0x11b/0x160
[ 116.429202] ? populate_seccomp_data+0x213/0x540
[ 116.429606] ? __seccomp_filter+0x535/0xfa0
[ 116.429971] ? __pfx___seccomp_filter+0x10/0x10
[ 116.430367] __x64_sys_epoll_wait+0x15b/0x280
[ 116.430739] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 116.431141] ? ksys_read+0x1a3/0x240
[ 116.431446] ? __secure_computing+0x18d/0x290
[ 116.431809] do_syscall_64+0xbf/0x360
[ 116.432116] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.432523] RIP: 0033:0x7fab05d7b116
[ 116.432817] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 116.434252] RSP: 002b:00007ffce70cc0e0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 116.434849] RAX: ffffffffffffffda RBX: 00005649b9184360 RCX: 00007fab05d7b116
[ 116.435408] RDX: 0000000000000015 RSI: 00005649b918a8b0 RDI: 0000000000000008
[ 116.435970] RBP: ffffffffffffffff R08: 0000000000000000 R09: 00007fab06107000
[ 116.436550] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 116.437128] R13: 0000000000000015 R14: 0000000000000000 R15: 0000000000000000
[ 116.437727]
[ 116.437920] Modules linked in:
[ 116.438195] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#14] SMP KASAN NOPTI
[ 116.438309] ---[ end trace 0000000000000000 ]---
[ 116.439065] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197]
[ 116.439079] CPU: 1 UID: 0 PID: 25 Comm: kworker/u9:0 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.439442] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.440102] Tainted: [D]=DIE, [W]=WARN
[ 116.440107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.440115] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.441004] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.441351]
[ 116.441656] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.442288] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.442717]
[ 116.444126] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.444139] RSP: 0018:ffff88800976f700 EFLAGS: 00010212
[ 116.444272] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.444677]
[ 116.444681] RAX: 0000000040000032 RBX: 00000001ffffffa0 RCX: 0000000000000002
[ 116.445070] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.445177] RDX: ffff888009751b80 RSI: ffffffff8189a4e7 RDI: 0000000200000190
[ 116.446596] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.446993] RBP: ffff88800976f970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.447002] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.447550] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.447684] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.448245] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.448780] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.448793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.449337] FS: 00007fab054b2900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.449895] CR2: 00007fab049b99c0 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.449904] Call Trace:
[ 116.449909]
[ 116.450456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.451004] ? __pfx_perf_tp_event+0x10/0x10
[ 116.451561] CR2: 0000000000000000 CR3: 000000000c71c000 CR4: 0000000000350ef0
[ 116.452109] ? ret_from_fork_asm+0x1a/0x30
[ 116.452667] note: systemd-journal[97] exited with preempt_count 2
[ 116.453285] ? stack_trace_save+0x8e/0xc0
[ 116.458107] ? do_raw_spin_lock+0x123/0x260
[ 116.458452] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.458829] ? lock_acquire+0x18c/0x2f0
[ 116.459148] ? _raw_spin_lock_irqsave+0x42/0x60
[ 116.459522] ? lock_release+0x1c7/0x290
[ 116.459843] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.460243] perf_trace_run_bpf_submit+0xef/0x180
[ 116.460644] perf_trace_contention_end+0x235/0x3e0
[ 116.461049] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.461508] ? __mutex_trylock_common+0xf9/0x260
[ 116.461902] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.462323] trace_contention_end+0xae/0x110
[ 116.462689] __mutex_lock+0x166/0x1020
[ 116.463008] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.463364] ? lock_release+0x1c7/0x290
[ 116.463683] ? __pfx___mutex_lock+0x10/0x10
[ 116.464036] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.464445] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.464812] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.465232] cfg80211_wiphy_work+0x7e/0x480
[ 116.465589] process_one_work+0x8e1/0x19c0
[ 116.465944] ? __pfx_process_one_work+0x10/0x10
[ 116.466332] ? move_linked_works+0x172/0x270
[ 116.466701] ? assign_work+0x196/0x240
[ 116.467033] worker_thread+0x67e/0xe90
[ 116.467350] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.467781] ? __pfx_worker_thread+0x10/0x10
[ 116.468134] kthread+0x3c8/0x740
[ 116.468417] ? __pfx_kthread+0x10/0x10
[ 116.468729] ? ret_from_fork+0x23/0x430
[ 116.469051] ? lock_release+0xc8/0x290
[ 116.469379] ? __pfx_kthread+0x10/0x10
[ 116.469713] ret_from_fork+0x34b/0x430
[ 116.470043] ? __pfx_kthread+0x10/0x10
[ 116.470360] ret_from_fork_asm+0x1a/0x30
[ 116.470702]
[ 116.470903] Modules linked in:
[ 116.471165] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#15] SMP KASAN NOPTI
[ 116.471357] ---[ end trace 0000000000000000 ]---
[ 116.472043] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.472059] CPU: 0 UID: 0 PID: 44 Comm: kworker/u10:1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.472078] Tainted: [D]=DIE, [W]=WARN
[ 116.472083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.472091] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.472112] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.472130] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.472142] RSP: 0018:ffff88800a47f700 EFLAGS: 00010212
[ 116.472151] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.472159] RDX: ffff88800a315280 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.472167] RBP: ffff88800a47f970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.472175] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.472183] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.472193] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.472204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.472212] CR2: 0000000000000000 CR3: 000000003d444000 CR4: 0000000000350ef0
[ 116.472220] Call Trace:
[ 116.472224]
[ 116.472230] ? __pfx_perf_tp_event+0x10/0x10
[ 116.472249] ? ret_from_fork_asm+0x1a/0x30
[ 116.472266] ? stack_trace_save+0x8e/0xc0
[ 116.472282] ? stack_depot_save_flags+0x2c/0xa20
[ 116.472298] ? kasan_save_stack+0x34/0x50
[ 116.472313] ? kasan_save_stack+0x24/0x50
[ 116.472326] ? kasan_save_track+0x14/0x30
[ 116.472340] ? __kasan_save_free_info+0x3a/0x60
[ 116.472353] ? __kasan_slab_free+0x3f/0x50
[ 116.472369] ? kmem_cache_free+0x2a1/0x540
[ 116.472380] ? kfree_skbmem+0x18a/0x1f0
[ 116.472396] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.472410] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.472426] perf_trace_run_bpf_submit+0xef/0x180
[ 116.472444] perf_trace_contention_begin+0x235/0x3e0
[ 116.472460] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.472476] ? lock_acquire+0x18c/0x2f0
[ 116.472490] trace_contention_begin+0xae/0x110
[ 116.472505] __mutex_lock+0x14b/0x1020
[ 116.472523] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.472536] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.472549] ? lock_release+0x1c7/0x290
[ 116.472562] ? __pfx___mutex_lock+0x10/0x10
[ 116.472580] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.472597] ? xfd_validate_state+0x55/0x180
[ 116.473507] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.473612] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.474694] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.474815] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.474832] cfg80211_wiphy_work+0x7e/0x480
[ 116.474847] process_one_work+0x8e1/0x19c0
[ 116.474867] ? __pfx_process_one_work+0x10/0x10
[ 116.474881] ? move_linked_works+0x172/0x270
[ 116.474903] ? assign_work+0x196/0x240
[ 116.474918] worker_thread+0x67e/0xe90
[ 116.474932] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.474946] ? __pfx_worker_thread+0x10/0x10
[ 116.474960] kthread+0x3c8/0x740
[ 116.474974] ? __pfx_kthread+0x10/0x10
[ 116.474986] ? ret_from_fork+0x23/0x430
[ 116.475005] ? lock_release+0xc8/0x290
[ 116.475018] ? __pfx_kthread+0x10/0x10
[ 116.475031] ret_from_fork+0x34b/0x430
[ 116.475048] ? __pfx_kthread+0x10/0x10
[ 116.475061] ret_from_fork_asm+0x1a/0x30
[ 116.475080]
[ 116.475084] Modules linked in:
[ 116.475929] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.476144]
[ 116.476503]
[ 116.478263] ---[ end trace 0000000000000000 ]---
[ 116.478507] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.479352] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.479984] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.480362] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.481038] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.481476] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.482232] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.482570]
[ 116.483247] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.483351] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.483534] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.483889] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.483898] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.483907] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.483915] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.483924] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.483935] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.483943] CR2: 0000000000000000 CR3: 000000003d444000 CR4: 0000000000350ef0
[ 116.483952] note: kworker/u10:1[44] exited with preempt_count 2
[ 116.484017] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#16] SMP KASAN NOPTI
[ 116.484029] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.484041] CPU: 0 UID: 0 PID: 3971 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.484060] Tainted: [D]=DIE, [W]=WARN
[ 116.484381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.484707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.485257] CR2: 00007fab049b99c0 CR3: 0000000044bc7000 CR4: 0000000000350ef0
[ 116.485403] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.485739] note: kworker/u9:0[25] exited with preempt_count 2
[ 116.486059] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.486072] RSP: 0018:ffff888018c27640 EFLAGS: 00010212
[ 116.486082] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.486090] RDX: ffff88801765d280 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.486098] RBP: ffff888018c278b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.486106] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.486114] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.486123] FS: 00007f7bfcd11700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.486135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.486142] CR2: 0000000000000000 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.486150] Call Trace:
[ 116.486154]
[ 116.486160] ? lock_acquire+0x18c/0x2f0
[ 116.486174] ? __pfx_perf_tp_event+0x10/0x10
[ 116.524592] ? lock_release+0x1c7/0x290
[ 116.524917] ? lock_acquire+0x18c/0x2f0
[ 116.525240] ? lock_release+0x1c7/0x290
[ 116.525563] ? css_rstat_updated+0x1b8/0x4d0
[ 116.525929] ? kvm_sched_clock_read+0x16/0x30
[ 116.526296] ? sched_clock+0x37/0x60
[ 116.526599] ? sched_clock_cpu+0x6c/0x4e0
[ 116.526934] ? lock_acquire+0x18c/0x2f0
[ 116.527253] ? __update_load_avg_se+0x428/0xa40
[ 116.527641] ? lock_release+0x1c7/0x290
[ 116.527961] ? __perf_event_task_sched_in+0x235/0x5e0
[ 116.528379] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.528785] ? xfd_validate_state+0x55/0x180
[ 116.529145] ? lock_release+0x1c7/0x290
[ 116.529466] perf_trace_run_bpf_submit+0xef/0x180
[ 116.529862] perf_trace_contention_begin+0x235/0x3e0
[ 116.530273] ? trace_sched_exit_tp+0xbf/0x100
[ 116.530645] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.531088] ? lock_acquire+0x18c/0x2f0
[ 116.531407] ? __pfx___schedule+0x10/0x10
[ 116.531742] trace_contention_begin+0xae/0x110
[ 116.532112] __mutex_lock+0x14b/0x1020
[ 116.532432] ? perf_event_exit_task+0x46/0x510
[ 116.532802] ? perf_event_exit_task+0x46/0x510
[ 116.533172] ? do_raw_spin_lock+0x123/0x260
[ 116.533525] ? lock_acquire+0x18c/0x2f0
[ 116.533854] ? __pfx___mutex_lock+0x10/0x10
[ 116.534202] ? _raw_spin_unlock_irq+0x23/0x40
[ 116.534562] ? lock_release+0x1c7/0x290
[ 116.534877] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.535288] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 116.535687] ? taskstats_exit+0x8c/0xba0
[ 116.536010] ? lock_acquire+0x18c/0x2f0
[ 116.536329] perf_event_exit_task+0x46/0x510
[ 116.536683] do_exit+0x626/0x2970
[ 116.536964] ? lock_release+0x1c7/0x290
[ 116.537280] ? __pfx_do_exit+0x10/0x10
[ 116.537595] ? do_raw_spin_lock+0x123/0x260
[ 116.537940] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.538311] do_group_exit+0xd3/0x2a0
[ 116.538616] get_signal+0x2315/0x2340
[ 116.538930] ? __pfx_get_signal+0x10/0x10
[ 116.539263] ? do_futex+0x135/0x370
[ 116.539557] ? __pfx_do_futex+0x10/0x10
[ 116.539872] arch_do_signal_or_restart+0x80/0x790
[ 116.540261] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 116.540687] ? __x64_sys_futex+0x1c9/0x4d0
[ 116.541020] ? __x64_sys_futex+0x1d2/0x4d0
[ 116.541355] ? __pfx___x64_sys_futex+0x10/0x10
[ 116.541728] ? xfd_validate_state+0x55/0x180
[ 116.542081] ? __pfx___x64_sys_mount+0x10/0x10
[ 116.542450] exit_to_user_mode_loop+0x8b/0x110
[ 116.542815] do_syscall_64+0x2f7/0x360
[ 116.543127] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 116.543529] RIP: 0033:0x7f7bff79bb19
[ 116.543823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 116.545227] RSP: 002b:00007f7bfcd11218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 116.545820] RAX: fffffffffffffe00 RBX: 00007f7bff8aef68 RCX: 00007f7bff79bb19
[ 116.546379] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7bff8aef68
[ 116.546958] RBP: 00007f7bff8aef60 R08: 0000000000000000 R09: 0000000000000000
[ 116.547543] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bff8aef6c
[ 116.548112] R13: 00007ffc7ef459cf R14: 00007f7bfcd11300 R15: 0000000000022000
[ 116.548683]
[ 116.548875] Modules linked in:
[ 116.549143] Oops: general protection fault, probably for non-canonical address 0xdffffc0040000032: 0000 [#17] SMP KASAN NOPTI
[ 116.549203] ---[ end trace 0000000000000000 ]---
[ 116.550089] KASAN: probably user-memory-access in range [0x0000000200000190-0x0000000200000197]
[ 116.550105] CPU: 1 UID: 0 PID: 203 Comm: kworker/u8:2 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.550483] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.551182] Tainted: [D]=DIE, [W]=WARN
[ 116.551187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.552145] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.552510] Workqueue: ipv6_addrconf addrconf_dad_work
[ 116.552834] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.553488]
[ 116.554980]
[ 116.555386] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.555829] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.555958] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.556102] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.556475] RSP: 0018:ffff888016a4f680 EFLAGS: 00010212
[ 116.557076] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.558548]
[ 116.558553] RAX: 0000000040000032 RBX: 00000001ffffffa0 RCX: 0000000000000002
[ 116.558561] RDX: ffff888014609b80 RSI: ffffffff8189a4e7 RDI: 0000000200000190
[ 116.559158] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.559583] RBP: ffff888016a4f8f0 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.560182] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.560312] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.560908] FS: 00007f7bfcd11700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.561472] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.562075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.562633] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.563230] CR2: 0000000000000000 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.563796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.563806] CR2: 00007fab049b99c0 CR3: 0000000014377000 CR4: 0000000000350ef0
[ 116.564460] note: syz-executor.2[3971] exited with preempt_count 2
[ 116.565026] Call Trace:
[ 116.565032]
[ 116.565040] ? __pfx_perf_tp_event+0x10/0x10
[ 116.565510] Fixing recursive fault but reboot is needed!
