Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:56379' (ECDSA) to the list of known hosts. 2025/08/29 13:03:50 fuzzer started 2025/08/29 13:03:50 dialing manager at localhost:43077 syzkaller login: [ 51.171986] cgroup: Unknown subsys name 'net' [ 51.246613] cgroup: Unknown subsys name 'cpuset' [ 51.266782] cgroup: Unknown subsys name 'rlimit' 2025/08/29 13:04:01 syscalls: 2214 2025/08/29 13:04:01 code coverage: enabled 2025/08/29 13:04:01 comparison tracing: enabled 2025/08/29 13:04:01 extra coverage: enabled 2025/08/29 13:04:01 setuid sandbox: enabled 2025/08/29 13:04:01 namespace sandbox: enabled 2025/08/29 13:04:01 Android sandbox: enabled 2025/08/29 13:04:01 fault injection: enabled 2025/08/29 13:04:01 leak checking: enabled 2025/08/29 13:04:01 net packet injection: enabled 2025/08/29 13:04:01 net device setup: enabled 2025/08/29 13:04:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/08/29 13:04:01 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/08/29 13:04:01 USB emulation: enabled 2025/08/29 13:04:01 hci packet injection: enabled 2025/08/29 13:04:01 wifi device emulation: enabled 2025/08/29 13:04:01 802.15.4 emulation: enabled 2025/08/29 13:04:01 fetching corpus: 0, signal 0/2000 (executing program) 2025/08/29 13:04:01 fetching corpus: 50, signal 19132/22756 (executing program) 2025/08/29 13:04:01 fetching corpus: 100, signal 28924/34071 (executing program) 2025/08/29 13:04:01 fetching corpus: 150, signal 37280/43833 (executing program) 2025/08/29 13:04:01 fetching corpus: 200, signal 42862/50751 (executing program) 2025/08/29 13:04:01 fetching corpus: 250, signal 49080/58177 (executing program) 2025/08/29 13:04:02 fetching corpus: 300, signal 53925/64175 (executing program) 2025/08/29 13:04:02 fetching corpus: 350, signal 58723/69988 (executing program) 2025/08/29 13:04:02 fetching corpus: 400, signal 62759/75069 (executing program) 2025/08/29 13:04:02 fetching corpus: 450, signal 66706/79965 (executing program) 2025/08/29 13:04:02 fetching corpus: 500, signal 69848/84062 (executing program) 2025/08/29 13:04:02 fetching corpus: 550, signal 74847/89755 (executing program) 2025/08/29 13:04:02 fetching corpus: 600, signal 77039/92927 (executing program) 2025/08/29 13:04:02 fetching corpus: 650, signal 80495/97140 (executing program) 2025/08/29 13:04:02 fetching corpus: 700, signal 82687/100218 (executing program) 2025/08/29 13:04:02 fetching corpus: 750, signal 84867/103250 (executing program) 2025/08/29 13:04:02 fetching corpus: 800, signal 87326/106452 (executing program) 2025/08/29 13:04:03 fetching corpus: 850, signal 90283/109975 (executing program) 2025/08/29 13:04:03 fetching corpus: 900, signal 92585/112928 (executing program) 2025/08/29 13:04:03 fetching corpus: 950, signal 93967/115111 (executing program) 2025/08/29 13:04:03 fetching corpus: 1000, signal 95978/117809 (executing program) 2025/08/29 13:04:03 fetching corpus: 1050, signal 98162/120487 (executing program) 2025/08/29 13:04:03 fetching corpus: 1100, signal 100002/122904 (executing program) 2025/08/29 13:04:03 fetching corpus: 1150, signal 101105/124742 (executing program) 2025/08/29 13:04:03 fetching corpus: 1200, signal 102201/126510 (executing program) 2025/08/29 13:04:03 fetching corpus: 1250, signal 103777/128640 (executing program) 2025/08/29 13:04:03 fetching corpus: 1300, signal 105494/130832 (executing program) 2025/08/29 13:04:04 fetching corpus: 1350, signal 106711/132700 (executing program) 2025/08/29 13:04:04 fetching corpus: 1400, signal 107614/134271 (executing program) 2025/08/29 13:04:04 fetching corpus: 1450, signal 108769/136000 (executing program) 2025/08/29 13:04:04 fetching corpus: 1500, signal 111042/138551 (executing program) 2025/08/29 13:04:04 fetching corpus: 1550, signal 112045/140098 (executing program) 2025/08/29 13:04:04 fetching corpus: 1600, signal 112767/141448 (executing program) 2025/08/29 13:04:04 fetching corpus: 1650, signal 114235/143347 (executing program) 2025/08/29 13:04:04 fetching corpus: 1700, signal 115242/144879 (executing program) 2025/08/29 13:04:04 fetching corpus: 1750, signal 116308/146431 (executing program) 2025/08/29 13:04:04 fetching corpus: 1800, signal 117284/147915 (executing program) 2025/08/29 13:04:04 fetching corpus: 1850, signal 118420/149438 (executing program) 2025/08/29 13:04:04 fetching corpus: 1900, signal 119225/150779 (executing program) 2025/08/29 13:04:05 fetching corpus: 1950, signal 120065/152040 (executing program) 2025/08/29 13:04:05 fetching corpus: 2000, signal 120657/153184 (executing program) 2025/08/29 13:04:05 fetching corpus: 2050, signal 122064/154762 (executing program) 2025/08/29 13:04:05 fetching corpus: 2100, signal 124984/157229 (executing program) 2025/08/29 13:04:05 fetching corpus: 2150, signal 126218/158628 (executing program) 2025/08/29 13:04:05 fetching corpus: 2200, signal 127020/159827 (executing program) 2025/08/29 13:04:05 fetching corpus: 2250, signal 127850/160994 (executing program) 2025/08/29 13:04:05 fetching corpus: 2300, signal 128804/162203 (executing program) 2025/08/29 13:04:05 fetching corpus: 2350, signal 129556/163361 (executing program) 2025/08/29 13:04:05 fetching corpus: 2400, signal 130619/164610 (executing program) 2025/08/29 13:04:05 fetching corpus: 2450, signal 131541/165742 (executing program) 2025/08/29 13:04:05 fetching corpus: 2500, signal 132466/166932 (executing program) 2025/08/29 13:04:06 fetching corpus: 2550, signal 133270/168063 (executing program) 2025/08/29 13:04:06 fetching corpus: 2600, signal 134512/169520 (executing program) 2025/08/29 13:04:06 fetching corpus: 2650, signal 135522/170616 (executing program) 2025/08/29 13:04:06 fetching corpus: 2700, signal 135996/171506 (executing program) 2025/08/29 13:04:06 fetching corpus: 2750, signal 136750/172488 (executing program) 2025/08/29 13:04:06 fetching corpus: 2800, signal 137281/173377 (executing program) 2025/08/29 13:04:06 fetching corpus: 2850, signal 138146/174438 (executing program) 2025/08/29 13:04:06 fetching corpus: 2900, signal 139167/175509 (executing program) 2025/08/29 13:04:06 fetching corpus: 2950, signal 139962/176441 (executing program) 2025/08/29 13:04:06 fetching corpus: 3000, signal 140638/177271 (executing program) 2025/08/29 13:04:07 fetching corpus: 3050, signal 141287/178099 (executing program) 2025/08/29 13:04:07 fetching corpus: 3100, signal 141886/178899 (executing program) 2025/08/29 13:04:07 fetching corpus: 3150, signal 142666/179787 (executing program) 2025/08/29 13:04:07 fetching corpus: 3200, signal 143332/180596 (executing program) 2025/08/29 13:04:07 fetching corpus: 3250, signal 143951/181416 (executing program) 2025/08/29 13:04:07 fetching corpus: 3300, signal 144599/182236 (executing program) 2025/08/29 13:04:07 fetching corpus: 3350, signal 145207/183029 (executing program) 2025/08/29 13:04:07 fetching corpus: 3400, signal 145764/183775 (executing program) 2025/08/29 13:04:07 fetching corpus: 3450, signal 146314/184467 (executing program) 2025/08/29 13:04:07 fetching corpus: 3500, signal 146806/185095 (executing program) 2025/08/29 13:04:08 fetching corpus: 3550, signal 147502/185810 (executing program) 2025/08/29 13:04:08 fetching corpus: 3600, signal 148218/186535 (executing program) 2025/08/29 13:04:08 fetching corpus: 3650, signal 148865/187196 (executing program) 2025/08/29 13:04:08 fetching corpus: 3700, signal 149508/187912 (executing program) 2025/08/29 13:04:08 fetching corpus: 3750, signal 150030/188519 (executing program) 2025/08/29 13:04:08 fetching corpus: 3800, signal 150481/189131 (executing program) 2025/08/29 13:04:08 fetching corpus: 3850, signal 151173/189762 (executing program) 2025/08/29 13:04:08 fetching corpus: 3900, signal 151914/190386 (executing program) 2025/08/29 13:04:08 fetching corpus: 3950, signal 152370/190926 (executing program) 2025/08/29 13:04:08 fetching corpus: 4000, signal 152997/191509 (executing program) 2025/08/29 13:04:09 fetching corpus: 4050, signal 153550/192075 (executing program) 2025/08/29 13:04:09 fetching corpus: 4100, signal 154230/192685 (executing program) 2025/08/29 13:04:09 fetching corpus: 4150, signal 155063/193274 (executing program) 2025/08/29 13:04:09 fetching corpus: 4200, signal 155647/193835 (executing program) 2025/08/29 13:04:09 fetching corpus: 4250, signal 156056/194358 (executing program) 2025/08/29 13:04:09 fetching corpus: 4300, signal 156668/194844 (executing program) 2025/08/29 13:04:09 fetching corpus: 4350, signal 157282/195436 (executing program) 2025/08/29 13:04:09 fetching corpus: 4400, signal 157748/195883 (executing program) 2025/08/29 13:04:09 fetching corpus: 4450, signal 158135/196378 (executing program) 2025/08/29 13:04:09 fetching corpus: 4500, signal 158656/196860 (executing program) 2025/08/29 13:04:10 fetching corpus: 4550, signal 159242/197342 (executing program) 2025/08/29 13:04:10 fetching corpus: 4600, signal 159717/197780 (executing program) 2025/08/29 13:04:10 fetching corpus: 4650, signal 160308/198180 (executing program) 2025/08/29 13:04:10 fetching corpus: 4700, signal 160787/198571 (executing program) 2025/08/29 13:04:10 fetching corpus: 4750, signal 161380/199050 (executing program) 2025/08/29 13:04:10 fetching corpus: 4800, signal 162125/199624 (executing program) 2025/08/29 13:04:10 fetching corpus: 4850, signal 162648/199768 (executing program) 2025/08/29 13:04:10 fetching corpus: 4900, signal 163239/199786 (executing program) 2025/08/29 13:04:10 fetching corpus: 4950, signal 163650/199817 (executing program) 2025/08/29 13:04:10 fetching corpus: 5000, signal 164193/199832 (executing program) 2025/08/29 13:04:10 fetching corpus: 5050, signal 164724/199856 (executing program) 2025/08/29 13:04:11 fetching corpus: 5100, signal 165078/199857 (executing program) 2025/08/29 13:04:11 fetching corpus: 5150, signal 165474/199866 (executing program) 2025/08/29 13:04:11 fetching corpus: 5200, signal 165754/199867 (executing program) 2025/08/29 13:04:11 fetching corpus: 5250, signal 166866/199868 (executing program) 2025/08/29 13:04:11 fetching corpus: 5300, signal 167216/199905 (executing program) 2025/08/29 13:04:11 fetching corpus: 5350, signal 167556/199907 (executing program) 2025/08/29 13:04:11 fetching corpus: 5400, signal 167931/199913 (executing program) 2025/08/29 13:04:11 fetching corpus: 5450, signal 168363/199944 (executing program) 2025/08/29 13:04:11 fetching corpus: 5500, signal 168770/199961 (executing program) 2025/08/29 13:04:12 fetching corpus: 5550, signal 169158/200119 (executing program) 2025/08/29 13:04:12 fetching corpus: 5600, signal 169593/200138 (executing program) 2025/08/29 13:04:12 fetching corpus: 5650, signal 169842/200139 (executing program) 2025/08/29 13:04:12 fetching corpus: 5700, signal 170188/200146 (executing program) 2025/08/29 13:04:12 fetching corpus: 5750, signal 170627/200158 (executing program) 2025/08/29 13:04:12 fetching corpus: 5800, signal 171022/200169 (executing program) 2025/08/29 13:04:12 fetching corpus: 5850, signal 171250/200175 (executing program) 2025/08/29 13:04:12 fetching corpus: 5900, signal 171565/200179 (executing program) 2025/08/29 13:04:12 fetching corpus: 5950, signal 171821/200189 (executing program) 2025/08/29 13:04:12 fetching corpus: 6000, signal 172287/200197 (executing program) 2025/08/29 13:04:12 fetching corpus: 6050, signal 172642/200202 (executing program) 2025/08/29 13:04:13 fetching corpus: 6100, signal 173133/200204 (executing program) 2025/08/29 13:04:13 fetching corpus: 6150, signal 173446/200209 (executing program) 2025/08/29 13:04:13 fetching corpus: 6200, signal 173933/200219 (executing program) 2025/08/29 13:04:13 fetching corpus: 6250, signal 174440/200233 (executing program) 2025/08/29 13:04:13 fetching corpus: 6300, signal 174816/200238 (executing program) 2025/08/29 13:04:13 fetching corpus: 6350, signal 175071/200241 (executing program) 2025/08/29 13:04:13 fetching corpus: 6400, signal 175470/200245 (executing program) 2025/08/29 13:04:13 fetching corpus: 6450, signal 175761/200258 (executing program) 2025/08/29 13:04:13 fetching corpus: 6500, signal 176188/200283 (executing program) 2025/08/29 13:04:13 fetching corpus: 6550, signal 176570/200290 (executing program) 2025/08/29 13:04:13 fetching corpus: 6600, signal 176792/200298 (executing program) 2025/08/29 13:04:14 fetching corpus: 6650, signal 177129/200316 (executing program) 2025/08/29 13:04:14 fetching corpus: 6700, signal 177398/200319 (executing program) 2025/08/29 13:04:14 fetching corpus: 6750, signal 177721/200319 (executing program) 2025/08/29 13:04:14 fetching corpus: 6800, signal 177955/200320 (executing program) 2025/08/29 13:04:14 fetching corpus: 6850, signal 178337/200378 (executing program) 2025/08/29 13:04:14 fetching corpus: 6900, signal 178613/200379 (executing program) 2025/08/29 13:04:14 fetching corpus: 6950, signal 178886/200379 (executing program) 2025/08/29 13:04:14 fetching corpus: 7000, signal 179171/200386 (executing program) 2025/08/29 13:04:14 fetching corpus: 7050, signal 179507/200512 (executing program) 2025/08/29 13:04:14 fetching corpus: 7100, signal 179852/200520 (executing program) 2025/08/29 13:04:14 fetching corpus: 7150, signal 180146/200530 (executing program) 2025/08/29 13:04:14 fetching corpus: 7200, signal 180450/200534 (executing program) 2025/08/29 13:04:15 fetching corpus: 7250, signal 180721/200534 (executing program) 2025/08/29 13:04:15 fetching corpus: 7300, signal 181008/200543 (executing program) 2025/08/29 13:04:15 fetching corpus: 7350, signal 181364/200546 (executing program) 2025/08/29 13:04:15 fetching corpus: 7400, signal 181731/200552 (executing program) 2025/08/29 13:04:15 fetching corpus: 7450, signal 182036/200554 (executing program) 2025/08/29 13:04:15 fetching corpus: 7500, signal 182519/200569 (executing program) 2025/08/29 13:04:15 fetching corpus: 7550, signal 182864/200575 (executing program) 2025/08/29 13:04:15 fetching corpus: 7600, signal 183340/200578 (executing program) 2025/08/29 13:04:15 fetching corpus: 7650, signal 183620/200584 (executing program) 2025/08/29 13:04:15 fetching corpus: 7700, signal 183861/200588 (executing program) 2025/08/29 13:04:15 fetching corpus: 7750, signal 184152/200589 (executing program) 2025/08/29 13:04:16 fetching corpus: 7800, signal 184429/200592 (executing program) 2025/08/29 13:04:16 fetching corpus: 7850, signal 184639/200608 (executing program) 2025/08/29 13:04:16 fetching corpus: 7900, signal 184862/200617 (executing program) 2025/08/29 13:04:16 fetching corpus: 7950, signal 185175/200629 (executing program) 2025/08/29 13:04:16 fetching corpus: 8000, signal 185546/200655 (executing program) 2025/08/29 13:04:16 fetching corpus: 8050, signal 185793/200667 (executing program) 2025/08/29 13:04:17 fetching corpus: 8100, signal 186048/200682 (executing program) 2025/08/29 13:04:17 fetching corpus: 8150, signal 186327/200690 (executing program) 2025/08/29 13:04:17 fetching corpus: 8200, signal 186526/200696 (executing program) 2025/08/29 13:04:17 fetching corpus: 8250, signal 186730/200707 (executing program) 2025/08/29 13:04:17 fetching corpus: 8300, signal 187326/200720 (executing program) 2025/08/29 13:04:17 fetching corpus: 8350, signal 187646/200805 (executing program) 2025/08/29 13:04:17 fetching corpus: 8400, signal 187922/200807 (executing program) 2025/08/29 13:04:17 fetching corpus: 8450, signal 188041/200811 (executing program) 2025/08/29 13:04:18 fetching corpus: 8500, signal 188384/200820 (executing program) 2025/08/29 13:04:18 fetching corpus: 8550, signal 188720/200829 (executing program) 2025/08/29 13:04:18 fetching corpus: 8600, signal 