Warning: Permanently added '[localhost]:2418' (ECDSA) to the list of known hosts. 2025/09/01 10:27:48 fuzzer started 2025/09/01 10:27:48 dialing manager at localhost:35473 syzkaller login: [ 51.893698] cgroup: Unknown subsys name 'net' [ 52.190579] cgroup: Unknown subsys name 'cpuset' [ 52.221772] cgroup: Unknown subsys name 'rlimit' 2025/09/01 10:27:58 syscalls: 2214 2025/09/01 10:27:58 code coverage: enabled 2025/09/01 10:27:58 comparison tracing: enabled 2025/09/01 10:27:58 extra coverage: enabled 2025/09/01 10:27:58 setuid sandbox: enabled 2025/09/01 10:27:58 namespace sandbox: enabled 2025/09/01 10:27:58 Android sandbox: enabled 2025/09/01 10:27:58 fault injection: enabled 2025/09/01 10:27:58 leak checking: enabled 2025/09/01 10:27:58 net packet injection: enabled 2025/09/01 10:27:58 net device setup: enabled 2025/09/01 10:27:58 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 10:27:58 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 10:27:58 USB emulation: enabled 2025/09/01 10:27:58 hci packet injection: enabled 2025/09/01 10:27:58 wifi device emulation: enabled 2025/09/01 10:27:58 802.15.4 emulation: enabled 2025/09/01 10:27:58 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 10:27:58 fetching corpus: 39, signal 17600/21205 (executing program) 2025/09/01 10:27:59 fetching corpus: 86, signal 29191/34170 (executing program) 2025/09/01 10:27:59 fetching corpus: 136, signal 37979/44229 (executing program) 2025/09/01 10:27:59 fetching corpus: 186, signal 42252/49829 (executing program) 2025/09/01 10:27:59 fetching corpus: 236, signal 49760/58279 (executing program) 2025/09/01 10:27:59 fetching corpus: 286, signal 52519/62231 (executing program) 2025/09/01 10:27:59 fetching corpus: 336, signal 55896/66734 (executing program) 2025/09/01 10:27:59 fetching corpus: 386, signal 64121/75472 (executing program) 2025/09/01 10:27:59 fetching corpus: 436, signal 67845/80078 (executing program) 2025/09/01 10:27:59 fetching corpus: 485, signal 71021/84096 (executing program) 2025/09/01 10:28:00 fetching corpus: 533, signal 74447/88235 (executing program) 2025/09/01 10:28:00 fetching corpus: 582, signal 76743/91378 (executing program) 2025/09/01 10:28:00 fetching corpus: 632, signal 78958/94379 (executing program) 2025/09/01 10:28:00 fetching corpus: 682, signal 81706/97719 (executing program) 2025/09/01 10:28:00 fetching corpus: 731, signal 84414/100951 (executing program) 2025/09/01 10:28:00 fetching corpus: 781, signal 86542/103698 (executing program) 2025/09/01 10:28:00 fetching corpus: 831, signal 89192/106764 (executing program) 2025/09/01 10:28:00 fetching corpus: 881, signal 91209/109287 (executing program) 2025/09/01 10:28:00 fetching corpus: 930, signal 92852/111511 (executing program) 2025/09/01 10:28:00 fetching corpus: 980, signal 94212/113499 (executing program) 2025/09/01 10:28:01 fetching corpus: 1030, signal 96228/115895 (executing program) 2025/09/01 10:28:01 fetching corpus: 1080, signal 97139/117443 (executing program) 2025/09/01 10:28:01 fetching corpus: 1130, signal 98664/119419 (executing program) 2025/09/01 10:28:01 fetching corpus: 1180, signal 100184/121400 (executing program) 2025/09/01 10:28:01 fetching corpus: 1230, signal 101305/123104 (executing program) 2025/09/01 10:28:01 fetching corpus: 1280, signal 102700/125013 (executing program) 2025/09/01 10:28:01 fetching corpus: 1330, signal 103401/126252 (executing program) 2025/09/01 10:28:01 fetching corpus: 1380, signal 105046/128187 (executing program) 2025/09/01 10:28:01 fetching corpus: 1430, signal 107168/130360 (executing program) 2025/09/01 10:28:01 fetching corpus: 1480, signal 108168/131826 (executing program) 2025/09/01 10:28:01 fetching corpus: 1530, signal 109289/133321 (executing program) 2025/09/01 10:28:02 fetching corpus: 1580, signal 110135/134609 (executing program) 2025/09/01 10:28:02 fetching corpus: 1630, signal 111039/135949 (executing program) 2025/09/01 10:28:02 fetching corpus: 1680, signal 111754/137081 (executing program) 2025/09/01 10:28:02 fetching corpus: 1728, signal 113070/138627 (executing program) 2025/09/01 10:28:02 fetching corpus: 1778, signal 114027/139852 (executing program) 2025/09/01 10:28:02 fetching corpus: 1828, signal 115139/141188 (executing program) 2025/09/01 10:28:02 fetching corpus: 1878, signal 116102/142405 (executing program) 2025/09/01 10:28:02 fetching corpus: 1928, signal 116830/143499 (executing program) 2025/09/01 10:28:02 fetching corpus: 1978, signal 118269/144949 (executing program) 2025/09/01 10:28:02 fetching corpus: 2028, signal 119155/146035 (executing program) 2025/09/01 10:28:02 fetching corpus: 2077, signal 119813/147024 (executing program) 2025/09/01 10:28:03 fetching corpus: 2127, signal 120511/148023 (executing program) 2025/09/01 10:28:03 fetching corpus: 2177, signal 121488/149118 (executing program) 2025/09/01 10:28:03 fetching corpus: 2227, signal 122465/150199 (executing program) 2025/09/01 10:28:03 fetching corpus: 2277, signal 123050/151068 (executing program) 2025/09/01 10:28:03 fetching corpus: 2327, signal 123838/152016 (executing program) 2025/09/01 10:28:03 fetching corpus: 2377, signal 125052/153154 (executing program) 2025/09/01 10:28:03 fetching corpus: 2427, signal 126121/154260 (executing program) 2025/09/01 10:28:03 fetching corpus: 2477, signal 127073/155216 (executing program) 2025/09/01 10:28:03 fetching corpus: 2527, signal 128379/156341 (executing program) 2025/09/01 10:28:03 fetching corpus: 2577, signal 129311/157281 (executing program) 2025/09/01 10:28:03 fetching corpus: 2627, signal 130100/158142 (executing program) 2025/09/01 10:28:04 fetching corpus: 2677, signal 130834/158912 (executing program) 2025/09/01 10:28:04 fetching corpus: 2727, signal 131772/159787 (executing program) 2025/09/01 10:28:04 fetching corpus: 2777, signal 132624/160624 (executing program) 2025/09/01 10:28:04 fetching corpus: 2827, signal 133420/161419 (executing program) 2025/09/01 10:28:04 fetching corpus: 2877, signal 134021/162094 (executing program) 2025/09/01 10:28:04 fetching corpus: 2927, signal 136482/163325 (executing program) 2025/09/01 10:28:04 fetching corpus: 2977, signal 137079/163958 (executing program) 2025/09/01 10:28:04 fetching corpus: 3027, signal 138403/164773 (executing program) 2025/09/01 10:28:04 fetching corpus: 3077, signal 139046/165410 (executing program) 2025/09/01 10:28:05 fetching corpus: 3126, signal 140398/166163 (executing program) 2025/09/01 10:28:05 fetching corpus: 3176, signal 141191/166785 (executing program) 2025/09/01 10:28:05 fetching corpus: 3226, signal 141715/167315 (executing program) 2025/09/01 10:28:05 fetching corpus: 3276, signal 142684/167946 (executing program) 2025/09/01 10:28:05 fetching corpus: 3325, signal 143369/168503 (executing program) 2025/09/01 10:28:05 fetching corpus: 3375, signal 143980/169006 (executing program) 2025/09/01 10:28:05 fetching corpus: 3425, signal 144607/169492 (executing program) 2025/09/01 10:28:05 fetching corpus: 3475, signal 145075/169957 (executing program) 2025/09/01 10:28:05 fetching corpus: 3525, signal 145751/170464 (executing program) 2025/09/01 10:28:05 fetching corpus: 3575, signal 146233/170924 (executing program) 2025/09/01 10:28:05 fetching corpus: 3625, signal 146702/171340 (executing program) 2025/09/01 10:28:06 fetching corpus: 3675, signal 147140/171754 (executing program) 2025/09/01 10:28:06 fetching corpus: 3725, signal 147725/172194 (executing program) 2025/09/01 10:28:06 fetching corpus: 3773, signal 148038/172557 (executing program) 2025/09/01 10:28:06 fetching corpus: 3823, signal 148724/172929 (executing program) 2025/09/01 10:28:06 fetching corpus: 3873, signal 149151/173310 (executing program) 2025/09/01 10:28:06 fetching corpus: 3923, signal 149557/173646 (executing program) 2025/09/01 10:28:06 fetching corpus: 3973, signal 150204/174007 (executing program) 2025/09/01 10:28:06 fetching corpus: 4023, signal 150611/174336 (executing program) 2025/09/01 10:28:06 fetching corpus: 4073, signal 151035/174664 (executing program) 2025/09/01 10:28:06 fetching corpus: 4123, signal 151475/174991 (executing program) 2025/09/01 10:28:06 fetching corpus: 4173, signal 152023/175259 (executing program) 2025/09/01 10:28:07 fetching corpus: 4223, signal 152300/175541 (executing program) 2025/09/01 10:28:07 fetching corpus: 4272, signal 152790/175668 (executing program) 2025/09/01 10:28:07 fetching corpus: 4322, signal 153182/175717 (executing program) 2025/09/01 10:28:07 fetching corpus: 4372, signal 153606/175723 (executing program) 2025/09/01 10:28:07 fetching corpus: 4422, signal 154061/175726 (executing program) 2025/09/01 10:28:07 fetching corpus: 4472, signal 154644/175762 (executing program) 2025/09/01 10:28:07 fetching corpus: 4522, signal 155252/175770 (executing program) 2025/09/01 10:28:07 fetching corpus: 4572, signal 155748/175789 (executing program) 2025/09/01 10:28:07 fetching corpus: 4622, signal 156118/175794 (executing program) 2025/09/01 10:28:07 fetching corpus: 4671, signal 156761/175801 (executing program) 2025/09/01 10:28:08 fetching corpus: 4721, signal 157213/175808 (executing program) 2025/09/01 10:28:08 fetching corpus: 4771, signal 159332/175846 (executing program) 2025/09/01 10:28:08 fetching corpus: 4821, signal 159763/175852 (executing program) 2025/09/01 10:28:08 fetching corpus: 4871, signal 160150/175860 (executing program) 2025/09/01 10:28:08 fetching corpus: 4921, signal 160707/175928 (executing program) 2025/09/01 10:28:08 fetching corpus: 4971, signal 161183/175934 (executing program) 2025/09/01 10:28:08 fetching corpus: 5021, signal 161709/175935 (executing program) 2025/09/01 10:28:08 fetching corpus: 5070, signal 162378/175985 (executing program) 2025/09/01 10:28:08 fetching corpus: 5120, signal 162783/176026 (executing program) 2025/09/01 10:28:08 fetching corpus: 5170, signal 163177/176029 (executing program) 2025/09/01 10:28:08 fetching corpus: 5220, signal 163588/176042 (executing program) 2025/09/01 10:28:09 fetching corpus: 5270, signal 163873/176051 (executing program) 2025/09/01 10:28:09 fetching corpus: 5320, signal 164299/176073 (executing program) 2025/09/01 10:28:09 fetching corpus: 5370, signal 164714/176085 (executing program) 2025/09/01 10:28:09 fetching corpus: 5420, signal 165074/176089 (executing program) 2025/09/01 10:28:09 fetching corpus: 5470, signal 165515/176106 (executing program) 2025/09/01 10:28:09 fetching corpus: 5520, signal 166061/176113 (executing program) 2025/09/01 10:28:09 fetching corpus: 5569, signal 166385/176132 (executing program) 2025/09/01 10:28:09 fetching corpus: 5619, signal 166633/176141 (executing program) 2025/09/01 10:28:09 fetching corpus: 5669, signal 166934/176197 (executing program) 2025/09/01 10:28:09 fetching corpus: 5719, signal 167209/176213 (executing program) 2025/09/01 10:28:10 fetching corpus: 5769, signal 167574/176216 (executing program) 2025/09/01 10:28:10 fetching corpus: 5819, signal 167951/176221 (executing program) 2025/09/01 10:28:10 fetching corpus: 5869, signal 168287/176226 (executing program) 2025/09/01 10:28:10 fetching corpus: 5919, signal 168731/176233 (executing program) 2025/09/01 10:28:10 fetching corpus: 5969, signal 169211/176249 (executing program) 2025/09/01 10:28:10 fetching corpus: 6019, signal 169540/176267 (executing program) 2025/09/01 10:28:10 fetching corpus: 6069, signal 169970/176311 (executing program) 2025/09/01 10:28:10 fetching corpus: 6119, signal 