[ 116.566162] ? do_raw_write_lock+0x11c/0x3a0
[ 116.569813] ? lock_acquire+0x18c/0x2f0
[ 116.570153] ? __asan_memcpy+0x3d/0x60
[ 116.570479] ? neigh_resolve_output+0x49a/0x7f0
[ 116.570866] ? ip6_finish_output2+0x968/0x1780
[ 116.571254] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.571669] perf_trace_run_bpf_submit+0xef/0x180
[ 116.572064] perf_trace_contention_end+0x235/0x3e0
[ 116.572461] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.572906] ? __mutex_trylock_common+0xf9/0x260
[ 116.573288] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.573705] trace_contention_end+0xae/0x110
[ 116.574066] __mutex_lock+0x166/0x1020
[ 116.574392] ? addrconf_dad_work+0xf6/0x11a0
[ 116.574753] ? __pfx___mutex_lock+0x10/0x10
[ 116.575102] ? __update_load_avg_se+0x428/0xa40
[ 116.575477] ? __perf_event_task_sched_in+0x235/0x5e0
[ 116.575883] ? __pfx___perf_event_task_sched_in+0x10/0x10
[ 116.576324] addrconf_dad_work+0xf6/0x11a0
[ 116.576672] ? __pfx_addrconf_dad_work+0x10/0x10
[ 116.577055] ? lock_acquire+0x18c/0x2f0
[ 116.577380] ? lock_release+0x1c7/0x290
[ 116.577710] process_one_work+0x8e1/0x19c0
[ 116.578054] ? __pfx_process_one_work+0x10/0x10
[ 116.578431] ? move_linked_works+0x172/0x270
[ 116.578792] ? assign_work+0x196/0x240
[ 116.579106] worker_thread+0x67e/0xe90
[ 116.579423] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.579841] ? __pfx_worker_thread+0x10/0x10
[ 116.580201] kthread+0x3c8/0x740
[ 116.580477] ? __pfx_kthread+0x10/0x10
[ 116.580791] ? ret_from_fork+0x23/0x430
[ 116.581117] ? lock_release+0xc8/0x290
[ 116.581444] ? __pfx_kthread+0x10/0x10
[ 116.581775] ret_from_fork+0x34b/0x430
[ 116.582093] ? __pfx_kthread+0x10/0x10
[ 116.582405] ret_from_fork_asm+0x1a/0x30
[ 116.582753]
[ 116.582958] Modules linked in:
[ 116.583221] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#18] SMP KASAN NOPTI
[ 116.583459] ---[ end trace 0000000000000000 ]---
[ 116.584100] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.584116] CPU: 0 UID: 0 PID: 423 Comm: kworker/u9:8 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.584136] Tainted: [D]=DIE, [W]=WARN
[ 116.584140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.584148] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.584168] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.584185] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.584197] RSP: 0018:ffff888018e77700 EFLAGS: 00010212
[ 116.584206] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.584214] RDX: ffff888017620000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.584222] RBP: ffff888018e77970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.584230] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.584238] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.584248] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.584259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.584267] CR2: 0000000000000000 CR3: 0000000041d3b000 CR4: 0000000000350ef0
[ 116.584275] Call Trace:
[ 116.584278]
[ 116.584285] ? __pfx_perf_tp_event+0x10/0x10
[ 116.584303] ? ret_from_fork_asm+0x1a/0x30
[ 116.584320] ? stack_trace_save+0x8e/0xc0
[ 116.584336] ? stack_depot_save_flags+0x2c/0xa20
[ 116.584352] ? kasan_save_stack+0x34/0x50
[ 116.584368] ? kasan_save_stack+0x24/0x50
[ 116.584382] ? kasan_save_track+0x14/0x30
[ 116.584396] ? __kasan_save_free_info+0x3a/0x60
[ 116.584408] ? __kasan_slab_free+0x3f/0x50
[ 116.584424] ? kmem_cache_free+0x2a1/0x540
[ 116.584435] ? kfree_skbmem+0x18a/0x1f0
[ 116.584450] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.584463] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.584479] perf_trace_run_bpf_submit+0xef/0x180
[ 116.584497] perf_trace_contention_begin+0x235/0x3e0
[ 116.584513] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.584528] ? __pick_eevdf+0x326/0x570
[ 116.584540] ? update_curr+0x71/0x500
[ 116.584552] ? lock_acquire+0x18c/0x2f0
[ 116.584567] trace_contention_begin+0xae/0x110
[ 116.584582] __mutex_lock+0x14b/0x1020
[ 116.584599] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.584612] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.584625] ? lock_release+0x1c7/0x290
[ 116.584637] ? lock_release+0x1c7/0x290
[ 116.584651] ? __pfx___mutex_lock+0x10/0x10
[ 116.584669] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.584686] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.584704] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.585677] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.586559] cfg80211_wiphy_work+0x7e/0x480
[ 116.586576] process_one_work+0x8e1/0x19c0
[ 116.586595] ? __pfx_process_one_work+0x10/0x10
[ 116.586609] ? move_linked_works+0x172/0x270
[ 116.586631] ? assign_work+0x196/0x240
[ 116.586645] worker_thread+0x67e/0xe90
[ 116.586659] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.586673] ? __pfx_worker_thread+0x10/0x10
[ 116.586688] kthread+0x3c8/0x740
[ 116.586701] ? __pfx_kthread+0x10/0x10
[ 116.586713] ? ret_from_fork+0x23/0x430
[ 116.587174] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.587666] ? lock_release+0xc8/0x290
[ 116.588260] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.588446] ? __pfx_kthread+0x10/0x10
[ 116.590019]
[ 116.590260] ret_from_fork+0x34b/0x430
[ 116.590968] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.591361] ? __pfx_kthread+0x10/0x10
[ 116.592059] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.592458] ret_from_fork_asm+0x1a/0x30
[ 116.593166] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.593640]
[ 116.594241] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.594633] Modules linked in:
[ 116.594995] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.595054] ---[ end trace 0000000000000000 ]---
[ 116.595516] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.595683] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.596157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.596381] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.596700] CR2: 00007fab049b99c0 CR3: 0000000014377000 CR4: 0000000000350ef0
[ 116.597030] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.597042] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.597050] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.597058] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.597067] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.597074] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.597084] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.597096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.597104] CR2: 0000000000000000 CR3: 0000000041d3b000 CR4: 0000000000350ef0
[ 116.597113] note: kworker/u9:8[423] exited with preempt_count 2
[ 116.598897] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#19] SMP KASAN NOPTI
[ 116.599115] note: kworker/u8:2[203] exited with preempt_count 2
[ 116.599311] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.611255] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f1
[ 116.611419] CPU: 0 UID: 0 PID: 337 Comm: kworker/u9:4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.611570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f1
[ 116.611870] Tainted: [D]=DIE, [W]=WARN
[ 116.611875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.612426] flags: 0x100000000000000(node=0|zone=1)
[ 116.612726] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.613280] page_type: f9(unknown)
[ 116.613589]
[ 116.613595] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.614160] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 116.614329] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.614891] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.615129] RSP: 0018:ffff88801743f700 EFLAGS: 00010212
[ 116.615679] page dumped because: nonzero mapcount
[ 116.616043]
[ 116.616047] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.616056] RDX: ffff8880160b1b80 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.616665] Modules linked in:
[ 116.617023] RBP: ffff88801743f970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.617033] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.617476]
[ 116.618868] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.618879] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.619432] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.619454] Tainted: [D]=DIE, [W]=WARN
[ 116.619458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.619466] Call Trace:
[ 116.619470]
[ 116.619475] dump_stack_lvl+0xfa/0x120
[ 116.619500] bad_page+0x8c/0x1c0
[ 116.619514] __free_frozen_pages+0xaf9/0xe10
[ 116.619532] ? rcu_core+0x7c3/0x1800
[ 116.619548] rcu_core+0x7c8/0x1800
[ 116.619564] ? __pfx_rcu_core+0x10/0x10
[ 116.619579] ? lock_release+0x1c7/0x290
[ 116.619596] handle_softirqs+0x1b1/0x770
[ 116.619617] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.619636] ? smpboot_thread_fn+0x371/0x9d0
[ 116.619656] run_ksoftirqd+0x2e/0x60
[ 116.619674] smpboot_thread_fn+0x41d/0x9d0
[ 116.619694] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.619714] kthread+0x3c8/0x740
[ 116.619726] ? __pfx_kthread+0x10/0x10
[ 116.619739] ? ret_from_fork+0x23/0x430
[ 116.619759] ? lock_release+0xc8/0x290
[ 116.619777] ? __pfx_kthread+0x10/0x10
[ 116.619790] ret_from_fork+0x34b/0x430
[ 116.619808] ? __pfx_kthread+0x10/0x10
[ 116.619821] ret_from_fork_asm+0x1a/0x30
[ 116.619841]
[ 116.619860] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f2
[ 116.620376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.620940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f2
[ 116.621481] CR2: 0000000000000000 CR3: 000000003ceb8000 CR4: 0000000000350ef0
[ 116.622044] flags: 0x100000000000000(node=0|zone=1)
[ 116.622583] Call Trace:
[ 116.623204] page_type: f9(unknown)
[ 116.623641]
[ 116.624199] raw: 0100000000000000 0000000000000000 ffffea000028bc90 0000000000000000
[ 116.624645] ? __pfx_perf_tp_event+0x10/0x10
[ 116.625506] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.625957] ? ret_from_fork_asm+0x1a/0x30
[ 116.626544] page dumped because: nonzero mapcount
[ 116.627016] ? stack_trace_save+0x8e/0xc0
[ 116.627919] Modules linked in:
[ 116.628506] ? stack_depot_save_flags+0x2c/0xa20
[ 116.628822]
[ 116.629446] ? kasan_save_stack+0x34/0x50
[ 116.629858] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.629880] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.629885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.629891] Call Trace:
[ 116.629895]
[ 116.629899] dump_stack_lvl+0xfa/0x120
[ 116.629918] bad_page+0x8c/0x1c0
[ 116.629930] __free_frozen_pages+0xaf9/0xe10
[ 116.629947] ? rcu_core+0x7c3/0x1800
[ 116.629961] rcu_core+0x7c8/0x1800
[ 116.629977] ? __pfx_rcu_core+0x10/0x10
[ 116.629992] ? lock_release+0x1c7/0x290
[ 116.630008] handle_softirqs+0x1b1/0x770
[ 116.630028] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.630047] ? smpboot_thread_fn+0x371/0x9d0
[ 116.630065] run_ksoftirqd+0x2e/0x60
[ 116.630084] smpboot_thread_fn+0x41d/0x9d0
[ 116.630103] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.630123] kthread+0x3c8/0x740
[ 116.630135] ? __pfx_kthread+0x10/0x10
[ 116.630148] ? ret_from_fork+0x23/0x430
[ 116.630166] ? lock_release+0xc8/0x290
[ 116.630180] ? __pfx_kthread+0x10/0x10
[ 116.630193] ret_from_fork+0x34b/0x430
[ 116.630211] ? __pfx_kthread+0x10/0x10
[ 116.630224] ret_from_fork_asm+0x1a/0x30
[ 116.630243]
[ 116.630248] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f3
[ 116.630261] ? kasan_save_stack+0x24/0x50
[ 116.630538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f3
[ 116.630673] ? kasan_save_track+0x14/0x30
[ 116.631043] flags: 0x100000000000000(node=0|zone=1)
[ 116.631656] ? __kasan_save_free_info+0x3a/0x60
[ 116.633057] page_type: f9(unknown)
[ 116.633645] ? __kasan_slab_free+0x3f/0x50
[ 116.634068] raw: 0100000000000000 0000000000000000 ffffea000028bcc8 0000000000000000
[ 116.634421] ? kmem_cache_free+0x2a1/0x540
[ 116.634561] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.635102] ? kfree_skbmem+0x18a/0x1f0
[ 116.635659] page dumped because: nonzero mapcount
[ 116.635910] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.635925] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.636468] Modules linked in:
[ 116.637015] perf_trace_run_bpf_submit+0xef/0x180
[ 116.637163] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.637185] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.637190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.637196] Call Trace:
[ 116.637200]
[ 116.637204] dump_stack_lvl+0xfa/0x120
[ 116.637223] bad_page+0x8c/0x1c0
[ 116.637235] __free_frozen_pages+0xaf9/0xe10
[ 116.637252] ? rcu_core+0x7c3/0x1800
[ 116.637266] rcu_core+0x7c8/0x1800
[ 116.637282] ? __pfx_rcu_core+0x10/0x10
[ 116.637297] ? lock_release+0x1c7/0x290
[ 116.637313] handle_softirqs+0x1b1/0x770
[ 116.637333] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.637352] ? smpboot_thread_fn+0x371/0x9d0
[ 116.637370] run_ksoftirqd+0x2e/0x60
[ 116.637388] smpboot_thread_fn+0x41d/0x9d0
[ 116.637407] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.637427] kthread+0x3c8/0x740
[ 116.637440] ? __pfx_kthread+0x10/0x10
[ 116.637452] ? ret_from_fork+0x23/0x430
[ 116.637471] ? lock_release+0xc8/0x290
[ 116.637484] ? __pfx_kthread+0x10/0x10
[ 116.637497] ret_from_fork+0x34b/0x430
[ 116.637516] ? __pfx_kthread+0x10/0x10
[ 116.637528] ret_from_fork_asm+0x1a/0x30
[ 116.637548]
[ 116.637552] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f4
[ 116.637716] perf_trace_contention_begin+0x235/0x3e0
[ 116.638343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f4
[ 116.639206] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.639511] flags: 0x100000000000000(node=0|zone=1)
[ 116.640142] ? __pick_eevdf+0x326/0x570
[ 116.640355] page_type: f9(unknown)
[ 116.640535] ? update_curr+0x71/0x500
[ 116.640851] raw: 0100000000000000 0000000000000000 ffffea000028bd08 0000000000000000
[ 116.641095] ? lock_acquire+0x18c/0x2f0
[ 116.641439] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.641726] trace_contention_begin+0xae/0x110
[ 116.642090] page dumped because: nonzero mapcount
[ 116.642381] __mutex_lock+0x14b/0x1020
[ 116.642683] Modules linked in:
[ 116.642995] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.643345] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.643367] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.643371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.643378] Call Trace:
[ 116.643381]
[ 116.643386] dump_stack_lvl+0xfa/0x120
[ 116.643405] bad_page+0x8c/0x1c0
[ 116.643417] __free_frozen_pages+0xaf9/0xe10
[ 116.643434] ? rcu_core+0x7c3/0x1800
[ 116.643448] rcu_core+0x7c8/0x1800
[ 116.643464] ? __pfx_rcu_core+0x10/0x10
[ 116.643479] ? lock_release+0x1c7/0x290
[ 116.643494] handle_softirqs+0x1b1/0x770
[ 116.643515] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.643534] ? smpboot_thread_fn+0x371/0x9d0
[ 116.643552] run_ksoftirqd+0x2e/0x60
[ 116.643570] smpboot_thread_fn+0x41d/0x9d0
[ 116.643589] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.643609] kthread+0x3c8/0x740
[ 116.643622] ? __pfx_kthread+0x10/0x10
[ 116.643634] ? ret_from_fork+0x23/0x430
[ 116.643652] ? lock_release+0xc8/0x290
[ 116.643666] ? __pfx_kthread+0x10/0x10
[ 116.643680] ret_from_fork+0x34b/0x430
[ 116.643699] ? __pfx_kthread+0x10/0x10
[ 116.643711] ret_from_fork_asm+0x1a/0x30
[ 116.643730]
[ 116.643735] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f5
[ 116.643963] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.643978] ? lock_release+0x1c7/0x290
[ 116.644301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f5
[ 116.644662] ? lock_release+0x1c7/0x290
[ 116.644937] flags: 0x100000000000000(node=0|zone=1)
[ 116.645228] ? __pfx___mutex_lock+0x10/0x10
[ 116.645533] page_type: f9(unknown)
[ 116.645837] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.646155] raw: 0100000000000000 0000000000000000 ffffea000028bd48 0000000000000000
[ 116.646449] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.646750] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.647058] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.647250] page dumped because: nonzero mapcount
[ 116.647724] cfg80211_wiphy_work+0x7e/0x480
[ 116.648181] Modules linked in:
[ 116.648767] process_one_work+0x8e1/0x19c0
[ 116.649320]
[ 116.649711] ? __pfx_process_one_work+0x10/0x10
[ 116.649927] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.649949] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.649953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.649960] Call Trace:
[ 116.649963]
[ 116.649968] dump_stack_lvl+0xfa/0x120
[ 116.649987] bad_page+0x8c/0x1c0
[ 116.649998] __free_frozen_pages+0xaf9/0xe10
[ 116.650015] ? rcu_core+0x7c3/0x1800
[ 116.650029] rcu_core+0x7c8/0x1800
[ 116.650045] ? __pfx_rcu_core+0x10/0x10
[ 116.650060] ? lock_release+0x1c7/0x290
[ 116.650076] handle_softirqs+0x1b1/0x770
[ 116.650096] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.650115] ? smpboot_thread_fn+0x371/0x9d0
[ 116.650133] run_ksoftirqd+0x2e/0x60
[ 116.650151] smpboot_thread_fn+0x41d/0x9d0
[ 116.650171] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.650191] kthread+0x3c8/0x740
[ 116.650204] ? __pfx_kthread+0x10/0x10
[ 116.650216] ? ret_from_fork+0x23/0x430
[ 116.650235] ? lock_release+0xc8/0x290
[ 116.650248] ? __pfx_kthread+0x10/0x10
[ 116.650261] ret_from_fork+0x34b/0x430
[ 116.650280] ? __pfx_kthread+0x10/0x10
[ 116.650292] ret_from_fork_asm+0x1a/0x30
[ 116.650312]
[ 116.650316] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f6
[ 116.650364] ? move_linked_works+0x172/0x270
[ 116.650971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f6
[ 116.651297] ? assign_work+0x196/0x240
[ 116.651898] flags: 0x100000000000000(node=0|zone=1)
[ 116.652210] worker_thread+0x67e/0xe90
[ 116.652576] page_type: f9(unknown)
[ 116.652892] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.653153] raw: 0100000000000000 0000000000000000 ffffea000028bd88 0000000000000000
[ 116.653509] ? __pfx_worker_thread+0x10/0x10
[ 116.653657] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.653968] kthread+0x3c8/0x740
[ 116.654856] page dumped because: nonzero mapcount
[ 116.655235] ? __pfx_kthread+0x10/0x10
[ 116.655886] Modules linked in:
[ 116.656077] ? ret_from_fork+0x23/0x430
[ 116.656257]
[ 116.656559] ? lock_release+0xc8/0x290
[ 116.656835] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.656856] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.656861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.656868] Call Trace:
[ 116.656871]
[ 116.656875] dump_stack_lvl+0xfa/0x120
[ 116.656894] bad_page+0x8c/0x1c0
[ 116.656906] __free_frozen_pages+0xaf9/0xe10
[ 116.656923] ? rcu_core+0x7c3/0x1800
[ 116.656937] rcu_core+0x7c8/0x1800
[ 116.656953] ? __pfx_rcu_core+0x10/0x10
[ 116.656968] ? lock_release+0x1c7/0x290
[ 116.656984] handle_softirqs+0x1b1/0x770
[ 116.657004] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.657023] ? smpboot_thread_fn+0x371/0x9d0
[ 116.657041] run_ksoftirqd+0x2e/0x60
[ 116.657059] smpboot_thread_fn+0x41d/0x9d0
[ 116.657079] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.657098] kthread+0x3c8/0x740
[ 116.657111] ? __pfx_kthread+0x10/0x10
[ 116.657123] ? ret_from_fork+0x23/0x430
[ 116.657142] ? lock_release+0xc8/0x290
[ 116.657155] ? __pfx_kthread+0x10/0x10
[ 116.657169] ret_from_fork+0x34b/0x430
[ 116.657187] ? __pfx_kthread+0x10/0x10
[ 116.657200] ret_from_fork_asm+0x1a/0x30
[ 116.657219]
[ 116.657224] BUG: Bad page state in process ksoftirqd/1 pfn:0a2f7
[ 116.657442] ? __pfx_kthread+0x10/0x10
[ 116.657743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa2f7
[ 116.658047] ret_from_fork+0x34b/0x430
[ 116.658363] flags: 0x100000000000000(node=0|zone=1)
[ 116.658674] ? __pfx_kthread+0x10/0x10
[ 116.659023] page_type: f9(unknown)
[ 116.659352] ret_from_fork_asm+0x1a/0x30
[ 116.659642] raw: 0100000000000000 0000000000000000 ffffea000028bdc8 0000000000000000
[ 116.659963]
[ 116.659968] Modules linked in:
[ 116.660337] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.660890] ---[ end trace 0000000000000000 ]---
[ 116.660914] page dumped because: nonzero mapcount
[ 116.661213] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.661510] Modules linked in:
[ 116.661836] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.662132] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.662153] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.662158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.662164] Call Trace:
[ 116.662168]
[ 116.662172] dump_stack_lvl+0xfa/0x120
[ 116.662191] bad_page+0x8c/0x1c0
[ 116.662203] __free_frozen_pages+0xaf9/0xe10
[ 116.662220] ? rcu_core+0x7c3/0x1800
[ 116.662234] rcu_core+0x7c8/0x1800
[ 116.662250] ? __pfx_rcu_core+0x10/0x10
[ 116.662265] ? lock_release+0x1c7/0x290
[ 116.662281] handle_softirqs+0x1b1/0x770
[ 116.662301] ? __pfx_run_ksoftirqd+0x10/0x10
[ 116.662320] ? smpboot_thread_fn+0x371/0x9d0
[ 116.662338] run_ksoftirqd+0x2e/0x60
[ 116.662356] smpboot_thread_fn+0x41d/0x9d0
[ 116.662375] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 116.662395] kthread+0x3c8/0x740
[ 116.662408] ? __pfx_kthread+0x10/0x10
[ 116.662420] ? ret_from_fork+0x23/0x430
[ 116.662439] ? lock_release+0xc8/0x290
[ 116.662453] ? __pfx_kthread+0x10/0x10
[ 116.662466] ret_from_fork+0x34b/0x430
[ 116.662484] ? __pfx_kthread+0x10/0x10
[ 116.662497] ret_from_fork_asm+0x1a/0x30
[ 116.662516]
[ 116.664963] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#20] SMP KASAN NOPTI
[ 116.665030] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.665389] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 116.665676]
[ 116.666005] CPU: 1 UID: 0 PID: 3975 Comm: syz-executor.2 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.666600] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.666928] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.666934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.667520] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.667825] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.668210] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.668556] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.668955] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.669197] RSP: 0018:ffff888015cb7640 EFLAGS: 00010212
[ 116.669574] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.670464]
[ 116.670468] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 116.670476] RDX: ffff888016368000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 116.670484] RBP: ffff888015cb78b0 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.670492] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.670499] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.670508] FS: 00007f7bfccf0700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.670520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.670528] CR2: 00007fab049b99c0 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.670536] Call Trace:
[ 116.670540]
[ 116.670547] ? __pfx_perf_tp_event+0x10/0x10
[ 116.670572] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.670589] perf_trace_run_bpf_submit+0xef/0x180
[ 116.670607] perf_trace_contention_end+0x235/0x3e0
[ 116.670623] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.670637] ? __mutex_trylock_common+0xf9/0x260
[ 116.670651] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.670667] trace_contention_end+0xae/0x110
[ 116.670681] __mutex_lock+0x166/0x1020
[ 116.670702] ? perf_event_exit_task+0x46/0x510
[ 116.670718] ? do_raw_spin_lock+0x123/0x260
[ 116.670734] ? lock_acquire+0x18c/0x2f0
[ 116.670746] ? __pfx___mutex_lock+0x10/0x10
[ 116.670764] ? _raw_spin_unlock_irq+0x23/0x40
[ 116.670779] ? lock_release+0x1c7/0x290
[ 116.670792] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.670806] ? _raw_spin_unlock_irqrestore+0x2c/0x50
[ 116.671205] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.671842] ? taskstats_exit+0x8c/0xba0
[ 116.671856] perf_event_exit_task+0x46/0x510
[ 116.671874] do_exit+0x626/0x2970
[ 116.671889] ? __pfx_do_exit+0x10/0x10
[ 116.671903] ? do_raw_spin_lock+0x123/0x260
[ 116.671918] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.671935] do_group_exit+0xd3/0x2a0
[ 116.671949] get_signal+0x2315/0x2340
[ 116.671970] ? __pfx_get_signal+0x10/0x10
[ 116.671987] ? lock_release+0x1c7/0x290
[ 116.672001] arch_do_signal_or_restart+0x80/0x790
[ 116.672019] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 116.672036] ? lock_acquire+0x18c/0x2f0
[ 116.672050] ? do_raw_spin_lock+0x123/0x260
[ 116.672065] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.672081] ? finish_task_switch.isra.0+0x294/0x840
[ 116.672101] exit_to_user_mode_loop+0x8b/0x110
[ 116.672114] ret_from_fork+0x3ac/0x430
[ 116.672132] ret_from_fork_asm+0x1a/0x30
[ 116.672347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.672528]
[ 116.672845] CR2: 0000000000000000 CR3: 000000003ceb8000 CR4: 0000000000350ef0
[ 116.673093] Modules linked in:
[ 116.673451] note: kworker/u9:4[337] exited with preempt_count 2
[ 116.674237] ---[ end trace 0000000000000000 ]---
[ 116.674531] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#21] SMP KASAN NOPTI
[ 116.674654] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.674981] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.674996] CPU: 0 UID: 0 PID: 41 Comm: kworker/R-ata_s Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.675016] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.675021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.675029] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.675047] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.675059] RSP: 0018:ffff88800a31f7c0 EFLAGS: 00010212
[ 116.675069] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.675076] RDX: ffff88800a310000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.675084] RBP: ffff88800a31fa30 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.675093] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.675100] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.675110] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.675121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.675129] CR2: 0000000000000000 CR3: 000000003ceb8000 CR4: 0000000000350ef0
[ 116.675136] Call Trace:
[ 116.675140]
[ 116.675147] ? __pfx_perf_tp_event+0x10/0x10
[ 116.675171] ? lock_is_held_type+0x9e/0x120
[ 116.675191] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.675207] ? lock_acquire+0x18c/0x2f0
[ 116.675221] perf_trace_run_bpf_submit+0xef/0x180
[ 116.675238] perf_trace_contention_begin+0x235/0x3e0
[ 116.675252] ? __pfx___perf_event_task_sched_in+0x10/0x10
[ 116.675266] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.675282] ? lock_acquire+0x18c/0x2f0
[ 116.675296] trace_contention_begin+0xae/0x110
[ 116.675311] __mutex_lock+0x14b/0x1020
[ 116.675328] ? worker_attach_to_pool+0x25/0x3c0
[ 116.675346] ? worker_attach_to_pool+0x25/0x3c0
[ 116.675365] ? __pfx___mutex_lock+0x10/0x10
[ 116.675383] ? __pfx___schedule+0x10/0x10
[ 116.675399] ? lock_acquire+0x15e/0x2f0
[ 116.675751] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.676098] ? do_raw_spin_lock+0x123/0x260
[ 116.676397] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.676723] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.677100]
[ 116.677361] worker_attach_to_pool+0x25/0x3c0
[ 116.677672] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.677983] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.678296] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.678598] rescuer_thread+0x367/0xd60
[ 116.678906] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.679202] ? find_held_lock+0x2b/0x80
[ 116.679512] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.679701] ? __pfx_rescuer_thread+0x10/0x10
[ 116.680192] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.680569] ? __kthread_parkme+0x1a7/0x250
[ 116.681190] FS: 00007f7bfccf0700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.681618] ? __pfx_rescuer_thread+0x10/0x10
[ 116.682022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.682326] kthread+0x3c8/0x740
[ 116.682603] CR2: 00007fab049b99c0 CR3: 0000000043dd8000 CR4: 0000000000350ef0
[ 116.682899] ? __pfx_kthread+0x10/0x10
[ 116.683506] note: syz-executor.2[3975] exited with preempt_count 2
[ 116.683812] ? ret_from_fork+0x23/0x430
[ 116.684419] Fixing recursive fault but reboot is needed!