189074/200831 (executing program) 2025/08/29 13:04:18 fetching corpus: 8650, signal 189407/200832 (executing program) 2025/08/29 13:04:18 fetching corpus: 8700, signal 189774/200864 (executing program) 2025/08/29 13:04:18 fetching corpus: 8750, signal 189997/200874 (executing program) 2025/08/29 13:04:18 fetching corpus: 8800, signal 190321/200875 (executing program) 2025/08/29 13:04:18 fetching corpus: 8850, signal 190513/200879 (executing program) 2025/08/29 13:04:18 fetching corpus: 8900, signal 190806/200880 (executing program) 2025/08/29 13:04:18 fetching corpus: 8950, signal 191056/200885 (executing program) 2025/08/29 13:04:19 fetching corpus: 9000, signal 191466/200911 (executing program) 2025/08/29 13:04:19 fetching corpus: 9050, signal 191808/200994 (executing program) 2025/08/29 13:04:19 fetching corpus: 9100, signal 192003/200998 (executing program) 2025/08/29 13:04:19 fetching corpus: 9150, signal 192188/200998 (executing program) 2025/08/29 13:04:19 fetching corpus: 9200, signal 192443/201005 (executing program) 2025/08/29 13:04:19 fetching corpus: 9250, signal 192650/201013 (executing program) 2025/08/29 13:04:19 fetching corpus: 9300, signal 192860/201024 (executing program) 2025/08/29 13:04:19 fetching corpus: 9350, signal 193285/201026 (executing program) 2025/08/29 13:04:19 fetching corpus: 9400, signal 193621/201026 (executing program) 2025/08/29 13:04:19 fetching corpus: 9450, signal 193861/201029 (executing program) 2025/08/29 13:04:19 fetching corpus: 9500, signal 194119/201029 (executing program) 2025/08/29 13:04:19 fetching corpus: 9550, signal 194470/201033 (executing program) 2025/08/29 13:04:19 fetching corpus: 9600, signal 194642/201034 (executing program) 2025/08/29 13:04:20 fetching corpus: 9650, signal 194852/201041 (executing program) 2025/08/29 13:04:20 fetching corpus: 9700, signal 195020/201046 (executing program) 2025/08/29 13:04:20 fetching corpus: 9750, signal 195218/201048 (executing program) 2025/08/29 13:04:20 fetching corpus: 9800, signal 195401/201049 (executing program) 2025/08/29 13:04:20 fetching corpus: 9850, signal 195591/201062 (executing program) 2025/08/29 13:04:20 fetching corpus: 9900, signal 195780/201065 (executing program) 2025/08/29 13:04:20 fetching corpus: 9950, signal 195951/201081 (executing program) 2025/08/29 13:04:20 fetching corpus: 10000, signal 196131/201094 (executing program) 2025/08/29 13:04:20 fetching corpus: 10050, signal 196314/201103 (executing program) 2025/08/29 13:04:20 fetching corpus: 10100, signal 196479/201149 (executing program) 2025/08/29 13:04:20 fetching corpus: 10150, signal 196862/201182 (executing program) 2025/08/29 13:04:20 fetching corpus: 10200, signal 197138/201187 (executing program) 2025/08/29 13:04:20 fetching corpus: 10201, signal 197139/201187 (executing program) 2025/08/29 13:04:20 fetching corpus: 10201, signal 197139/201187 (executing program) 2025/08/29 13:04:23 starting 8 fuzzer processes 13:04:23 executing program 0: chdir(0x0) 13:04:23 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000040)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000010", 0x8, 0x2c, 0x0, @remote, @local, {[], @echo_request}}}}}, 0x0) 13:04:23 executing program 1: waitid(0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0) 13:04:23 executing program 2: perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:04:23 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0xfffffffffffffecb, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], {0x0, 0x0, 0x8, 0x0, @wg=@initiation={0x1, 0x0, "f27fb4f2073cab13a3ba85e624876c8b7d56600ee715bce5b523cde13508f266", "6dc2548a6b18195c9d186d717ca1c0de9b8fad321ee02591c55dcb98895b9b2398a75f381533f3128808bdea90216a6b", "c980be5d9a157aab09c49451bc72194b2e32a6a9079379b537cb48e3", {"c5bfa1b441bf14fb294e129093ef447a", "d1daaeede6515fb880c3b1f5cd3c72df"}}}}}}}}, 0x0) [ 83.704256] audit: type=1400 audit(1756472663.297:7): avc: denied { execmem } for pid=273 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:04:23 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) fchown(r0, 0x0, 0x0) 13:04:23 executing program 5: r0 = io_uring_setup(0x1ed6, &(0x7f0000000000)) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) 13:04:23 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f00000000c0), 0x12) [ 84.824838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.828972] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.830936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.836150] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.839164] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.963369] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.966041] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.969776] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.974031] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.979222] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.003883] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.014029] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.015773] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.029459] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.033794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.055366] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.064606] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 85.066474] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 85.071960] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 85.074394] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 85.075433] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.076481] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 85.079353] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 85.084376] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.087811] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 85.092041] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 85.097753] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 85.098335] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 85.107474] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 85.115597] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 85.122187] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 85.137086] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.139219] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 85.142060] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 85.148718] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.149987] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 85.164029] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 85.167878] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 85.169617] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 85.198374] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 86.858764] Bluetooth: hci0: command tx timeout [ 87.048771] Bluetooth: hci2: command tx timeout [ 87.112714] Bluetooth: hci1: command tx timeout [ 87.176722] Bluetooth: hci4: command tx timeout [ 87.177241] Bluetooth: hci5: command tx timeout [ 87.244786] Bluetooth: hci7: command tx timeout [ 87.245271] Bluetooth: hci6: command tx timeout [ 87.245770] Bluetooth: hci3: command tx timeout [ 88.907380] Bluetooth: hci0: command tx timeout [ 89.097754] Bluetooth: hci2: command tx timeout [ 89.160662] Bluetooth: hci1: command tx timeout [ 89.224713] Bluetooth: hci5: command tx timeout [ 89.225135] Bluetooth: hci4: command tx timeout [ 89.290661] Bluetooth: hci3: command tx timeout [ 89.291106] Bluetooth: hci6: command tx timeout [ 89.291489] Bluetooth: hci7: command tx timeout [ 90.952673] Bluetooth: hci0: command tx timeout [ 91.145696] Bluetooth: hci2: command tx timeout [ 91.210677] Bluetooth: hci1: command tx timeout [ 91.273734] Bluetooth: hci4: command tx timeout [ 91.274151] Bluetooth: hci5: command tx timeout [ 91.337748] Bluetooth: hci3: command tx timeout [ 91.338166] Bluetooth: hci7: command tx timeout [ 91.338542] Bluetooth: hci6: command tx timeout [ 93.003653] Bluetooth: hci0: command tx timeout [ 93.192736] Bluetooth: hci2: command tx timeout [ 93.258641] Bluetooth: hci1: command tx timeout [ 93.321829] Bluetooth: hci4: command tx timeout [ 93.322248] Bluetooth: hci5: command tx timeout [ 93.384698] Bluetooth: hci6: command tx timeout [ 93.385130] Bluetooth: hci7: command tx timeout [ 93.385520] Bluetooth: hci3: command tx timeout [ 124.061781] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.062437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.303107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.303861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.567686] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.568293] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.723102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.723754] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.393677] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.394280] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.463349] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.464083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.512161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.512812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.586309] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.587081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.638792] audit: type=1400 audit(1756472705.230:8): avc: denied { open } for pid=3850 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.659137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.659788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.706678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.707257] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.762471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.763109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.849984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.850612] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.883038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.883687] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.924961] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.925536] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.087095] audit: type=1400 audit(1756472705.680:9): avc: denied { kernel } for pid=3876 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 126.292975] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.293597] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.339502] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.340242] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 13:05:06 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg(r0, &(0x7f00000001c0)={&(0x7f0000000000)=@nl=@unspec, 0x80, &(0x7f0000000180)=[{&(0x7f0000000080)="ec25aff3", 0x3}, {0x0, 0x4000}], 0x2}, 0x0) 13:05:06 executing program 7: syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000280), 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000500), 0xffffffffffffffff) 13:05:06 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f00000000c0), 0x12) 13:05:06 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x0, @fixed, 0x0, 0x1}, 0xe) listen(r0, 0x3ff) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000280), 0x4) 13:05:06 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f00000017c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random="820395b3262f"}, 0x14) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') pread64(r3, &(0x7f0000000080)=""/203, 0xcb, 0x0) 13:05:06 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) fchown(r0, 0x0, 0x0) 13:05:06 executing program 3: syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB='/'], &(0x7f00000001c0)='./file0\x00', 0x0, 0x22b5c98, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 13:05:06 executing program 2: perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:05:06 executing program 5: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) pwritev2(r1, &(0x7f0000000280)=[{&(0x7f0000000080)="8c", 0x1}], 0x1, 0x2400000, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) creat(&(0x7f00000003c0)='./file0\x00', 0x0) 13:05:06 executing program 3: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETLED(r0, 0x5410, 0x0) 13:05:06 executing program 7: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x401) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0xea60}, 0x0, 0x4}], 0x18) 13:05:06 executing program 6: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f00000000c0), 0x12) 13:05:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x10}}], 0x10}, 0x0) 13:05:06 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) fchown(r0, 0x0, 0x0) 13:05:06 executing program 2: perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:05:06 executing program 1: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=@OVL_FILEID_V0={0x15, 0xfb, {0x0, 0xfb, 0x15, 0x0, 0x0, "a70b404c279300384e9f6643141d8330"}}, &(0x7f0000000140), 0x1400) [ 126.679202] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#1] SMP KASAN NOPTI [ 126.680149] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.680835] CPU: 1 UID: 0 PID: 3918 Comm: syz-executor.7 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.681780] Tainted: [W]=WARN [ 126.682551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.684769] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.685666] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.689695] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.690938] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.691513] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.692086] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.692652] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.693214] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 13:05:06 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x5) setuid(r2) fchown(r0, 0x0, 0x0) [ 126.693784] FS: 00007f9650e52700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.694558] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.695031] CR2: 0000000000000000 CR3: 00000000140d9000 CR4: 0000000000350ef0 [ 126.695614] Call Trace: [ 126.695823] [ 126.696010] ? __pfx_perf_tp_event+0x10/0x10 [ 126.696373] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.696779] ? __is_insn_slot_addr+0x2e/0x290 [ 126.697156] ? __lock_acquire+0x694/0x1b70 [ 126.697492] ? sysvec_kvm_asyncpf_interrupt+0x12/0xc0 [ 126.697905] ? lock_is_held_type+0x9e/0x120 [ 126.698252] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.698639] ? __lock_acquire+0xc65/0x1b70 [ 126.698981] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.699388] perf_trace_run_bpf_submit+0xef/0x180 [ 126.699782] perf_trace_contention_begin+0x235/0x3e0 [ 126.700187] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.700627] ? lock_acquire+0x15e/0x2f0 [ 126.700943] ? pcpu_alloc_noprof+0xaa0/0x1170 [ 126.701309] trace_contention_begin+0xae/0x110 [ 126.701675] __mutex_lock+0x14b/0x1020 [ 126.701993] ? pcpu_alloc_noprof+0xaa0/0x1170 [ 126.702353] ? pcpu_alloc_noprof+0xaa0/0x1170 [ 126.702718] ? do_raw_spin_lock+0x123/0x260 [ 126.703064] ? __pfx___mutex_lock+0x10/0x10 [ 126.703411] ? mark_held_locks+0x49/0x80 [ 126.703741] ? __mutex_lock+0x32f/0x1020 [ 126.704067] ? perf_trace_init+0x4d/0x2f0 [ 126.704400] pcpu_alloc_noprof+0xaa0/0x1170 [ 126.704748] ? __pfx___mutex_lock+0x10/0x10 [ 126.705101] perf_trace_event_init+0x366/0xa10 [ 126.705466] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 126.705874] perf_trace_init+0x1a4/0x2f0 [ 126.706200] perf_tp_event_init+0xa6/0x120 [ 126.706545] perf_try_init_event+0x140/0x9f0 [ 