170381/176317 (executing program) 2025/09/01 10:28:10 fetching corpus: 6169, signal 170786/176319 (executing program) 2025/09/01 10:28:10 fetching corpus: 6219, signal 171285/176323 (executing program) 2025/09/01 10:28:11 fetching corpus: 6269, signal 171608/176355 (executing program) 2025/09/01 10:28:11 fetching corpus: 6319, signal 171897/176355 (executing program) 2025/09/01 10:28:11 fetching corpus: 6369, signal 172145/176378 (executing program) 2025/09/01 10:28:11 fetching corpus: 6419, signal 172352/176390 (executing program) 2025/09/01 10:28:11 fetching corpus: 6469, signal 173127/176395 (executing program) 2025/09/01 10:28:11 fetching corpus: 6519, signal 173427/176403 (executing program) 2025/09/01 10:28:11 fetching corpus: 6527, signal 173540/176405 (executing program) 2025/09/01 10:28:11 fetching corpus: 6527, signal 173540/176405 (executing program) 2025/09/01 10:28:13 starting 8 fuzzer processes 10:28:13 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={[{@mpol={'mpol', 0x3d, {'local', '=relative'}}}]}) 10:28:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5414, &(0x7f0000000000)) 10:28:13 executing program 4: setresuid(0xee01, 0xee00, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 10:28:13 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB='/'], &(0x7f00000001c0)='./file0\x00', 0x0, 0x22b5c98, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x2) 10:28:13 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 10:28:13 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00') [ 77.060912] audit: type=1400 audit(1756722493.924:7): avc: denied { execmem } for pid=269 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:28:13 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000140)) 10:28:13 executing program 3: sched_setscheduler(0x0, 0x5, &(0x7f0000000000)) creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4a002, 0x0) sendfile(r0, r0, 0x0, 0x8) [ 78.288832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.293382] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.295874] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.302001] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.304875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.421943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.424243] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.425758] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.431066] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.433051] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.491431] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.504422] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.506780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.517953] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.520582] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.541332] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.545369] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.556108] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.568578] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 78.577109] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.583074] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 78.587013] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 78.590390] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.598890] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 78.600567] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 78.602312] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 78.606457] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 78.607947] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 78.614107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 78.615567] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 78.618128] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 78.625998] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 78.630685] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 78.632620] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 78.637394] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 78.638872] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 78.643732] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 78.646461] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 78.652541] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 78.654482] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 80.320700] Bluetooth: hci0: command tx timeout [ 80.448325] Bluetooth: hci1: command tx timeout [ 80.576737] Bluetooth: hci2: command tx timeout [ 80.640344] Bluetooth: hci3: command tx timeout [ 80.704389] Bluetooth: hci5: command tx timeout [ 80.704620] Bluetooth: hci6: command tx timeout [ 80.769397] Bluetooth: hci4: command tx timeout [ 80.770120] Bluetooth: hci7: command tx timeout [ 82.368309] Bluetooth: hci0: command tx timeout [ 82.496198] Bluetooth: hci1: command tx timeout [ 82.625112] Bluetooth: hci2: command tx timeout [ 82.689288] Bluetooth: hci3: command tx timeout [ 82.752240] Bluetooth: hci5: command tx timeout [ 82.752319] Bluetooth: hci6: command tx timeout [ 82.816562] Bluetooth: hci7: command tx timeout [ 82.818203] Bluetooth: hci4: command tx timeout [ 84.416209] Bluetooth: hci0: command tx timeout [ 84.544197] Bluetooth: hci1: command tx timeout [ 84.673278] Bluetooth: hci2: command tx timeout [ 84.736256] Bluetooth: hci3: command tx timeout [ 84.802260] Bluetooth: hci5: command tx timeout [ 84.802337] Bluetooth: hci6: command tx timeout [ 84.864274] Bluetooth: hci7: command tx timeout [ 84.864329] Bluetooth: hci4: command tx timeout [ 86.465287] Bluetooth: hci0: command tx timeout [ 86.592239] Bluetooth: hci1: command tx timeout [ 86.720688] Bluetooth: hci2: command tx timeout [ 86.784211] Bluetooth: hci3: command tx timeout [ 86.848284] Bluetooth: hci5: command tx timeout [ 86.849259] Bluetooth: hci6: command tx timeout [ 86.913222] Bluetooth: hci4: command tx timeout [ 86.913635] Bluetooth: hci7: command tx timeout [ 118.024532] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.025806] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.206481] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.207181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.561459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.562067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:28:55 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB='/'], &(0x7f00000001c0)='./file0\x00', 0x0, 0x22b5c98, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x2) [ 118.743368] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.743965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:28:55 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB='/'], &(0x7f00000001c0)='./file0\x00', 0x0, 0x22b5c98, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x2) 10:28:55 executing program 7: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB='/'], &(0x7f00000001c0)='./file0\x00', 0x0, 0x22b5c98, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x2) 10:28:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00') 10:28:56 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000002500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 119.243194] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.243783] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:28:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00') 10:28:56 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000002500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 119.408398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.409028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:28:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00') [ 119.799744] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.800402] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.884126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.884754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.981587] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.982234] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.079166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.079785] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.381106] tmpfs: Bad value for 'mpol' [ 120.381332] audit: type=1400 audit(1756722537.242:8): avc: denied { open } for pid=3886 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.385915] tmpfs: Bad value for 'mpol' [ 120.389224] audit: type=1400 audit(1756722537.242:9): avc: denied { kernel } for pid=3886 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.540522] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.541095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.613853] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.614455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.720167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.720780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.756025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.757055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.823666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.824285] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.846930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.847941] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 10:28:57 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x2, &(0x7f0000000280)=0x7fff, 0x4) 10:28:57 executing program 3: sched_setscheduler(0x0, 0x5, &(0x7f0000000000)) creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4a002, 0x0) sendfile(r0, r0, 0x0, 0x8) 10:28:57 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000140)) 10:28:57 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000002500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 10:28:57 executing program 4: setresuid(0xee01, 0xee00, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 10:28:57 executing program 2: timerfd_create(0x8, 0x80800) 10:28:57 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 10:28:57 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={[{@mpol={'mpol', 0x3d, {'local', '=relative'}}}]}) [ 121.053547] tmpfs: Bad value for 'mpol' 10:28:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x2, &(0x7f0000000280)=0x7fff, 0x4) 10:28:58 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 10:28:58 executing program 4: setresuid(0xee01, 0xee00, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 10:28:58 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000019640)='/proc/sysvipc/shm\x00', 0x0, 0x0) ioctl$KDSETLED(r0, 0x541b, 0x2f0ff1f00000000) 10:28:58 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000002500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 10:28:58 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={[{@mpol={'mpol', 0x3d, {'local', '=relative'}}}]}) 10:28:58 executing program 3: sched_setscheduler(0x0, 0x5, &(0x7f0000000000)) creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4a002, 0x0) sendfile(r0, r0, 0x0, 0x8) 10:28:58 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000140)) 10:28:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x2, &(0x7f0000000280)=0x7fff, 0x4) [ 121.205308] tmpfs: Bad value for 'mpol' [ 121.217335] kmemleak: Found object by alias at 0x607f1a63e9a4 [ 121.217353] CPU: 1 UID: 0 PID: 3944 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.217372] Tainted: [W]=WARN [ 121.217376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.217384] Call Trace: [ 121.217388] [ 