[ 116.684775] ? lock_release+0xc8/0x290
[ 116.684790] ? __pfx_kthread+0x10/0x10
[ 116.800617] ret_from_fork+0x34b/0x430
[ 116.800962] ? __pfx_kthread+0x10/0x10
[ 116.801293] ret_from_fork_asm+0x1a/0x30
[ 116.801654]
[ 116.801854] Modules linked in:
[ 116.802136] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#22] SMP KASAN NOPTI
[ 116.802568] ---[ end trace 0000000000000000 ]---
[ 116.803114] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 116.803131] CPU: 1 UID: 0 PID: 26 Comm: kworker/u10:0 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.803152] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.803157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.803166] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.803189] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.803208] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.803220] RSP: 0018:ffff888009777700 EFLAGS: 00010212
[ 116.803230] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 116.803237] RDX: ffff888009753700 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 116.803245] RBP: ffff888009777970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.803253] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.803260] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.803270] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.803282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.803289] CR2: 00007fab049b99c0 CR3: 0000000044ba9000 CR4: 0000000000350ef0
[ 116.803297] Call Trace:
[ 116.803305]
[ 116.803313] ? __pfx_perf_tp_event+0x10/0x10
[ 116.803331] ? ret_from_fork_asm+0x1a/0x30
[ 116.803349] ? stack_trace_save+0x8e/0xc0
[ 116.803365] ? stack_depot_save_flags+0x2c/0xa20
[ 116.803380] ? kasan_save_stack+0x34/0x50
[ 116.803396] ? kasan_save_stack+0x24/0x50
[ 116.803801] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.804502] ? kasan_save_track+0x14/0x30
[ 116.805473] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.805891] ? __kasan_save_free_info+0x3a/0x60
[ 116.806587] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.807035] ? __kasan_slab_free+0x3f/0x50
[ 116.807429]
[ 116.808932] ? kmem_cache_free+0x2a1/0x540
[ 116.808945] ? kfree_skbmem+0x18a/0x1f0
[ 116.809380] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.809977] ? sk_skb_reason_drop+0x10e/0x1b0
[ 116.809993] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.810577] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.811162] perf_trace_run_bpf_submit+0xef/0x180
[ 116.811763] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.812350] perf_trace_contention_end+0x235/0x3e0
[ 116.813012] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.813483] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.814089] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.814295] ? __mutex_trylock_common+0xf9/0x260
[ 116.814486] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.814844] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.815197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.815543] trace_contention_end+0xae/0x110
[ 116.815945] CR2: 0000000000000000 CR3: 000000003ceb8000 CR4: 0000000000350ef0
[ 116.816272] __mutex_lock+0x166/0x1020
[ 116.816613] note: kworker/R-ata_s[41] exited with preempt_count 2
[ 116.816990] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.829718] ? lock_release+0x1c7/0x290
[ 116.830053] ? lock_release+0x1c7/0x290
[ 116.830389] ? __pfx___mutex_lock+0x10/0x10
[ 116.830756] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.831182] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.831566] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.832006] cfg80211_wiphy_work+0x7e/0x480
[ 116.832369] process_one_work+0x8e1/0x19c0
[ 116.832732] ? __pfx_process_one_work+0x10/0x10
[ 116.833122] ? move_linked_works+0x172/0x270
[ 116.833499] ? assign_work+0x196/0x240
[ 116.833835] worker_thread+0x67e/0xe90
[ 116.834166] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.834603] ? __pfx_worker_thread+0x10/0x10
[ 116.834973] kthread+0x3c8/0x740
[ 116.835259] ? __pfx_kthread+0x10/0x10
[ 116.835583] ? ret_from_fork+0x23/0x430
[ 116.835926] ? lock_release+0xc8/0x290
[ 116.836253] ? __pfx_kthread+0x10/0x10
[ 116.836580] ret_from_fork+0x34b/0x430
[ 116.836914] ? __pfx_kthread+0x10/0x10
[ 116.837242] ret_from_fork_asm+0x1a/0x30
[ 116.837597]
[ 116.837796] Modules linked in:
[ 116.838639] ---[ end trace 0000000000000000 ]---
[ 116.839479] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.839901] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.841424] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.841895] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.842000] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#23] SMP KASAN NOPTI
[ 116.842484] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.843422] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.843439] CPU: 0 UID: 0 PID: 58 Comm: kworker/0:2 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.844029] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.844647] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.845596] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.846168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.846177] Workqueue: 0x0
[ 116.846584] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.847164] (events)
[ 116.847173] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.847862] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.848095] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.848676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.848874] RSP: 0018:ffff88800faa7780 EFLAGS: 00010212
[ 116.848885] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.849257] CR2: 00007fab049b99c0 CR3: 0000000044ba9000 CR4: 0000000000350ef0
[ 116.849913] RDX: ffff88800fa19b80 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.849923] RBP: ffff88800faa79f0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.851352] note: kworker/u10:0[26] exited with preempt_count 2
[ 116.851793] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 116.851802] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.855997] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.856625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.857084] CR2: 0000000000000000 CR3: 0000000005a88000 CR4: 0000000000350ef0
[ 116.857651] Call Trace:
[ 116.857858]
[ 116.858047] ? __pfx_perf_tp_event+0x10/0x10
[ 116.858408] ? kasan_save_stack+0x34/0x50
[ 116.858742] ? kasan_save_stack+0x24/0x50
[ 116.859075] ? kasan_save_track+0x14/0x30
[ 116.859408] ? __kasan_save_free_info+0x3a/0x60
[ 116.859782] ? __kasan_slab_free+0x3f/0x50
[ 116.860123] ? kfree+0x281/0x550
[ 116.860405] ? __kthread_create_on_node+0x29d/0x3c0
[ 116.860810] ? kthread_create_on_node+0xbe/0x100
[ 116.861196] ? create_worker+0x408/0x800
[ 116.861522] ? worker_thread+0x956/0xe90
[ 116.861854] ? kthread+0x3c8/0x740
[ 116.862140] ? ret_from_fork+0x34b/0x430
[ 116.862474] ? ret_from_fork_asm+0x1a/0x30
[ 116.862819] ? kthread_data+0x53/0xc0
[ 116.863124] ? wq_worker_running+0x57/0x250
[ 116.863471] ? schedule_timeout+0x14f/0x280
[ 116.863818] ? __pfx_schedule_timeout+0x10/0x10
[ 116.864193] ? trace_ipi_send_cpu.constprop.0+0x158/0x1c0
[ 116.864636] ? do_raw_spin_lock+0x123/0x260
[ 116.864983] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.865358] ? lock_release+0x1c7/0x290
[ 116.865689] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.866089] perf_trace_run_bpf_submit+0xef/0x180
[ 116.866482] perf_trace_contention_begin+0x235/0x3e0
[ 116.866890] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.867335] ? dequeue_entities+0xf4e/0x2130
[ 116.867692] ? lock_acquire+0x18c/0x2f0
[ 116.868011] trace_contention_begin+0xae/0x110
[ 116.868381] __mutex_lock+0x14b/0x1020
[ 116.868699] ? worker_attach_to_pool+0x25/0x3c0
[ 116.869083] ? worker_attach_to_pool+0x25/0x3c0
[ 116.869457] ? wait_task_inactive+0x669/0xa20
[ 116.869821] ? set_cpus_allowed_fair+0xd/0x20
[ 116.870182] ? __do_set_cpus_allowed+0x1a6/0x8d0
[ 116.870573] ? __pfx___mutex_lock+0x10/0x10
[ 116.870921] ? do_set_cpus_allowed+0x7a/0xd0
[ 116.871276] ? __pfx_do_set_cpus_allowed+0x10/0x10
[ 116.871668] ? lock_release+0x1c7/0x290
[ 116.871985] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.872403] worker_attach_to_pool+0x25/0x3c0
[ 116.872770] create_worker+0x2a9/0x800
[ 116.873086] ? __pfx_create_worker+0x10/0x10
[ 116.873445] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.873828] ? lock_release+0x1c7/0x290
[ 116.874149] worker_thread+0x956/0xe90
[ 116.874461] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.874877] ? __pfx_worker_thread+0x10/0x10
[ 116.875234] kthread+0x3c8/0x740
[ 116.875512] ? __pfx_kthread+0x10/0x10
[ 116.875827] ? ret_from_fork+0x23/0x430
[ 116.876152] ? lock_release+0xc8/0x290
[ 116.876463] ? __pfx_kthread+0x10/0x10
[ 116.876777] ret_from_fork+0x34b/0x430
[ 116.877095] ? __pfx_kthread+0x10/0x10
[ 116.877408] ret_from_fork_asm+0x1a/0x30
[ 116.877746]
[ 116.877939] Modules linked in:
[ 116.878200] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#24] SMP KASAN NOPTI
[ 116.878609] ---[ end trace 0000000000000000 ]---
[ 116.879085] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 116.879101] CPU: 1 UID: 0 PID: 357 Comm: kworker/u9:5 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.879121] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.879126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.879134] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.879148] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.879165] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.879176] RSP: 0018:ffff8880193df700 EFLAGS: 00010212
[ 116.879185] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 116.879193] RDX: ffff888015de0000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 116.879200] RBP: ffff8880193df970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.879208] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.879216] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.879225] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.879236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.879244] CR2: 00007fab049b99c0 CR3: 0000000041d3b000 CR4: 0000000000350ef0
[ 116.879251] Call Trace:
[ 116.879255]
[ 116.879261] ? mark_held_locks+0x49/0x80
[ 116.879274] ? __pfx_perf_tp_event+0x10/0x10
[ 116.879291] ? put_task_struct_rcu_user+0x75/0xc0
[ 116.879306] ? release_task+0xcd4/0x1870
[ 116.879322] ? __pfx_release_task+0x10/0x10
[ 116.879336] ? lock_acquire+0x15e/0x2f0
[ 116.879351] ? kvm_sched_clock_read+0x16/0x30
[ 116.879368] ? sched_clock+0x37/0x60
[ 116.879744] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.880424] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.881347] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.881739] perf_trace_run_bpf_submit+0xef/0x180
[ 116.882398] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.882810] perf_trace_contention_end+0x235/0x3e0
[ 116.883181]
[ 116.884596] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.885031] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.885579] ? __mutex_trylock_common+0xf9/0x260
[ 116.886159] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.886703] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.887270] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.887817] trace_contention_end+0xae/0x110
[ 116.888447] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.888899] __mutex_lock+0x166/0x1020
[ 116.889463] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.889677] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.889873] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.890175] ? lock_release+0x1c7/0x290
[ 116.890524] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.890896] ? __pfx___mutex_lock+0x10/0x10
[ 116.891224] CR2: 0000000000000000 CR3: 0000000005a88000 CR4: 0000000000350ef0
[ 116.891556] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.891884] note: kworker/0:2[58] exited with preempt_count 2
[ 116.892221] ? xfd_validate_state+0x55/0x180
[ 116.904278] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.904646] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.905063] cfg80211_wiphy_work+0x7e/0x480
[ 116.905408] process_one_work+0x8e1/0x19c0
[ 116.905757] ? __pfx_process_one_work+0x10/0x10
[ 116.906134] ? move_linked_works+0x172/0x270
[ 116.906492] ? assign_work+0x196/0x240
[ 116.906801] worker_thread+0x67e/0xe90
[ 116.907115] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.907531] ? __pfx_worker_thread+0x10/0x10
[ 116.907886] kthread+0x3c8/0x740
[ 116.908159] ? __pfx_kthread+0x10/0x10
[ 116.908477] ? ret_from_fork+0x23/0x430
[ 116.908802] ? lock_release+0xc8/0x290
[ 116.909116] ? __pfx_kthread+0x10/0x10
[ 116.909432] ret_from_fork+0x34b/0x430
[ 116.909758] ? __pfx_kthread+0x10/0x10
[ 116.910068] ret_from_fork_asm+0x1a/0x30
[ 116.910401]
[ 116.910593] Modules linked in:
[ 116.910862] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#25] SMP KASAN NOPTI
[ 116.911259] ---[ end trace 0000000000000000 ]---
[ 116.911780] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.911796] CPU: 0 UID: 0 PID: 17 Comm: rcu_exp_gp_kthr Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.911817] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.911822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.911829] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.911850] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.911861] RSP: 0018:ffff88800963f7c0 EFLAGS: 00010212
[ 116.911871] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 116.911879] RDX: ffff888009630000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 116.911887] RBP: ffff88800963fa30 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.911894] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.911902] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.911911] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.911922] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.911930] CR2: 0000000000000000 CR3: 0000000043c35000 CR4: 0000000000350ef0
[ 116.911937] Call Trace:
[ 116.911942]
[ 116.911947] ? __lock_acquire+0xc65/0x1b70
[ 116.911964] ? __pfx_perf_tp_event+0x10/0x10
[ 116.911981] ? lock_is_held_type+0x9e/0x120
[ 116.912003] ? lock_acquire+0x18c/0x2f0
[ 116.912016] ? __update_load_avg_se+0x428/0xa40
[ 116.912034] ? lock_release+0x1c7/0x290
[ 116.912048] ? __perf_event_task_sched_in+0x235/0x5e0
[ 116.912061] ? __pfx___perf_event_task_sched_in+0x10/0x10
[ 116.912073] ? dequeue_entities+0x369/0x2130
[ 116.912089] ? lock_acquire+0x18c/0x2f0
[ 116.912102] ? xfd_validate_state+0x55/0x180
[ 116.912491] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.913083] ? lock_release+0x1c7/0x290
[ 116.913099] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.914035] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.914424] perf_trace_run_bpf_submit+0xef/0x180
[ 116.915090] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.915452] perf_trace_contention_begin+0x235/0x3e0
[ 116.916933]
[ 116.917295] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 116.917868] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.918418] ? lock_release+0x1c7/0x290
[ 116.918983] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.919531] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.920099] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.920721] ? lock_acquire+0x18c/0x2f0
[ 116.921186] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.921742] trace_contention_begin+0xae/0x110
[ 116.921959] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.922133] __mutex_lock+0x14b/0x1020
[ 116.922465] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.922808] ? rcu_exp_wait_wake+0x129/0x1390
[ 116.923148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.923460] ? rcu_exp_wait_wake+0x129/0x1390
[ 116.923834] CR2: 00007fab049b99c0 CR3: 0000000041d3b000 CR4: 0000000000350ef0
[ 116.924138] ? do_raw_spin_lock+0x123/0x260
[ 116.924535] note: kworker/u9:5[357] exited with preempt_count 2
[ 116.924959] ? __pfx___mutex_lock+0x10/0x10
[ 116.926955] kworker/u9:0 (25) used greatest stack depth: 23968 bytes left
[ 116.927008] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 116.939014] ? lock_acquire+0x18c/0x2f0
[ 116.939335] ? lock_acquire+0x18c/0x2f0
[ 116.939651] ? lock_release+0x1c7/0x290
[ 116.939968] ? lock_release+0x1c7/0x290
[ 116.940289] ? finish_swait+0xca/0x230
[ 116.940601] rcu_exp_wait_wake+0x129/0x1390
[ 116.940958] ? _raw_spin_lock_irqsave+0x42/0x60
[ 116.941336] ? __sync_rcu_exp_select_node_cpus+0x739/0xb20
[ 116.941789] ? __sync_rcu_exp_select_node_cpus+0x739/0xb20
[ 116.942242] ? __pfx_rcu_exp_wait_wake+0x10/0x10
[ 116.942629] ? sync_rcu_exp_select_cpus+0x3e3/0x940
[ 116.943031] ? lock_release+0x1c7/0x290
[ 116.943356] kthread_worker_fn+0x2b5/0xad0
[ 116.943695] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 116.944070] ? __pfx_kthread_worker_fn+0x10/0x10
[ 116.944450] kthread+0x3c8/0x740
[ 116.944725] ? __pfx_kthread+0x10/0x10
[ 116.945040] ? ret_from_fork+0x23/0x430
[ 116.945372] ? lock_release+0xc8/0x290
[ 116.945693] ? __pfx_kthread+0x10/0x10
[ 116.946004] ret_from_fork+0x34b/0x430
[ 116.946323] ? __pfx_kthread+0x10/0x10
[ 116.946637] ret_from_fork_asm+0x1a/0x30
[ 116.946973]
[ 116.947167] Modules linked in:
[ 116.947426] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#26] SMP KASAN NOPTI
[ 116.947512] ---[ end trace 0000000000000000 ]---
[ 116.948321] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 116.948336] CPU: 1 UID: 0 PID: 107 Comm: kworker/u9:3 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.948704] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.949381] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.949387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.950309] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.950660] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.951071] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.951704]
[ 116.953135]
[ 116.953547] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.953979] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.954108] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.954244] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.954605] RSP: 0018:ffff8880179af700 EFLAGS: 00010212
[ 116.955173] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 116.956579]
[ 116.956583] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 116.956591] RDX: ffff888016448000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 116.957160] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.957564] RBP: ffff8880179af970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 116.958141] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 116.958269] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 116.958835] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 116.959380] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 116.959951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.960494] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 116.961061] CR2: 0000000000000000 CR3: 0000000043c35000 CR4: 0000000000350ef0
[ 116.961616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 116.962258] note: rcu_exp_gp_kthr[17] exited with preempt_count 2
[ 116.962803] CR2: 00007fab049b99c0 CR3: 0000000041d3b000 CR4: 0000000000350ef0
[ 116.962813] Call Trace:
[ 116.963852] BUG: Bad page state in process syz-fuzzer pfn:18e21
[ 116.963891]
[ 116.963898] ? mark_held_locks+0x49/0x80
[ 116.964456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e21
[ 116.964909] ? __pfx_perf_tp_event+0x10/0x10
[ 116.964927] ? put_task_struct_rcu_user+0x75/0xc0