126.706902] perf_event_alloc.part.0+0x118e/0x45f0 [ 126.707297] ? perf_event_alloc.part.0+0x1074/0x45f0 [ 126.707716] ? __fget_files+0x203/0x3b0 [ 126.708036] ? __pfx_perf_event_alloc.part.0+0x10/0x10 [ 126.708455] ? find_held_lock+0x2b/0x80 [ 126.708781] ? __do_sys_perf_event_open+0x11df/0x2c20 [ 126.709193] __do_sys_perf_event_open+0x719/0x2c20 [ 126.709586] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 126.710008] ? find_held_lock+0x2b/0x80 [ 126.710335] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.710751] do_syscall_64+0xbf/0x360 13:05:06 executing program 1: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=@OVL_FILEID_V0={0x15, 0xfb, {0x0, 0xfb, 0x15, 0x0, 0x0, "a70b404c279300384e9f6643141d8330"}}, &(0x7f0000000140), 0x1400) [ 126.711058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.711622] RIP: 0033:0x7f96538dcb19 [ 126.711921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.713341] RSP: 002b:00007f9650e52188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 126.713353] RAX: ffffffffffffffda RBX: 00007f96539eff60 RCX: 00007f96538dcb19 [ 126.713361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 126.713369] RBP: 00007f9653936f6d R08: 0000000000000000 R09: 0000000000000000 [ 126.713376] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 126.713384] R13: 00007ffd128673df R14: 00007f9650e52300 R15: 0000000000022000 [ 126.713398] [ 126.716940] Modules linked in: [ 126.717033] ---[ end trace 0000000000000000 ]--- [ 126.717593] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.717993] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.719467] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.719908] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.720469] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.721047] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.721606] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.722309] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.723048] FS: 00007f9650e52700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.723830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.724446] CR2: 0000000000000000 CR3: 00000000140d9000 CR4: 0000000000350ef0 [ 126.725205] note: syz-executor.7[3918] exited with preempt_count 2 [ 126.728032] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#2] SMP KASAN NOPTI [ 126.729167] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.729991] CPU: 1 UID: 0 PID: 112 Comm: systemd-udevd Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.731192] Tainted: [D]=DIE, [W]=WARN [ 126.731519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.732405] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.732860] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.734367] RSP: 0018:ffff888017def8c0 EFLAGS: 00010213 [ 126.734784] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.735334] RDX: ffff888016c11b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.735964] RBP: ffff888017defb30 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.736694] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.737413] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.737967] FS: 00007f64d214f8c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.738590] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.739043] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.739664] Call Trace: [ 126.739947] [ 126.740160] ? lock_acquire+0x18c/0x2f0 [ 126.740608] ? __pfx_perf_tp_event+0x10/0x10 [ 126.740962] ? __kernel_text_address+0xd/0x40 [ 126.741321] ? unwind_get_return_address+0x59/0xa0 [ 126.741713] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 126.742136] ? arch_stack_walk+0x9c/0xf0 [ 126.742457] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.742913] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.743454] ? stack_depot_save_flags+0x2c/0xa20 [ 126.743941] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.744416] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.744831] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.745225] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.745742] perf_trace_run_bpf_submit+0xef/0x180 [ 126.746235] perf_trace_contention_begin+0x235/0x3e0 [ 126.746745] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.747181] ? lock_acquire+0xc5/0x2f0 [ 126.747497] ? lock_acquire+0x18c/0x2f0 [ 126.747839] trace_contention_begin+0xae/0x110 [ 126.748329] __mutex_lock+0x14b/0x1020 [ 126.748706] ? fdget_pos+0x2a8/0x380 [ 126.749088] ? fdget_pos+0x2a8/0x380 [ 126.749499] ? __pfx___mutex_lock+0x10/0x10 [ 126.749912] ? __pfx_kernfs_iop_getattr+0x10/0x10 [ 126.750418] ? vfs_getattr_nosec+0x2bc/0x3e0 [ 126.750868] ? populate_seccomp_data+0x213/0x540 [ 126.751329] ? __seccomp_filter+0x535/0xfa0 [ 126.751756] ? __pfx___do_sys_newfstat+0x10/0x10 [ 126.752227] fdget_pos+0x2a8/0x380 [ 126.752616] __x64_sys_getdents64+0xe0/0x2c0 [ 126.753058] ? __pfx___x64_sys_getdents64+0x10/0x10 [ 126.753555] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.754148] ? __secure_computing+0x18d/0x290 [ 126.754608] do_syscall_64+0xbf/0x360 [ 126.755000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.755532] RIP: 0033:0x7f64d25d69c7 [ 126.755900] Code: 0f 1f 00 48 8b 47 20 c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 81 fa ff ff ff 7f b8 ff ff ff 7f 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 99 74 0f 00 f7 d8 64 89 02 48 [ 126.757728] RSP: 002b:00007ffcfc6d6ea8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 126.758455] RAX: ffffffffffffffda RBX: 000055816816cd70 RCX: 00007f64d25d69c7 [ 126.759167] RDX: 0000000000008000 RSI: 000055816816cda0 RDI: 0000000000000010 [ 126.759864] RBP: 000055816816cda0 R08: 0000000000000030 R09: 00007f64d26cebe0 [ 126.760582] R10: 0000000000000010 R11: 0000000000000293 R12: fffffffffffffe00 [ 126.761338] R13: 000055816816cd74 R14: 0000000000000000 R15: 0000558168145f30 [ 126.761975] [ 126.762162] Modules linked in: [ 126.763046] ---[ end trace 0000000000000000 ]--- [ 126.763422] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.764263] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.766018] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.766540] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.767116] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.767817] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.768518] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.769266] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.770004] FS: 00007f64d214f8c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.770845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.771374] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.772108] note: systemd-udevd[112] exited with preempt_count 2 [ 126.775652] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#3] SMP KASAN NOPTI [ 126.776526] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.777305] CPU: 1 UID: 0 PID: 30 Comm: rcu_tasks_trace Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.778484] Tainted: [D]=DIE, [W]=WARN [ 126.778860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.779513] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.779888] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.781304] RSP: 0018:ffff8880098b7840 EFLAGS: 00010213 [ 126.781726] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.782441] RDX: ffff8880097ab700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.783015] RBP: ffff8880098b7ab0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.783782] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.784498] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.785117] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.785748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.786204] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 13:05:06 executing program 2: perf_event_open(&(0x7f00000004c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 126.786763] Call Trace: [ 126.787079] [ 126.787267] ? __pfx_perf_tp_event+0x10/0x10 [ 126.787676] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.788161] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.788677] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.789062] ? __lock_acquire+0x694/0x1b70 [ 126.789401] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.789929] ? lock_is_held_type+0x9e/0x120 [ 126.790405] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.790882] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.791404] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.791857] perf_trace_run_bpf_submit+0xef/0x180 [ 126.792360] perf_trace_contention_begin+0x235/0x3e0 [ 126.792876] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.793395] ? lock_acquire+0xc5/0x2f0 [ 126.793786] ? lock_acquire+0x18c/0x2f0 [ 126.794202] trace_contention_begin+0xae/0x110 [ 126.794680] __mutex_lock+0x14b/0x1020 [ 126.795113] ? rcu_tasks_one_gp+0x31/0xcf0 [ 126.795519] ? rcu_tasks_one_gp+0x31/0xcf0 [ 126.795985] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.796538] ? __pfx___mutex_lock+0x10/0x10 [ 126.796992] ? __timer_delete_sync+0x1e2/0x310 [ 126.797435] ? __pfx___timer_delete_sync+0x10/0x10 [ 126.797957] rcu_tasks_one_gp+0x31/0xcf0 [ 126.798407] ? __pfx_process_timeout+0x10/0x10 [ 126.798798] rcu_tasks_kthread+0x1a6/0x240 [ 126.799269] ? __pfx_rcu_tasks_kthread+0x10/0x10 [ 126.799736] kthread+0x3c8/0x740 [ 126.800119] ? __pfx_kthread+0x10/0x10 [ 126.800434] ? ret_from_fork+0x23/0x430 [ 126.800868] ? lock_release+0xc8/0x290 [ 126.801182] ? __pfx_kthread+0x10/0x10 [ 126.801593] ret_from_fork+0x34b/0x430 [ 126.801914] ? __pfx_kthread+0x10/0x10 [ 126.802313] ret_from_fork_asm+0x1a/0x30 [ 126.802648] [ 126.802837] Modules linked in: [ 126.803247] ---[ end trace 0000000000000000 ]--- [ 126.803697] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.804155] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.805836] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 13:05:06 executing program 4: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=@OVL_FILEID_V0={0x15, 0xfb, {0x0, 0xfb, 0x15, 0x0, 0x0, "a70b404c279300384e9f6643141d8330"}}, &(0x7f0000000140), 0x1400) [ 126.806265] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.806962] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.807540] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.808127] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.808746] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.809351] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.810011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.810478] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.811068] note: rcu_tasks_trace[30] exited with preempt_count 2 [ 126.811579] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#4] SMP KASAN NOPTI [ 126.812726] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.813561] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.814480] Tainted: [D]=DIE, [W]=WARN [ 126.814851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.815721] Workqueue: ipv6_addrconf addrconf_dad_work [ 126.816259] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.816762] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.818213] RSP: 0018:ffff8880095ff680 EFLAGS: 00010213 [ 126.818642] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.819214] RDX: ffff8880095dd280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.819800] RBP: ffff8880095ff8f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.820374] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.820944] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.821515] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.822154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.822623] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.823192] Call Trace: [ 126.823403] [ 126.823601] ? __pfx_perf_tp_event+0x10/0x10 [ 126.823968] ? lock_acquire+0x15e/0x2f0 [ 126.824293] ? __asan_memcpy+0x3d/0x60 [ 126.824622] ? find_held_lock+0x2b/0x80 [ 126.824958] ? ip6_finish_output2+0x979/0x1aa0 [ 126.825334] ? lock_release+0xc8/0x290 [ 126.825656] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.826055] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.826453] perf_trace_run_bpf_submit+0xef/0x180 [ 126.826839] perf_trace_contention_begin+0x235/0x3e0 [ 126.827242] ? __lock_acquire+0xc65/0x1b70 [ 126.827586] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.828024] ? lock_acquire+0xc5/0x2f0 [ 126.828335] ? lock_acquire+0x18c/0x2f0 [ 126.828652] trace_contention_begin+0xae/0x110 [ 126.829014] __mutex_lock+0x14b/0x1020 [ 126.829333] ? addrconf_dad_work+0xf6/0x11a0 [ 126.829689] ? addrconf_dad_work+0xf6/0x11a0 [ 126.830046] ? __pfx___mutex_lock+0x10/0x10 [ 126.830390] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.830774] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.831190] addrconf_dad_work+0xf6/0x11a0 [ 126.831535] ? __pfx_addrconf_dad_work+0x10/0x10 [ 126.831915] ? lock_acquire+0x18c/0x2f0 [ 126.832234] ? lock_release+0x1c7/0x290 [ 126.832551] process_one_work+0x8e1/0x19c0 [ 126.832892] ? __pfx_process_one_work+0x10/0x10 [ 126.833261] ? move_linked_works+0x172/0x270 [ 126.833617] ? assign_work+0x196/0x240 [ 126.833932] worker_thread+0x67e/0xe90 [ 126.834241] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.834651] ? __pfx_worker_thread+0x10/0x10 [ 126.835001] kthread+0x3c8/0x740 [ 126.835273] ? __pfx_kthread+0x10/0x10 [ 126.835589] ? ret_from_fork+0x23/0x430 [ 126.835909] ? lock_release+0xc8/0x290 [ 126.836219] ? __pfx_kthread+0x10/0x10 [ 126.836527] ret_from_fork+0x34b/0x430 [ 126.836840] ? __pfx_kthread+0x10/0x10 [ 126.837149] ret_from_fork_asm+0x1a/0x30 [ 126.837476] [ 126.837662] Modules linked in: [ 126.837950] ---[ end trace 0000000000000000 ]--- [ 126.838321] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.838711] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.840139] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.840556] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.841128] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.841701] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.842256] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.842825] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.843384] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.844028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.844485] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.845058] note: kworker/u8:0[12] exited with preempt_count 2 [ 126.845539] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#5] SMP KASAN NOPTI [ 126.846396] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.847072] CPU: 1 UID: 0 PID: 828 Comm: kworker/u10:7 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.847989] Tainted: [D]=DIE, [W]=WARN [ 126.848290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.848932] Workqueue: events_unbound cfg80211_wiphy_work [ 126.849362] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.849734] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.851141] RSP: 0018:ffff88804577f700 EFLAGS: 00010213 [ 126.851562] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.852117] RDX: ffff88801e1b8000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.852670] RBP: ffff88804577f970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.853224] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.853775] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.854332] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.854959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.855411] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.855971] Call