121.217393] dump_stack_lvl+0xca/0x120 [ 121.217427] __lookup_object+0x94/0xb0 [ 121.217450] delete_object_full+0x27/0x70 [ 121.217467] free_percpu+0x30/0x1160 [ 121.217484] ? arch_uprobe_clear_state+0x16/0x140 [ 121.217506] futex_hash_free+0x38/0xc0 [ 121.217525] mmput+0x2d3/0x390 [ 121.217545] do_exit+0x79d/0x2970 [ 121.217563] ? __pfx_do_exit+0x10/0x10 [ 121.217577] ? find_held_lock+0x2b/0x80 [ 121.217596] ? get_signal+0x835/0x2340 [ 121.217617] do_group_exit+0xd3/0x2a0 [ 121.217632] get_signal+0x2315/0x2340 [ 121.217650] ? __fget_files+0x203/0x3b0 [ 121.217667] ? __pfx_get_signal+0x10/0x10 [ 121.217684] ? do_futex+0x135/0x370 [ 121.217698] ? __pfx_do_futex+0x10/0x10 [ 121.217713] arch_do_signal_or_restart+0x80/0x790 [ 121.217732] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 121.217749] ? __x64_sys_futex+0x1c9/0x4d0 [ 121.217761] ? __x64_sys_futex+0x1d2/0x4d0 [ 121.217776] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.217790] ? __pfx___x64_sys_futex+0x10/0x10 [ 121.217809] exit_to_user_mode_loop+0x8b/0x110 [ 121.217823] do_syscall_64+0x2f7/0x360 [ 121.217837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.217850] RIP: 0033:0x7f35c81bab19 [ 121.217859] Code: Unable to access opcode bytes at 0x7f35c81baaef. [ 121.217865] RSP: 002b:00007f35c5730218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 121.217877] RAX: fffffffffffffe00 RBX: 00007f35c82cdf68 RCX: 00007f35c81bab19 [ 121.217885] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35c82cdf68 [ 121.217892] RBP: 00007f35c82cdf60 R08: 0000000000000000 R09: 0000000000000000 [ 121.217900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35c82cdf6c [ 121.217911] R13: 00007fffdb667f1f R14: 00007f35c5730300 R15: 0000000000022000 [ 121.217927] [ 121.217931] kmemleak: Object (percpu) 0x607f1a63e998 (size 16): [ 121.217938] kmemleak: comm "syz-executor.3", pid 285, jiffies 4294787763 [ 121.217946] kmemleak: min_count = 1 [ 121.217950] kmemleak: count = 0 [ 121.217953] kmemleak: flags = 0x21 [ 121.217957] kmemleak: checksum = 0 [ 121.217961] kmemleak: backtrace: [ 121.217965] pcpu_alloc_noprof+0x87a/0x1170 [ 121.217981] mm_init+0x99b/0x1170 [ 121.217989] copy_process+0x3ab7/0x73c0 [ 121.218000] kernel_clone+0xea/0x7f0 [ 121.218010] __do_sys_clone+0xce/0x120 [ 121.218020] do_syscall_64+0xbf/0x360 [ 121.218030] entry_SYSCALL_64_after_hwframe+0x77/0x7f 10:28:58 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) 10:28:58 executing program 4: setresuid(0xee01, 0xee00, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) 10:28:58 executing program 0: syz_mount_image$tmpfs(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={[{@mpol={'mpol', 0x3d, {'local', '=relative'}}}]}) 10:28:58 executing program 3: sched_setscheduler(0x0, 0x5, &(0x7f0000000000)) creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4a002, 0x0) sendfile(r0, r0, 0x0, 0x8) 10:28:58 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$DVD_AUTH(r0, 0x5303, &(0x7f0000000140)=@lsc={0x3, 0x0, "8c2e9c993edfe1625d5a"}) [ 121.309591] kmemleak: Found object by alias at 0x607f1a63e99c [ 121.309608] CPU: 1 UID: 0 PID: 3947 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.309627] Tainted: [W]=WARN [ 121.309631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.309638] Call Trace: [ 121.309642] [ 121.309647] dump_stack_lvl+0xca/0x120 [ 121.309676] __lookup_object+0x94/0xb0 [ 121.309694] delete_object_full+0x27/0x70 [ 121.309711] free_percpu+0x30/0x1160 [ 121.309728] ? arch_uprobe_clear_state+0x16/0x140 [ 121.309748] futex_hash_free+0x38/0xc0 [ 121.309763] mmput+0x2d3/0x390 [ 121.309782] do_exit+0x79d/0x2970 [ 121.309796] ? lock_release+0xc8/0x290 [ 121.309814] ? __pfx_do_exit+0x10/0x10 [ 121.309828] ? find_held_lock+0x2b/0x80 [ 121.309846] ? get_signal+0x835/0x2340 [ 121.309867] do_group_exit+0xd3/0x2a0 [ 121.309882] get_signal+0x2315/0x2340 [ 121.309905] ? __pfx_get_signal+0x10/0x10 [ 121.309922] ? do_futex+0x135/0x370 [ 121.309936] ? __pfx_do_futex+0x10/0x10 [ 121.309952] arch_do_signal_or_restart+0x80/0x790 [ 121.309970] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 121.309986] ? __x64_sys_futex+0x1c9/0x4d0 [ 121.309999] ? __x64_sys_futex+0x1d2/0x4d0 [ 121.310014] ? __pfx___x64_sys_futex+0x10/0x10 [ 121.310033] exit_to_user_mode_loop+0x8b/0x110 [ 121.310047] do_syscall_64+0x2f7/0x360 [ 121.310060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.310073] RIP: 0033:0x7f4a58863b19 [ 121.310082] Code: Unable to access opcode bytes at 0x7f4a58863aef. [ 121.310088] RSP: 002b:00007f4a55dd9218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 121.310100] RAX: fffffffffffffe00 RBX: 00007f4a58976f68 RCX: 00007f4a58863b19 [ 121.310108] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4a58976f68 [ 121.310115] RBP: 00007f4a58976f60 R08: 0000000000000000 R09: 0000000000000000 [ 121.310122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a58976f6c [ 121.310130] R13: 00007fffcf8f16ff R14: 00007f4a55dd9300 R15: 0000000000022000 [ 121.310149] [ 121.310153] kmemleak: Object (percpu) 0x607f1a63e998 (size 16): [ 121.310161] kmemleak: comm "syz-executor.4", pid 282, jiffies 4294787906 [ 121.310168] kmemleak: min_count = 1 [ 121.310172] kmemleak: count = 0 [ 121.310175] kmemleak: flags = 0x21 [ 121.310179] kmemleak: checksum = 0 [ 121.310183] kmemleak: backtrace: [ 121.310187] pcpu_alloc_noprof+0x87a/0x1170 [ 121.310202] mm_init+0x99b/0x1170 [ 121.310211] copy_process+0x3ab7/0x73c0 [ 121.310221] kernel_clone+0xea/0x7f0 [ 121.310231] __do_sys_clone+0xce/0x120 [ 121.310242] do_syscall_64+0xbf/0x360 [ 121.310251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.334337] kmemleak: Cannot insert 0x607f1a63e9a0 into the object search tree (overlaps existing) [ 121.334351] CPU: 1 UID: 0 PID: 3951 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.334370] Tainted: [W]=WARN [ 121.334374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.334380] Call Trace: [ 121.334383] [ 121.334388] dump_stack_lvl+0xca/0x120 [ 121.334409] __link_object+0x190/0x210 [ 121.334426] __create_object+0x48/0x80 [ 121.334444] pcpu_alloc_noprof+0x87a/0x1170 [ 121.334467] perf_trace_event_init+0x366/0xa10 [ 121.334483] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 121.334504] perf_trace_init+0x1a4/0x2f0 [ 121.334520] perf_tp_event_init+0xa6/0x120 [ 121.334538] perf_try_init_event+0x140/0x9f0 [ 121.334558] perf_event_alloc.part.0+0x118e/0x45f0 [ 121.334576] ? perf_event_alloc.part.0+0x1074/0x45f0 [ 121.334598] ? __fget_files+0x203/0x3b0 [ 121.334615] ? __pfx_perf_event_alloc.part.0+0x10/0x10 [ 121.334634] ? find_held_lock+0x2b/0x80 [ 121.334651] ? __do_sys_perf_event_open+0x11df/0x2c20 [ 121.334669] __do_sys_perf_event_open+0x719/0x2c20 [ 121.334689] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 121.334703] ? find_held_lock+0x2b/0x80 [ 121.334731] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.334748] do_syscall_64+0xbf/0x360 [ 121.334760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.334772] RIP: 0033:0x7f35c81bab19 [ 121.334781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.334792] RSP: 002b:00007f35c5730188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 121.334804] RAX: ffffffffffffffda RBX: 00007f35c82cdf60 RCX: 00007f35c81bab19 [ 121.334812] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000000 [ 121.334819] RBP: 00007f35c8214f6d R08: 0000000000000000 R09: 0000000000000000 [ 121.334826] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 121.334833] R13: 00007fffdb667f1f R14: 00007f35c5730300 R15: 0000000000022000 [ 121.334849] [ 121.335686] kmemleak: Kernel memory leak detector disabled [ 121.335690] kmemleak: Object (percpu) 0x607f1a63e998 (size 16): [ 121.335697] kmemleak: comm "syz-executor.4", pid 282, jiffies 4294787906 [ 121.335704] kmemleak: min_count = 1 [ 121.335708] kmemleak: count = 0 [ 121.335712] kmemleak: flags = 0x21 [ 121.335716] kmemleak: checksum = 0 [ 121.335720] kmemleak: backtrace: [ 121.335723] pcpu_alloc_noprof+0x87a/0x1170 [ 121.335739] mm_init+0x99b/0x1170 [ 121.335747] copy_process+0x3ab7/0x73c0 [ 121.335757] kernel_clone+0xea/0x7f0 [ 121.335767] __do_sys_clone+0xce/0x120 [ 121.335778] do_syscall_64+0xbf/0x360 [ 121.335787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.364723] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#1] SMP KASAN NOPTI [ 121.365688] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.366372] CPU: 0 UID: 0 PID: 97 Comm: systemd-journal Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.370566] Tainted: [W]=WARN [ 121.370816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.371453] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.371838] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.373255] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.373670] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.374222] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.374775] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.375328] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.375878] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.376439] FS: 00007fcb8f1a2900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.377078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.377535] CR2: 00007fcb8e5b1fc0 CR3: 000000000e869000 CR4: 0000000000350ef0 [ 121.378094] Call Trace: [ 121.378312] [ 121.378494] ? __lock_acquire+0x694/0x1b70 [ 121.378828] ? __pfx_perf_tp_event+0x10/0x10 [ 121.379181] ? lock_acquire+0x15e/0x2f0 [ 121.379495] ? __is_insn_slot_addr+0x2e/0x290 [ 121.379857] ? find_held_lock+0x2b/0x80 [ 121.380178] ? __is_insn_slot_addr+0x136/0x290 [ 121.380546] ? lock_release+0xc8/0x290 [ 121.380857] ? __is_insn_slot_addr+0x140/0x290 [ 121.381234] ? kernel_text_address+0x5b/0xc0 [ 121.381587] ? __kernel_text_address+0xd/0x40 [ 121.381941] ? unwind_get_return_address+0x59/0xa0 [ 121.382340] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 121.382769] ? arch_stack_walk+0x9c/0xf0 [ 121.383093] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.383491] perf_trace_run_bpf_submit+0xef/0x180 [ 121.383875] perf_trace_preemptirq_template+0x259/0x430 [ 121.384297] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.384756] ? irqentry_enter+0x2a/0x60 [ 121.385087] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.385505] ? irqentry_enter+0x2a/0x60 [ 121.385824] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.386231] irqentry_enter+0x2a/0x60 [ 121.386536] sysvec_call_function_single+0x18/0xc0 [ 121.386928] asm_sysvec_call_function_single+0x1a/0x20 [ 121.387342] RIP: 0010:rcu_is_watching+0x4/0x70 [ 121.387707] Code: a3 e8 60 1e 55 00 eb e4 48 c7 c7 00 12 a1 85 e8 62 1d 55 00 eb b1 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <53> 65 ff 05 a4 8d 29 06 65 48 8b 1d 94 8d 29 06 48 8d bb 50 98 85 [ 121.389123] RSP: 0018:ffff888015bbf5b8 EFLAGS: 00000202 [ 121.389540] RAX: 0000000000000001 RBX: 0000000000000007 RCX: 6c703dc49a64adb4 [ 121.390093] RDX: 0000000000000000 RSI: 000000001ff222e1 RDI: ffff888015af8010 [ 121.390649] RBP: ffff88800be64c80 R08: 0000000000000001 R09: 0000000000000000 [ 121.391203] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888015af8000 [ 121.391758] R13: fffffbfff0c87806 R14: 1ffff110017cc992 R15: dffffc0000000000 [ 121.392315] get_mem_cgroup_from_objcg+0x25c/0x430 [ 121.392711] __memcg_slab_post_alloc_hook+0x11f/0x9d0 [ 121.393126] ? kasan_save_track+0x14/0x30 [ 121.393459] kmem_cache_alloc_lru_noprof+0x51b/0x6a0 [ 121.393861] ? __d_alloc+0x31/0xa10 [ 