[ 116.965401] flags: 0x100000000000000(node=0|zone=1)
[ 116.965962] ? release_task+0xcd4/0x1870
[ 116.965980] ? __lock_acquire+0xc65/0x1b70
[ 116.966184] page_type: f9(unknown)
[ 116.966663] ? perf_trace_run_bpf_submit+0xef/0x180
[ 116.966863] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 116.967164] ? __lock_acquire+0xc65/0x1b70
[ 116.967794] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.968122] perf_trace_run_bpf_submit+0xef/0x180
[ 116.968497] page dumped because: nonzero mapcount
[ 116.968893] perf_trace_contention_end+0x235/0x3e0
[ 116.969217] Modules linked in:
[ 116.969544] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 116.969838]
[ 116.970212] ? __mutex_trylock_common+0xf9/0x260
[ 116.970831] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.970855] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.970860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.970868] Call Trace:
[ 116.970872]
[ 116.970876] dump_stack_lvl+0xfa/0x120
[ 116.970906] bad_page+0x8c/0x1c0
[ 116.970921] __free_frozen_pages+0xaf9/0xe10
[ 116.970940] ? rcu_core+0x7c3/0x1800
[ 116.970956] rcu_core+0x7c8/0x1800
[ 116.970972] ? __pfx_rcu_core+0x10/0x10
[ 116.970987] ? clockevents_program_event+0x135/0x360
[ 116.971005] ? tick_program_event+0xac/0x140
[ 116.971018] ? hrtimer_interrupt+0x652/0x830
[ 116.971031] handle_softirqs+0x1b1/0x770
[ 116.971054] __irq_exit_rcu+0xc4/0x100
[ 116.971073] irq_exit_rcu+0x9/0x20
[ 116.971084] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.971102] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.971116] RIP: 0033:0x7e19f1
[ 116.971126] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.971139] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.971150] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.971158] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.971166] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.971174] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.971181] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.971192]
[ 116.971197] BUG: Bad page state in process syz-fuzzer pfn:18e22
[ 116.971741] ? __pfx___mutex_trylock_common+0x10/0x10
[ 116.972137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e22
[ 116.972497] trace_contention_end+0xae/0x110
[ 116.972889] flags: 0x100000000000000(node=0|zone=1)
[ 116.973135] __mutex_lock+0x166/0x1020
[ 116.973550] page_type: f9(unknown)
[ 116.973693] ? cfg80211_wiphy_work+0x7e/0x480
[ 116.974080] raw: 0100000000000000 0000000000000000 ffffea0000638890 0000000000000000
[ 116.974945] ? lock_release+0x1c7/0x290
[ 116.975349] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.975975] ? __pfx___mutex_lock+0x10/0x10
[ 116.975994] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 116.976200] page dumped because: nonzero mapcount
[ 116.976380] ? xfd_validate_state+0x55/0x180
[ 116.976684] Modules linked in:
[ 116.976946] ? __pfx_try_to_wake_up+0x10/0x10
[ 116.977328]
[ 116.977622] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.977925] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.977948] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.977953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.977960] Call Trace:
[ 116.977964]
[ 116.977968] dump_stack_lvl+0xfa/0x120
[ 116.977989] bad_page+0x8c/0x1c0
[ 116.978001] __free_frozen_pages+0xaf9/0xe10
[ 116.978019] ? rcu_core+0x7c3/0x1800
[ 116.978033] rcu_core+0x7c8/0x1800
[ 116.978049] ? __pfx_rcu_core+0x10/0x10
[ 116.978064] ? clockevents_program_event+0x135/0x360
[ 116.978081] ? tick_program_event+0xac/0x140
[ 116.978093] ? hrtimer_interrupt+0x652/0x830
[ 116.978105] handle_softirqs+0x1b1/0x770
[ 116.978126] __irq_exit_rcu+0xc4/0x100
[ 116.978144] irq_exit_rcu+0x9/0x20
[ 116.978155] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.978173] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.978186] RIP: 0033:0x7e19f1
[ 116.978195] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.978207] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.978217] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.978225] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.978233] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.978241] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.978249] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.978260]
[ 116.978265] BUG: Bad page state in process syz-fuzzer pfn:18e23
[ 116.978591] cfg80211_wiphy_work+0x7e/0x480
[ 116.978951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e23
[ 116.979278] process_one_work+0x8e1/0x19c0
[ 116.979588] flags: 0x100000000000000(node=0|zone=1)
[ 116.979893] ? __pfx_process_one_work+0x10/0x10
[ 116.980178] page_type: f9(unknown)
[ 116.980554] ? move_linked_works+0x172/0x270
[ 116.980977] raw: 0100000000000000 0000000000000000 ffffea00006388c8 0000000000000000
[ 116.981209] ? assign_work+0x196/0x240
[ 116.982670] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.983060] worker_thread+0x67e/0xe90
[ 116.983639] page dumped because: nonzero mapcount
[ 116.984187] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 116.984202] ? __pfx_worker_thread+0x10/0x10
[ 116.984748] Modules linked in:
[ 116.985303] kthread+0x3c8/0x740
[ 116.985319] ? __pfx_kthread+0x10/0x10
[ 116.985884]
[ 116.986061] ? ret_from_fork+0x23/0x430
[ 116.986531] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.986553] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.986558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.986565] Call Trace:
[ 116.986569]
[ 116.986573] dump_stack_lvl+0xfa/0x120
[ 116.986593] bad_page+0x8c/0x1c0
[ 116.986605] __free_frozen_pages+0xaf9/0xe10
[ 116.986622] ? rcu_core+0x7c3/0x1800
[ 116.986637] rcu_core+0x7c8/0x1800
[ 116.986653] ? __pfx_rcu_core+0x10/0x10
[ 116.986668] ? clockevents_program_event+0x135/0x360
[ 116.986685] ? tick_program_event+0xac/0x140
[ 116.986696] ? hrtimer_interrupt+0x652/0x830
[ 116.986709] handle_softirqs+0x1b1/0x770
[ 116.986729] __irq_exit_rcu+0xc4/0x100
[ 116.986748] irq_exit_rcu+0x9/0x20
[ 116.986759] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.986781] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.986794] RIP: 0033:0x7e19f1
[ 116.986803] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.986815] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.986825] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.986833] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.986840] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.986848] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.986855] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.986867]
[ 116.986886] BUG: Bad page state in process syz-fuzzer pfn:18e24
[ 116.986922] ? lock_release+0xc8/0x290
[ 116.987529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e24
[ 116.987864] ? __pfx_kthread+0x10/0x10
[ 116.987878] ret_from_fork+0x34b/0x430
[ 116.988257] flags: 0x100000000000000(node=0|zone=1)
[ 116.988554] ? __pfx_kthread+0x10/0x10
[ 116.988842] page_type: f9(unknown)
[ 116.989177] ret_from_fork_asm+0x1a/0x30
[ 116.989794] raw: 0100000000000000 0000000000000000 ffffea0000638908 0000000000000000
[ 116.990087]
[ 116.990676] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.991000] Modules linked in:
[ 116.991561] ---[ end trace 0000000000000000 ]---
[ 116.991765] page dumped because: nonzero mapcount
[ 116.991788] Modules linked in:
[ 116.991798] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.991819] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.991824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.991831] Call Trace:
[ 116.991835]
[ 116.991839] dump_stack_lvl+0xfa/0x120
[ 116.991858] bad_page+0x8c/0x1c0
[ 116.991870] __free_frozen_pages+0xaf9/0xe10
[ 116.991888] ? rcu_core+0x7c3/0x1800
[ 116.991902] rcu_core+0x7c8/0x1800
[ 116.991919] ? __pfx_rcu_core+0x10/0x10
[ 116.991933] ? clockevents_program_event+0x135/0x360
[ 116.991950] ? tick_program_event+0xac/0x140
[ 116.991962] ? hrtimer_interrupt+0x652/0x830
[ 116.991974] handle_softirqs+0x1b1/0x770
[ 116.991995] __irq_exit_rcu+0xc4/0x100
[ 116.992014] irq_exit_rcu+0x9/0x20
[ 116.992024] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.992042] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.992055] RIP: 0033:0x7e19f1
[ 116.992063] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.992076] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.992085] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.992093] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.992101] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.992109] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.992116] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.992128]
[ 116.992132] BUG: Bad page state in process syz-fuzzer pfn:18e25
[ 116.992140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e25
[ 116.992151] flags: 0x100000000000000(node=0|zone=1)
[ 116.992159] page_type: f9(unknown)
[ 116.992170] raw: 0100000000000000 0000000000000000 ffffea0000638948 0000000000000000
[ 116.992181] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.992188] page dumped because: nonzero mapcount
[ 116.992193] Modules linked in:
[ 116.992202] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.992222] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.992227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.992234] Call Trace:
[ 116.992237]
[ 116.992241] dump_stack_lvl+0xfa/0x120
[ 116.992260] bad_page+0x8c/0x1c0
[ 116.992273] __free_frozen_pages+0xaf9/0xe10
[ 116.992290] ? rcu_core+0x7c3/0x1800
[ 116.992304] rcu_core+0x7c8/0x1800
[ 116.992320] ? __pfx_rcu_core+0x10/0x10
[ 116.992335] ? clockevents_program_event+0x135/0x360
[ 116.992351] ? tick_program_event+0xac/0x140
[ 116.992363] ? hrtimer_interrupt+0x652/0x830
[ 116.992375] handle_softirqs+0x1b1/0x770
[ 116.992395] __irq_exit_rcu+0xc4/0x100
[ 116.992414] irq_exit_rcu+0x9/0x20
[ 116.992424] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.992442] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.992455] RIP: 0033:0x7e19f1
[ 116.992463] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.992474] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.992483] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.992491] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.992499] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.992507] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.992514] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.992526]
[ 116.992530] BUG: Bad page state in process syz-fuzzer pfn:18e26
[ 116.992601] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.992871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e26
[ 116.992883] flags: 0x100000000000000(node=0|zone=1)
[ 116.992892] page_type: f9(unknown)
[ 116.992902] raw: 0100000000000000 0000000000000000 ffffea0000638988 0000000000000000
[ 116.992913] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.992921] page dumped because: nonzero mapcount
[ 116.992925] Modules linked in:
[ 116.992935] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.992956] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.992960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.992967] Call Trace:
[ 116.992971]
[ 116.992975] dump_stack_lvl+0xfa/0x120
[ 116.992995] bad_page+0x8c/0x1c0
[ 116.993006] __free_frozen_pages+0xaf9/0xe10
[ 116.993023] ? rcu_core+0x7c3/0x1800
[ 116.993037] rcu_core+0x7c8/0x1800
[ 116.993054] ? __pfx_rcu_core+0x10/0x10
[ 116.993068] ? clockevents_program_event+0x135/0x360
[ 116.993085] ? tick_program_event+0xac/0x140
[ 116.993097] ? hrtimer_interrupt+0x652/0x830
[ 116.993108] handle_softirqs+0x1b1/0x770
[ 116.993129] __irq_exit_rcu+0xc4/0x100
[ 116.993148] irq_exit_rcu+0x9/0x20
[ 116.993158] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.993175] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.993189] RIP: 0033:0x7e19f1
[ 116.993197] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.993208] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.993217] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.993225] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.993233] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.993241] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.993248] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.993259]
[ 116.993264] BUG: Bad page state in process syz-fuzzer pfn:18e27
[ 116.993324] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 116.993463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18e27
[ 116.993935] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 116.994764] flags: 0x100000000000000(node=0|zone=1)
[ 116.994789] page_type: f9(unknown)
[ 116.994800] raw: 0100000000000000 0000000000000000 ffffea00006389c8 0000000000000000
[ 116.994811] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 116.994818] page dumped because: nonzero mapcount
[ 116.994823] Modules linked in:
[ 116.994833] CPU: 0 UID: 0 PID: 273 Comm: syz-fuzzer Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.994854] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.994859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.994866] Call Trace:
[ 116.994869]
[ 116.994874] dump_stack_lvl+0xfa/0x120
[ 116.994893] bad_page+0x8c/0x1c0
[ 116.994904] __free_frozen_pages+0xaf9/0xe10
[ 116.994921] ? rcu_core+0x7c3/0x1800
[ 116.994936] rcu_core+0x7c8/0x1800
[ 116.994952] ? __pfx_rcu_core+0x10/0x10
[ 116.994966] ? clockevents_program_event+0x135/0x360
[ 116.994983] ? tick_program_event+0xac/0x140
[ 116.994995] ? hrtimer_interrupt+0x652/0x830
[ 116.995007] handle_softirqs+0x1b1/0x770
[ 116.995027] __irq_exit_rcu+0xc4/0x100
[ 116.995046] irq_exit_rcu+0x9/0x20
[ 116.995056] sysvec_apic_timer_interrupt+0x39/0x80
[ 116.995074] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 116.995087] RIP: 0033:0x7e19f1
[ 116.995095] Code: 24 10 48 8d 6c 24 10 48 8b 4c 24 50 48 8b 54 24 30 48 39 d1 77 50 48 8b 54 24 48 48 39 d1 77 41 48 8b 44 24 38 48 8b 54 24 20 <31> db eb 03 48 ff c3 48 39 cb 7d 1c 0f b6 34 1a 0f b6 3c 18 40 38
[ 116.995107] RSP: 002b:000000c0005c5420 EFLAGS: 00000293
[ 116.995116] RAX: 000000c00034217b RBX: 0000000000008983 RCX: 00000000000000b1
[ 116.995123] RDX: 000000c00033d67d RSI: 000000c000336000 RDI: 000000c00033d67d
[ 116.995132] RBP: 000000c0005c5430 R08: 0000000000000006 R09: 0000000000000e33
[ 116.995139] R10: 0000000000000022 R11: 00000000000000b1 R12: 000000000000767d
[ 116.995147] R13: 0000000000003e85 R14: 000000000000417b R15: 000000000000767d
[ 116.995158]
[ 116.997896] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#27] SMP KASAN NOPTI
[ 116.998228]
[ 116.998569] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 116.998967] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 116.999261] CPU: 0 UID: 0 PID: 344 Comm: kworker/u10:4 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 116.999569] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 116.999872] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 116.999878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 116.999885] Workqueue: events_unbound cfg80211_wiphy_work
[ 116.999906] RIP: 0010:perf_tp_event+0x175/0xe70
[ 116.999926] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.000207] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.000607] RSP: 0018:ffff888017497700 EFLAGS: 00010212
[ 117.001088] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.001287]
[ 117.002792] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.003134] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.003690] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.004245] RDX: ffff888018df8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.004255] RBP: ffff888017497970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.004263] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 117.004271] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.004280] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 117.004291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.004299] CR2: 0000000000000000 CR3: 000000003d444000 CR4: 0000000000350ef0
[ 117.004918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.005422] Call Trace:
[ 117.006050] CR2: 00007fab049b99c0 CR3: 0000000041d3b000 CR4: 0000000000350ef0
[ 117.006187]
[ 117.006659] note: kworker/u9:3[107] exited with preempt_count 2
[ 117.006992] ? __pfx_perf_tp_event+0x10/0x10
[ 117.007012] ? ret_from_fork_asm+0x1a/0x30
[ 117.007028] ? stack_trace_save+0x8e/0xc0
[ 117.107867] ? stack_depot_save_flags+0x2c/0xa20
[ 117.108256] ? kasan_save_stack+0x34/0x50
[ 117.108593] ? kasan_save_stack+0x24/0x50
[ 117.108931] ? kasan_save_track+0x14/0x30
[ 117.109266] ? __kasan_save_free_info+0x3a/0x60
[ 117.109641] ? __kasan_slab_free+0x3f/0x50
[ 117.109984] ? kmem_cache_free+0x2a1/0x540
[ 117.110324] ? kfree_skbmem+0x18a/0x1f0
[ 117.110647] ? sk_skb_reason_drop+0x10e/0x1b0
[ 117.111011] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.111418] perf_trace_run_bpf_submit+0xef/0x180
[ 117.111808] perf_trace_contention_begin+0x235/0x3e0
[ 117.112221] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.112663] ? lock_acquire+0x18c/0x2f0
[ 117.112990] trace_contention_begin+0xae/0x110
[ 117.113363] __mutex_lock+0x14b/0x1020
[ 117.113692] ? cfg80211_wiphy_work+0x7e/0x480
[ 117.114060] ? cfg80211_wiphy_work+0x7e/0x480
[ 117.114422] ? lock_release+0x1c7/0x290
[ 117.114742] ? __pfx___mutex_lock+0x10/0x10
[ 117.115097] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 117.115507] ? __pfx_try_to_wake_up+0x10/0x10
[ 117.115874] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.116295] cfg80211_wiphy_work+0x7e/0x480
[ 117.116647] process_one_work+0x8e1/0x19c0
[ 117.117004] ? __pfx_process_one_work+0x10/0x10
[ 117.117389] ? move_linked_works+0x172/0x270
[ 117.117761] ? assign_work+0x196/0x240
[ 117.118085] worker_thread+0x67e/0xe90
[ 117.118399] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.118817] ? __pfx_worker_thread+0x10/0x10
[ 117.119177] kthread+0x3c8/0x740
[ 117.119457] ? __pfx_kthread+0x10/0x10
[ 117.119769] ? ret_from_fork+0x23/0x430
[ 117.120095] ? lock_release+0xc8/0x290
[ 117.120406] ? __pfx_kthread+0x10/0x10
[ 117.120722] ret_from_fork+0x34b/0x430
[ 117.121041] ? __pfx_kthread+0x10/0x10
[ 117.121356] ret_from_fork_asm+0x1a/0x30
[ 117.121695]
[ 117.121883] Modules linked in:
[ 117.122607] ---[ end trace 0000000000000000 ]---
[ 117.123293] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.123676] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.123811] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#28] SMP KASAN NOPTI
[ 117.125122] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.126019] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.126037] CPU: 1 UID: 0 PID: 3955 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.126439]
[ 117.127118] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.127124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.128055] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.128182] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.128576] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.129217] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.129231] RSP: 0018:ffff88800d4d77c0 EFLAGS: 00010212
[ 117.129797] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.130152]