Trace: [ 126.856176] [ 126.856361] ? __pfx_perf_tp_event+0x10/0x10 [ 126.856715] ? lock_acquire+0x15e/0x2f0 [ 126.857035] ? find_held_lock+0x2b/0x80 [ 126.857357] ? unwind_next_frame+0x3b2/0x2540 [ 126.857722] ? lock_release+0xc8/0x290 [ 126.858035] ? unwind_next_frame+0x3bc/0x2540 [ 126.858398] ? ret_from_fork_asm+0x1a/0x30 [ 126.858739] ? ret_from_fork_asm+0x1a/0x30 [ 126.859078] ? kernel_text_address+0x11/0xc0 [ 126.859434] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 126.859874] ? arch_stack_walk+0x86/0xf0 [ 126.860198] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.860583] ? ret_from_fork_asm+0x1a/0x30 [ 126.860930] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.861330] perf_trace_run_bpf_submit+0xef/0x180 [ 126.861719] perf_trace_contention_begin+0x235/0x3e0 [ 126.862125] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.862568] ? lock_acquire+0xc5/0x2f0 [ 126.862879] ? lock_acquire+0x18c/0x2f0 [ 126.863199] trace_contention_begin+0xae/0x110 [ 126.863574] __mutex_lock+0x14b/0x1020 [ 126.863893] ? cfg80211_wiphy_work+0x7e/0x480 [ 126.864248] ? cfg80211_wiphy_work+0x7e/0x480 [ 126.864605] ? lock_release+0x1c7/0x290 [ 126.864924] ? __pfx___mutex_lock+0x10/0x10 [ 126.865270] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 126.865679] ? lock_acquire+0xc5/0x2f0 [ 126.865995] cfg80211_wiphy_work+0x7e/0x480 [ 126.866340] process_one_work+0x8e1/0x19c0 [ 126.866680] ? __pfx_process_one_work+0x10/0x10 [ 126.867051] ? move_linked_works+0x172/0x270 [ 126.867409] ? assign_work+0x196/0x240 [ 126.867728] worker_thread+0x67e/0xe90 [ 126.868041] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.868463] ? __pfx_worker_thread+0x10/0x10 [ 126.868819] kthread+0x3c8/0x740 [ 126.869094] ? __pfx_kthread+0x10/0x10 [ 126.869405] ? ret_from_fork+0x23/0x430 [ 126.869730] ? lock_release+0xc8/0x290 [ 126.870042] ? __pfx_kthread+0x10/0x10 [ 126.870355] ret_from_fork+0x34b/0x430 [ 126.870675] ? __pfx_kthread+0x10/0x10 [ 126.870986] ret_from_fork_asm+0x1a/0x30 [ 126.871319] [ 126.871517] Modules linked in: [ 126.872651] ---[ end trace 0000000000000000 ]--- [ 126.873029] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.873406] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.875359] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.875813] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.876376] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.876953] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.877511] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.878086] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.878663] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.879294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.879774] CR2: 0000000000000000 CR3: 000000000a1a8000 CR4: 0000000000350ef0 [ 126.880345] note: kworker/u10:7[828] exited with preempt_count 2 [ 126.885702] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#6] SMP KASAN NOPTI [ 126.886587] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.887270] CPU: 1 UID: 0 PID: 48 Comm: kworker/1:1 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.888185] Tainted: [D]=DIE, [W]=WARN [ 126.888498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.889162] Workqueue: mld mld_ifc_work [ 126.889484] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.889864] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.891295] RSP: 0018:ffff88800b2876c0 EFLAGS: 00010213 [ 126.891725] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.892284] RDX: ffff88800b278000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.892845] RBP: ffff88800b287930 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.893408] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.893970] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.894533] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.895166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.895639] CR2: 00007fe5036f9541 CR3: 000000001f2c7000 CR4: 0000000000350ef0 [ 126.896204] Call Trace: [ 126.896409] [ 126.896598] ? __pfx_perf_tp_event+0x10/0x10 [ 126.896954] ? __local_bh_enable_ip+0xa1/0x110 [ 126.897323] ? selinux_ip_postroute+0x629/0xcd0 [ 126.897704] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.898087] ? __pfx___dev_queue_xmit+0x10/0x10 [ 126.898468] ? register_lock_class+0x41/0x560 [ 126.898833] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.899224] ? __lock_acquire+0xc65/0x1b70 [ 126.899571] ? lock_acquire+0x15e/0x2f0 [ 126.899890] ? ipv6_chk_mcast_addr+0x38/0x990 [ 126.900251] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.900659] ? find_held_lock+0x2b/0x80 [ 126.900982] perf_trace_run_bpf_submit+0xef/0x180 [ 126.901372] perf_trace_contention_begin+0x235/0x3e0 [ 126.901787] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.902232] ? lock_acquire+0xc5/0x2f0 [ 126.902546] ? lock_acquire+0x18c/0x2f0 [ 126.902867] trace_contention_begin+0xae/0x110 [ 126.903237] __mutex_lock+0x14b/0x1020 [ 126.903559] ? mld_ifc_work+0x42/0xb60 [ 126.903872] ? mld_ifc_work+0x42/0xb60 [ 126.904184] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.904579] ? __pfx___mutex_lock+0x10/0x10 [ 126.904929] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.905352] ? lock_acquire+0xc5/0x2f0 [ 126.905666] ? lock_acquire+0x18c/0x2f0 [ 126.905991] ? lock_release+0x1c7/0x290 [ 126.906312] mld_ifc_work+0x42/0xb60 [ 126.906614] ? lock_release+0x1c7/0x290 [ 126.906935] process_one_work+0x8e1/0x19c0 [ 126.907279] ? __pfx_process_one_work+0x10/0x10 [ 126.907663] ? move_linked_works+0x172/0x270 [ 126.908023] ? assign_work+0x196/0x240 [ 126.908335] worker_thread+0x67e/0xe90 [ 126.908656] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.909070] ? __pfx_worker_thread+0x10/0x10 [ 126.909423] kthread+0x3c8/0x740 [ 126.909700] ? __pfx_kthread+0x10/0x10 [ 126.910013] ? ret_from_fork+0x23/0x430 [ 126.910341] ? lock_release+0xc8/0x290 [ 126.910655] ? __pfx_kthread+0x10/0x10 [ 126.910971] ret_from_fork+0x34b/0x430 [ 126.911289] ? __pfx_kthread+0x10/0x10 [ 126.911605] ret_from_fork_asm+0x1a/0x30 [ 126.911935] [ 126.912124] Modules linked in: [ 126.912426] ---[ end trace 0000000000000000 ]--- [ 126.912816] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.913201] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.914639] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.915064] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.915654] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.916214] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.916794] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.917358] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.917946] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.918577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.919051] CR2: 00007fe5036f9541 CR3: 000000001f2c7000 CR4: 0000000000350ef0 [ 126.919637] note: kworker/1:1[48] exited with preempt_count 2 [ 126.923993] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#7] SMP KASAN NOPTI [ 126.924880] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.925565] CPU: 1 UID: 0 PID: 281 Comm: syz-executor.2 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.926502] Tainted: [D]=DIE, [W]=WARN [ 126.926815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.927475] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.927853] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.929278] RSP: 0018:ffff88801bed7400 EFLAGS: 00010213 [ 126.929701] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.930267] RDX: ffff88801be25280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.930828] RBP: ffff88801bed7670 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.931396] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.931979] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.932544] FS: 0000555594efe400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.933180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.933641] CR2: 00007fe5036f9541 CR3: 000000003d6b7000 CR4: 0000000000350ef0 [ 126.934204] Call Trace: [ 126.934412] [ 126.934595] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.934985] ? __pfx_perf_tp_event+0x10/0x10 [ 126.935342] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.935735] ? __pfx_css_rstat_updated+0x10/0x10 [ 126.936117] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.936535] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.936922] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.937346] ? __pfx_perf_trace_lock_acquire+0x10/0x10 13:05:06 executing program 0: io_setup(0x572, &(0x7f0000000140)=0x0) io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 13:05:06 executing program 4: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=@OVL_FILEID_V0={0x15, 0xfb, {0x0, 0xfb, 0x15, 0x0, 0x0, "a70b404c279300384e9f6643141d8330"}}, &(0x7f0000000140), 0x1400) [ 126.937958] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 126.938372] ? lock_acquire+0xc5/0x2f0 [ 126.938691] ? lock_acquire+0x18c/0x2f0 [ 126.939013] ? percpu_counter_add_batch+0x126/0x240 [ 126.939416] ? vm_normal_page+0x154/0x270 [ 126.939766] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.940172] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.940558] perf_trace_run_bpf_submit+0xef/0x180 [ 126.940951] perf_trace_contention_begin+0x235/0x3e0 [ 126.941361] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.941805] ? lock_acquire+0xc5/0x2f0 [ 126.942118] ? lock_acquire+0x18c/0x2f0 [ 126.942443] trace_contention_begin+0xae/0x110 [ 126.942817] __mutex_lock+0x14b/0x1020 [ 126.943137] ? ldt_dup_context+0x46/0x350 [ 126.943476] ? ldt_dup_context+0x46/0x350 [ 126.943813] ? __pfx___mutex_lock+0x10/0x10 [ 126.944160] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 126.944575] ? mas_next_slot+0x13cc/0x1ac0 [ 126.944926] ldt_dup_context+0x46/0x350 [ 126.945246] dup_mmap+0x178e/0x1d10 [ 126.945553] ? __pfx_dup_mmap+0x10/0x10 [ 126.945882] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.946311] ? mm_init+0xe2e/0x1170 [ 126.946606] copy_process+0x3ad5/0x73c0 [ 126.946935] ? __pfx_copy_process+0x10/0x10 [ 126.947284] ? lock_acquire+0xc5/0x2f0 [ 126.947608] ? lock_acquire+0x18c/0x2f0 [ 126.947933] ? do_raw_spin_lock+0x123/0x260 [ 126.948282] kernel_clone+0xea/0x7f0 [ 126.948586] ? __pfx_kernel_clone+0x10/0x10 [ 126.948934] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.949355] ? __pfx___handle_mm_fault+0x10/0x10 [ 126.949744] ? css_rstat_updated+0x1b8/0x4d0 [ 126.950103] ? __pfx_css_rstat_updated+0x10/0x10 [ 126.950493] __do_sys_clone+0xce/0x120 [ 126.950811] ? __pfx___do_sys_clone+0x10/0x10 [ 126.951172] ? count_memcg_events+0x32b/0x420 [ 126.951563] do_syscall_64+0xbf/0x360 [ 126.951871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.952282] RIP: 0033:0x7f3a7c87e10b [ 126.952580] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 126.954008] RSP: 002b:00007fff04e81b70 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 126.954602] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3a7c87e10b [ 126.955167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 126.955743] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000555594efe400 [ 126.956312] R10: 0000555594efe6d0 R11: 0000000000000246 R12: 0000000000000001 [ 126.956869] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff04e81c50 [ 126.957438] [ 126.957626] Modules linked in: [ 126.957994] ---[ end trace 0000000000000000 ]--- [ 126.958370] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.958833] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.960355] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 126.960867] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 126.961439] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.962091] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.962746] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 126.963313] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.963973] FS: 0000555594efe400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.964695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.965158] CR2: 00007fe5036f9541 CR3: 000000003d6b7000 CR4: 0000000000350ef0 [ 126.965795] note: syz-executor.2[281] exited with preempt_count 2 [ 126.967233] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#8] SMP KASAN NOPTI [ 126.968134] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 126.968826] CPU: 1 UID: 0 PID: 3712 Comm: systemd-udevd Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 126.969773] Tainted: [D]=DIE, [W]=WARN [ 126.970082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 126.970735] RIP: 0010:perf_tp_event+0x175/0xe70 [ 126.971114] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 126.972563] RSP: 0018:ffff88803a3d7640 EFLAGS: 00010213 [ 126.972989] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 126.973553] RDX: ffff8880457a5280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 126.974125] RBP: ffff88803a3d78b0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 126.974693] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 126.975264] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 126.975842] FS: 00007f64d214f8c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 126.976487] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.976951] CR2: 00007fe5036f9541 CR3: 000000000e738000 CR4: 0000000000350ef0 [ 126.977521] Call Trace: [ 126.977735] [ 126.977918] ? lock_acquire+0x15e/0x2f0 [ 126.978243] ? __memcg_slab_post_alloc_hook+0x443/0x9d0 [ 126.978680] ? __pfx_perf_tp_event+0x10/0x10 [ 126.979039] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 126.979485] ? __lock_acquire+0x694/0x1b70 [ 126.979830] ? __alloc_skb+0x161/0x370 [ 126.980155] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.980553] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 126.980983] ? css_rstat_updated+0x1b8/0x4d0 [ 126.981352] ? perf_trace_run_bpf_submit+0xef/0x180 [ 126.981760] ? perf_trace_lock_acquire+0xc9/0x700 [ 126.982149] perf_trace_run_bpf_submit+0xef/0x180 [ 126.982539] perf_trace_contention_begin+0x235/0x3e0 [ 126.982951] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 126.983402] ? lock_acquire+0xc5/0x2f0 [ 126.983725] ? lock_acquire+0x18c/0x2f0 [ 126.984060] trace_contention_begin+0xae/0x110 [ 126.984431] __mutex_lock+0x14b/0x1020 [ 126.984752] ? perf_event_exit_task+0x46/0x510 [ 126.985120] ? perf_event_exit_task+0x46/0x510 [ 126.985493] ? lock_release+0x1c7/0x290 [ 126.985813] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 126.986229] ? __pfx___mutex_lock+0x10/0x10 [ 126.986629] ? _raw_spin_unlock_irq+0x23/0x40 [ 126.987146] ? acct_collect+0x654/0x880 [ 126.987518] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.988114] ? __pfx_acct_collect+0x10/0x10 [ 126.988464] ? taskstats_exit+0x8c/0xba0 [ 126.988798] perf_event_exit_task+0x46/0x510 [ 126.989155] do_exit+0x626/0x2970 [ 126.989444] ? schedule_hrtimeout_range_clock+0x1c0/0x310 [ 126.989881] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10 [ 126.990348] ? __pfx_do_exit+0x10/0x10 [ 126.990660] ? do_raw_spin_lock+0x123/0x260 [ 126.991009] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 126.991384] do_group_exit+0xd3/0x2a0 [ 126.991700] get_signal+0x2315/0x2340 [ 126.992012] ? __pfx_sock_write_iter+0x10/0x10 [ 126.992378] ? __pfx_get_signal+0x10/0x10 [ 126.992721] ? __pfx_ep_autoremove_wake_function+0x10/0x10 [ 126.993171] arch_do_signal_or_restart+0x80/0x790 [ 126.993563] ? __pfx___seccomp_filter+0x10/0x10 [ 126.993941] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 126.994371] ? __x64_sys_epoll_wait+0x15b/0x280 [ 126.994749] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 