121.394154] __d_alloc+0x31/0xa10 [ 121.394433] d_alloc_parallel+0x112/0x1330 [ 121.394767] ? kasan_save_stack+0x34/0x50 [ 121.395097] ? __pfx_d_alloc_parallel+0x10/0x10 [ 121.395469] ? lockdep_init_map_type+0x4b/0x240 [ 121.395837] ? lockdep_init_map_type+0x4b/0x240 [ 121.396207] __lookup_slow+0x192/0x480 [ 121.396521] ? __pfx___lookup_slow+0x10/0x10 [ 121.396880] ? lookup_fast+0x14f/0x5e0 [ 121.397194] walk_component+0x348/0x5b0 [ 121.397506] link_path_walk+0x62b/0xe20 [ 121.397819] path_openat+0x22e/0x2880 [ 121.398119] ? __mutex_unlock_slowpath+0x157/0x750 [ 121.398510] ? lock_acquire+0xf3/0x2f0 [ 121.398821] ? __lock_acquire+0x694/0x1b70 [ 121.399155] ? __pfx_path_openat+0x10/0x10 [ 121.399487] do_filp_open+0x1e8/0x450 [ 121.399793] ? __pfx_do_filp_open+0x10/0x10 [ 121.400133] ? find_held_lock+0x2b/0x80 [ 121.400451] ? alloc_fd+0x2c1/0x560 [ 121.400738] ? lock_release+0xc8/0x290 [ 121.401054] ? _raw_spin_unlock+0x1e/0x40 [ 121.401384] ? alloc_fd+0x2c1/0x560 [ 121.401670] do_sys_openat2+0x104/0x1b0 [ 121.401988] ? __pfx_do_sys_openat2+0x10/0x10 [ 121.402351] ? __pfx___seccomp_filter+0x10/0x10 [ 121.402721] __x64_sys_openat+0x142/0x200 [ 121.403052] ? __pfx___x64_sys_openat+0x10/0x10 [ 121.403424] ? ksys_read+0x1a3/0x240 [ 121.403725] ? __secure_computing+0x18d/0x290 [ 121.404082] do_syscall_64+0xbf/0x360 [ 121.404384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.404785] RIP: 0033:0x7fcb8fa5bc64 [ 121.405082] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44 [ 121.406478] RSP: 002b:00007ffce0413850 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 121.407070] RAX: ffffffffffffffda RBX: 000055dc5e3d5d60 RCX: 00007fcb8fa5bc64 [ 121.407622] RDX: 0000000000080802 RSI: 000055dc5e3db220 RDI: 00000000ffffff9c [ 121.408171] RBP: 000055dc5e3db220 R08: 0000000000000000 R09: ffffffffffffff01 [ 121.408722] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802 [ 121.409278] R13: 00000000fffffffa R14: 000055dc5e3e6390 R15: 0000000000000002 [ 121.409837] [ 121.410025] Modules linked in: [ 121.410285] ---[ end trace 0000000000000000 ]--- [ 121.410660] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.411034] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.412464] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.412893] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.413465] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.414026] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.414588] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.415151] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.415714] FS: 00007fcb8f1a2900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.416347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.416810] CR2: 00007fcb8e5b1fc0 CR3: 000000000e869000 CR4: 0000000000350ef0 [ 121.417380] note: systemd-journal[97] exited with irqs disabled [ 121.417853] note: systemd-journal[97] exited with preempt_count 1 [ 121.418343] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 121.419042] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 97, name: systemd-journal [ 121.419701] preempt_count: 0, expected: 0 [ 121.420025] RCU nest depth: 2, expected: 0 [ 121.420358] INFO: lockdep is turned off. [ 121.420676] CPU: 0 UID: 0 PID: 97 Comm: systemd-journal Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.420695] Tainted: [D]=DIE, [W]=WARN [ 121.420699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.420705] Call Trace: [ 121.420709] [ 121.420714] dump_stack_lvl+0xfa/0x120 [ 121.420738] __might_resched+0x2f3/0x510 [ 121.420753] exit_signals+0x25/0x940 [ 121.420771] do_exit+0x2db/0x2970 [ 121.420786] ? _printk+0xbe/0xf0 [ 121.420799] ? __pfx__printk+0x10/0x10 [ 121.420812] ? __x64_sys_openat+0x142/0x200 [ 121.420829] ? __pfx_do_exit+0x10/0x10 [ 121.420844] make_task_dead+0x174/0x3b0 [ 121.420857] ? do_syscall_64+0xbf/0x360 [ 121.420868] rewind_stack_and_make_dead+0x16/0x20 [ 121.420884] RIP: 0033:0x7fcb8fa5bc64 [ 121.420892] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44 [ 121.420903] RSP: 002b:00007ffce0413850 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 121.420915] RAX: ffffffffffffffda RBX: 000055dc5e3d5d60 RCX: 00007fcb8fa5bc64 [ 121.420922] RDX: 0000000000080802 RSI: 000055dc5e3db220 RDI: 00000000ffffff9c [ 121.420930] RBP: 000055dc5e3db220 R08: 0000000000000000 R09: ffffffffffffff01 [ 121.420937] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802 [ 121.420944] R13: 00000000fffffffa R14: 000055dc5e3e6390 R15: 0000000000000002 [ 121.420955] [ 121.421551] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#2] SMP KASAN NOPTI [ 121.433238] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.433911] CPU: 0 UID: 0 PID: 282 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.434832] Tainted: [D]=DIE, [W]=WARN [ 121.435131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.435769] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.436143] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.437559] RSP: 0018:ffff88800f18fb40 EFLAGS: 00010013 [ 121.437980] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.438536] RDX: ffff88801628d280 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.439093] RBP: ffff88800f18fdb0 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.439658] R10: 0000000000000000 R11: ffff888015a32038 R12: dffffc0000000000 [ 121.440213] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.440769] FS: 0000555586767400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.441400] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.441865] CR2: 00007fcb8e5b1fc0 CR3: 00000000405aa000 CR4: 0000000000350ef0 [ 121.442416] Call Trace: [ 121.442621] [ 121.442804] ? __pfx_perf_tp_event+0x10/0x10 [ 121.443155] ? lock_acquire+0x15e/0x2f0 [ 121.443471] ? find_held_lock+0x2b/0x80 [ 121.443790] ? schedule+0x2c7/0x390 [ 121.444084] ? lock_release+0xc8/0x290 [ 121.444392] ? hrtimer_active+0x199/0x220 [ 121.444724] ? do_nanosleep+0x3a6/0x560 [ 121.445054] ? __pfx_do_nanosleep+0x10/0x10 [ 121.445394] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 121.445798] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 121.446157] ? __hrtimer_setup+0x1a4/0x2c0 [ 121.446493] ? hrtimer_nanosleep+0x15d/0x340 [ 121.446838] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 121.447214] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.447608] perf_trace_run_bpf_submit+0xef/0x180 [ 121.447997] perf_trace_preemptirq_template+0x259/0x430 [ 121.448413] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.448869] ? do_syscall_64+0x29c/0x360 [ 121.449193] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.449608] ? do_syscall_64+0x29c/0x360 [ 121.449926] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.450331] do_syscall_64+0x29c/0x360 [ 121.450637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.451041] RIP: 0033:0x7f7d07f408e1 [ 121.451334] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 aa e7 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 e3 e7 ff ff 48 8b 04 24 eb 97 66 2e 0f 1f [ 121.452737] RSP: 002b:00007fffed31b120 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 121.453331] RAX: 0000000000000000 RBX: 000000000000000a RCX: 00007f7d07f408e1 [ 121.453885] RDX: 00007fffed31b160 RSI: 0000000000000000 RDI: 0000000000000000 [ 121.454436] RBP: 00007fffed31b1ec R08: 0000000000000000 R09: 00007f7d0800b000 [ 121.454988] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032 [ 121.455543] R13: 000000000001d954 R14: 0000000000000004 R15: 00007fffed31b250 [ 121.456099] [ 121.456286] Modules linked in: [ 121.456543] ---[ end trace 0000000000000000 ]--- [ 121.456919] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.457306] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.458723] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.459139] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.459691] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.460243] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.460792] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.461353] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.461903] FS: 0000555586767400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.462527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.462979] CR2: 00007fcb8e5b1fc0 CR3: 00000000405aa000 CR4: 0000000000350ef0 [ 121.463538] note: syz-executor.4[282] exited with irqs disabled [ 121.464006] note: syz-executor.4[282] exited with preempt_count 1 [ 121.469703] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#3] SMP KASAN NOPTI [ 121.470578] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.471250] CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.472138] Tainted: [D]=DIE, [W]=WARN [ 121.472437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.473086] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.473459] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.474857] RSP: 0018:ffff8880096178c0 EFLAGS: 00010013 [ 121.475272] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.475823] RDX: ffff888009601b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.476379] RBP: ffff888009617b30 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.476929] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.477493] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.478044] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.478666] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.479123] CR2: 00007fcb8e5b1fc0 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.479678] Call Trace: [ 121.479889] [ 121.480068] ? arch_stack_walk+0x86/0xf0 [ 121.480390] ? __pfx_perf_tp_event+0x10/0x10 [ 121.480743] ? stack_trace_save+0x8e/0xc0 [ 121.481082] ? stack_depot_save_flags+0x2c/0xa20 [ 121.481460] ? stack_depot_save_flags+0x2c/0xa20 [ 121.481836] ? kasan_save_stack+0x34/0x50 [ 121.482165] ? kasan_save_stack+0x24/0x50 [ 121.482492] ? kasan_save_track+0x14/0x30 [ 121.482820] ? __kasan_save_free_info+0x3a/0x60 [ 121.483193] ? __kasan_slab_free+0x3f/0x50 [ 121.483528] ? kmem_cache_free+0x2a1/0x540 [ 121.483858] ? rcu_core+0x7c8/0x1800 [ 121.484157] ? handle_softirqs+0x1b1/0x770 [ 121.484495] ? __lock_acquire+0x694/0x1b70 [ 121.484828] ? lock_is_held_type+0x9e/0x120 [ 121.485182] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.485578] ? __update_load_avg_se+0x428/0xa40 [ 121.485957] ? lock_release+0x1c7/0x290 [ 121.486273] perf_trace_run_bpf_submit+0xef/0x180 [ 121.486659] perf_trace_preemptirq_template+0x259/0x430 [ 121.487077] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.487534] ? __schedule+0x16dd/0x3590 [ 121.487851] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.488269] ? __schedule+0x16dd/0x3590 [ 121.488584] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.488999] __schedule+0x16dd/0x3590 [ 121.489306] ? __pfx___schedule+0x10/0x10 [ 121.489637] ? lock_acquire+0x15e/0x2f0 [ 121.489953] ? lock_acquire+0x18c/0x2f0 [ 121.490268] ? schedule+0x2c7/0x390 [ 121.490560] ? lock_release+0x1c7/0x290 [ 121.490875] schedule+0xdb/0x390 [ 121.491151] smpboot_thread_fn+0x67c/0x9d0 [ 121.491493] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 121.491879] kthread+0x3c8/0x740 [ 121.492152] ? __pfx_kthread+0x10/0x10 [ 121.492461] ? ret_from_fork+0x23/0x430 [ 121.492783] ? lock_release+0xc8/0x290 [ 121.493100] ? __pfx_kthread+0x10/0x10 [ 121.493411] ret_from_fork+0x34b/0x430 [ 121.493724] ? __pfx_kthread+0x10/0x10 [ 121.494034] ret_from_fork_asm+0x1a/0x30 [ 121.494366] [ 121.494551] Modules