[ 117.130749] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.132163] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.132172] RDX: ffff88801906b700 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.132593] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.133150] RBP: ffff88800d4d7a30 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 117.133159] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 117.133298] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 117.133865] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 117.133875] FS: 00005555651a4400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.134435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.134991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.135000] CR2: 0000001b2d024000 CR3: 0000000014377000 CR4: 0000000000350ef0
[ 117.135556] CR2: 0000000000000000 CR3: 000000003d444000 CR4: 0000000000350ef0
[ 117.136110] Call Trace:
[ 117.136115]
[ 117.136122] ? __pfx_perf_tp_event+0x10/0x10
[ 117.136681] note: kworker/u10:4[344] exited with preempt_count 2
[ 117.137300] ? css_rstat_updated+0x1b8/0x4d0
[ 117.142090] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.142476] ? xas_start+0x14e/0x710
[ 117.142778] ? __cgroup_account_cputime+0x88/0xc0
[ 117.143174] ? update_se+0x3d3/0x670
[ 117.143478] ? update_curr+0x39e/0x500
[ 117.143799] ? asym_cpu_capacity_scan+0x730/0x7b0
[ 117.144198] ? pick_task_fair+0xcd/0x270
[ 117.144534] ? lock_release+0x1c7/0x290
[ 117.144860] ? pick_next_task_fair+0x47/0xed0
[ 117.145231] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.145644] ? __schedule+0xe91/0x3590
[ 117.145962] perf_trace_run_bpf_submit+0xef/0x180
[ 117.146359] perf_trace_contention_end+0x235/0x3e0
[ 117.146760] ? css_rstat_updated+0x1b8/0x4d0
[ 117.147127] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 117.147566] ? __mutex_trylock_common+0xf9/0x260
[ 117.147953] ? __pfx___mutex_trylock_common+0x10/0x10
[ 117.148380] trace_contention_end+0xae/0x110
[ 117.148744] __mutex_lock+0x166/0x1020
[ 117.149066] ? perf_event_ctx_lock_nested+0x232/0x4d0
[ 117.149486] ? __pfx___resched_curr+0x10/0x10
[ 117.149868] ? __pfx___mutex_lock+0x10/0x10
[ 117.150224] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.150647] ? lock_acquire+0x18c/0x2f0
[ 117.150979] ? lock_release+0x1c7/0x290
[ 117.151302] perf_event_ctx_lock_nested+0x232/0x4d0
[ 117.151711] ? __pfx_perf_event_ctx_lock_nested+0x10/0x10
[ 117.152156] ? perf_remove_from_owner+0x2ec/0x570
[ 117.152552] ? __pfx_perf_release+0x10/0x10
[ 117.152903] perf_event_release_kernel+0x9e/0x540
[ 117.153297] ? trace_sched_exit_tp+0xbf/0x100
[ 117.153696] ? __schedule+0xe91/0x3590
[ 117.154018] ? __pfx_perf_release+0x10/0x10
[ 117.154368] perf_release+0x31/0x40
[ 117.154667] __fput+0x401/0xb50
[ 117.154946] fput_close_sync+0x10f/0x240
[ 117.155280] ? __pfx_fput_close_sync+0x10/0x10
[ 117.155656] ? dnotify_flush+0x79/0x4c0
[ 117.155980] __x64_sys_close+0x8f/0x120
[ 117.156310] do_syscall_64+0xbf/0x360
[ 117.156621] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.157033] RIP: 0033:0x7f57d4f7172b
[ 117.157336] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
[ 117.158794] RSP: 002b:00007ffe99527b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 117.159400] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f57d4f7172b
[ 117.159970] RDX: 0000001b2d024bd0 RSI: ffffffff813b276a RDI: 0000000000000003
[ 117.160539] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b2d022be4
[ 117.161108] R10: 0000000000001f6d R11: 0000000000000293 R12: 00007f57d50d2b60
[ 117.161687] R13: 00007f57d50d2b60 R14: 00007f57d50d1f60 R15: 000000000001c3cd
[ 117.162261] ? do_exit+0xca/0x2970
[ 117.162555]
[ 117.162748] Modules linked in:
[ 117.163015] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#29] SMP KASAN NOPTI
[ 117.163035] ---[ end trace 0000000000000000 ]---
[ 117.163913] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 117.163930] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.164297] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.164897] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.164904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.165792] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.166155] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.166556] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.167210] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.168678]
[ 117.169024] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.169449] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.170904] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.170913] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.171054] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.171473] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.172048] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.172605] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.173181] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.173743] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.174321] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.174875] FS: 00007f822348f900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 117.175446] FS: 00005555651a4400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.176009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.176019] CR2: 0000000000000000 CR3: 000000000f1a1000 CR4: 0000000000350ef0
[ 117.176580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.177147] Call Trace:
[ 117.177153]
[ 117.177161] ? kasan_save_stack+0x34/0x50
[ 117.177812] CR2: 0000001b2d024000 CR3: 0000000014377000 CR4: 0000000000350ef0
[ 117.178445] ? __pfx_perf_tp_event+0x10/0x10
[ 117.178922] note: syz-executor.1[3955] exited with preempt_count 2
[ 117.179472] ? kfree_skbmem+0x18a/0x1f0
[ 117.182894] ? ___sys_recvmsg+0xf1/0x190
[ 117.183324] ? __sys_recvmsg+0x14d/0x200
[ 117.183662] ? do_syscall_64+0xbf/0x360
[ 117.183986] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.184419] ? __lock_acquire+0x694/0x1b70
[ 117.184769] ? map_id_range_up+0x1d5/0x350
[ 117.185120] ? __pfx_map_id_range_up+0x10/0x10
[ 117.185498] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.185926] ? css_rstat_updated+0x1b8/0x4d0
[ 117.186293] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.186683] ? lock_is_held_type+0x9e/0x120
[ 117.187043] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.187447] perf_trace_run_bpf_submit+0xef/0x180
[ 117.187845] perf_trace_contention_begin+0x235/0x3e0
[ 117.188260] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.188709] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.189132] ? lock_acquire+0x18c/0x2f0
[ 117.189457] trace_contention_begin+0xae/0x110
[ 117.189864] __mutex_lock+0x14b/0x1020
[ 117.190189] ? ep_send_events+0xff/0xaa0
[ 117.190530] ? ep_send_events+0xff/0xaa0
[ 117.190863] ? __pfx___mutex_lock+0x10/0x10
[ 117.191220] ? lock_acquire+0x15e/0x2f0
[ 117.191547] ? find_held_lock+0x2b/0x80
[ 117.191881] ? schedule+0x2c7/0x390
[ 117.192185] ? lock_release+0xc8/0x290
[ 117.192504] ep_send_events+0xff/0xaa0
[ 117.192820] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.193273] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.193751] ? __pfx_ep_send_events+0x10/0x10
[ 117.194118] ? lock_release+0xc8/0x290
[ 117.194439] do_epoll_wait+0x42e/0xee0
[ 117.194761] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.195126] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.195516] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.195961] ? __sys_recvmsg+0x171/0x200
[ 117.196304] __x64_sys_epoll_wait+0x15b/0x280
[ 117.196675] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.197021] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.197427] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.197783] ? lock_release+0xc8/0x290
[ 117.198096] ? lock_is_held_type+0x9e/0x120
[ 117.198448] do_syscall_64+0xbf/0x360
[ 117.198761] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.199179] RIP: 0033:0x7f8223c6c116
[ 117.199483] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.200938] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.201552] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.202123] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.202687] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.203264] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.203829] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.204408]
[ 117.204605] Modules linked in:
[ 117.205469] ---[ end trace 0000000000000000 ]---
[ 117.206182] BUG: Bad page state in process systemd pfn:18c21
[ 117.206196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c21
[ 117.206209] flags: 0x100000000000000(node=0|zone=1)
[ 117.206222] page_type: f9(unknown)
[ 117.206235] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 117.206247] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.206255] page dumped because: nonzero mapcount
[ 117.206261] Modules linked in:
[ 117.206273] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.206296] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.206301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.206308] Call Trace:
[ 117.206313]
[ 117.206317] dump_stack_lvl+0xfa/0x120
[ 117.206346] bad_page+0x8c/0x1c0
[ 117.206361] __free_frozen_pages+0xaf9/0xe10
[ 117.206381] ? rcu_core+0x7c3/0x1800
[ 117.206398] rcu_core+0x7c8/0x1800
[ 117.206415] ? __pfx_rcu_core+0x10/0x10
[ 117.206432] ? tasklet_action_common+0x274/0x3b0
[ 117.206448] handle_softirqs+0x1b1/0x770
[ 117.206471] __irq_exit_rcu+0xc4/0x100
[ 117.206492] irq_exit_rcu+0x9/0x20
[ 117.206503] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.206522]
[ 117.206526]
[ 117.206530] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.206545] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.206567] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.206580] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.206590] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.206598] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.206607] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.206615] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.206623] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.206634] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.206649] ? console_flush_all+0x8bd/0xb70
[ 117.206670] ? __pfx_console_flush_all+0x10/0x10
[ 117.206690] ? __pfx_vprintk_store+0x10/0x10
[ 117.206710] ? do_raw_spin_unlock+0x53/0x220
[ 117.206729] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.206744] console_unlock+0xc2/0x1f0
[ 117.206762] ? __pfx_console_unlock+0x10/0x10
[ 117.206786] ? do_raw_spin_unlock+0x53/0x220
[ 117.206805] ? _printk+0xbe/0xf0
[ 117.206820] vprintk_emit+0x3f6/0x630
[ 117.206840] ? __pfx_vprintk_emit+0x10/0x10
[ 117.206861] ? lock_release+0x1c7/0x290
[ 117.206876] ? lock_acquire+0x18c/0x2f0
[ 117.206891] _printk+0xbe/0xf0
[ 117.206906] ? __pfx__printk+0x10/0x10
[ 117.206923] ? oops_exit+0x19/0x50
[ 117.206942] oops_exit+0x3a/0x50
[ 117.206958] oops_end+0x65/0xe0
[ 117.206978] exc_general_protection+0x1a2/0x330
[ 117.206997] asm_exc_general_protection+0x26/0x30
[ 117.207010] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.207028] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.207041] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.207050] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.207059] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.207067] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.207076] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.207084] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.207095] ? perf_tp_event+0x167/0xe70
[ 117.207115] ? kasan_save_stack+0x34/0x50
[ 117.207132] ? __pfx_perf_tp_event+0x10/0x10
[ 117.207149] ? kfree_skbmem+0x18a/0x1f0
[ 117.207165] ? ___sys_recvmsg+0xf1/0x190
[ 117.207184] ? __sys_recvmsg+0x14d/0x200
[ 117.207204] ? do_syscall_64+0xbf/0x360
[ 117.207216] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.207229] ? __lock_acquire+0x694/0x1b70
[ 117.207246] ? map_id_range_up+0x1d5/0x350
[ 117.207263] ? __pfx_map_id_range_up+0x10/0x10
[ 117.207279] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.207295] ? css_rstat_updated+0x1b8/0x4d0
[ 117.207315] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.207333] ? lock_is_held_type+0x9e/0x120
[ 117.207356] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.207374] perf_trace_run_bpf_submit+0xef/0x180
[ 117.207394] perf_trace_contention_begin+0x235/0x3e0
[ 117.207412] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.207429] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.207443] ? lock_acquire+0x18c/0x2f0
[ 117.207459] trace_contention_begin+0xae/0x110
[ 117.207475] __mutex_lock+0x14b/0x1020
[ 117.207495] ? ep_send_events+0xff/0xaa0
[ 117.207512] ? ep_send_events+0xff/0xaa0
[ 117.207529] ? __pfx___mutex_lock+0x10/0x10
[ 117.207550] ? lock_acquire+0x15e/0x2f0
[ 117.207565] ? find_held_lock+0x2b/0x80
[ 117.207585] ? schedule+0x2c7/0x390
[ 117.207602] ? lock_release+0xc8/0x290
[ 117.207618] ep_send_events+0xff/0xaa0
[ 117.207634] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.207651] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.207670] ? __pfx_ep_send_events+0x10/0x10
[ 117.207688] ? lock_release+0xc8/0x290
[ 117.207704] do_epoll_wait+0x42e/0xee0
[ 117.207722] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.207739] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.207759] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.207777] ? __sys_recvmsg+0x171/0x200
[ 117.207798] __x64_sys_epoll_wait+0x15b/0x280
[ 117.207816] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.207829] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.207847] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.207860] ? lock_release+0xc8/0x290
[ 117.207874] ? lock_is_held_type+0x9e/0x120
[ 117.207895] do_syscall_64+0xbf/0x360
[ 117.207908] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.207921] RIP: 0033:0x7f8223c6c116
[ 117.207930] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.207942] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.207954] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.207963] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.207971] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.207979] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.207987] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.207999]
[ 117.208023] BUG: Bad page state in process systemd pfn:18c22
[ 117.208031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c22
[ 117.208042] flags: 0x100000000000000(node=0|zone=1)
[ 117.208051] page_type: f9(unknown)
[ 117.208062] raw: 0100000000000000 0000000000000000 ffffea0000630890 0000000000000000
[ 117.208074] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.208082] page dumped because: nonzero mapcount
[ 117.208087] Modules linked in:
[ 117.208096] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.208118] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.208123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.208130] Call Trace:
[ 117.208134]
[ 117.208138] dump_stack_lvl+0xfa/0x120
[ 117.208158] bad_page+0x8c/0x1c0
[ 117.208171] __free_frozen_pages+0xaf9/0xe10
[ 117.208189] ? rcu_core+0x7c3/0x1800
[ 117.208205] rcu_core+0x7c8/0x1800
[ 117.208222] ? __pfx_rcu_core+0x10/0x10
[ 117.208239] ? tasklet_action_common+0x274/0x3b0
[ 117.208253] handle_softirqs+0x1b1/0x770
[ 117.208275] __irq_exit_rcu+0xc4/0x100
[ 117.208296] irq_exit_rcu+0x9/0x20
[ 117.208307] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.208326]
[ 117.208329]
[ 117.208334] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.208348] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.208368] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.208380] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.208390] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.208398] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.208407] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.208414] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.208423] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.208434] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.208448] ? console_flush_all+0x8bd/0xb70
[ 117.208469] ? __pfx_console_flush_all+0x10/0x10
[ 117.208489] ? __pfx_vprintk_store+0x10/0x10
[ 117.208509] ? do_raw_spin_unlock+0x53/0x220
[ 117.208527] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.208541] console_unlock+0xc2/0x1f0
[ 117.208560] ? __pfx_console_unlock+0x10/0x10
[ 117.208579] ? do_raw_spin_unlock+0x53/0x220
[ 117.208597] ? _printk+0xbe/0xf0
[ 117.208612] vprintk_emit+0x3f6/0x630
[ 117.208632] ? __pfx_vprintk_emit+0x10/0x10
[ 117.208653] ? lock_release+0x1c7/0x290
[ 117.208668] ? lock_acquire+0x18c/0x2f0
[ 117.208683] _printk+0xbe/0xf0
[ 117.208697] ? __pfx__printk+0x10/0x10
[ 117.208714] ? oops_exit+0x19/0x50
[ 117.208731] oops_exit+0x3a/0x50
[ 117.208747] oops_end+0x65/0xe0
[ 117.208766] exc_general_protection+0x1a2/0x330
[ 117.208788] asm_exc_general_protection+0x26/0x30
[ 117.208801] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.208819] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.208832] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.208842] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.208850] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.208858] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.208867] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.208875] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.208886] ? perf_tp_event+0x167/0xe70
[ 117.208906] ? kasan_save_stack+0x34/0x50
[ 117.208923] ? __pfx_perf_tp_event+0x10/0x10
[ 117.208940] ? kfree_skbmem+0x18a/0x1f0
[ 117.208956] ? ___sys_recvmsg+0xf1/0x190
[ 117.208975] ? __sys_recvmsg+0x14d/0x200
[ 117.208995] ? do_syscall_64+0xbf/0x360
[ 117.209007] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.209020] ? __lock_acquire+0x694/0x1b70
[ 117.209037] ? map_id_range_up+0x1d5/0x350
[ 117.209053] ? __pfx_map_id_range_up+0x10/0x10
[ 117.209070] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.209086] ? css_rstat_updated+0x1b8/0x4d0
[ 117.209105] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.209124] ? lock_is_held_type+0x9e/0x120
[ 117.209146] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.209165] perf_trace_run_bpf_submit+0xef/0x180
[ 117.209185] perf_trace_contention_begin+0x235/0x3e0
[ 117.209202] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.209219] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.209232] ? lock_acquire+0x18c/0x2f0
[ 117.209248] trace_contention_begin+0xae/0x110
[ 117.209265] __mutex_lock+0x14b/0x1020
[ 117.209285] ? ep_send_events+0xff/0xaa0
[ 117.209301] ? ep_send_events+0xff/0xaa0
[ 117.209318] ? __pfx___mutex_lock+0x10/0x10
[ 117.209339] ? lock_acquire+0x15e/0x2f0
[ 117.209355] ? find_held_lock+0x2b/0x80
[ 117.209374] ? schedule+0x2c7/0x390
[ 117.209391] ? lock_release+0xc8/0x290
[ 117.209407] ep_send_events+0xff/0xaa0
[ 117.209423] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.209440] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.209459] ? __pfx_ep_send_events+0x10/0x10
[ 117.209477] ? lock_release+0xc8/0x290
[ 117.209493] do_epoll_wait+0x42e/0xee0
[ 117.209511] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.209528] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.209548] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.209566] ? __sys_recvmsg+0x171/0x200
[ 117.209594] __x64_sys_epoll_wait+0x15b/0x280
[ 117.209612] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.209625] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.209644] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.209657] ? lock_release+0xc8/0x290
[ 117.209671] ? lock_is_held_type+0x9e/0x120
[ 117.209692] do_syscall_64+0xbf/0x360
[ 117.209705] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.209718] RIP: 0033:0x7f8223c6c116