126.995217] ? __pfx___x64_sys_epoll_wait+0x10/0x10 [ 126.995626] ? ksys_write+0x1a3/0x240 [ 126.995935] exit_to_user_mode_loop+0x8b/0x110 [ 126.996306] do_syscall_64+0x2f7/0x360 [ 126.996616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.997024] RIP: 0033:0x7f64d260e0d6 [ 126.997317] Code: 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 18 48 89 74 24 [ 126.998734] RSP: 002b:00007ffcfc6d6ed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 126.999327] RAX: fffffffffffffffc RBX: 0000558168129e80 RCX: 00007f64d260e0d6 [ 126.999896] RDX: 0000000000000002 RSI: 000055816813b990 RDI: 0000000000000003 [ 127.000457] RBP: ffffffffffffffff R08: 0000000000000002 R09: 0000000000000000 [ 127.001014] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 127.001571] R13: 0000000000000002 R14: 000055815323a2e6 R15: 0000000000000000 [ 127.002137] [ 127.002324] Modules linked in: [ 127.002655] ---[ end trace 0000000000000000 ]--- [ 127.003034] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.003411] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.004862] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 127.005282] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 127.005925] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.006486] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.007150] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 127.007740] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.008303] FS: 00007f64d214f8c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.008957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.009415] CR2: 00007fe5036f9541 CR3: 000000000e738000 CR4: 0000000000350ef0 [ 127.009996] note: systemd-udevd[3712] exited with preempt_count 2 [ 127.010480] Fixing recursive fault but reboot is needed! [ 127.010917] BUG: scheduling while atomic: systemd-udevd/3712/0x00000000 [ 127.011441] INFO: lockdep is turned off. [ 127.011783] Modules linked in: [ 127.012044] CPU: 1 UID: 0 PID: 3712 Comm: systemd-udevd Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.012062] Tainted: [D]=DIE, [W]=WARN [ 127.012066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.012072] Call Trace: [ 127.012076] [ 127.012080] dump_stack_lvl+0xfa/0x120 [ 127.012098] __schedule_bug+0xb9/0x100 [ 127.012110] __schedule+0x24f3/0x3590 [ 127.012124] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.012138] ? __pfx_vprintk_emit+0x10/0x10 [ 127.012156] ? arch_do_signal_or_restart+0x80/0x790 [ 127.012171] ? __pfx___schedule+0x10/0x10 [ 127.012185] ? do_raw_spin_lock+0x123/0x260 [ 127.012200] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.012214] ? lock_acquire+0x18c/0x2f0 [ 127.012227] ? ksys_write+0x1a3/0x240 [ 127.012238] ? lock_release+0x1c7/0x290 [ 127.012251] ? do_task_dead+0x3e/0x110 [ 127.012264] do_task_dead+0xdc/0x110 [ 127.012278] make_task_dead+0x373/0x3b0 [ 127.012290] ? do_syscall_64+0x2f7/0x360 [ 127.012300] rewind_stack_and_make_dead+0x16/0x20 [ 127.012316] RIP: 0033:0x7f64d260e0d6 [ 127.012323] Code: 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 18 48 89 74 24 [ 127.012334] RSP: 002b:00007ffcfc6d6ed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 127.012344] RAX: fffffffffffffffc RBX: 0000558168129e80 RCX: 00007f64d260e0d6 [ 127.012351] RDX: 0000000000000002 RSI: 000055816813b990 RDI: 0000000000000003 [ 127.012358] RBP: ffffffffffffffff R08: 0000000000000002 R09: 0000000000000000 [ 127.012365] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 127.012371] R13: 0000000000000002 R14: 000055815323a2e6 R15: 0000000000000000 [ 127.012383] [ 127.026604] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#9] SMP KASAN NOPTI [ 127.027485] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 127.028163] CPU: 1 UID: 0 PID: 3856 Comm: systemd-udevd Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.029089] Tainted: [D]=DIE, [W]=WARN [ 127.029394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.030045] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.030423] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.031864] RSP: 0018:ffff88803a36f640 EFLAGS: 00010213 [ 127.032287] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.032850] RDX: ffff88801bd8d280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.033412] RBP: ffff88803a36f8b0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 13:05:06 executing program 4: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) name_to_handle_at(r0, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=@OVL_FILEID_V0={0x15, 0xfb, {0x0, 0xfb, 0x15, 0x0, 0x0, "a70b404c279300384e9f6643141d8330"}}, &(0x7f0000000140), 0x1400) [ 127.033971] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.034697] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.035281] FS: 00007f64d214f8c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.035920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.036377] CR2: 00007fe5036f9541 CR3: 000000001e25d000 CR4: 0000000000350ef0 [ 127.036992] Call Trace: [ 127.037278] [ 127.037462] ? lock_acquire+0x15e/0x2f0 [ 127.037867] ? __memcg_slab_post_alloc_hook+0x443/0x9d0 [ 127.038433] ? __pfx_perf_tp_event+0x10/0x10 [ 127.038789] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 127.039218] ? __lock_acquire+0x694/0x1b70 [ 127.039562] ? __alloc_skb+0x161/0x370 [ 127.039880] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.040268] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.040688] ? css_rstat_updated+0x1b8/0x4d0 [ 127.041046] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.041445] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.041837] perf_trace_run_bpf_submit+0xef/0x180 [ 127.042226] perf_trace_contention_begin+0x235/0x3e0 [ 127.042631] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.043072] ? lock_acquire+0xc5/0x2f0 [ 127.043383] ? lock_acquire+0x18c/0x2f0 [ 127.043710] trace_contention_begin+0xae/0x110 [ 127.044083] __mutex_lock+0x14b/0x1020 [ 127.044401] ? perf_event_exit_task+0x46/0x510 [ 127.044767] ? perf_event_exit_task+0x46/0x510 [ 127.045136] ? lock_release+0x1c7/0x290 [ 127.045455] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.045870] ? __pfx___mutex_lock+0x10/0x10 [ 127.046214] ? _raw_spin_unlock_irq+0x23/0x40 [ 127.046575] ? acct_collect+0x654/0x880 [ 127.046903] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 127.047372] ? __pfx_acct_collect+0x10/0x10 [ 127.047722] ? taskstats_exit+0x8c/0xba0 [ 127.048056] perf_event_exit_task+0x46/0x510 [ 127.048413] do_exit+0x626/0x2970 [ 127.048697] ? schedule_hrtimeout_range_clock+0x1c0/0x310 [ 127.049130] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10 [ 127.049594] ? __pfx_do_exit+0x10/0x10 [ 127.049907] ? do_raw_spin_lock+0x123/0x260 [ 127.050253] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.050626] do_group_exit+0xd3/0x2a0 [ 127.050934] get_signal+0x2315/0x2340 [ 127.051247] ? __pfx_sock_write_iter+0x10/0x10 [ 127.051619] ? __pfx_get_signal+0x10/0x10 [ 127.051955] ? __pfx_ep_autoremove_wake_function+0x10/0x10 [ 127.052397] arch_do_signal_or_restart+0x80/0x790 [ 127.052786] ? __pfx___seccomp_filter+0x10/0x10 [ 127.053161] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 127.053592] ? __x64_sys_epoll_wait+0x15b/0x280 [ 127.053963] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 127.054432] ? __pfx___x64_sys_epoll_wait+0x10/0x10 [ 127.054830] ? ksys_write+0x1a3/0x240 [ 127.055138] exit_to_user_mode_loop+0x8b/0x110 [ 127.055508] do_syscall_64+0x2f7/0x360 [ 127.055818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.056226] RIP: 0033:0x7f64d260e0d6 [ 127.056520] Code: 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 18 48 89 74 24 [ 127.057943] RSP: 002b:00007ffcfc6d6ed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 127.058542] RAX: fffffffffffffffc RBX: 0000558168153f20 RCX: 00007f64d260e0d6 [ 127.059101] RDX: 0000000000000002 RSI: 00005581680fd370 RDI: 0000000000000003 [ 127.059665] RBP: ffffffffffffffff R08: 0000000000000002 R09: 0000000000000000 [ 127.060223] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 127.060786] R13: 0000000000000002 R14: 000055815323a2e6 R15: 0000000000000000 [ 127.061348] [ 127.061538] Modules linked in: [ 127.061907] ---[ end trace 0000000000000000 ]--- [ 127.062372] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.062905] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.064422] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 127.064983] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 127.065783] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.066346] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.066990] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 127.067564] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.068139] FS: 00007f64d214f8c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.069432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.070312] CR2: 00007fe5036f9541 CR3: 000000001e25d000 CR4: 0000000000350ef0 [ 127.070907] note: systemd-udevd[3856] exited with preempt_count 2 [ 127.071390] Fixing recursive fault but reboot is needed! [ 127.071831] BUG: scheduling while atomic: systemd-udevd/3856/0x00000000 [ 127.072354] INFO: lockdep is turned off. [ 127.072686] Modules linked in: [ 127.072950] CPU: 1 UID: 0 PID: 3856 Comm: systemd-udevd Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.072968] Tainted: [D]=DIE, [W]=WARN [ 127.072972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.072978] Call Trace: [ 127.072981] [ 127.072985] dump_stack_lvl+0xfa/0x120 [ 127.073002] __schedule_bug+0xb9/0x100 [ 127.073014] __schedule+0x24f3/0x3590 [ 127.073027] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.073041] ? __pfx_vprintk_emit+0x10/0x10 [ 127.073058] ? arch_do_signal_or_restart+0x80/0x790 [ 127.073074] ? __pfx___schedule+0x10/0x10 [ 127.073088] ? do_raw_spin_lock+0x123/0x260 [ 127.073103] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.073117] ? lock_acquire+0x18c/0x2f0 [ 127.073130] ? ksys_write+0x1a3/0x240 [ 127.073140] ? lock_release+0x1c7/0x290 [ 127.073153] ? do_task_dead+0x3e/0x110 [ 127.073166] do_task_dead+0xdc/0x110 [ 127.073179] make_task_dead+0x373/0x3b0 [ 127.073192] ? do_syscall_64+0x2f7/0x360 [ 127.073202] rewind_stack_and_make_dead+0x16/0x20 [ 127.073217] RIP: 0033:0x7f64d260e0d6 [ 127.073225] Code: 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 18 48 89 74 24 [ 127.073235] RSP: 002b:00007ffcfc6d6ed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 127.073245] RAX: fffffffffffffffc RBX: 0000558168153f20 RCX: 00007f64d260e0d6 [ 127.073253] RDX: 0000000000000002 RSI: 00005581680fd370 RDI: 0000000000000003 [ 127.073259] RBP: ffffffffffffffff R08: 0000000000000002 R09: 0000000000000000 [ 127.073266] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 127.073273] R13: 0000000000000002 R14: 000055815323a2e6 R15: 0000000000000000 [ 127.073285] [ 127.086652] BUG: Bad page state in process syz-executor.1 pfn:3a3d1 [ 127.087175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d1 [ 127.087824] flags: 0x100000000000000(node=0|zone=1) [ 127.088222] page_type: f9(unknown) [ 127.088518] raw: 0100000000000000 ffffea0000e8f448 ffffea0000e8f448 0000000000000000 [ 127.089147] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.089772] page dumped because: nonzero mapcount [ 127.090154] Modules linked in: [ 127.090418] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.090440] Tainted: [D]=DIE, [W]=WARN [ 127.090445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.090452] Call Trace: [ 127.090456] [ 127.090460] dump_stack_lvl+0xfa/0x120 [ 127.090481] bad_page+0x8c/0x1c0 [ 127.090495] __free_frozen_pages+0xaf9/0xe10 [ 127.090515] ? rcu_core+0x7c3/0x1800 [ 127.090531] rcu_core+0x7c8/0x1800 [ 127.090549] ? __pfx_rcu_core+0x10/0x10 [ 127.090565] ? clockevents_program_event+0x135/0x360 [ 127.090585] ? tick_program_event+0xac/0x140 [ 127.090597] ? hrtimer_interrupt+0x652/0x830 [ 127.090611] handle_softirqs+0x1b1/0x770 [ 127.090638] __irq_exit_rcu+0xc4/0x100 [ 127.090659] irq_exit_rcu+0x9/0x20 [ 127.090670] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.090689] [ 127.090693] [ 127.090697] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.090712] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.090733] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.090746] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.090757] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.090765] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.090774] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.090783] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.090791] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.090803] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.090828] exit_mmap+0x3a4/0xaa0 [ 127.090849] ? __pfx_exit_mmap+0x10/0x10 [ 127.090870] ? __mutex_lock+0x166/0x1020 [ 127.090892] ? __pfx___mutex_lock+0x10/0x10 [ 127.090916] ? do_raw_spin_lock+0x123/0x260 [ 127.090934] ? arch_uprobe_clear_state+0x16/0x140 [ 127.090955] mmput+0xd5/0x390 [ 127.090976] do_exit+0x79d/0x2970 [ 127.090992] ? signal_wake_up_state+0x85/0x120 [ 127.091009] ? zap_other_threads+0x2b9/0x3a0 [ 127.091027] ? __pfx_do_exit+0x10/0x10 [ 127.091042] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.091060] ? lock_release+0x1c7/0x290 [ 127.091077] do_group_exit+0xd3/0x2a0 [ 127.091094] __x64_sys_exit_group+0x3e/0x50 [ 127.091111] x64_sys_call+0x18c5/0x18d0 [ 127.091128] do_syscall_64+0xbf/0x360 [ 127.091140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.091153] RIP: 0033:0x7fe503679b19 [ 127.091162] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.091168] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.091180] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.091189] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.091197] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.091205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.091213] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.091227] [ 127.118991] BUG: Bad page state in process syz-executor.1 pfn:3a3d2 [ 127.119504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d2 [ 127.120157] flags: 0x100000000000000(node=0|zone=1) [ 127.120584] page_type: f9(unknown) [ 127.120990] raw: 0100000000000000 ffffea0000e8f488 ffffea0000e8f488 0000000000000000 [ 127.121772] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.122533] page dumped because: nonzero mapcount [ 127.123042] Modules linked in: [ 127.123371] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.123392] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.123397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.123404] Call Trace: [ 127.123408] [ 127.123412] dump_stack_lvl+0xfa/0x120 [ 127.123431] bad_page+0x8c/0x1c0 [ 127.123443] __free_frozen_pages+0xaf9/0xe10 [ 127.123469] ? rcu_core+0x7c3/0x1800 [ 127.123484] rcu_core+0x7c8/0x1800 [ 127.123501] ? __pfx_rcu_core+0x10/0x10 [ 127.123516] ? clockevents_program_event+0x135/0x360 [ 127.123533] ? tick_program_event+0xac/0x140 [ 127.123545] ? hrtimer_interrupt+0x652/0x830 [ 127.123558] handle_softirqs+0x1b1/0x770 [ 127.123580] __irq_exit_rcu+0xc4/0x100 [ 127.123599] irq_exit_rcu+0x9/0x20 [ 127.123609] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.123630] [ 127.123634] [ 127.123638] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.123652] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.123671] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.123683] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.123693] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.123701] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.123709] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.123717] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.123725] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.123736] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.123759] exit_mmap+0x3a4/0xaa0 [ 127.123776] ? __pfx_exit_mmap+0x10/0x10 [ 127.123793] ? __mutex_lock+0x166/0x1020 [ 127.123813] ? __pfx___mutex_lock+0x10/0x10 [ 127.123836] ? do_raw_spin_lock+0x123/0x260 [ 127.123852] ? arch_uprobe_clear_state+0x16/0x140 [ 127.123872] mmput+0xd5/0x390 [ 127.123891] do_exit+0x79d/0x2970 [ 127.123905] ? signal_wake_up_state+0x85/0x120 [ 127.123921] ? zap_other_threads+0x2b9/0x3a0 [ 127.123938] ? __pfx_do_exit+0x10/0x10 [ 127.123951] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.123969] ? lock_release+0x1c7/0x290 [ 127.123984] do_group_exit+0xd3/0x2a0 [ 127.124000] __x64_sys_exit_group+0x3e/0x50 [ 127.124015] x64_sys_call+0x18c5/0x18d0 [ 127.124031] do_syscall_64+0xbf/0x360 [ 127.124043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.124055] RIP: 0033:0x7fe503679b19 [ 127.124064] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.124069] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.124080] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.124088] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.124096] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.124104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.124111] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.124124] [ 127.150394] BUG: Bad page state in process syz-executor.1 pfn:3a3d3 [ 127.150915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d3 [ 127.151558] flags: 0x100000000000000(node=0|zone=1) [ 127.152057] page_type: f9(unknown) [ 127.152413] raw: 0100000000000000 ffffea0000e8f4c8 ffffea0000e8f4c8 0000000000000000 [ 127.153104] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.153732] page dumped because: nonzero mapcount [ 127.154248] Modules linked in: [ 127.154569] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.154591] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.154595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.154602] Call Trace: [ 127.154606] [ 127.154610] dump_stack_lvl+0xfa/0x120 [ 127.154633] bad_page+0x8c/0x1c0 [ 127.154645] __free_frozen_pages+0xaf9/0xe10 [ 127.154663] ? rcu_core+0x7c3/0x1800 [ 127.154678] rcu_core+0x7c8/0x1800 [ 127.154695] ? __pfx_rcu_core+0x10/0x10 [ 127.154710] ? clockevents_program_event+0x135/0x360 [ 127.154727] ? tick_program_event+0xac/0x140 [ 127.154739] ? hrtimer_interrupt+0x652/0x830 [ 127.154752] handle_softirqs+0x1b1/0x770 [ 127.154774] __irq_exit_rcu+0xc4/0x100 [ 127.154793] irq_exit_rcu+0x9/0x20 [ 127.154803] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.154820] [ 127.154824] [ 127.154828] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.154842] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.154861] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.154873] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.154882] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.154891] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.154899] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.154906] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.154915] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.154926] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.154950] exit_mmap+0x3a4/0xaa0 [ 127.154971] ? __pfx_exit_mmap+0x10/0x10 [ 127.154988] ? __mutex_lock+0x166/0x1020 [ 127.155009] ? __pfx___mutex_lock+0x10/0x10 [ 127.155032] ? do_raw_spin_lock+0x123/0x260 [ 127.155048] ? arch_uprobe_clear_state+0x16/0x140 [ 127.155068] mmput+0xd5/0x390 [ 127.155087] do_exit+0x79d/0x2970 [ 127.155101] ? signal_wake_up_state+0x85/0x120 [ 127.155116] ? zap_other_threads+0x2b9/0x3a0 [ 127.155133] ? __pfx_do_exit+0x10/0x10 [ 127.155147] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.155164] ? lock_release+0x1c7/0x290 [ 127.155180] do_group_exit+0xd3/0x2a0 [ 127.155195] __x64_sys_exit_group+0x3e/0x50 [ 127.155211] x64_sys_call+0x18c5/0x18d0 [ 127.155227] do_syscall_64+0xbf/0x360 [ 127.155238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.155250] RIP: 0033:0x7fe503679b19 [ 127.155259] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.155264] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.155276] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.155284] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.155291] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.155299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.155306] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.155320] [ 127.177805] BUG: Bad page state in process syz-executor.1 pfn:3a3d4 [ 127.178312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d4 [ 127.178955] flags: 0x100000000000000(node=0|zone=1) [ 127.179353] page_type: f9(unknown) [ 127.179665] raw: 0100000000000000 ffffea0000e8f508 ffffea0000e8f508 0000000000000000 [ 127.180275] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.180901] page dumped because: nonzero mapcount [ 127.181282] Modules linked in: [ 127.181548] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.181570] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.181575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.181582] Call Trace: [ 127.181586] [ 127.181590] dump_stack_lvl+0xfa/0x120 [ 127.181610] bad_page+0x8c/0x1c0 [ 127.181625] __free_frozen_pages+0xaf9/0xe10 [ 127.181643] ? rcu_core+0x7c3/0x1800 [ 127.181658] rcu_core+0x7c8/0x1800 [ 127.181676] ? __pfx_rcu_core+0x10/0x10 [ 127.181690] ? clockevents_program_event+0x135/0x360 [ 127.181708] ? tick_program_event+0xac/0x140 [ 127.181720] ? hrtimer_interrupt+0x652/0x830 [ 127.181733] handle_softirqs+0x1b1/0x770 [ 127.181755] __irq_exit_rcu+0xc4/0x100 [ 127.181774] irq_exit_rcu+0x9/0x20 [ 127.181785] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.181802] [ 127.181805] [ 127.181810] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.181823] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.181843] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.181854] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.181864] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.181872] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.181880] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.181888] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.181897] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.181907] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.181930] exit_mmap+0x3a4/0xaa0 [ 127.181948] ? __pfx_exit_mmap+0x10/0x10 [ 127.181965] ? __mutex_lock+0x166/0x1020 [ 127.181985] ? __pfx___mutex_lock+0x10/0x10 [ 127.182008] ? do_raw_spin_lock+0x123/0x260 [ 127.182024] ? arch_uprobe_clear_state+0x16/0x140 [ 127.182044] mmput+0xd5/0x390 [ 127.182063] do_exit+0x79d/0x2970 [ 127.182077] ? signal_wake_up_state+0x85/0x120 [ 127.182094] ? zap_other_threads+0x2b9/0x3a0 [ 127.182111] ? __pfx_do_exit+0x10/0x10 [ 127.182126] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.182143] ? lock_release+0x1c7/0x290 [ 127.182160] do_group_exit+0xd3/0x2a0 [ 127.182177] __x64_sys_exit_group+0x3e/0x50 [ 127.182193] x64_sys_call+0x18c5/0x18d0 [ 127.182210] do_syscall_64+0xbf/0x360 [ 127.182222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.182235] RIP: 0033:0x7fe503679b19 [ 127.182245] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.182251] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.182263] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.182272] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.182281] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.182290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.182299] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.182313] [ 127.204790] BUG: Bad page state in process syz-executor.1 pfn:3a3d5 [ 127.205297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d5 [ 127.205937] flags: 0x100000000000000(node=0|zone=1) [ 127.206337] page_type: f9(unknown) [ 127.206644] raw: 0100000000000000 ffffea0000e8f548 ffffea0000e8f548 0000000000000000 [ 127.207260] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.207893] page dumped because: nonzero mapcount [ 127.208272] Modules linked in: [ 127.208535] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.208555] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.208560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.208566] Call Trace: [ 127.208570] [ 127.208575] dump_stack_lvl+0xfa/0x120 [ 127.208592] bad_page+0x8c/0x1c0 [ 127.208604] __free_frozen_pages+0xaf9/0xe10 [ 127.208624] ? rcu_core+0x7c3/0x1800 [ 127.208638] rcu_core+0x7c8/0x1800 [ 127.208654] ? __pfx_rcu_core+0x10/0x10 [ 127.208668] ? clockevents_program_event+0x135/0x360 [ 127.208685] ? tick_program_event+0xac/0x140 [ 127.208696] ? hrtimer_interrupt+0x652/0x830 [ 127.208708] handle_softirqs+0x1b1/0x770 [ 127.208728] __irq_exit_rcu+0xc4/0x100 [ 127.208745] irq_exit_rcu+0x9/0x20 [ 127.208755] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.208771] [ 127.208774] [ 127.208778] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.208791] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.208810] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.208821] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.208829] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.208837] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.208845] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.208852] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.208860] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.208870] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.208891] exit_mmap+0x3a4/0xaa0 [ 127.208908] ? __pfx_exit_mmap+0x10/0x10 [ 127.208923] ? __mutex_lock+0x166/0x1020 [ 127.208942] ? __pfx___mutex_lock+0x10/0x10 [ 127.208963] ? do_raw_spin_lock+0x123/0x260 [ 127.208978] ? arch_uprobe_clear_state+0x16/0x140 [ 127.208997] mmput+0xd5/0x390 [ 127.209015] do_exit+0x79d/0x2970 [ 127.209028] ? signal_wake_up_state+0x85/0x120 [ 127.209042] ? zap_other_threads+0x2b9/0x3a0 [ 127.209058] ? __pfx_do_exit+0x10/0x10 [ 127.209071] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.209087] ? lock_release+0x1c7/0x290 [ 127.209101] do_group_exit+0xd3/0x2a0 [ 127.209116] __x64_sys_exit_group+0x3e/0x50 [ 127.209131] x64_sys_call+0x18c5/0x18d0 [ 127.209145] do_syscall_64+0xbf/0x360 [ 127.209156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.209167] RIP: 0033:0x7fe503679b19 [ 127.209175] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.209180] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.209191] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.209198] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.209206] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.209213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.209220] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.209232] [ 127.231717] BUG: Bad page state in process syz-executor.1 pfn:3a3d6 [ 127.232226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d6 [ 127.232869] flags: 0x100000000000000(node=0|zone=1) [ 127.233264] page_type: f9(unknown) [ 127.233552] raw: 0100000000000000 ffffea0000e8f588 ffffea0000e8f588 0000000000000000 [ 127.234175] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.234802] page dumped because: nonzero mapcount [ 127.235183] Modules linked in: [ 127.235442] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.235469] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.235474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.235480] Call Trace: [ 127.235484] [ 127.235489] dump_stack_lvl+0xfa/0x120 [ 127.235507] bad_page+0x8c/0x1c0 [ 127.235518] __free_frozen_pages+0xaf9/0xe10 [ 127.235535] ? rcu_core+0x7c3/0x1800 [ 127.235549] rcu_core+0x7c8/0x1800 [ 127.235565] ? __pfx_rcu_core+0x10/0x10 [ 127.235579] ? clockevents_program_event+0x135/0x360 [ 127.235596] ? tick_program_event+0xac/0x140 [ 127.235607] ? hrtimer_interrupt+0x652/0x830 [ 127.235623] handle_softirqs+0x1b1/0x770 [ 127.235643] __irq_exit_rcu+0xc4/0x100 [ 127.235661] irq_exit_rcu+0x9/0x20 [ 127.235671] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.235686] [ 127.235690] [ 127.235694] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.235707] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.235725] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.235736] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.235745] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.235753] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.235760] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.235767] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.235775] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.235786] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.235807] exit_mmap+0x3a4/0xaa0 [ 127.235823] ? __pfx_exit_mmap+0x10/0x10 [ 127.235839] ? __mutex_lock+0x166/0x1020 [ 127.235858] ? __pfx___mutex_lock+0x10/0x10 [ 127.235880] ? do_raw_spin_lock+0x123/0x260 [ 127.235895] ? arch_uprobe_clear_state+0x16/0x140 [ 127.235913] mmput+0xd5/0x390 [ 127.235931] do_exit+0x79d/0x2970 [ 127.235944] ? signal_wake_up_state+0x85/0x120 [ 127.235958] ? zap_other_threads+0x2b9/0x3a0 [ 127.235974] ? __pfx_do_exit+0x10/0x10 [ 127.235987] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.236002] ? lock_release+0x1c7/0x290 [ 127.236017] do_group_exit+0xd3/0x2a0 [ 127.236032] __x64_sys_exit_group+0x3e/0x50 [ 127.236046] x64_sys_call+0x18c5/0x18d0 [ 127.236061] do_syscall_64+0xbf/0x360 [ 127.236072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.236083] RIP: 0033:0x7fe503679b19 [ 127.236091] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.236097] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.236107] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.236115] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.236122] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.236129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.236136] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.236148] [ 127.263487] BUG: Bad page state in process syz-executor.1 pfn:3a3d7 [ 127.264114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a3d7 [ 127.264921] flags: 0x100000000000000(node=0|zone=1) [ 127.265405] page_type: f9(unknown) [ 127.265715] raw: 0100000000000000 ffffea0000e8f5c8 ffffea0000e8f5c8 0000000000000000 [ 127.266434] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.267224] page dumped because: nonzero mapcount [ 127.267709] Modules linked in: [ 127.268020] CPU: 1 UID: 0 PID: 3932 Comm: syz-executor.1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.268040] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.268045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.268051] Call Trace: [ 127.268055] [ 127.268059] dump_stack_lvl+0xfa/0x120 [ 127.268077] bad_page+0x8c/0x1c0 [ 127.268088] __free_frozen_pages+0xaf9/0xe10 [ 127.268105] ? rcu_core+0x7c3/0x1800 [ 127.268118] rcu_core+0x7c8/0x1800 [ 127.268134] ? __pfx_rcu_core+0x10/0x10 [ 127.268148] ? clockevents_program_event+0x135/0x360 [ 127.268165] ? tick_program_event+0xac/0x140 [ 127.268178] ? hrtimer_interrupt+0x652/0x830 [ 127.268192] handle_softirqs+0x1b1/0x770 [ 127.268213] __irq_exit_rcu+0xc4/0x100 [ 127.268230] irq_exit_rcu+0x9/0x20 [ 127.268240] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.268256] [ 127.268259] [ 127.268263] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.268276] RIP: 0010:tlb_finish_mmu+0x285/0x7e0 [ 127.268293] Code: 48 c1 ea 03 80 3c 02 00 0f 85 70 04 00 00 49 8b 1c 24 be 04 