linked in: [ 121.494809] ---[ end trace 0000000000000000 ]--- [ 121.495173] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.495546] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.496945] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.497366] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.497922] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.498474] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.499026] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.499578] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.500129] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.500752] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.501222] CR2: 00007fcb8e5b1fc0 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.501778] note: ksoftirqd/0[14] exited with irqs disabled [ 121.502219] note: ksoftirqd/0[14] exited with preempt_count 2 [ 121.502677] ------------[ cut here ]------------ [ 121.503043] do not call blocking ops when !TASK_RUNNING; state=1 set at [<00000000d3dec4d7>] smpboot_thread_fn+0x76/0x9d0 [ 121.503946] WARNING: kernel/sched/core.c:8880 at __might_sleep+0x107/0x160, CPU#0: ksoftirqd/0/14 [ 121.504643] Modules linked in: [ 121.504901] CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.505810] Tainted: [D]=DIE, [W]=WARN [ 121.506112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.506761] RIP: 0010:__might_sleep+0x107/0x160 [ 121.507131] Code: 3e 06 48 8d bb 40 15 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 75 37 48 8b 93 40 15 00 00 48 c7 c7 e0 5d c7 84 e8 8a 7b f3 ff 90 <0f> 0b 90 90 e9 73 ff ff ff e8 1b ae 69 00 e9 25 ff ff ff 89 34 24 [ 121.508545] RSP: 0018:ffff888009617de0 EFLAGS: 00010282 [ 121.508960] RAX: 0000000000000000 RBX: ffff888009601b80 RCX: ffffffff8139de70 [ 121.509525] RDX: ffff888009601b80 RSI: ffffffff8139de7e RDI: 0000000000000001 [ 121.510080] RBP: ffffffff84c6bc60 R08: 0000000000000001 R09: ffffed100d9c4801 [ 121.510636] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000033 [ 121.511199] R13: ffff888009601bac R14: ffff888009618000 R15: 0000000000000000 [ 121.511754] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.512377] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.512836] CR2: 00007fcb8e5b1fc0 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.513403] Call Trace: [ 121.513609] [ 121.513793] ? lock_release+0x1c7/0x290 [ 121.514111] exit_signals+0x25/0x940 [ 121.514417] do_exit+0x2db/0x2970 [ 121.514700] ? _printk+0xbe/0xf0 [ 121.514975] ? __pfx__printk+0x10/0x10 [ 121.515290] ? __pfx_do_exit+0x10/0x10 [ 121.515602] ? __pfx_kthread+0x10/0x10 [ 121.515911] ? ret_from_fork+0x23/0x430 [ 121.516235] make_task_dead+0x174/0x3b0 [ 121.516554] ? ret_from_fork+0x34b/0x430 [ 121.516881] rewind_stack_and_make_dead+0x16/0x20 [ 121.517275] RIP: 0000:0x0 [ 121.517500] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 121.518007] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 121.518602] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.519160] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 121.519721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 121.520280] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 121.520836] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 121.521401] [ 121.521592] irq event stamp: 3631536 [ 121.521881] hardirqs last enabled at (3631535): [] finish_task_switch.isra.0+0x206/0x840 [ 121.522640] hardirqs last disabled at (3631536): [] __schedule+0x16dd/0x3590 [ 121.523313] softirqs last enabled at (3631530): [] handle_softirqs+0x50c/0x770 [ 121.524003] softirqs last disabled at (3631257): [] run_ksoftirqd+0x2e/0x60 [ 121.524672] ---[ end trace 0000000000000000 ]--- [ 121.525199] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#4] SMP KASAN NOPTI [ 121.526064] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.526734] CPU: 0 UID: 0 PID: 3955 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.527658] Tainted: [D]=DIE, [W]=WARN [ 121.527964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.528604] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.528987] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.530396] RSP: 0018:ffff88800e0ffa40 EFLAGS: 00010013 [ 121.530808] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.531364] RDX: ffff88800f135280 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.531918] RBP: ffff88800e0ffcb0 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.532473] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.533040] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.533594] FS: 000055557a3bd400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.534216] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.534668] CR2: ffffffffffffffd6 CR3: 0000000046c47000 CR4: 0000000000350ef0 [ 121.535225] Call Trace: [ 121.535428] [ 121.535613] ? __pfx_perf_tp_event+0x10/0x10 [ 121.535980] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.536375] perf_trace_run_bpf_submit+0xef/0x180 [ 121.536760] perf_trace_preemptirq_template+0x259/0x430 [ 121.537187] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.537642] ? pgd_free+0x4d9/0x650 [ 121.537939] ? pgd_free+0x4de/0x650 [ 121.538235] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.538652] ? pgd_free+0x4de/0x650 [ 121.538951] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.539358] pgd_free+0x4de/0x650 [ 121.539643] __mmdrop+0xd5/0x4a0 [ 121.539920] ? lock_release+0x1c7/0x290 [ 121.540235] finish_task_switch.isra.0+0x478/0x840 [ 121.540631] schedule_tail+0xe/0xd0 [ 121.540923] ret_from_fork+0x23/0x430 [ 121.541239] ret_from_fork_asm+0x1a/0x30 [ 121.541568] [ 121.541757] Modules linked in: [ 121.542016] ---[ end trace 0000000000000000 ]--- [ 121.542382] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.542754] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.544155] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.544567] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.545140] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.545691] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.546248] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.546800] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.547357] FS: 000055557a3bd400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.547974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.548427] CR2: ffffffffffffffd6 CR3: 0000000046c47000 CR4: 0000000000350ef0 [ 121.548996] note: syz-executor.7[3955] exited with irqs disabled [ 121.549468] note: syz-executor.7[3955] exited with preempt_count 2 [ 121.555066] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#5] SMP KASAN NOPTI [ 121.555935] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.556606] CPU: 0 UID: 0 PID: 3954 Comm: syz-executor.3 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.557544] Tainted: [D]=DIE, [W]=WARN [ 121.557845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.558488] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.558861] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.560265] RSP: 0018:ffff88801efb7a40 EFLAGS: 00010013 [ 121.560678] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.561234] RDX: ffff88800f131b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.561786] RBP: ffff88801efb7cb0 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.562339] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.562888] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.563438] FS: 000055558f028400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.564070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.564524] CR2: ffffffffffffffd6 CR3: 000000004459b000 CR4: 0000000000350ef0 [ 121.565083] Call Trace: [ 121.565286] [ 121.565469] ? __pfx_perf_tp_event+0x10/0x10 [ 121.565831] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.566227] perf_trace_run_bpf_submit+0xef/0x180 [ 121.566618] perf_trace_preemptirq_template+0x259/0x430 [ 121.567048] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.567512] ? pgd_free+0x4d9/0x650 [ 121.567809] ? pgd_free+0x4de/0x650 [ 121.568105] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.568527] ? pgd_free+0x4de/0x650 [ 121.568823] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.569238] pgd_free+0x4de/0x650 [ 121.569521] __mmdrop+0xd5/0x4a0 [ 121.569801] ? lock_release+0x1c7/0x290 [ 121.570121] finish_task_switch.isra.0+0x478/0x840 [ 121.570517] schedule_tail+0xe/0xd0 [ 121.570810] ret_from_fork+0x23/0x430 [ 121.571119] ret_from_fork_asm+0x1a/0x30 [ 121.571449] [ 121.571637] Modules linked in: [ 121.571893] ---[ end trace 0000000000000000 ]--- [ 121.572261] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.572636] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.574059] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.574474] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.575029] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.575588] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.576150] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.576701] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.577267] FS: 000055558f028400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.577890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.578348] CR2: ffffffffffffffd6 CR3: 000000004459b000 CR4: 0000000000350ef0 [ 121.578903] note: syz-executor.3[3954] exited with irqs disabled [ 121.579373] note: syz-executor.3[3954] exited with preempt_count 2 [ 121.584916] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#6] SMP KASAN NOPTI [ 121.585792] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.586469] CPU: 0 UID: 0 PID: 284 Comm: syz-executor.0 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.587394] Tainted: [D]=DIE, [W]=WARN [ 121.587693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.588332] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.588703] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.590115] RSP: 0018:ffff888016e27400 EFLAGS: 00010013 [ 121.590530] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.591084] RDX: ffff888015a30000 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.591635] RBP: ffff888016e27670 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.592191] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.592743] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.593305] FS: 000055558442c400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.593924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.594380] CR2: ffffffffffffffd6 CR3: 0000000043751000 CR4: 0000000000350ef0 [ 121.594934] Call Trace: [ 121.595137] [ 121.595320] ? __pfx_perf_tp_event+0x10/0x10 [ 121.595675] ? __lock_acquire+0xc65/0x1b70 [ 121.596010] ? __lock_acquire+0x694/0x1b70 [ 121.596344] ? __lock_acquire+0xc65/0x1b70 [ 121.596677] ? lock_acquire+0x15e/0x2f0 [ 121.596999] ? mark_held_locks+0x49/0x80 [ 121.597322] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.597716] perf_trace_run_bpf_submit+0xef/0x180 [ 121.598103] perf_trace_preemptirq_template+0x259/0x430 [ 121.598523] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.598983] ? pgd_free+0x4d9/0x650 [ 121.599278] ? pgd_free+0x4de/0x650 [ 121.599572] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.599988] ? pgd_free+0x4de/0x650 [ 121.600287] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.600689] pgd_free+0x4de/0x650 [ 121.600981] ? lock_is_held_type+0x9e/0x120 [ 121.601330] __mmdrop+0xd5/0x4a0 [ 121.601608] ? lock_release+0x1c7/0x290 [ 121.601924] finish_task_switch.isra.0+0x478/0x840 [ 121.602321] __schedule+0xe86/0x3590 [ 121.602623] ? __pfx___schedule+0x10/0x10 [ 121.602952] ? lock_acquire+0x15e/0x2f0 [ 121.603271] ? alloc_pid+0xd5/0x1100 [ 121.603565] __cond_resched+0x4c/0x80 [ 121.603870] kmem_cache_alloc_noprof+0x3fe/0x690 [ 121.604248] ? xfd_validate_state+0x55/0x180 [ 121.604606] ? alloc_pid+0xd5/0x1100 [ 121.604899] alloc_pid+0xd5/0x1100 [ 121.605195] copy_process+0x47e6/0x73c0 [ 121.605515] ? __pfx_copy_process+0x10/0x10 [ 121.605856] ? do_raw_spin_lock+0x123/0x260 [ 121.606204] kernel_clone+0xea/0x7f0 [ 121.606501] ? __pfx_kernel_clone+0x10/0x10 [ 121.606842] ? __lock_acquire+0x694/0x1b70 [ 121.607179] ? css_rstat_updated+0x1b8/0x4d0 [ 121.607532] ? __pfx_css_rstat_updated+0x10/0x10 [ 121.607912] __do_sys_clone+0xce/0x120 [ 121.608220] ? __pfx___do_sys_clone+0x10/0x10 [ 121.608573] ? find_held_lock+0x2b/0x80 [ 121.608900] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.609321] do_syscall_64+0xbf/0x360 [ 121.609623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.610027] RIP: 0033:0x7f4c275ca10b [ 121.610320] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 121.611721] RSP: 002b:00007ffe4415bc60 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 121.612310] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4c275ca10b [ 121.612866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 121.613428] RBP: 0000000000000001 R08: 0000000000000000 R09: 000055558442c400 [ 121.613980] R10: 000055558442c6d0 R11: 0000000000000246 R12: 0000000000000001 [ 121.614535] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe4415bd40 [ 121.615095] [ 121.615284] Modules linked in: [ 121.615539] ---[ end trace 0000000000000000 ]--- [ 121.615903] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.616276] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.617688] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.618108] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.618661] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.619217] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.619769] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.620321] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.620876] FS: 000055558442c400(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.621511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.621964] CR2: ffffffffffffffd6 CR3: 0000000043751000 CR4: 0000000000350ef0 [ 121.622521] note: syz-executor.0[284] exited with irqs disabled [ 121.622984] note: syz-executor.0[284] exited with preempt_count 2 [ 121.628643] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#7] SMP KASAN NOPTI [ 121.629515] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.630193] CPU: 0 UID: 0 PID: 66 Comm: kmemleak Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.631072] Tainted: [D]=DIE, [W]=WARN [ 121.631374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.632008] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.632382] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.633791] RSP: 0018:ffff88800ec97780 EFLAGS: 00010013 [ 121.634204] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.634756] RDX: ffff88800ec01b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.635309] RBP: ffff88800ec979f0 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.635863] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.636416] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.636968] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.637603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.638064] CR2: ffffffffffffffd6 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.638627] Call Trace: [ 121.638833] [ 121.639019] ? unwind_next_frame+0xb9/0x2540 [ 121.639384] ? __pfx_perf_tp_event+0x10/0x10 [ 121.639736] ? unwind_next_frame+0x3b2/0x2540 [ 121.640105] ? __lock_acquire+0x694/0x1b70 [ 121.640447] ? __lock_acquire+0x694/0x1b70 [ 121.640785] ? lock_acquire+0x15e/0x2f0 [ 121.641114] ? unwind_next_frame+0xb9/0x2540 [ 121.641473] ? lock_acquire+0x15e/0x2f0 [ 121.641790] ? unwind_next_frame+0xb9/0x2540 [ 121.642152] ? find_held_lock+0x2b/0x80 [ 121.642475] ? unwind_next_frame+0x3b2/0x2540 [ 121.642836] ? lock_release+0xc8/0x290 [ 121.643156] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.643553] ? ret_from_fork_asm+0x1a/0x30 [ 121.643896] ? kernel_text_address+0x11/0xc0 [ 121.644251] perf_trace_run_bpf_submit+0xef/0x180 [ 121.644639] perf_trace_preemptirq_template+0x259/0x430 [ 121.645070] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.645532] ? _raw_spin_lock_irqsave+0x53/0x60 [ 121.645908] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.646330] ? _raw_spin_lock_irqsave+0x53/0x60 [ 121.646706] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.647115] _raw_spin_lock_irqsave+0x53/0x60 [ 121.647480] remove_entity_load_avg+0x76/0x250 [ 121.647851] task_dead_fair+0x9b/0x1c0 [ 121.648167] ? __pfx_task_dead_fair+0x10/0x10 [ 121.648529] ? lock_release+0x1c7/0x290 [ 121.648849] finish_task_switch.isra.0+0x55a/0x840 [ 121.649254] __schedule+0xe86/0x3590 [ 121.649558] ? __pfx___schedule+0x10/0x10 [ 121.649895] ? lock_is_held_type+0x9e/0x120 [ 121.650245] __cond_resched+0x4c/0x80 [ 121.650556] scan_gray_list+0x4b/0x290 [ 121.650875] kmemleak_scan+0x574/0xe00 [ 121.651193] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 121.651596] kmemleak_scan_thread+0x78/0xc0 [ 121.651946] kthread+0x3c8/0x740 [ 121.652223] ? __pfx_kthread+0x10/0x10 [ 121.652536] ? ret_from_fork+0x23/0x430 [ 121.652860] ? lock_release+0xc8/0x290 [ 121.653186] ? __pfx_kthread+0x10/0x10 [ 121.653497] ret_from_fork+0x34b/0x430 [ 121.653812] ? __pfx_kthread+0x10/0x10 [ 121.654122] ret_from_fork_asm+0x1a/0x30 [ 121.654454] [ 121.654642] Modules linked in: [ 121.654903] ---[ end trace 0000000000000000 ]--- [ 121.655272] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.655647] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.657079] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.657499] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.658056] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.658617] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.659177] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.659731] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.660292] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.660919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.661389] CR2: ffffffffffffffd6 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.661950] note: kmemleak[66] exited with irqs disabled [ 121.662377] note: kmemleak[66] exited with preempt_count 2 [ 121.662952] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#8] SMP KASAN NOPTI [ 121.663827] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.664507] CPU: 0 UID: 0 PID: 11 Comm: kworker/0:1 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.665422] Tainted: [D]=DIE, [W]=WARN [ 121.665722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.666367] Workqueue: 0x0 (rcu_gp) [ 121.666670] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.667046] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.668470] RSP: 0018:ffff8880095f7740 EFLAGS: 00010013 [ 121.668888] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.669462] RDX: ffff8880095db700 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.670022] RBP: ffff8880095f79b0 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.670581] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.671139] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.671702] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.672328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.672783] CR2: ffffffffffffffd6 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.673351] Call Trace: [ 121.673556] [ 121.673736] ? __dev_queue_xmit+0xe19/0x3cc0 [ 121.674094] ? __dev_queue_xmit+0x9a2/0x3cc0 [ 121.674451] ? __pfx_perf_tp_event+0x10/0x10 [ 121.674810] ? __pfx___dev_queue_xmit+0x10/0x10 [ 121.675181] ? register_lock_class+0x41/0x560 [ 121.675542] ? __lock_acquire+0x694/0x1b70 [ 121.675879] ? lock_is_held_type+0x9e/0x120 [ 121.676230] ? lock_is_held_type+0x9e/0x120 [ 121.676577] ? lock_is_held_type+0x9e/0x120 [ 121.676921] ? __pick_eevdf+0x326/0x570 [ 121.677243] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.677641] perf_trace_run_bpf_submit+0xef/0x180 [ 121.678031] perf_trace_preemptirq_template+0x259/0x430 [ 121.678453] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.678912] ? _raw_spin_lock_irqsave+0x53/0x60 [ 121.679289] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.679711] ? _raw_spin_lock_irqsave+0x53/0x60 [ 121.680082] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.680490] _raw_spin_lock_irqsave+0x53/0x60 [ 121.680849] remove_entity_load_avg+0x76/0x250 [ 121.681233] task_dead_fair+0x9b/0x1c0 [ 121.681546] ? __pfx_task_dead_fair+0x10/0x10 [ 121.681903] ? lock_release+0x1c7/0x290 [ 121.682223] finish_task_switch.isra.0+0x55a/0x840 [ 121.682620] __schedule+0xe86/0x3590 [ 121.682925] ? __pfx___schedule+0x10/0x10 [ 121.683256] ? lock_acquire+0x15e/0x2f0 [ 121.683576] ? find_held_lock+0x2b/0x80 [ 121.683900] ? schedule+0x2c7/0x390 [ 121.684195] ? lock_release+0xc8/0x290 [ 121.684510] schedule+0xdb/0x390 [ 121.684793] ? worker_thread+0xfd/0xe90 [ 121.685126] worker_thread+0x156/0xe90 [ 121.685440] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.685855] ? __pfx_worker_thread+0x10/0x10 [ 121.686210] kthread+0x3c8/0x740 [ 121.686483] ? __pfx_kthread+0x10/0x10 [ 121.686794] ? ret_from_fork+0x23/0x430 [ 121.687119] ? lock_release+0xc8/0x290 [ 121.687435] ? __pfx_kthread+0x10/0x10 [ 121.687747] ret_from_fork+0x34b/0x430 [ 121.688063] ? __pfx_kthread+0x10/0x10 [ 121.688382] ret_from_fork_asm+0x1a/0x30 [ 121.688716] [ 121.688904] Modules linked in: [ 121.689174] ---[ end trace 0000000000000000 ]--- [ 121.689543] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.689916] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.691333] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.691749] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.692303] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.692860] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.693427] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.693988] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.694554] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.695181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.695633] CR2: ffffffffffffffd6 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.696190] note: kworker/0:1[11] exited with irqs disabled [ 121.696627] note: kworker/0:1[11] exited with preempt_count 2 [ 121.697200] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#9] SMP KASAN NOPTI [ 121.698069] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.698741] CPU: 0 UID: 0 PID: 3952 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.699674] Tainted: [D]=DIE, [W]=WARN [ 121.699977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.700614] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.701007] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.702424] RSP: 0018:ffff888046d2f200 EFLAGS: 00010013 [ 121.702843] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.703401] RDX: ffff888045cfd280 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.703958] RBP: ffff888046d2f470 