[ 117.209726] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.209739] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.209751] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.209759] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.209768] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.209776] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.209784] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.209796]
[ 117.209815] BUG: Bad page state in process systemd pfn:18c23
[ 117.209823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c23
[ 117.209834] flags: 0x100000000000000(node=0|zone=1)
[ 117.209843] page_type: f9(unknown)
[ 117.209854] raw: 0100000000000000 0000000000000000 ffffea00006308c8 0000000000000000
[ 117.209867] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.209874] page dumped because: nonzero mapcount
[ 117.209879] Modules linked in:
[ 117.209889] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.209910] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.209915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.209922] Call Trace:
[ 117.209926]
[ 117.209930] dump_stack_lvl+0xfa/0x120
[ 117.209950] bad_page+0x8c/0x1c0
[ 117.209963] __free_frozen_pages+0xaf9/0xe10
[ 117.209981] ? rcu_core+0x7c3/0x1800
[ 117.209997] rcu_core+0x7c8/0x1800
[ 117.210014] ? __pfx_rcu_core+0x10/0x10
[ 117.210031] ? tasklet_action_common+0x274/0x3b0
[ 117.210045] handle_softirqs+0x1b1/0x770
[ 117.210068] __irq_exit_rcu+0xc4/0x100
[ 117.210088] irq_exit_rcu+0x9/0x20
[ 117.210099] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.210118]
[ 117.210122]
[ 117.210126] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.210140] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.210160] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.210173] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.210183] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.210191] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.210199] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.210207] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.210216] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.210226] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.210240] ? console_flush_all+0x8bd/0xb70
[ 117.210262] ? __pfx_console_flush_all+0x10/0x10
[ 117.210282] ? __pfx_vprintk_store+0x10/0x10
[ 117.210301] ? do_raw_spin_unlock+0x53/0x220
[ 117.210320] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.210333] console_unlock+0xc2/0x1f0
[ 117.210352] ? __pfx_console_unlock+0x10/0x10
[ 117.210371] ? do_raw_spin_unlock+0x53/0x220
[ 117.210389] ? _printk+0xbe/0xf0
[ 117.210404] vprintk_emit+0x3f6/0x630
[ 117.210425] ? __pfx_vprintk_emit+0x10/0x10
[ 117.210445] ? lock_release+0x1c7/0x290
[ 117.210460] ? lock_acquire+0x18c/0x2f0
[ 117.210475] _printk+0xbe/0xf0
[ 117.210490] ? __pfx__printk+0x10/0x10
[ 117.210507] ? oops_exit+0x19/0x50
[ 117.210523] oops_exit+0x3a/0x50
[ 117.210540] oops_end+0x65/0xe0
[ 117.210559] exc_general_protection+0x1a2/0x330
[ 117.210576] asm_exc_general_protection+0x26/0x30
[ 117.210589] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.210607] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.210620] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.210630] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.210638] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.210647] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.210655] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.210664] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.210675] ? perf_tp_event+0x167/0xe70
[ 117.210695] ? kasan_save_stack+0x34/0x50
[ 117.210711] ? __pfx_perf_tp_event+0x10/0x10
[ 117.210729] ? kfree_skbmem+0x18a/0x1f0
[ 117.210744] ? ___sys_recvmsg+0xf1/0x190
[ 117.210763] ? __sys_recvmsg+0x14d/0x200
[ 117.210787] ? do_syscall_64+0xbf/0x360
[ 117.210799] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.210813] ? __lock_acquire+0x694/0x1b70
[ 117.210829] ? map_id_range_up+0x1d5/0x350
[ 117.210846] ? __pfx_map_id_range_up+0x10/0x10
[ 117.210862] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.210878] ? css_rstat_updated+0x1b8/0x4d0
[ 117.210898] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.210917] ? lock_is_held_type+0x9e/0x120
[ 117.210939] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.210957] perf_trace_run_bpf_submit+0xef/0x180
[ 117.210977] perf_trace_contention_begin+0x235/0x3e0
[ 117.210994] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.211011] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.211025] ? lock_acquire+0x18c/0x2f0
[ 117.211041] trace_contention_begin+0xae/0x110
[ 117.211058] __mutex_lock+0x14b/0x1020
[ 117.211077] ? ep_send_events+0xff/0xaa0
[ 117.211094] ? ep_send_events+0xff/0xaa0
[ 117.211111] ? __pfx___mutex_lock+0x10/0x10
[ 117.211132] ? lock_acquire+0x15e/0x2f0
[ 117.211147] ? find_held_lock+0x2b/0x80
[ 117.211167] ? schedule+0x2c7/0x390
[ 117.211184] ? lock_release+0xc8/0x290
[ 117.211200] ep_send_events+0xff/0xaa0
[ 117.211216] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.211233] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.211252] ? __pfx_ep_send_events+0x10/0x10
[ 117.211269] ? lock_release+0xc8/0x290
[ 117.211285] do_epoll_wait+0x42e/0xee0
[ 117.211292] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#30] SMP KASAN NOPTI
[ 117.211308] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.211305] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.211322] CPU: 1 UID: 0 PID: 285 Comm: syz-executor.6 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.211322] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.211343] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.211348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.211343] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.211356] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.211363] ? __sys_recvmsg+0x171/0x200
[ 117.211375] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.211387] RSP: 0018:ffff8880167476c0 EFLAGS: 00010212
[ 117.211386] __x64_sys_epoll_wait+0x15b/0x280
[ 117.211394]
[ 117.211398] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.211406] RDX: ffff8880160c1b80 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.211408] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.211415] RBP: ffff888016747930 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 117.211424] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 117.211422] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.211432] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 117.211443] FS: 0000555566b0e400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.211443] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.211455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.211457] ? lock_release+0xc8/0x290
[ 117.211464] CR2: 0000001b2d024000 CR3: 000000003d444000 CR4: 0000000000350ef0
[ 117.211473] Call Trace:
[ 117.211478]
[ 117.211473] ? lock_is_held_type+0x9e/0x120
[ 117.211482] ? kasan_save_stack+0x34/0x50
[ 117.211495] do_syscall_64+0xbf/0x360
[ 117.211500] ? __do_wait+0x218/0x8f0
[ 117.211509] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.211516] ? __pfx_perf_tp_event+0x10/0x10
[ 117.211524] RIP: 0033:0x7f8223c6c116
[ 117.211534] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.211533] ? delete_node+0x20e/0x730
[ 117.211547] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.211551] ? destroy_inode+0x12b/0x1b0
[ 117.211561] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.211570] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.211569] ? __radix_tree_delete+0x13e/0x380
[ 117.211579] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.211588] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.211588] ? radix_tree_delete_item+0xef/0x230
[ 117.211598] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.211611]
[ 117.211606] ? lock_acquire+0x18c/0x2f0
[ 117.211621] ? lock_acquire+0x18c/0x2f0
[ 117.211631] BUG: Bad page state in process systemd pfn:18c24
[ 117.211634] ? lock_release+0x1c7/0x290
[ 117.211640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c24
[ 117.211653] flags: 0x100000000000000(node=0|zone=1)
[ 117.211650] ? __virt_addr_valid+0x100/0x5d0
[ 117.211663] page_type: f9(unknown)
[ 117.211671] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.211674] raw: 0100000000000000 0000000000000000 ffffea0000630908 0000000000000000
[ 117.211687] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.211686] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.211697] page dumped because: nonzero mapcount
[ 117.211703] Modules linked in:
[ 117.211705] perf_trace_run_bpf_submit+0xef/0x180
[ 117.211714] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.211725] perf_trace_contention_end+0x235/0x3e0
[ 117.211737] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.211743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.211741] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 117.211750] Call Trace:
[ 117.211754]
[ 117.211757] ? __mutex_trylock_common+0xf9/0x260
[ 117.211760] dump_stack_lvl+0xfa/0x120
[ 117.211777] ? __pfx___mutex_trylock_common+0x10/0x10
[ 117.211785] bad_page+0x8c/0x1c0
[ 117.211793] ? lock_release+0x1c7/0x290
[ 117.211798] __free_frozen_pages+0xaf9/0xe10
[ 117.211808] trace_contention_end+0xae/0x110
[ 117.211818] ? rcu_core+0x7c3/0x1800
[ 117.211823] __mutex_lock+0x166/0x1020
[ 117.211835] rcu_core+0x7c8/0x1800
[ 117.211842] ? anon_pipe_write+0x12a/0x1a80
[ 117.211854] ? __pfx_rcu_core+0x10/0x10
[ 117.211857] ? avc_has_perm+0x12b/0x1d0
[ 117.211872] ? tasklet_action_common+0x274/0x3b0
[ 117.211878] ? __pfx___mutex_lock+0x10/0x10
[ 117.211887] handle_softirqs+0x1b1/0x770
[ 117.211897] ? __pfx_wait_consider_task+0x10/0x10
[ 117.211912] ? lock_acquire+0x18c/0x2f0
[ 117.211910] __irq_exit_rcu+0xc4/0x100
[ 117.211927] ? inode_has_perm+0x170/0x1c0
[ 117.211932] irq_exit_rcu+0x9/0x20
[ 117.211941] anon_pipe_write+0x12a/0x1a80
[ 117.211944] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.211955] ? lock_release+0x1c7/0x290
[ 117.211965]
[ 117.211970]
[ 117.211969] ? lock_acquire+0x18c/0x2f0
[ 117.211975] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.211984] ? __pfx_anon_pipe_write+0x10/0x10
[ 117.211990] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.211998] ? selinux_file_permission+0x99/0x600
[ 117.212012] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.212015] ? security_file_permission+0x22/0x90
[ 117.212025] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.212036] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.212037] vfs_write+0xbe9/0x1150
[ 117.212046] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.212051] ? __pfx_anon_pipe_write+0x10/0x10
[ 117.212055] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.212063] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.212066] ? __pfx_vfs_write+0x10/0x10
[ 117.212073] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.212081] ? __do_sys_wait4+0xb3/0x150
[ 117.212085] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.212098] ? common_nsleep+0xaa/0xd0
[ 117.212100] ? console_flush_all+0x8bd/0xb70
[ 117.212114] ksys_write+0x1ef/0x240
[ 117.212127] ? __pfx_ksys_write+0x10/0x10
[ 117.212123] ? __pfx_console_flush_all+0x10/0x10
[ 117.212142] do_syscall_64+0xbf/0x360
[ 117.212145] ? __pfx_vprintk_store+0x10/0x10
[ 117.212154] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.212167] RIP: 0033:0x7f835ef285ff
[ 117.212166] ? do_raw_spin_unlock+0x53/0x220
[ 117.212176] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 117.212188] RSP: 002b:00007ffce067fe20 EFLAGS: 00000293
[ 117.212186] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.212196] ORIG_RAX: 0000000000000001
[ 117.212202] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007f835ef285ff
[ 117.212201] console_unlock+0xc2/0x1f0
[ 117.212210] RDX: 000000000000000c RSI: 00007ffce067ff10 RDI: 00000000000000f8
[ 117.212218] RBP: 00007ffce067feac R08: 0000000000000000 R09: 00007f835f065000
[ 117.212226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 117.212222] ? __pfx_console_unlock+0x10/0x10
[ 117.212234] R13: 000000000001c3d0 R14: 0000000000000000 R15: 00007ffce067ff10
[ 117.212247]
[ 117.212243] ? do_raw_spin_unlock+0x53/0x220
[ 117.212251] Modules linked in:
[ 117.212263] ? _printk+0xbe/0xf0
[ 117.212285] ---[ end trace 0000000000000000 ]---
[ 117.212279] vprintk_emit+0x3f6/0x630
[ 117.212292] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.212300] ? __pfx_vprintk_emit+0x10/0x10
[ 117.212309] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.212320] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.212322] ? lock_release+0x1c7/0x290
[ 117.212331] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.212340] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.212338] ? lock_acquire+0x18c/0x2f0
[ 117.212348] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.212357] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.212355] _printk+0xbe/0xf0
[ 117.212365] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.212371] ? __pfx__printk+0x10/0x10
[ 117.212375] FS: 0000555566b0e400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.212386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.212390] ? oops_exit+0x19/0x50
[ 117.212395] CR2: 0000001b2d024000 CR3: 000000003d444000 CR4: 0000000000350ef0
[ 117.212404] note: syz-executor.6[285] exited with preempt_count 2
[ 117.212408] oops_exit+0x3a/0x50
[ 117.212425] oops_end+0x65/0xe0
[ 117.212444] exc_general_protection+0x1a2/0x330
[ 117.212462] asm_exc_general_protection+0x26/0x30
[ 117.212476] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.212494] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.212507] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.212516] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.212525] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.212533] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.212543] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.212552] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.212563] ? perf_tp_event+0x167/0xe70
[ 117.212584] ? kasan_save_stack+0x34/0x50
[ 117.212601] ? __pfx_perf_tp_event+0x10/0x10
[ 117.212619] ? kfree_skbmem+0x18a/0x1f0
[ 117.212635] ? ___sys_recvmsg+0xf1/0x190
[ 117.212655] ? __sys_recvmsg+0x14d/0x200
[ 117.212675] ? do_syscall_64+0xbf/0x360
[ 117.212687] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.212701] ? __lock_acquire+0x694/0x1b70
[ 117.212718] ? map_id_range_up+0x1d5/0x350
[ 117.212735] ? __pfx_map_id_range_up+0x10/0x10
[ 117.212752] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.212768] ? css_rstat_updated+0x1b8/0x4d0
[ 117.212788] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.212807] ? lock_is_held_type+0x9e/0x120
[ 117.212830] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.212848] perf_trace_run_bpf_submit+0xef/0x180
[ 117.212869] perf_trace_contention_begin+0x235/0x3e0
[ 117.212887] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.212904] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.212918] ? lock_acquire+0x18c/0x2f0
[ 117.212935] trace_contention_begin+0xae/0x110
[ 117.212952] __mutex_lock+0x14b/0x1020
[ 117.212972] ? ep_send_events+0xff/0xaa0
[ 117.212989] ? ep_send_events+0xff/0xaa0
[ 117.213006] ? __pfx___mutex_lock+0x10/0x10
[ 117.213027] ? lock_acquire+0x15e/0x2f0
[ 117.213043] ? find_held_lock+0x2b/0x80
[ 117.213062] ? schedule+0x2c7/0x390
[ 117.213080] ? lock_release+0xc8/0x290
[ 117.213096] ep_send_events+0xff/0xaa0
[ 117.213112] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.213130] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.213149] ? __pfx_ep_send_events+0x10/0x10
[ 117.213167] ? lock_release+0xc8/0x290
[ 117.213183] do_epoll_wait+0x42e/0xee0
[ 117.213202] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.213218] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.213238] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.213257] ? __sys_recvmsg+0x171/0x200
[ 117.213279] __x64_sys_epoll_wait+0x15b/0x280
[ 117.213297] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.213310] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.213328] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.213341] ? lock_release+0xc8/0x290
[ 117.213356] ? lock_is_held_type+0x9e/0x120
[ 117.213377] do_syscall_64+0xbf/0x360
[ 117.213390] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.213403] RIP: 0033:0x7f8223c6c116
[ 117.213412] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.213425] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.213437] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.213446] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.213454] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.213463] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.213471] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.213483]
[ 117.213503] BUG: Bad page state in process systemd pfn:18c25
[ 117.213511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c25
[ 117.213523] flags: 0x100000000000000(node=0|zone=1)
[ 117.213532] page_type: f9(unknown)
[ 117.213543] raw: 0100000000000000 0000000000000000 ffffea0000630948 0000000000000000
[ 117.213556] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.213563] page dumped because: nonzero mapcount
[ 117.213569] Modules linked in:
[ 117.213578] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.213607] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.213612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.213620] Call Trace:
[ 117.213623]
[ 117.213627] dump_stack_lvl+0xfa/0x120
[ 117.213648] bad_page+0x8c/0x1c0
[ 117.213661] __free_frozen_pages+0xaf9/0xe10
[ 117.213680] ? rcu_core+0x7c3/0x1800
[ 117.213695] rcu_core+0x7c8/0x1800
[ 117.213712] ? __pfx_rcu_core+0x10/0x10
[ 117.213729] ? tasklet_action_common+0x274/0x3b0
[ 117.213744] handle_softirqs+0x1b1/0x770
[ 117.213766] __irq_exit_rcu+0xc4/0x100
[ 117.213790] irq_exit_rcu+0x9/0x20
[ 117.213801] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.213820]
[ 117.213824]
[ 117.213829] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.213843] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.213863] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.213876] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.213886] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.213895] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.213904] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.213912] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.213920] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.213931] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.213946] ? console_flush_all+0x8bd/0xb70
[ 117.213968] ? __pfx_console_flush_all+0x10/0x10
[ 117.213988] ? __pfx_vprintk_store+0x10/0x10
[ 117.214007] ? do_raw_spin_unlock+0x53/0x220
[ 117.214026] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.214040] console_unlock+0xc2/0x1f0
[ 117.214058] ? __pfx_console_unlock+0x10/0x10
[ 117.214078] ? do_raw_spin_unlock+0x53/0x220
[ 117.214096] ? _printk+0xbe/0xf0
[ 117.214111] vprintk_emit+0x3f6/0x630
[ 117.214131] ? __pfx_vprintk_emit+0x10/0x10
[ 117.214152] ? lock_release+0x1c7/0x290
[ 117.214167] ? lock_acquire+0x18c/0x2f0
[ 117.214183] _printk+0xbe/0xf0
[ 117.214197] ? __pfx__printk+0x10/0x10
[ 117.214215] ? oops_exit+0x19/0x50
[ 117.214231] oops_exit+0x3a/0x50
[ 117.214247] oops_end+0x65/0xe0
[ 117.214267] exc_general_protection+0x1a2/0x330
[ 117.214284] asm_exc_general_protection+0x26/0x30