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.704515] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.705082] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.705646] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.706274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.706731] CR2: ffffffffffffffd6 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.707292] Call Trace: [ 121.707497] [ 121.707680] ? __pfx_perf_tp_event+0x10/0x10 [ 121.708035] ? __lock_acquire+0x694/0x1b70 [ 121.708372] ? __rmqueue_pcplist+0x1f3/0x10f0 [ 121.708736] ? find_held_lock+0x2b/0x80 [ 121.709064] ? get_page_from_freelist+0x484/0x24b0 [ 121.709464] ? lock_release+0xc8/0x290 [ 121.709774] ? do_raw_spin_unlock+0x53/0x220 [ 121.710127] ? kasan_unpoison+0x27/0x60 [ 121.710448] ? __kasan_unpoison_pages+0x2f/0x40 [ 121.710825] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.711224] perf_trace_run_bpf_submit+0xef/0x180 [ 121.711610] perf_trace_preemptirq_template+0x259/0x430 [ 121.712026] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.712490] ? _raw_spin_lock_irqsave+0x53/0x60 [ 121.712865] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.713294] ? _raw_spin_lock_irqsave+0x53/0x60 [ 121.713666] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.714070] _raw_spin_lock_irqsave+0x53/0x60 [ 121.714441] remove_entity_load_avg+0x76/0x250 [ 121.714814] task_dead_fair+0x9b/0x1c0 [ 121.715124] ? __pfx_task_dead_fair+0x10/0x10 [ 121.715484] ? lock_release+0x1c7/0x290 [ 121.715803] finish_task_switch.isra.0+0x55a/0x840 [ 121.716200] __schedule+0xe86/0x3590 [ 121.716501] ? __pfx___schedule+0x10/0x10 [ 121.716832] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 121.717247] ? percpu_counter_add_batch+0x126/0x240 [ 121.717643] ? lock_is_held_type+0x9e/0x120 [ 121.717988] __cond_resched+0x4c/0x80 [ 121.718298] unmap_page_range+0x1090/0x36d0 [ 121.718647] ? lock_is_held_type+0x9e/0x120 [ 121.718989] ? __pfx_unmap_page_range+0x10/0x10 [ 121.719362] ? mas_next_slot+0x13cc/0x1ac0 [ 121.719697] ? uprobe_munmap+0x20/0x600 [ 121.720019] unmap_single_vma.constprop.0+0x153/0x230 [ 121.720431] unmap_vmas+0x1d6/0x430 [ 121.720724] ? __pfx_unmap_vmas+0x10/0x10 [ 121.721066] exit_mmap+0x181/0xaa0 [ 121.721358] ? uprobe_clear_state+0xfc/0x410 [ 121.721710] ? __pfx_exit_mmap+0x10/0x10 [ 121.722035] ? __pfx___mutex_lock+0x10/0x10 [ 121.722383] ? arch_uprobe_clear_state+0x16/0x140 [ 121.722767] mmput+0xd5/0x390 [ 121.723029] do_exit+0x79d/0x2970 [ 121.723313] ? signal_wake_up_state+0x85/0x120 [ 121.723677] ? zap_other_threads+0x2b9/0x3a0 [ 121.724032] ? __pfx_do_exit+0x10/0x10 [ 121.724342] ? do_group_exit+0x1c3/0x2a0 [ 121.724662] ? lock_release+0xc8/0x290 [ 121.724986] do_group_exit+0xd3/0x2a0 [ 121.725294] __x64_sys_exit_group+0x3e/0x50 [ 121.725638] x64_sys_call+0x18c5/0x18d0 [ 121.725959] do_syscall_64+0xbf/0x360 [ 121.726262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.726667] RIP: 0033:0x7f7d07f1bb19 [ 121.726956] Code: Unable to access opcode bytes at 0x7f7d07f1baef. [ 121.727438] RSP: 002b:00007fffed31b168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.728027] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f7d07f1bb19 [ 121.728579] RDX: 00007f7d07ece72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 121.729138] RBP: 0000000000000000 R08: 0000001b2d322e38 R09: 0000000000000000 [ 121.729689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.730240] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffed31b250 [ 121.730794] [ 121.730980] Modules linked in: [ 121.731236] ---[ end trace 0000000000000000 ]--- [ 121.731606] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.731975] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.733396] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.733815] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.734373] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.734934] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.735491] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.736050] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.736611] FS: 0000000000000000(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.737249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.737705] CR2: ffffffffffffffd6 CR3: 0000000005a88000 CR4: 0000000000350ef0 [ 121.738268] note: syz-executor.4[3952] exited with irqs disabled [ 121.738744] note: syz-executor.4[3952] exited with preempt_count 2 [ 121.739234] Fixing recursive fault but reboot is needed! [ 121.739655] BUG: scheduling while atomic: syz-executor.4/3952/0x00000000 [ 121.740176] INFO: lockdep is turned off. [ 121.740495] Modules linked in: [ 121.740755] CPU: 0 UID: 0 PID: 3952 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.740773] Tainted: [D]=DIE, [W]=WARN [ 121.740778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.740784] Call Trace: [ 121.740788] [ 121.740792] dump_stack_lvl+0xfa/0x120 [ 121.740816] __schedule_bug+0xb9/0x100 [ 121.740828] __schedule+0x24f3/0x3590 [ 121.740844] ? perf_trace_buf_alloc+0x161/0x1a0 [ 121.740859] ? perf_trace_preemptirq_template+0xea/0x430 [ 121.740871] ? __pfx___schedule+0x10/0x10 [ 121.740886] ? do_raw_spin_lock+0x123/0x260 [ 121.740902] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 121.740917] ? lock_acquire+0x18c/0x2f0 [ 121.740930] ? lock_release+0x1c7/0x290 [ 121.740943] ? do_task_dead+0x3e/0x110 [ 121.740957] do_task_dead+0xdc/0x110 [ 121.740980] make_task_dead+0x373/0x3b0 [ 121.740993] ? do_syscall_64+0xbf/0x360 [ 121.741004] rewind_stack_and_make_dead+0x16/0x20 [ 121.741020] RIP: 0033:0x7f7d07f1bb19 [ 121.741028] Code: Unable to access opcode bytes at 0x7f7d07f1baef. [ 121.741034] RSP: 002b:00007fffed31b168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.741044] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f7d07f1bb19 [ 121.741052] RDX: 00007f7d07ece72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 121.741059] RBP: 0000000000000000 R08: 0000001b2d322e38 R09: 0000000000000000 [ 121.741066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.741073] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffed31b250 [ 121.741084] [ 121.741116] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#10] SMP KASAN NOPTI [ 121.753351] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.754030] CPU: 0 UID: 0 PID: 3854 Comm: systemd-udevd Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.754956] Tainted: [D]=DIE, [W]=WARN [ 121.755257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.755900] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.756280] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.757698] RSP: 0018:ffff888045ebf680 EFLAGS: 00010013 [ 121.758115] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.758681] RDX: ffff88804561d280 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.759236] RBP: ffff888045ebf8f0 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.759799] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.760362] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.760924] FS: 00007f49711ec8c0(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.761565] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.762023] CR2: ffffffffffffffd6 CR3: 000000001e361000 CR4: 0000000000350ef0 [ 121.762582] Call Trace: [ 121.762788] [ 121.762970] ? __lock_acquire+0x694/0x1b70 [ 121.763310] ? __pfx_perf_tp_event+0x10/0x10 [ 121.763665] ? __lock_acquire+0x694/0x1b70 [ 121.764004] ? __lock_acquire+0xc65/0x1b70 [ 121.764346] ? lock_acquire+0x15e/0x2f0 [ 121.764663] ? find_held_lock+0x2b/0x80 [ 121.765001] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.765405] perf_trace_run_bpf_submit+0xef/0x180 [ 121.765797] perf_trace_preemptirq_template+0x259/0x430 [ 121.766226] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.766692] ? pgd_free+0x4d9/0x650 [ 121.766993] ? pgd_free+0x4de/0x650 [ 121.767295] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.767717] ? pgd_free+0x4de/0x650 [ 121.768015] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.768434] pgd_free+0x4de/0x650 [ 121.768726] ? lock_is_held_type+0x9e/0x120 [ 121.769111] __mmdrop+0xd5/0x4a0 [ 121.769397] ? lock_release+0x1c7/0x290 [ 121.769722] finish_task_switch.isra.0+0x478/0x840 [ 121.770120] __schedule+0xe86/0x3590 [ 121.770425] ? __pfx___schedule+0x10/0x10 [ 121.770757] ? __pfx_make_vfsgid+0x10/0x10 [ 121.771100] __cond_resched+0x4c/0x80 [ 121.771409] dput.part.0+0x24/0x930 [ 121.771707] dput+0x1f/0x30 [ 121.771953] path_put+0x31/0x70 [ 121.772226] vfs_statx+0x25f/0x400 [ 121.772516] ? __pfx_vfs_statx+0x10/0x10 [ 121.772840] ? getname_flags.part.0+0x1c6/0x540 [ 121.773225] __do_sys_newstat+0x96/0x120 [ 121.773553] ? __pfx___do_sys_newstat+0x10/0x10 [ 121.773939] ? __secure_computing+0x18d/0x290 [ 121.774302] do_syscall_64+0xbf/0x360 [ 121.774605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.775012] RIP: 0033:0x7f497169b3a6 [ 121.775308] Code: 00 00 75 05 48 83 c4 18 c3 e8 96 f2 01 00 66 0f 1f 44 00 00 41 89 f8 48 89 f7 48 89 d6 41 83 f8 01 77 29 b8 04 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 02 c3 90 48 8b 15 b9 fa 0c 00 f7 d8 64 89 02 [ 121.776721] RSP: 002b:00007ffc86a5ec38 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 121.777323] RAX: ffffffffffffffda RBX: 0000564321eb54f0 RCX: 00007f497169b3a6 [ 121.777877] RDX: 00007ffc86a5ec40 RSI: 00007ffc86a5ec40 RDI: 00007ffc86a5ecf0 [ 121.778431] RBP: 00007ffc86a5ed60 R08: 0000000000000001 R09: 00007ffc86a5ec40 [ 121.778984] R10: 00007ffc86a5eaf6 R11: 0000000000000246 R12: 00007ffc86a5ed70 [ 121.779539] R13: 0000000000000001 R14: 00007ffc86a5ed70 R15: 00007ffc86a5ee70 [ 121.780097] [ 121.780286] Modules linked in: [ 121.780542] ---[ end trace 0000000000000000 ]--- [ 121.780909] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.781292] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.782704] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.783120] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.783680] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.784236] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.784793] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.785357] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.785915] FS: 00007f49711ec8c0(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.786540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.786997] CR2: ffffffffffffffd6 CR3: 000000001e361000 CR4: 0000000000350ef0 [ 121.787556] note: systemd-udevd[3854] exited with irqs disabled [ 121.788021] note: systemd-udevd[3854] exited with preempt_count 2 [ 121.793016] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#11] SMP KASAN NOPTI [ 121.793895] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.794577] CPU: 0 UID: 0 PID: 112 Comm: systemd-udevd Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.795497] Tainted: [D]=DIE, [W]=WARN [ 121.795796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.796440] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.796818] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.798241] RSP: 0018:ffff888017a973c0 EFLAGS: 00010013 [ 121.798658] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.799211] RDX: ffff888015e11b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.799766] RBP: ffff888017a97630 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.800323] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.800875] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.801448] FS: 00007f49711ec8c0(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.802074] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.802530] CR2: ffffffffffffffd6 CR3: 000000000bc42000 CR4: 0000000000350ef0 [ 121.803091] Call Trace: [ 121.803297] [ 121.803481] ? __pfx_perf_tp_event+0x10/0x10 [ 121.803837] ? __lock_acquire+0x694/0x1b70 [ 121.804178] ? lock_acquire+0x15e/0x2f0 [ 121.804498] ? __is_insn_slot_addr+0x2e/0x290 [ 121.804858] ? find_held_lock+0x2b/0x80 [ 121.805188] ? __is_insn_slot_addr+0x136/0x290 [ 121.805555] ? lock_release+0xc8/0x290 [ 121.805866] ? __is_insn_slot_addr+0x140/0x290 [ 121.806234] ? kernel_text_address+0x5b/0xc0 [ 121.806589] ? __kernel_text_address+0xd/0x40 [ 121.806944] ? unwind_get_return_address+0x59/0xa0 [ 121.807339] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 121.807771] ? arch_stack_walk+0x9c/0xf0 [ 121.808094] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.808491] perf_trace_run_bpf_submit+0xef/0x180 [ 121.808876] perf_trace_preemptirq_template+0x259/0x430 [ 121.809303] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.809762] ? pgd_free+0x4d9/0x650 [ 121.810057] ? pgd_free+0x4de/0x650 [ 121.810351] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.810775] ? pgd_free+0x4de/0x650 [ 121.811070] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.811479] pgd_free+0x4de/0x650 [ 121.811760] ? lock_is_held_type+0x9e/0x120 [ 121.812106] __mmdrop+0xd5/0x4a0 [ 121.812386] ? lock_release+0x1c7/0x290 [ 121.812705] finish_task_switch.isra.0+0x478/0x840 [ 121.813111] __schedule+0xe86/0x3590 [ 121.813416] ? __pfx___schedule+0x10/0x10 [ 121.813752] ? lock_acquire+0x15e/0x2f0 [ 121.814072] ? security_file_alloc+0x35/0x130 [ 121.814436] __cond_resched+0x4c/0x80 [ 121.814745] kmem_cache_alloc_noprof+0x3fe/0x690 [ 121.815126] ? __create_object+0x59/0x80 [ 121.815456] ? security_file_alloc+0x35/0x130 [ 121.815818] security_file_alloc+0x35/0x130 [ 121.816167] init_file+0x95/0x4c0 [ 121.816456] alloc_empty_file+0x76/0x1e0 [ 121.816788] path_openat+0xe0/0x2880 [ 121.817099] ? __lock_acquire+0x694/0x1b70 [ 121.817436] ? __pfx_path_openat+0x10/0x10 [ 121.817775] do_filp_open+0x1e8/0x450 [ 121.818078] ? __pfx_do_filp_open+0x10/0x10 [ 121.818424] ? find_held_lock+0x2b/0x80 [ 121.818747] ? alloc_fd+0x2c1/0x560 [ 121.819038] ? lock_release+0xc8/0x290 [ 121.819350] ? _raw_spin_unlock+0x1e/0x40 [ 121.819681] ? alloc_fd+0x2c1/0x560 [ 121.819971] do_sys_openat2+0x104/0x1b0 [ 121.820295] ? __pfx_do_sys_openat2+0x10/0x10 [ 121.820656] ? __pfx___seccomp_filter+0x10/0x10 [ 121.821046] __x64_sys_openat+0x142/0x200 [ 121.821382] ? __pfx___x64_sys_openat+0x10/0x10 [ 121.821758] ? __pfx_do_faccessat+0x10/0x10 [ 121.822101] ? __secure_computing+0x18d/0x290 [ 121.822463] do_syscall_64+0xbf/0x360 [ 121.822769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.823174] RIP: 0033:0x7f49716a0f18 [ 121.823469] Code: 24 18 31 c0 41 83 e2 40 75 40 89 f0 25 00 00 41 00 3d 00 00 41 00 74 32 44 89 c2 4c 89 ce bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 40 48 8b 4c 24 18 64 48 2b 0c 25 28 00 00 00 [ 121.824884] RSP: 002b:00007ffc86a5ee60 EFLAGS: 00000287 ORIG_RAX: 0000000000000101 [ 121.825483] RAX: ffffffffffffffda RBX: 00007f49711ec6c0 RCX: 00007f49716a0f18 [ 121.826044] RDX: 0000000000090800 RSI: 0000564321e74340 RDI: 00000000ffffff9c [ 121.826603] RBP: 0000564321eeb040 R08: 0000000000090800 R09: 0000564321e74340 [ 121.827160] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000000 [ 121.827714] R13: 0000564321e74340 R14: 0000564321e74340 R15: 0000564321eb57b0 [ 121.828275] [ 121.828462] Modules linked in: [ 121.828720] ---[ end trace 0000000000000000 ]--- [ 121.829097] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.829473] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.830886] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.831302] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.831854] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.832409] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.832962] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.833525] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.834079] FS: 00007f49711ec8c0(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.834705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.835164] CR2: ffffffffffffffd6 CR3: 000000000bc42000 CR4: 0000000000350ef0 [ 121.835727] note: systemd-udevd[112] exited with irqs disabled [ 121.836188] note: systemd-udevd[112] exited with preempt_count 2 [ 121.841509] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#12] SMP KASAN NOPTI [ 121.842407] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 121.843093] CPU: 0 UID: 0 PID: 1 Comm: systemd Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.843975] Tainted: [D]=DIE, [W]=WARN [ 121.844280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.844932] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.845325] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.846752] RSP: 0018:ffff8880095475c0 EFLAGS: 00010013 [ 121.847168] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.847724] RDX: ffff8880094f8000 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.848270] RBP: ffff888009547830 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.848828] R10: 0000000000000000 R11: 1ffff1100d9c6f7b R12: dffffc0000000000 [ 121.849406] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.849970] FS: 00007fd02f8e9900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.850606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.851065] CR2: ffffffffffffffd6 CR3: 000000000f35e000 CR4: 0000000000350ef0 [ 121.851628] Call Trace: [ 121.851839] [ 121.852024] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 121.852463] ? arch_stack_walk+0x9c/0xf0 [ 121.852789] ? __pfx_perf_tp_event+0x10/0x10 [ 121.853159] ? stack_trace_save+0x8e/0xc0 [ 121.853492] ? stack_depot_save_flags+0x2c/0xa20 [ 121.853877] ? kasan_save_stack+0x34/0x50 [ 121.854213] ? kasan_save_stack+0x24/0x50 [ 121.854550] ? kasan_save_track+0x14/0x30 [ 121.854882] ? __kasan_save_free_info+0x3a/0x60 [ 121.855259] ? __kasan_slab_free+0x3f/0x50 [ 121.855598] ? kmem_cache_free+0x2a1/0x540 [ 121.855937] ? kfree_skbmem+0x18a/0x1f0 [ 121.856260] ? consume_skb+0xdd/0x160 [ 121.856571] ? netlink_recvmsg+0x532/0x9e0 [ 121.856917] ? sock_recvmsg+0x1e1/0x240 [ 121.857250] ? ____sys_recvmsg+0x20f/0x670 [ 121.857590] ? ___sys_recvmsg+0xf1/0x190 [ 121.857920] ? __sys_recvmsg+0x14d/0x200 [ 121.858252] ? do_syscall_64+0xbf/0x360 [ 121.858568] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.858989] ? __lock_acquire+0x694/0x1b70 [ 121.859334] ? perf_trace_run_bpf_submit+0xef/0x180 [ 121.859740] perf_trace_run_bpf_submit+0xef/0x180 [ 121.860136] perf_trace_preemptirq_template+0x259/0x430 [ 121.860559] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 121.861029] ? pgd_free+0x4de/0x650 [ 121.861330] ? trace_irq_disable.constprop.0+0x3b/0x100 [ 121.861760] ? pgd_free+0x4de/0x650 [ 121.862059] trace_irq_disable.constprop.0+0xa6/0x100 [ 121.862468] pgd_free+0x4de/0x650 [ 121.862755] ? lock_is_held_type+0x9e/0x120 [ 121.863107] __mmdrop+0xd5/0x4a0 [ 121.863386] ? lock_release+0x1c7/0x290 [ 121.863706] finish_task_switch.isra.0+0x478/0x840 [ 121.864102] __schedule+0xe86/0x3590 [ 121.864410] ? __pfx___schedule+0x10/0x10 [ 121.864747] ? lock_acquire+0x15e/0x2f0 [ 121.865075] ? find_held_lock+0x2b/0x80 [ 121.865407] ? schedule+0x2c7/0x390 [ 121.865707] ? lock_release+0xc8/0x290 [ 121.866021] schedule+0xdb/0x390 [ 121.866306] schedule_hrtimeout_range_clock+0x2d0/0x310 [ 121.866736] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10 [ 121.867202] ? find_held_lock+0x2b/0x80 [ 121.867525] ? do_epoll_wait+0xa1c/0xee0 [ 121.867864] ? lock_release+0xc8/0x290 [ 121.868178] do_epoll_wait+0xc8d/0xee0 [ 121.868498] ? __pfx_do_epoll_wait+0x10/0x10 [ 121.868853] ? __pfx_css_rstat_updated+0x10/0x10 [ 121.869251] ? __pfx_ep_autoremove_wake_function+0x10/0x10 [ 121.869694] ? __sys_recvmsg+0x171/0x200 [ 121.870055] __x64_sys_epoll_wait+0x15b/0x280 [ 121.870425] ? __task_pid_nr_ns+0x2e/0x4f0 [ 121.870767] ? __pfx___x64_sys_epoll_wait+0x10/0x10 [ 121.871167] ? __task_pid_nr_ns+0x1a6/0x4f0 [ 121.871513] ? lock_release+0xc8/0x290 [ 121.871832] ? lock_is_held_type+0x9e/0x120 [ 121.872185] do_syscall_64+0xbf/0x360 [ 121.872493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.872901] RIP: 0033:0x7fd0300c6116 [ 121.873208] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44 [ 121.874645] RSP: 002b:00007ffc44f9d690 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8 [ 121.875244] RAX: ffffffffffffffda RBX: 0000563a2024fb70 RCX: 00007fd0300c6116 [ 121.875808] RDX: 000000000000002f RSI: 0000563a20ab7da0 RDI: 0000000000000005 [ 121.876370] RBP: ffffffffffffffff R08: 0000000000000000 R09: 1d45f4a1647160dd [ 121.876937] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001 [ 121.877508] R13: 000000000000002f R14: 0000000000000000 R15: 00005639f37b5b4e [ 121.878070] [ 121.878259] Modules linked in: [ 121.878523] ---[ end trace 0000000000000000 ]--- [ 121.878898] RIP: 0010:perf_tp_event+0x175/0xe70 [ 121.879278] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 121.880714] RSP: 0018:ffff888015bbf100 EFLAGS: 00010013 [ 121.881141] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 121.881707] RDX: ffff888015a31b80 RSI: ffffffff8189a4e7 RDI: 000000010000018f [ 121.882269] RBP: ffff888015bbf370 R08: ffff88806ce31340 R09: ffffe8ffffc169a0 [ 121.882832] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.883394] R13: 0000000000000014 R14: ffff88806ce31340 R15: dffffc0000000000 [ 121.883963] FS: 00007fd02f8e9900(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.884595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.885062] CR2: ffffffffffffffd6 CR3: 000000000f35e000 CR4: 0000000000350ef0 [ 121.885628] note: systemd[1] exited with irqs disabled [ 121.886039] note: systemd[1] exited with preempt_count 2 [ 121.886472] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 121.887265] Kernel Offset: disabled [ 121.887558] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b ]--- VM DIAGNOSIS: 10:28:58 Registers: info registers vcpu 0 RAX=0000000000000072 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888015bbea60 R8 =0000000000000000 R9 =ffffed10015f9046 R10=0000000000000072 R11=552030203a555043 R12=0000000000000072 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fcb8f1a2900 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe2c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcb8e5b1fc0 CR3=000000000e869000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=30306234386136303638616663356134 XMM02=38303062343861363036386166633561 XMM03=2f6c616e72756f6a2f676f6c2f6e7572 XMM04=c2676c8aaa649d66000000000014bc60 XMM05=d3fdd5f48436fbd700000000000aead0 XMM06=bf20135bbd2fc49f00000000000ae988 XMM07=00000000000000000000000000000000 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000004 RBX=ffff8880e56d8000 RCX=ffffffff815b6c16 RDX=0000000000000000 RSI=0000000000000008 RDI=ffff88806cf31850 RBP=ffffffff8643b4f8 RSP=ffff88806cf08ba8 R8 =0000000000000000 R9 =fffffbfff0c8768a R10=ffffffff8643b457 R11=0000000000022245 R12=ffff88806cf37d00 R13=0000000000000000 R14=ffffffff8643c034 R15=ffff8880e56d8000 RIP=ffffffff815b6d1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f35c5730700 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe7400000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055557a3bd708 CR3=0000000046cea000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000