[ 117.214297] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.214316] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.214329] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.214338] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.214347] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.214356] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.214365] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.214373] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.214384] ? perf_tp_event+0x167/0xe70
[ 117.214404] ? kasan_save_stack+0x34/0x50
[ 117.214421] ? __pfx_perf_tp_event+0x10/0x10
[ 117.214438] ? kfree_skbmem+0x18a/0x1f0
[ 117.214454] ? ___sys_recvmsg+0xf1/0x190
[ 117.214474] ? __sys_recvmsg+0x14d/0x200
[ 117.214494] ? do_syscall_64+0xbf/0x360
[ 117.214506] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.214519] ? __lock_acquire+0x694/0x1b70
[ 117.214536] ? map_id_range_up+0x1d5/0x350
[ 117.214553] ? __pfx_map_id_range_up+0x10/0x10
[ 117.214569] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.214586] ? css_rstat_updated+0x1b8/0x4d0
[ 117.214605] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.214624] ? lock_is_held_type+0x9e/0x120
[ 117.214647] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.214665] perf_trace_run_bpf_submit+0xef/0x180
[ 117.214685] perf_trace_contention_begin+0x235/0x3e0
[ 117.214703] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.214720] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.214733] ? lock_acquire+0x18c/0x2f0
[ 117.214749] trace_contention_begin+0xae/0x110
[ 117.214766] __mutex_lock+0x14b/0x1020
[ 117.214786] ? ep_send_events+0xff/0xaa0
[ 117.214803] ? ep_send_events+0xff/0xaa0
[ 117.214820] ? __pfx___mutex_lock+0x10/0x10
[ 117.214841] ? lock_acquire+0x15e/0x2f0
[ 117.214856] ? find_held_lock+0x2b/0x80
[ 117.214861] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#31] SMP KASAN NOPTI
[ 117.214876] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.214877] ? schedule+0x2c7/0x390
[ 117.214889] CPU: 1 UID: 0 PID: 289 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.214895] ? lock_release+0xc8/0x290
[ 117.214911] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.214917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.214913] ep_send_events+0xff/0xaa0
[ 117.214925] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.214931] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.214943] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.214950] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.214957] RSP: 0018:ffff888018c5f6c0 EFLAGS: 00010212
[ 117.214967] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.214971] ? __pfx_ep_send_events+0x10/0x10
[ 117.214976] RDX: ffff8880147a0000 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.214986] RBP: ffff888018c5f930 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 117.214995] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 117.214992] ? lock_release+0xc8/0x290
[ 117.215003] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 117.215010] do_epoll_wait+0x42e/0xee0
[ 117.215014] FS: 00005555651a4400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.215025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.215034] CR2: 0000001b2d024000 CR3: 000000004252a000 CR4: 0000000000350ef0
[ 117.215030] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.215043] Call Trace:
[ 117.215047]
[ 117.215049] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.215052] ? kasan_save_stack+0x34/0x50
[ 117.215068] ? __do_wait+0x218/0x8f0
[ 117.215071] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.215084] ? __pfx_perf_tp_event+0x10/0x10
[ 117.215091] ? __sys_recvmsg+0x171/0x200
[ 117.215101] ? delete_node+0x20e/0x730
[ 117.215113] __x64_sys_epoll_wait+0x15b/0x280
[ 117.215118] ? destroy_inode+0x12b/0x1b0
[ 117.215133] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.215135] ? __radix_tree_delete+0x13e/0x380
[ 117.215147] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.215154] ? radix_tree_delete_item+0xef/0x230
[ 117.215167] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.215172] ? lock_acquire+0x18c/0x2f0
[ 117.215182] ? lock_release+0xc8/0x290
[ 117.215186] ? lock_acquire+0x18c/0x2f0
[ 117.215200] ? lock_release+0x1c7/0x290
[ 117.215198] ? lock_is_held_type+0x9e/0x120
[ 117.215216] ? __virt_addr_valid+0x100/0x5d0
[ 117.215220] do_syscall_64+0xbf/0x360
[ 117.215234] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.215236] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.215249] RIP: 0033:0x7f8223c6c116
[ 117.215252] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.215259] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.215270] perf_trace_run_bpf_submit+0xef/0x180
[ 117.215275] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.215288] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.215289] perf_trace_contention_end+0x235/0x3e0
[ 117.215298] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.215305] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 117.215308] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.215320] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.215323] ? __mutex_trylock_common+0xf9/0x260
[ 117.215329] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.215343]
[ 117.215338] ? __pfx___mutex_trylock_common+0x10/0x10
[ 117.215354] ? lock_release+0x1c7/0x290
[ 117.215362] BUG: Bad page state in process systemd pfn:18c26
[ 117.215369] trace_contention_end+0xae/0x110
[ 117.215372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c26
[ 117.215387] flags: 0x100000000000000(node=0|zone=1)
[ 117.215386] __mutex_lock+0x166/0x1020
[ 117.215397] page_type: f9(unknown)
[ 117.215406] ? anon_pipe_write+0x12a/0x1a80
[ 117.215408] raw: 0100000000000000 0000000000000000 ffffea0000630988 0000000000000000
[ 117.215422] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.215420] ? avc_has_perm+0x12b/0x1d0
[ 117.215432] page dumped because: nonzero mapcount
[ 117.215441] Modules linked in:
[ 117.215440] ? __pfx___mutex_lock+0x10/0x10
[ 117.215451] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.215461] ? __pfx_wait_consider_task+0x10/0x10
[ 117.215475] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.215477] ? lock_acquire+0x18c/0x2f0
[ 117.215481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.215490] Call Trace:
[ 117.215495]
[ 117.215493] ? inode_has_perm+0x170/0x1c0
[ 117.215500] dump_stack_lvl+0xfa/0x120
[ 117.215507] anon_pipe_write+0x12a/0x1a80
[ 117.215521] ? lock_release+0x1c7/0x290
[ 117.215522] bad_page+0x8c/0x1c0
[ 117.215537] ? lock_acquire+0x18c/0x2f0
[ 117.215536] __free_frozen_pages+0xaf9/0xe10
[ 117.215551] ? __pfx_anon_pipe_write+0x10/0x10
[ 117.215557] ? rcu_core+0x7c3/0x1800
[ 117.215566] ? selinux_file_permission+0x99/0x600
[ 117.215574] rcu_core+0x7c8/0x1800
[ 117.215582] ? security_file_permission+0x22/0x90
[ 117.215593] ? __pfx_rcu_core+0x10/0x10
[ 117.215603] vfs_write+0xbe9/0x1150
[ 117.215612] ? tasklet_action_common+0x274/0x3b0
[ 117.215616] ? __pfx_anon_pipe_write+0x10/0x10
[ 117.215631] ? __pfx_vfs_write+0x10/0x10
[ 117.215628] handle_softirqs+0x1b1/0x770
[ 117.215645] ? __do_sys_wait4+0xb3/0x150
[ 117.215652] __irq_exit_rcu+0xc4/0x100
[ 117.215663] ? common_nsleep+0xaa/0xd0
[ 117.215674] irq_exit_rcu+0x9/0x20
[ 117.215678] ksys_write+0x1ef/0x240
[ 117.215687] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.215691] ? __pfx_ksys_write+0x10/0x10
[ 117.215708]
[ 117.215707] do_syscall_64+0xbf/0x360
[ 117.215713]
[ 117.215719] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.215720] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.215732] RIP: 0033:0x7f57d4f715ff
[ 117.215736] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.215741] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 117.215754] RSP: 002b:00007ffe99527d30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 117.215758] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.215767] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f57d4f715ff
[ 117.215777] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.215780] RDX: 000000000000000c RSI: 00007ffe99527e20 RDI: 00000000000000f8
[ 117.215786]
[ 117.215789] RBP: 00007ffe99527dbc R08: 0000000000000000 R09: 00007f57d50ae000
[ 117.215790] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.215798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 117.215801] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.215807] R13: 000000000001c8f7 R14: 0000000000000005 R15: 00007ffe99527e20
[ 117.215811] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.215820]
[ 117.215821] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.215824] Modules linked in:
[ 117.215831] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.215844] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.215855] ---[ end trace 0000000000000000 ]---
[ 117.215858] ? console_flush_all+0x8bd/0xb70
[ 117.215862] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.215880] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.215881] ? __pfx_console_flush_all+0x10/0x10
[ 117.215892] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.215903] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.215903] ? __pfx_vprintk_store+0x10/0x10
[ 117.215911] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.215920] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.215928] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.215924] ? do_raw_spin_unlock+0x53/0x220
[ 117.215937] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.215944] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.215947] FS: 00005555651a4400(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.215960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.215959] console_unlock+0xc2/0x1f0
[ 117.215968] CR2: 0000001b2d024000 CR3: 000000004252a000 CR4: 0000000000350ef0
[ 117.215977] note: syz-executor.1[289] exited with preempt_count 2
[ 117.215979] ? __pfx_console_unlock+0x10/0x10
[ 117.216000] ? do_raw_spin_unlock+0x53/0x220
[ 117.216018] ? _printk+0xbe/0xf0
[ 117.216034] vprintk_emit+0x3f6/0x630
[ 117.216055] ? __pfx_vprintk_emit+0x10/0x10
[ 117.216075] ? lock_release+0x1c7/0x290
[ 117.216090] ? lock_acquire+0x18c/0x2f0
[ 117.216107] _printk+0xbe/0xf0
[ 117.216121] ? __pfx__printk+0x10/0x10
[ 117.216138] ? oops_exit+0x19/0x50
[ 117.216155] oops_exit+0x3a/0x50
[ 117.216172] oops_end+0x65/0xe0
[ 117.216191] exc_general_protection+0x1a2/0x330
[ 117.216209] asm_exc_general_protection+0x26/0x30
[ 117.216223] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.216242] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.216255] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.216265] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.216274] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.216283] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.216292] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.216300] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.216312] ? perf_tp_event+0x167/0xe70
[ 117.216332] ? kasan_save_stack+0x34/0x50
[ 117.216349] ? __pfx_perf_tp_event+0x10/0x10
[ 117.216366] ? kfree_skbmem+0x18a/0x1f0
[ 117.216382] ? ___sys_recvmsg+0xf1/0x190
[ 117.216402] ? __sys_recvmsg+0x14d/0x200
[ 117.216422] ? do_syscall_64+0xbf/0x360
[ 117.216434] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.216448] ? __lock_acquire+0x694/0x1b70
[ 117.216465] ? map_id_range_up+0x1d5/0x350
[ 117.216481] ? __pfx_map_id_range_up+0x10/0x10
[ 117.216498] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.216514] ? css_rstat_updated+0x1b8/0x4d0
[ 117.216534] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.216553] ? lock_is_held_type+0x9e/0x120
[ 117.216575] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.216594] perf_trace_run_bpf_submit+0xef/0x180
[ 117.216614] perf_trace_contention_begin+0x235/0x3e0
[ 117.216632] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.216649] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.216662] ? lock_acquire+0x18c/0x2f0
[ 117.216679] trace_contention_begin+0xae/0x110
[ 117.216695] __mutex_lock+0x14b/0x1020
[ 117.216715] ? ep_send_events+0xff/0xaa0
[ 117.216732] ? ep_send_events+0xff/0xaa0
[ 117.216749] ? __pfx___mutex_lock+0x10/0x10
[ 117.216770] ? lock_acquire+0x15e/0x2f0
[ 117.216786] ? find_held_lock+0x2b/0x80
[ 117.216805] ? schedule+0x2c7/0x390
[ 117.216822] ? lock_release+0xc8/0x290
[ 117.216838] ep_send_events+0xff/0xaa0
[ 117.216854] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.216872] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.216891] ? __pfx_ep_send_events+0x10/0x10
[ 117.216909] ? lock_release+0xc8/0x290
[ 117.216924] do_epoll_wait+0x42e/0xee0
[ 117.216943] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.216960] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.216980] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.216998] ? __sys_recvmsg+0x171/0x200
[ 117.217019] __x64_sys_epoll_wait+0x15b/0x280
[ 117.217038] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.217051] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.217069] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.217083] ? lock_release+0xc8/0x290
[ 117.217097] ? lock_is_held_type+0x9e/0x120
[ 117.217118] do_syscall_64+0xbf/0x360
[ 117.217131] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.217144] RIP: 0033:0x7f8223c6c116
[ 117.217153] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.217166] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.217178] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.217187] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.217195] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.217204] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.217213] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.217225]
[ 117.217243] BUG: Bad page state in process systemd pfn:18c27
[ 117.217251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18c27
[ 117.217263] flags: 0x100000000000000(node=0|zone=1)
[ 117.217272] page_type: f9(unknown)
[ 117.217283] raw: 0100000000000000 0000000000000000 ffffea00006309c8 0000000000000000
[ 117.217295] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.217303] page dumped because: nonzero mapcount
[ 117.217309] Modules linked in:
[ 117.217318] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.217339] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.217345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.217352] Call Trace:
[ 117.217356]
[ 117.217360] dump_stack_lvl+0xfa/0x120
[ 117.217381] bad_page+0x8c/0x1c0
[ 117.217393] __free_frozen_pages+0xaf9/0xe10
[ 117.217412] ? rcu_core+0x7c3/0x1800
[ 117.217428] rcu_core+0x7c8/0x1800
[ 117.217445] ? __pfx_rcu_core+0x10/0x10
[ 117.217462] ? tasklet_action_common+0x274/0x3b0
[ 117.217476] handle_softirqs+0x1b1/0x770
[ 117.217498] __irq_exit_rcu+0xc4/0x100
[ 117.217519] irq_exit_rcu+0x9/0x20
[ 117.217530] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.217549]
[ 117.217554]
[ 117.217559] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.217576] RIP: 0010:console_flush_all+0x8c1/0xb70
[ 117.217604] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 c8 7d 1f 00 e8 b3 c2 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 c8 96 5b
[ 117.217617] RSP: 0018:ffff8880095471f0 EFLAGS: 00000246
[ 117.217626] RAX: ffffffff85f37dd8 RBX: 0000000000000001 RCX: ffffffff817c3ab6
[ 117.217635] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed
[ 117.217644] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000
[ 117.217652] R10: ffffffff8643b457 R11: 000000005b2d2d2d R12: 0000000000000000
[ 117.217660] R13: ffffffff85f37dd8 R14: dffffc0000000000 R15: ffffffff85f37d80
[ 117.217671] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.217686] ? console_flush_all+0x8bd/0xb70
[ 117.217707] ? __pfx_console_flush_all+0x10/0x10
[ 117.217728] ? __pfx_vprintk_store+0x10/0x10
[ 117.217747] ? do_raw_spin_unlock+0x53/0x220
[ 117.217766] ? is_printk_cpu_sync_owner+0x32/0x40
[ 117.217783] console_unlock+0xc2/0x1f0
[ 117.217802] ? __pfx_console_unlock+0x10/0x10
[ 117.217821] ? do_raw_spin_unlock+0x53/0x220
[ 117.217839] ? _printk+0xbe/0xf0
[ 117.217854] vprintk_emit+0x3f6/0x630
[ 117.217874] ? __pfx_vprintk_emit+0x10/0x10
[ 117.217895] ? lock_release+0x1c7/0x290
[ 117.217910] ? lock_acquire+0x18c/0x2f0
[ 117.217926] _printk+0xbe/0xf0
[ 117.217940] ? __pfx__printk+0x10/0x10
[ 117.217957] ? oops_exit+0x19/0x50
[ 117.217974] oops_exit+0x3a/0x50
[ 117.217990] oops_end+0x65/0xe0
[ 117.218010] exc_general_protection+0x1a2/0x330
[ 117.218027] asm_exc_general_protection+0x26/0x30
[ 117.218041] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.218059] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.218072] RSP: 0018:ffff8880095476c0 EFLAGS: 00010212
[ 117.218081] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.218090] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.218099] RBP: ffff888009547930 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.218108] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.218116] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.218127] ? perf_tp_event+0x167/0xe70
[ 117.218147] ? kasan_save_stack+0x34/0x50
[ 117.218164] ? __pfx_perf_tp_event+0x10/0x10
[ 117.218181] ? kfree_skbmem+0x18a/0x1f0
[ 117.218197] ? ___sys_recvmsg+0xf1/0x190
[ 117.218216] ? __sys_recvmsg+0x14d/0x200
[ 117.218236] ? do_syscall_64+0xbf/0x360
[ 117.218248] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.218262] ? __lock_acquire+0x694/0x1b70
[ 117.218279] ? map_id_range_up+0x1d5/0x350
[ 117.218295] ? __pfx_map_id_range_up+0x10/0x10
[ 117.218312] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 117.218328] ? css_rstat_updated+0x1b8/0x4d0
[ 117.218348] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.218367] ? lock_is_held_type+0x9e/0x120
[ 117.218390] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.218412] perf_trace_run_bpf_submit+0xef/0x180
[ 117.218432] perf_trace_contention_begin+0x235/0x3e0
[ 117.218449] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.218467] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.218480] ? lock_acquire+0x18c/0x2f0
[ 117.218496] trace_contention_begin+0xae/0x110
[ 117.218513] __mutex_lock+0x14b/0x1020
[ 117.218533] ? ep_send_events+0xff/0xaa0
[ 117.218549] ? ep_send_events+0xff/0xaa0
[ 117.218567] ? __pfx___mutex_lock+0x10/0x10
[ 117.218588] ? lock_acquire+0x15e/0x2f0
[ 117.218603] ? find_held_lock+0x2b/0x80
[ 117.218623] ? schedule+0x2c7/0x390
[ 117.218640] ? lock_release+0xc8/0x290
[ 117.218656] ep_send_events+0xff/0xaa0
[ 117.218672] ? schedule_hrtimeout_range_clock+0x1c0/0x310
[ 117.218690] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[ 117.218709] ? __pfx_ep_send_events+0x10/0x10
[ 117.218727] ? lock_release+0xc8/0x290
[ 117.218742] do_epoll_wait+0x42e/0xee0
[ 117.218761] ? __pfx_do_epoll_wait+0x10/0x10
[ 117.218778] ? __pfx_css_rstat_updated+0x10/0x10
[ 117.218798] ? __pfx_ep_autoremove_wake_function+0x10/0x10
[ 117.218816] ? __sys_recvmsg+0x171/0x200
[ 117.218838] __x64_sys_epoll_wait+0x15b/0x280
[ 117.218856] ? __task_pid_nr_ns+0x2e/0x4f0
[ 117.218869] ? __pfx___x64_sys_epoll_wait+0x10/0x10
[ 117.218887] ? __task_pid_nr_ns+0x1a6/0x4f0
[ 117.218900] ? lock_release+0xc8/0x290
[ 117.218915] ? lock_is_held_type+0x9e/0x120
[ 117.218936] do_syscall_64+0xbf/0x360
[ 117.218949] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.218962] RIP: 0033:0x7f8223c6c116
[ 117.218971] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44
[ 117.218984] RSP: 002b:00007ffce2374010 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8
[ 117.218996] RAX: ffffffffffffffda RBX: 000055f675b30b70 RCX: 00007f8223c6c116
[ 117.219005] RDX: 000000000000002f RSI: 000055f676390f80 RDI: 0000000000000005
[ 117.219014] RBP: ffffffffffffffff R08: 0000000000000000 R09: af5e86d5c9cb232e
[ 117.219022] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001
[ 117.219031] R13: 000000000000002f R14: 0000000000000000 R15: 000055f66b1a5b4e
[ 117.219043]
[ 117.226138] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#32] SMP KASAN NOPTI
[ 117.226371] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.226657] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.227108] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.227312] CPU: 1 UID: 0 PID: 112 Comm: systemd-udevd Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.227590] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.227906] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.227912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.227919] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.227937] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.227949] RSP: 0018:ffff888015c678c0 EFLAGS: 00010212
[ 117.227959] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.227967] RDX: ffff8880147a5280 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.227975] RBP: ffff888015c67b30 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 117.227983] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[ 117.228362]
[ 117.228681] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 117.229069] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.229272] FS: 00007f5aff3348c0(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.229669] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.229856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.229865] CR2: 0000001b2d024000 CR3: 000000000d8a7000 CR4: 0000000000350ef0
[ 117.229873] Call Trace:
[ 117.229877]
[ 117.229881] ? lock_acquire+0x18c/0x2f0
[ 117.229897] ? __pfx_perf_tp_event+0x10/0x10
[ 117.229913] ? __kernel_text_address+0xd/0x40
[ 117.229929] ? unwind_get_return_address+0x59/0xa0
[ 117.229947] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 117.230140] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.230551] ? arch_stack_walk+0x9c/0xf0
[ 117.231070] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.232398] ? stack_trace_save+0x8e/0xc0
[ 117.232414] ? stack_depot_save_flags+0x2c/0xa20
[ 117.232428] ? terminate_walk+0x31c/0x680
[ 117.232446] ? kasan_save_stack+0x34/0x50
[ 117.232461] ? kasan_save_stack+0x24/0x50
[ 117.232474] ? kasan_save_track+0x14/0x30
[ 117.232488] ? __kasan_save_free_info+0x3a/0x60
[ 117.233026] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.233484] ? __kasan_slab_free+0x3f/0x50
[ 117.234128] FS: 00007f822348f900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 117.234630] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.235256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.235760] ? map_id_range_up+0x1d5/0x350
[ 117.236233] CR2: 0000000000000000 CR3: 000000000f1a1000 CR4: 0000000000350ef0
[ 117.236525] perf_trace_run_bpf_submit+0xef/0x180
[ 117.236966] note: systemd[1] exited with preempt_count 2
[ 117.237262] perf_trace_contention_end+0x235/0x3e0
[ 117.660229] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 117.660676] ? __mutex_trylock_common+0xf9/0x260
[ 117.661069] ? __pfx___mutex_trylock_common+0x10/0x10
[ 117.661491] trace_contention_end+0xae/0x110
[ 117.661860] __mutex_lock+0x166/0x1020
[ 117.662183] ? fdget_pos+0x2a8/0x380
[ 117.662488] ? __pfx___mutex_lock+0x10/0x10
[ 117.662842] ? __pfx_kernfs_iop_getattr+0x10/0x10
[ 117.663233] ? vfs_getattr_nosec+0x2bc/0x3e0
[ 117.663599] ? populate_seccomp_data+0x213/0x540
[ 117.663988] ? __seccomp_filter+0x535/0xfa0
[ 117.664339] ? __pfx___do_sys_newfstat+0x10/0x10
[ 117.664732] fdget_pos+0x2a8/0x380
[ 117.665027] __x64_sys_getdents64+0xe0/0x2c0
[ 117.665388] ? __pfx___x64_sys_getdents64+0x10/0x10
[ 117.665797] ? __secure_computing+0x18d/0x290
[ 117.666174] do_syscall_64+0xbf/0x360
[ 117.666488] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 117.666906] RIP: 0033:0x7f5aff7bb9c7
[ 117.667208] Code: 0f 1f 00 48 8b 47 20 c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 81 fa ff ff ff 7f b8 ff ff ff 7f 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 99 74 0f 00 f7 d8 64 89 02 48
[ 117.668652] RSP: 002b:00007ffe67d67098 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 117.669259] RAX: ffffffffffffffda RBX: 0000564d56fe3b20 RCX: 00007f5aff7bb9c7
[ 117.669841] RDX: 0000000000008000 RSI: 0000564d56fe3b50 RDI: 0000000000000012
[ 117.670414] RBP: 0000564d56fe3b50 R08: 0000000000000030 R09: 00007f5aff8b3be0
[ 117.670989] R10: 0000000000000010 R11: 0000000000000293 R12: fffffffffffffe00
[ 117.671559] R13: 0000564d56fe3b24 R14: 0000000000000000 R15: 0000564d56f92650
[ 117.672134]
[ 117.672330] Modules linked in:
[ 117.672604] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#33] SMP KASAN NOPTI
[ 117.673155] ---[ end trace 0000000000000000 ]---
[ 117.673582] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 117.674411] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.674595] CPU: 0 UID: 0 PID: 142 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.674985] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.675919] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.677455] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.677795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.677808] Workqueue: events_unbound cfg80211_wiphy_work
[ 117.678239]
[ 117.678901]
[ 117.678907] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.679344] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.679485] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.679623] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.680002] RSP: 0018:ffff88801c06f700 EFLAGS: 00010212
[ 117.680016] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 117.680582] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.682048] RDX: ffff888014608000 RSI: ffffffff8189a4e7 RDI: 0000000000000191
[ 117.682058] RBP: ffff88801c06f970 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.682632] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.683093] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.683103] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.683679] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.684261] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 117.684849] FS: 00007f5aff3348c0(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.685412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.686002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.686574] CR2: 0000000000000000 CR3: 000000000f1a1000 CR4: 0000000000350ef0
[ 117.687157] CR2: 0000001b2d024000 CR3: 000000000d8a7000 CR4: 0000000000350ef0
[ 117.687724] Call Trace:
[ 117.688384] note: systemd-udevd[112] exited with preempt_count 2
[ 117.689034]
[ 117.689044] ? __pfx_perf_tp_event+0x10/0x10
[ 117.692353] ? __lock_acquire+0xc65/0x1b70
[ 117.692708] ? __switch_to_asm+0x60/0x70
[ 117.693061] ? do_raw_spin_lock+0x123/0x260
[ 117.693422] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 117.693830] ? mark_held_locks+0x49/0x80
[ 117.694169] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.694578] perf_trace_run_bpf_submit+0xef/0x180
[ 117.694990] perf_trace_contention_begin+0x235/0x3e0
[ 117.695421] ? __pfx_perf_trace_contention_begin+0x10/0x10
[ 117.695880] ? sched_clock+0x37/0x60
[ 117.696195] ? lock_acquire+0x18c/0x2f0
[ 117.696524] trace_contention_begin+0xae/0x110
[ 117.696902] __mutex_lock+0x14b/0x1020
[ 117.697237] ? cfg80211_wiphy_work+0x7e/0x480
[ 117.697618] ? cfg80211_wiphy_work+0x7e/0x480
[ 117.697981] ? lock_release+0x1c7/0x290
[ 117.698301] ? __pfx___mutex_lock+0x10/0x10
[ 117.698650] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 117.699060] ? __pfx_try_to_wake_up+0x10/0x10
[ 117.699426] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.699847] cfg80211_wiphy_work+0x7e/0x480
[ 117.700194] process_one_work+0x8e1/0x19c0
[ 117.700558] ? __pfx_process_one_work+0x10/0x10
[ 117.700946] ? move_linked_works+0x172/0x270
[ 117.701323] ? assign_work+0x196/0x240
[ 117.701653] worker_thread+0x67e/0xe90
[ 117.701979] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.702412] ? __pfx_worker_thread+0x10/0x10
[ 117.702783] kthread+0x3c8/0x740
[ 117.703077] ? __pfx_kthread+0x10/0x10
[ 117.703400] ? ret_from_fork+0x23/0x430
[ 117.703736] ? lock_release+0xc8/0x290
[ 117.704064] ? __pfx_kthread+0x10/0x10
[ 117.704395] ret_from_fork+0x34b/0x430
[ 117.704726] ? __pfx_kthread+0x10/0x10
[ 117.705053] ret_from_fork_asm+0x1a/0x30
[ 117.705396]
[ 117.705599] Modules linked in:
[ 117.705872] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000032: 0000 [#34] SMP KASAN NOPTI
[ 117.706489] ---[ end trace 0000000000000000 ]---
[ 117.706786] KASAN: probably user-memory-access in range [0x0000000100000190-0x0000000100000197]
[ 117.706803] CPU: 1 UID: 0 PID: 2817 Comm: kworker/u10:7 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.706824] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.706829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.706838] Workqueue: events_unbound cfg80211_wiphy_work
[ 117.706855] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.706872] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.706884] RSP: 0018:ffff888009a67700 EFLAGS: 00010212
[ 117.706893] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.706901] RDX: ffff8880160b3700 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.706909] RBP: ffff888009a67970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 117.706917] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.706925] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 117.706935] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000
[ 117.706945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.706953] CR2: 0000001b2d024000 CR3: 0000000043c35000 CR4: 0000000000350ef0
[ 117.706961] Call Trace:
[ 117.706965]
[ 117.706972] ? __pfx_perf_tp_event+0x10/0x10
[ 117.706997] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.707014] perf_trace_run_bpf_submit+0xef/0x180
[ 117.707032] perf_trace_contention_end+0x235/0x3e0
[ 117.707047] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 117.707061] ? __mutex_trylock_common+0xf9/0x260
[ 117.707076] ? __pfx___mutex_trylock_common+0x10/0x10
[ 117.707092] trace_contention_end+0xae/0x110
[ 117.707106] __mutex_lock+0x166/0x1020
[ 117.707124] ? cfg80211_wiphy_work+0x7e/0x480
[ 117.707137] ? lock_release+0x1c7/0x290
[ 117.707151] ? lock_release+0x1c7/0x290
[ 117.707536] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.708233] ? __pfx___mutex_lock+0x10/0x10
[ 117.708253] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 117.708270] ? xfd_validate_state+0x55/0x180
[ 117.708287] ? __pfx_try_to_wake_up+0x10/0x10
[ 117.708305] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.708320] cfg80211_wiphy_work+0x7e/0x480
[ 117.709358] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.709691] process_one_work+0x8e1/0x19c0
[ 117.710448] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.710804] ? __pfx_process_one_work+0x10/0x10
[ 117.710820] ? move_linked_works+0x172/0x270
[ 117.710839] ? assign_work+0x196/0x240
[ 117.710853] worker_thread+0x67e/0xe90
[ 117.710867] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.710881] ? __pfx_worker_thread+0x10/0x10
[ 117.711258]
[ 117.712731] kthread+0x3c8/0x740
[ 117.712745] ? __pfx_kthread+0x10/0x10
[ 117.712757] ? ret_from_fork+0x23/0x430
[ 117.712776] ? lock_release+0xc8/0x290
[ 117.712789] ? __pfx_kthread+0x10/0x10
[ 117.712802] ret_from_fork+0x34b/0x430
[ 117.712820] ? __pfx_kthread+0x10/0x10
[ 117.713248] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.713837] ret_from_fork_asm+0x1a/0x30
[ 117.713858]
[ 117.713861] Modules linked in:
[ 117.714368] ---[ end trace 0000000000000000 ]---
[ 117.714505] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.715545] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.715759] RBP: ffff88801631f8b0 R08: ffff88806ce31340 R09: ffffe8ffffc15f78
[ 117.716414] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.716428] RSP: 0018:ffff88801631f640 EFLAGS: 00010212
[ 117.716439] RAX: 0000000000000032 RBX: ffffffffffffffa2 RCX: 0000000000000002
[ 117.717170] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.717181] R13: 000000000000001c R14: ffff88806ce31340 R15: dffffc0000000000
[ 117.717192] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 117.717203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 117.717212] CR2: 0000000000000000 CR3: 000000000f1a1000 CR4: 0000000000350ef0
[ 117.717223] note: kworker/u10:3[142] exited with preempt_count 2
[ 117.717699] RDX: ffff88800ea31b80 RSI: ffffffff8189a4e7 RDI: 0000000000000192
[ 117.718323] BUG: Bad page state in process kworker/u10:7 pfn:15cb1
[ 117.718335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15cb1
[ 117.718348] flags: 0x100000000000000(node=0|zone=1)
[ 117.718359] page_type: f9(unknown)
[ 117.718372] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 117.718383] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.718391] page dumped because: nonzero mapcount
[ 117.718397] Modules linked in:
[ 117.718407] CPU: 1 UID: 0 PID: 2817 Comm: kworker/u10:7 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.718430] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.718434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.718442] Workqueue: events_unbound cfg80211_wiphy_work
[ 117.718456] Call Trace:
[ 117.718460]
[ 117.718464] dump_stack_lvl+0xfa/0x120
[ 117.718485] bad_page+0x8c/0x1c0
[ 117.718499] __free_frozen_pages+0xaf9/0xe10
[ 117.718517] ? rcu_core+0x7c3/0x1800
[ 117.718533] rcu_core+0x7c8/0x1800
[ 117.718549] ? __pfx_rcu_core+0x10/0x10
[ 117.718563] ? clockevents_program_event+0x135/0x360
[ 117.718582] ? tick_program_event+0xac/0x140
[ 117.718594] ? hrtimer_interrupt+0x652/0x830
[ 117.718607] handle_softirqs+0x1b1/0x770
[ 117.718628] __irq_exit_rcu+0xc4/0x100
[ 117.718646] irq_exit_rcu+0x9/0x20
[ 117.718657] sysvec_apic_timer_interrupt+0x70/0x80
[ 117.718675]
[ 117.718679]
[ 117.718683] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 117.718697] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x80
[ 117.718713] Code: 5d 41 5c 41 5d e9 70 60 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 34 24 65 48 8b 15 58 89 10 06 65 8b 05 69 89 10
[ 117.718725] RSP: 0018:ffff888009a673b0 EFLAGS: 00000246
[ 117.718734] RAX: 0000000000000001 RBX: 1ffff1100134ce78 RCX: ffffffff817c3ab6
[ 117.718743] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8154befa
[ 117.718750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 117.718758] R10: ffffffff8643b457 R11: 0000000000000001 R12: 0000000000000041
[ 117.718765] R13: 0000000000000200 R14: ffff888014608000 R15: ffff888009a67478
[ 117.718780] ? trace_irq_enable.constprop.0+0x26/0x100
[ 117.718793] ? vprintk_emit+0x52a/0x630
[ 117.718813] vprintk_emit+0x530/0x630
[ 117.718832] ? __pfx_vprintk_emit+0x10/0x10
[ 117.718851] ? __pfx__printk+0x10/0x10
[ 117.718866] _printk+0xbe/0xf0
[ 117.718880] ? __pfx__printk+0x10/0x10
[ 117.718893] ? perf_tp_event+0x14b/0xe70
[ 117.718909] ? show_opcodes+0xb3/0xd0
[ 117.718929] ? perf_tp_event+0x167/0xe70
[ 117.718945] __show_regs+0x16f/0x750
[ 117.718962] ? printk_percpu_data_ready+0x9/0x20
[ 117.718978] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50
[ 117.718994] oops_end+0x7d/0xe0
[ 117.719012] exc_general_protection+0x1a2/0x330
[ 117.719029] asm_exc_general_protection+0x26/0x30
[ 117.719041] RIP: 0010:perf_tp_event+0x175/0xe70
[ 117.719058] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 117.719070] RSP: 0018:ffff888009a67700 EFLAGS: 00010212
[ 117.719079] RAX: 0000000020000032 RBX: 00000000ffffffa0 RCX: 0000000000000002
[ 117.719087] RDX: ffff8880160b3700 RSI: ffffffff8189a4e7 RDI: 0000000100000190
[ 117.719095] RBP: ffff888009a67970 R08: ffff88806cf31340 R09: ffffe8ffffd161c0
[ 117.719103] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 117.719111] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000
[ 117.719121] ? perf_tp_event+0x167/0xe70
[ 117.719141] ? __pfx_perf_tp_event+0x10/0x10
[ 117.719168] ? perf_trace_run_bpf_submit+0xef/0x180
[ 117.719185] perf_trace_run_bpf_submit+0xef/0x180
[ 117.719204] perf_trace_contention_end+0x235/0x3e0
[ 117.719220] ? __pfx_perf_trace_contention_end+0x10/0x10
[ 117.719235] ? __mutex_trylock_common+0xf9/0x260
[ 117.719249] ? __pfx___mutex_trylock_common+0x10/0x10
[ 117.719266] trace_contention_end+0xae/0x110
[ 117.719281] __mutex_lock+0x166/0x1020
[ 117.719300] ? cfg80211_wiphy_work+0x7e/0x480
[ 117.719313] ? lock_release+0x1c7/0x290
[ 117.719326] ? lock_release+0x1c7/0x290
[ 117.719340] ? __pfx___mutex_lock+0x10/0x10
[ 117.719359] ? _raw_spin_unlock_irqrestore+0x22/0x50
[ 117.719377] ? xfd_validate_state+0x55/0x180
[ 117.719394] ? __pfx_try_to_wake_up+0x10/0x10
[ 117.719413] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.719426] cfg80211_wiphy_work+0x7e/0x480
[ 117.719440] process_one_work+0x8e1/0x19c0
[ 117.719458] ? __pfx_process_one_work+0x10/0x10
[ 117.719472] ? move_linked_works+0x172/0x270
[ 117.719491] ? assign_work+0x196/0x240
[ 117.719505] worker_thread+0x67e/0xe90
[ 117.719522] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 117.719539] ? __pfx_worker_thread+0x10/0x10
[ 117.719554] kthread+0x3c8/0x740
[ 117.719567] ? __pfx_kthread+0x10/0x10
[ 117.719579] ? ret_from_fork+0x23/0x430
[ 117.719598] ? lock_release+0xc8/0x290
[ 117.719612] ? __pfx_kthread+0x10/0x10
[ 117.719625] ret_from_fork+0x34b/0x430
[ 117.719643] ? __pfx_kthread+0x10/0x10
[ 117.719656] ret_from_fork_asm+0x1a/0x30
[ 117.719675]
[ 117.719693] BUG: Bad page state in process kworker/u10:7 pfn:15cb2
[ 117.719701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15cb2
[ 117.719713] flags: 0x100000000000000(node=0|zone=1)
[ 117.719722] page_type: f9(unknown)
[ 117.719733] raw: 0100000000000000 0000000000000000 ffffea0000572c90 0000000000000000
[ 117.719745] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000
[ 117.719753] page dumped because: nonzero mapcount
[ 117.719759] Modules linked in:
[ 117.719771] CPU: 1 UID: 0 PID: 2817 Comm: kworker/u10:7 Tainted: G B D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 117.719794] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN
[ 117.719799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 117.719808] Workqueue: events_unbound cfg80211_wiphy_work
[ 117.719822] Call Trace:
[ 117.719825]
[ 117.719830] dump_stack_lvl+0xfa/0x120
[ 117.719850] bad_page+0x8c/0x1c0
[ 117.719862] __free_frozen_pages+0xaf9/0xe10
[ 117.719881] ? rcu_core+0x7c3/0x1800
[ 117.719900] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[ 117.720074] Kernel Offset: disabled
[ 117.791630] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b ]---
VM DIAGNOSIS:
08:47:33 Registers:
info registers vcpu 0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88801631ef98
R8 =0000000000000000 R9 =ffffed10013f5046 R10=0000000000000032 R11=30376578302f4952
R12=0000000000000032 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555768e7400 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe6000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f835efd0019 CR3=000000000eae7000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffffea0000e5e6c0 RCX=ffffffff81a297df RDX=ffff888044d88000
RSI=ffffffff81a297f7 RDI=0000000000000007 RBP=0000000000000001 RSP=ffff8880448b7830
R8 =0000000000000000 R9 =fffff940001cbcd8 R10=0000000000000000 R11=1ffff1100d9e6f7b
R12=ffffea0000e5e6c0 R13=0000000000000000 R14=ffff88804427b640 R15=ffffea0000e5e6f0
RIP=ffffffff8173f6b8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe5800000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2d124000 CR3=000000003ceb8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000