00 00 00 48 8d bb 30 09 00 00 e8 a2 b0 0f 00 f0 ff 8b 30 09 00 00 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 b8 1d 03 e8 53 99 [ 127.268304] RSP: 0018:ffff888046c4fbc0 EFLAGS: 00000246 [ 127.268313] RAX: 0000000000000001 RBX: ffff888016ba3f00 RCX: ffffffff81a04e0e [ 127.268321] RDX: ffffed1002d74907 RSI: 0000000000000004 RDI: ffff888016ba4830 [ 127.268328] RBP: ffff88801cc50000 R08: 0000000000000001 R09: ffffed1002d74906 [ 127.268336] R10: ffff888016ba4833 R11: ffff88806cf3c540 R12: ffff888046c4fce0 [ 127.268344] R13: dffffc0000000000 R14: ffff888046c4fd10 R15: 000000000000000c [ 127.268354] ? tlb_finish_mmu+0x27e/0x7e0 [ 127.268375] exit_mmap+0x3a4/0xaa0 [ 127.268392] ? __pfx_exit_mmap+0x10/0x10 [ 127.268407] ? __mutex_lock+0x166/0x1020 [ 127.268426] ? __pfx___mutex_lock+0x10/0x10 [ 127.268447] ? do_raw_spin_lock+0x123/0x260 [ 127.268462] ? arch_uprobe_clear_state+0x16/0x140 [ 127.268481] mmput+0xd5/0x390 [ 127.268499] do_exit+0x79d/0x2970 [ 127.268512] ? signal_wake_up_state+0x85/0x120 [ 127.268526] ? zap_other_threads+0x2b9/0x3a0 [ 127.268542] ? __pfx_do_exit+0x10/0x10 [ 127.268554] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.268570] ? lock_release+0x1c7/0x290 [ 127.268585] do_group_exit+0xd3/0x2a0 [ 127.268600] __x64_sys_exit_group+0x3e/0x50 [ 127.268614] x64_sys_call+0x18c5/0x18d0 [ 127.268633] do_syscall_64+0xbf/0x360 [ 127.268644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.268655] RIP: 0033:0x7fe503679b19 [ 127.268663] Code: Unable to access opcode bytes at 0x7fe503679aef. [ 127.268668] RSP: 002b:00007fff8f7c90a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.268679] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fe503679b19 [ 127.268686] RDX: 00007fe50362c72b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 127.268694] RBP: 0000000000000000 R08: 0000001b2cd249b8 R09: 0000000000000000 [ 127.268701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.268708] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff8f7c9190 [ 127.268720] [ 127.296036] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#10] SMP KASAN NOPTI [ 127.296938] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 127.297618] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.298539] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.298934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.299584] Workqueue: events_unbound cfg80211_wiphy_work [ 127.300027] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.300405] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.301829] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.302250] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.302811] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.303374] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.303944] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.304504] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.305068] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.305701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.306158] CR2: 00007f7f350147a0 CR3: 000000003d6b7000 CR4: 0000000000350ef0 [ 127.306717] Call Trace: [ 127.306924] [ 127.307111] ? __pfx_perf_tp_event+0x10/0x10 [ 127.307474] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.307896] ? ret_from_fork_asm+0x1a/0x30 [ 127.308241] ? stack_trace_save+0x8e/0xc0 [ 127.308578] ? do_raw_spin_lock+0x123/0x260 [ 127.308925] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.309303] ? lock_acquire+0x18c/0x2f0 [ 127.309628] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.310002] ? lock_release+0x1c7/0x290 [ 127.310326] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.310727] perf_trace_run_bpf_submit+0xef/0x180 [ 127.311116] perf_trace_contention_begin+0x235/0x3e0 [ 127.311530] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.311978] ? lock_acquire+0xc5/0x2f0 [ 127.312292] ? lock_acquire+0x18c/0x2f0 [ 127.312616] trace_contention_begin+0xae/0x110 [ 127.312986] __mutex_lock+0x14b/0x1020 [ 127.313305] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.313668] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.314027] ? lock_release+0x1c7/0x290 [ 127.314345] ? __pfx___mutex_lock+0x10/0x10 [ 127.314699] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.315112] ? lock_acquire+0xc5/0x2f0 [ 127.315428] cfg80211_wiphy_work+0x7e/0x480 [ 127.315784] process_one_work+0x8e1/0x19c0 [ 127.316129] ? __pfx_process_one_work+0x10/0x10 [ 127.316503] ? move_linked_works+0x172/0x270 13:05:06 executing program 0: io_setup(0x572, &(0x7f0000000140)=0x0) io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 127.316992] ? assign_work+0x196/0x240 [ 127.317351] worker_thread+0x67e/0xe90 [ 127.317664] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.318085] ? __pfx_worker_thread+0x10/0x10 [ 127.318444] kthread+0x3c8/0x740 [ 127.318719] ? __pfx_kthread+0x10/0x10 [ 127.319031] ? ret_from_fork+0x23/0x430 [ 127.319355] ? lock_release+0xc8/0x290 [ 127.319680] ? __pfx_kthread+0x10/0x10 [ 127.319994] ret_from_fork+0x34b/0x430 [ 127.320315] ? __pfx_kthread+0x10/0x10 [ 127.320628] ret_from_fork_asm+0x1a/0x30 [ 127.320961] [ 127.321150] Modules linked in: [ 127.321518] ---[ end trace 0000000000000000 ]--- [ 127.321971] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.322354] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.323818] BUG: Bad page state in process kworker/u10:3 pfn:3a369 [ 127.323831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a369 [ 127.323842] flags: 0x100000000000000(node=0|zone=1) [ 127.323851] page_type: f9(unknown) [ 127.323862] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 127.323874] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.323882] page dumped because: nonzero mapcount [ 127.323887] Modules linked in: [ 127.323898] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.323919] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.323923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.323931] Workqueue: events_unbound cfg80211_wiphy_work [ 127.323943] Call Trace: [ 127.323947] [ 127.323951] dump_stack_lvl+0xfa/0x120 [ 127.323969] bad_page+0x8c/0x1c0 [ 127.323980] __free_frozen_pages+0xaf9/0xe10 [ 127.323997] ? rcu_core+0x7c3/0x1800 [ 127.324011] rcu_core+0x7c8/0x1800 [ 127.324028] ? __pfx_rcu_core+0x10/0x10 [ 127.324042] ? clockevents_program_event+0x135/0x360 [ 127.324058] ? tick_program_event+0xac/0x140 [ 127.324069] ? hrtimer_interrupt+0x652/0x830 [ 127.324081] handle_softirqs+0x1b1/0x770 [ 127.324102] __irq_exit_rcu+0xc4/0x100 [ 127.324120] irq_exit_rcu+0x9/0x20 [ 127.324129] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.324145] [ 127.324149] [ 127.324153] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.324167] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.324185] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.324197] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.324207] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.324215] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.324223] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.324231] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.324240] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.324251] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.324264] ? console_flush_all+0x8bd/0xb70 [ 127.324286] ? __pfx_console_flush_all+0x10/0x10 [ 127.324304] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.324321] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.324338] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.324350] console_unlock+0xc2/0x1f0 [ 127.324367] ? __pfx_console_unlock+0x10/0x10 [ 127.324384] ? do_raw_spin_unlock+0x53/0x220 [ 127.324401] ? _printk+0xbe/0xf0 [ 127.324415] vprintk_emit+0x3f6/0x630 [ 127.324434] ? __pfx_vprintk_emit+0x10/0x10 [ 127.324453] ? irq_work_queue+0x9c/0x100 [ 127.324471] _printk+0xbe/0xf0 [ 127.324484] ? __pfx__printk+0x10/0x10 [ 127.324501] ? _printk+0xbe/0xf0 [ 127.324513] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.324531] ? perf_tp_event+0x14b/0xe70 [ 127.324547] show_opcodes+0xb3/0xd0 [ 127.324567] show_iret_regs+0x31/0x60 [ 127.324587] __show_regs+0x2a/0x750 [ 127.324602] ? printk_percpu_data_ready+0x9/0x20 [ 127.324623] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.324638] oops_end+0x7d/0xe0 [ 127.324655] exc_general_protection+0x1a2/0x330 [ 127.324672] asm_exc_general_protection+0x26/0x30 [ 127.324683] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.324699] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.324710] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.324719] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.324726] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.324734] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.324742] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.324749] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.324760] ? perf_tp_event+0x167/0xe70 [ 127.324780] ? __pfx_perf_tp_event+0x10/0x10 [ 127.324798] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.324813] ? ret_from_fork_asm+0x1a/0x30 [ 127.324830] ? stack_trace_save+0x8e/0xc0 [ 127.324845] ? do_raw_spin_lock+0x123/0x260 [ 127.324861] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.324877] ? lock_acquire+0x18c/0x2f0 [ 127.324893] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.324909] ? lock_release+0x1c7/0x290 [ 127.324925] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.324942] perf_trace_run_bpf_submit+0xef/0x180 [ 127.324961] perf_trace_contention_begin+0x235/0x3e0 [ 127.324978] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.324994] ? lock_acquire+0xc5/0x2f0 [ 127.325007] ? lock_acquire+0x18c/0x2f0 [ 127.325022] trace_contention_begin+0xae/0x110 [ 127.325038] __mutex_lock+0x14b/0x1020 [ 127.325054] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.325066] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.325078] ? lock_release+0x1c7/0x290 [ 127.325093] ? __pfx___mutex_lock+0x10/0x10 [ 127.325110] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.325129] ? lock_acquire+0xc5/0x2f0 [ 127.325144] cfg80211_wiphy_work+0x7e/0x480 [ 127.325158] process_one_work+0x8e1/0x19c0 [ 127.325177] ? __pfx_process_one_work+0x10/0x10 [ 127.325193] ? move_linked_works+0x172/0x270 [ 127.325212] ? assign_work+0x196/0x240 [ 127.325227] worker_thread+0x67e/0xe90 [ 127.325242] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.325258] ? __pfx_worker_thread+0x10/0x10 [ 127.325275] kthread+0x3c8/0x740 [ 127.325290] ? __pfx_kthread+0x10/0x10 [ 127.325304] ? ret_from_fork+0x23/0x430 [ 127.325322] ? lock_release+0xc8/0x290 [ 127.325336] ? __pfx_kthread+0x10/0x10 [ 127.325350] ret_from_fork+0x34b/0x430 [ 127.325369] ? __pfx_kthread+0x10/0x10 [ 127.325382] ret_from_fork_asm+0x1a/0x30 [ 127.325403] [ 127.325425] BUG: Bad page state in process kworker/u10:3 pfn:3a36a [ 127.325435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a36a [ 127.325446] flags: 0x100000000000000(node=0|zone=1) [ 127.325455] page_type: f9(unknown) [ 127.325465] raw: 0100000000000000 0000000000000000 ffffea0000e8da90 0000000000000000 [ 127.325477] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.325485] page dumped because: nonzero mapcount [ 127.325490] Modules linked in: [ 127.325499] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.325520] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.325524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.325531] Workqueue: events_unbound cfg80211_wiphy_work [ 127.325544] Call Trace: [ 127.325548] [ 127.325553] dump_stack_lvl+0xfa/0x120 [ 127.325571] bad_page+0x8c/0x1c0 [ 127.325582] __free_frozen_pages+0xaf9/0xe10 [ 127.325600] ? rcu_core+0x7c3/0x1800 [ 127.325618] rcu_core+0x7c8/0x1800 [ 127.325634] ? __pfx_rcu_core+0x10/0x10 [ 127.325648] ? clockevents_program_event+0x135/0x360 [ 127.325664] ? tick_program_event+0xac/0x140 [ 127.325676] ? hrtimer_interrupt+0x652/0x830 [ 127.325687] handle_softirqs+0x1b1/0x770 [ 127.325708] __irq_exit_rcu+0xc4/0x100 [ 127.325726] irq_exit_rcu+0x9/0x20 [ 127.325736] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.325752] [ 127.325755] [ 127.325759] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.325772] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.325790] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.325801] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.325809] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.325817] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.325824] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.325831] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.325839] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.325850] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.325862] ? console_flush_all+0x8bd/0xb70 [ 127.325883] ? __pfx_console_flush_all+0x10/0x10 [ 127.325901] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.325918] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.325935] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.325949] console_unlock+0xc2/0x1f0 [ 127.325966] ? __pfx_console_unlock+0x10/0x10 [ 127.325985] ? do_raw_spin_unlock+0x53/0x220 [ 127.326002] ? _printk+0xbe/0xf0 [ 127.326016] vprintk_emit+0x3f6/0x630 [ 127.326034] ? __pfx_vprintk_emit+0x10/0x10 [ 127.326053] ? irq_work_queue+0x9c/0x100 [ 127.326069] _printk+0xbe/0xf0 [ 127.326082] ? __pfx__printk+0x10/0x10 [ 127.326097] ? _printk+0xbe/0xf0 [ 127.326109] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.326125] ? perf_tp_event+0x14b/0xe70 [ 127.326140] show_opcodes+0xb3/0xd0 [ 127.326160] show_iret_regs+0x31/0x60 [ 127.326178] __show_regs+0x2a/0x750 [ 127.326193] ? printk_percpu_data_ready+0x9/0x20 [ 127.326209] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.326224] oops_end+0x7d/0xe0 [ 127.326241] exc_general_protection+0x1a2/0x330 [ 127.326258] asm_exc_general_protection+0x26/0x30 [ 127.326270] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.326285] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.326296] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.326305] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.326312] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.326320] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.326328] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.326335] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.326346] ? perf_tp_event+0x167/0xe70 [ 127.326366] ? __pfx_perf_tp_event+0x10/0x10 [ 127.326385] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.326400] ? ret_from_fork_asm+0x1a/0x30 [ 127.326418] ? stack_trace_save+0x8e/0xc0 [ 127.326434] ? do_raw_spin_lock+0x123/0x260 [ 127.326450] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.326467] ? lock_acquire+0x18c/0x2f0 [ 127.326484] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.326499] ? lock_release+0x1c7/0x290 [ 127.326516] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.326533] perf_trace_run_bpf_submit+0xef/0x180 [ 127.326551] perf_trace_contention_begin+0x235/0x3e0 [ 127.326568] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.326584] ? lock_acquire+0xc5/0x2f0 [ 127.326599] ? lock_acquire+0x18c/0x2f0 [ 127.326614] trace_contention_begin+0xae/0x110 [ 127.326629] __mutex_lock+0x14b/0x1020 [ 127.326646] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.326658] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.326670] ? lock_release+0x1c7/0x290 [ 127.326684] ? __pfx___mutex_lock+0x10/0x10 [ 127.326701] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.326721] ? lock_acquire+0xc5/0x2f0 [ 127.326735] cfg80211_wiphy_work+0x7e/0x480 [ 127.326749] process_one_work+0x8e1/0x19c0 [ 127.326767] ? __pfx_process_one_work+0x10/0x10 [ 127.326781] ? move_linked_works+0x172/0x270 [ 127.326800] ? assign_work+0x196/0x240 [ 127.326814] worker_thread+0x67e/0xe90 [ 127.326829] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.326844] ? __pfx_worker_thread+0x10/0x10 [ 127.326860] kthread+0x3c8/0x740 [ 127.326873] ? __pfx_kthread+0x10/0x10 [ 127.326886] ? ret_from_fork+0x23/0x430 [ 127.326905] ? lock_release+0xc8/0x290 [ 127.326919] ? __pfx_kthread+0x10/0x10 [ 127.326932] ret_from_fork+0x34b/0x430 [ 127.326950] ? __pfx_kthread+0x10/0x10 [ 127.326963] ret_from_fork_asm+0x1a/0x30 [ 127.326983] [ 127.327003] BUG: Bad page state in process kworker/u10:3 pfn:3a36b [ 127.327011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a36b [ 127.327022] flags: 0x100000000000000(node=0|zone=1) [ 127.327030] page_type: f9(unknown) [ 127.327040] raw: 0100000000000000 0000000000000000 ffffea0000e8dac8 0000000000000000 [ 127.327051] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.327058] page dumped because: nonzero mapcount [ 127.327062] Modules linked in: [ 127.327071] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.327091] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.327095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.327102] Workqueue: events_unbound cfg80211_wiphy_work [ 127.327114] Call Trace: [ 127.327117] [ 127.327121] dump_stack_lvl+0xfa/0x120 [ 127.327139] bad_page+0x8c/0x1c0 [ 127.327151] __free_frozen_pages+0xaf9/0xe10 [ 127.327168] ? rcu_core+0x7c3/0x1800 [ 127.327183] rcu_core+0x7c8/0x1800 [ 127.327200] ? __pfx_rcu_core+0x10/0x10 [ 127.327215] ? clockevents_program_event+0x135/0x360 [ 127.327233] ? tick_program_event+0xac/0x140 [ 127.327245] ? hrtimer_interrupt+0x652/0x830 [ 127.327257] handle_softirqs+0x1b1/0x770 [ 127.327279] __irq_exit_rcu+0xc4/0x100 [ 127.327298] irq_exit_rcu+0x9/0x20 [ 127.327308] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.327325] [ 127.327329] [ 127.327333] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.327347] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.327365] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.327377] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.327387] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.327395] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.327402] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.327410] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.327419] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.327431] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.327443] ? console_flush_all+0x8bd/0xb70 [ 127.327472] ? __pfx_console_flush_all+0x10/0x10 [ 127.327490] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.327507] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.327524] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.327538] console_unlock+0xc2/0x1f0 [ 127.327555] ? __pfx_console_unlock+0x10/0x10 [ 127.327572] ? do_raw_spin_unlock+0x53/0x220 [ 127.327590] ? _printk+0xbe/0xf0 [ 127.327604] vprintk_emit+0x3f6/0x630 [ 127.327627] ? __pfx_vprintk_emit+0x10/0x10 [ 127.327645] ? irq_work_queue+0x9c/0x100 [ 127.327661] _printk+0xbe/0xf0 [ 127.327673] ? __pfx__printk+0x10/0x10 [ 127.327688] ? _printk+0xbe/0xf0 [ 127.327700] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.327716] ? perf_tp_event+0x14b/0xe70 [ 127.327731] show_opcodes+0xb3/0xd0 [ 127.327751] show_iret_regs+0x31/0x60 [ 127.327769] __show_regs+0x2a/0x750 [ 127.327783] ? printk_percpu_data_ready+0x9/0x20 [ 127.327799] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.327814] oops_end+0x7d/0xe0 [ 127.327831] exc_general_protection+0x1a2/0x330 [ 127.327848] asm_exc_general_protection+0x26/0x30 [ 127.327859] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.327875] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.327886] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.327894] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.327902] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.327910] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.327918] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.327925] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.327937] ? perf_tp_event+0x167/0xe70 [ 127.327958] ? __pfx_perf_tp_event+0x10/0x10 [ 127.327977] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.327993] ? ret_from_fork_asm+0x1a/0x30 [ 127.328011] ? stack_trace_save+0x8e/0xc0 [ 127.328027] ? do_raw_spin_lock+0x123/0x260 [ 127.328044] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.328059] ? lock_acquire+0x18c/0x2f0 [ 127.328075] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.328090] ? lock_release+0x1c7/0x290 [ 127.328106] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.328122] perf_trace_run_bpf_submit+0xef/0x180 [ 127.328140] perf_trace_contention_begin+0x235/0x3e0 [ 127.328156] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.328172] ? lock_acquire+0xc5/0x2f0 [ 127.328185] ? lock_acquire+0x18c/0x2f0 [ 127.328200] trace_contention_begin+0xae/0x110 [ 127.328215] __mutex_lock+0x14b/0x1020 [ 127.328232] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.328244] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.328256] ? lock_release+0x1c7/0x290 [ 127.328271] ? __pfx___mutex_lock+0x10/0x10 [ 127.328291] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.328312] ? lock_acquire+0xc5/0x2f0 [ 127.328326] cfg80211_wiphy_work+0x7e/0x480 [ 127.328339] process_one_work+0x8e1/0x19c0 [ 127.328357] ? __pfx_process_one_work+0x10/0x10 [ 127.328372] ? move_linked_works+0x172/0x270 [ 127.328391] ? assign_work+0x196/0x240 [ 127.328406] worker_thread+0x67e/0xe90 [ 127.328421] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.328436] ? __pfx_worker_thread+0x10/0x10 [ 127.328452] kthread+0x3c8/0x740 [ 127.328465] ? __pfx_kthread+0x10/0x10 [ 127.328478] ? ret_from_fork+0x23/0x430 [ 127.328497] ? lock_release+0xc8/0x290 [ 127.328511] ? __pfx_kthread+0x10/0x10 [ 127.328525] ret_from_fork+0x34b/0x430 [ 127.328543] ? __pfx_kthread+0x10/0x10 [ 127.328556] ret_from_fork_asm+0x1a/0x30 [ 127.328577] [ 127.328597] BUG: Bad page state in process kworker/u10:3 pfn:3a36c [ 127.328605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a36c [ 127.328629] flags: 0x100000000000000(node=0|zone=1) [ 127.328637] page_type: f9(unknown) [ 127.328647] raw: 0100000000000000 0000000000000000 ffffea0000e8db08 0000000000000000 [ 127.328658] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.328666] page dumped because: nonzero mapcount [ 127.328670] Modules linked in: [ 127.328680] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.328699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.328704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.328711] Workqueue: events_unbound cfg80211_wiphy_work [ 127.328722] Call Trace: [ 127.328726] [ 127.328730] dump_stack_lvl+0xfa/0x120 [ 127.328747] bad_page+0x8c/0x1c0 [ 127.328759] __free_frozen_pages+0xaf9/0xe10 [ 127.328775] ? rcu_core+0x7c3/0x1800 [ 127.328789] rcu_core+0x7c8/0x1800 [ 127.328806] ? __pfx_rcu_core+0x10/0x10 [ 127.328819] ? clockevents_program_event+0x135/0x360 [ 127.328836] ? tick_program_event+0xac/0x140 [ 127.328847] ? hrtimer_interrupt+0x652/0x830 [ 127.328859] handle_softirqs+0x1b1/0x770 [ 127.328880] __irq_exit_rcu+0xc4/0x100 [ 127.328898] irq_exit_rcu+0x9/0x20 [ 127.328909] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.328925] [ 127.328930] [ 127.328934] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.328948] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.328966] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.328979] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.328989] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.328997] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.329005] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.329013] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.329021] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.329033] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.329047] ? console_flush_all+0x8bd/0xb70 [ 127.329068] ? __pfx_console_flush_all+0x10/0x10 [ 127.329085] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.329101] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.329118] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.329131] console_unlock+0xc2/0x1f0 [ 127.329148] ? __pfx_console_unlock+0x10/0x10 [ 127.329166] ? do_raw_spin_unlock+0x53/0x220 [ 127.329183] ? _printk+0xbe/0xf0 [ 127.329198] vprintk_emit+0x3f6/0x630 [ 127.329217] ? __pfx_vprintk_emit+0x10/0x10 [ 127.329237] ? irq_work_queue+0x9c/0x100 [ 127.329254] _printk+0xbe/0xf0 [ 127.329267] ? __pfx__printk+0x10/0x10 [ 127.329283] ? _printk+0xbe/0xf0 [ 127.329296] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.329313] ? perf_tp_event+0x14b/0xe70 [ 127.329328] show_opcodes+0xb3/0xd0 [ 127.329349] show_iret_regs+0x31/0x60 [ 127.329368] __show_regs+0x2a/0x750 [ 127.329383] ? printk_percpu_data_ready+0x9/0x20 [ 127.329400] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.329415] oops_end+0x7d/0xe0 [ 127.329433] exc_general_protection+0x1a2/0x330 [ 127.329450] asm_exc_general_protection+0x26/0x30 [ 127.329462] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.329478] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.329490] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.329499] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.329507] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.329517] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.329526] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.329533] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.329544] ? perf_tp_event+0x167/0xe70 [ 127.329566] ? __pfx_perf_tp_event+0x10/0x10 [ 127.329585] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.329600] ? ret_from_fork_asm+0x1a/0x30 [ 127.329621] ? stack_trace_save+0x8e/0xc0 [ 127.329636] ? do_raw_spin_lock+0x123/0x260 [ 127.329652] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.329668] ? lock_acquire+0x18c/0x2f0 [ 127.329684] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.329698] ? lock_release+0x1c7/0x290 [ 127.329713] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.329729] perf_trace_run_bpf_submit+0xef/0x180 [ 127.329748] perf_trace_contention_begin+0x235/0x3e0 [ 127.329763] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.329779] ? lock_acquire+0xc5/0x2f0 [ 127.329792] ? lock_acquire+0x18c/0x2f0 [ 127.329807] trace_contention_begin+0xae/0x110 [ 127.329822] __mutex_lock+0x14b/0x1020 [ 127.329840] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.329852] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.329864] ? lock_release+0x1c7/0x290 [ 127.329879] ? __pfx___mutex_lock+0x10/0x10 [ 127.329897] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.329917] ? lock_acquire+0xc5/0x2f0 [ 127.329932] cfg80211_wiphy_work+0x7e/0x480 [ 127.329946] process_one_work+0x8e1/0x19c0 [ 127.329964] ? __pfx_process_one_work+0x10/0x10 [ 127.329978] ? move_linked_works+0x172/0x270 [ 127.329997] ? assign_work+0x196/0x240 [ 127.330012] worker_thread+0x67e/0xe90 [ 127.330026] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.330040] ? __pfx_worker_thread+0x10/0x10 [ 127.330055] kthread+0x3c8/0x740 [ 127.330067] ? __pfx_kthread+0x10/0x10 [ 127.330079] ? ret_from_fork+0x23/0x430 [ 127.330097] ? lock_release+0xc8/0x290 [ 127.330110] ? __pfx_kthread+0x10/0x10 [ 127.330123] ret_from_fork+0x34b/0x430 [ 127.330141] ? __pfx_kthread+0x10/0x10 [ 127.330153] ret_from_fork_asm+0x1a/0x30 [ 127.330174] [ 127.330192] BUG: Bad page state in process kworker/u10:3 pfn:3a36d [ 127.330199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a36d [ 127.330210] flags: 0x100000000000000(node=0|zone=1) [ 127.330218] page_type: f9(unknown) [ 127.330228] raw: 0100000000000000 0000000000000000 ffffea0000e8db48 0000000000000000 [ 127.330239] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.330245] page dumped because: nonzero mapcount [ 127.330250] Modules linked in: [ 127.330259] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.330279] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.330283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.330290] Workqueue: events_unbound cfg80211_wiphy_work [ 127.330301] Call Trace: [ 127.330305] [ 127.330309] dump_stack_lvl+0xfa/0x120 [ 127.330326] bad_page+0x8c/0x1c0 [ 127.330337] __free_frozen_pages+0xaf9/0xe10 [ 127.330354] ? rcu_core+0x7c3/0x1800 [ 127.330368] rcu_core+0x7c8/0x1800 [ 127.330385] ? __pfx_rcu_core+0x10/0x10 [ 127.330400] ? clockevents_program_event+0x135/0x360 [ 127.330417] ? tick_program_event+0xac/0x140 [ 127.330428] ? hrtimer_interrupt+0x652/0x830 [ 127.330441] handle_softirqs+0x1b1/0x770 [ 127.330463] __irq_exit_rcu+0xc4/0x100 [ 127.330481] irq_exit_rcu+0x9/0x20 [ 127.330492] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.330509] [ 127.330514] [ 127.330519] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.330532] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.330551] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.330563] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.330574] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.330582] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.330589] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.330596] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.330604] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.330619] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.330631] ? console_flush_all+0x8bd/0xb70 [ 127.330652] ? __pfx_console_flush_all+0x10/0x10 [ 127.330669] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.330685] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.330702] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.330715] console_unlock+0xc2/0x1f0 [ 127.330732] ? __pfx_console_unlock+0x10/0x10 [ 127.330749] ? do_raw_spin_unlock+0x53/0x220 [ 127.330765] ? _printk+0xbe/0xf0 [ 127.330780] vprintk_emit+0x3f6/0x630 [ 127.330798] ? __pfx_vprintk_emit+0x10/0x10 [ 127.330817] ? irq_work_queue+0x9c/0x100 [ 127.330834] _printk+0xbe/0xf0 [ 127.330847] ? __pfx__printk+0x10/0x10 [ 127.330863] ? _printk+0xbe/0xf0 [ 127.330876] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.330894] ? perf_tp_event+0x14b/0xe70 [ 127.330908] show_opcodes+0xb3/0xd0 [ 127.330929] show_iret_regs+0x31/0x60 [ 127.330947] __show_regs+0x2a/0x750 [ 127.330961] ? printk_percpu_data_ready+0x9/0x20 [ 127.330977] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.330992] oops_end+0x7d/0xe0 [ 127.331010] exc_general_protection+0x1a2/0x330 [ 127.331026] asm_exc_general_protection+0x26/0x30 [ 127.331038] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.331054] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.331064] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.331074] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.331082] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.331091] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.331099] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.331107] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.331120] ? perf_tp_event+0x167/0xe70 [ 127.331141] ? __pfx_perf_tp_event+0x10/0x10 [ 127.331160] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.331175] ? ret_from_fork_asm+0x1a/0x30 [ 127.331193] ? stack_trace_save+0x8e/0xc0 [ 127.331209] ? do_raw_spin_lock+0x123/0x260 [ 127.331225] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.331242] ? lock_acquire+0x18c/0x2f0 [ 127.331258] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.331274] ? lock_release+0x1c7/0x290 [ 127.331290] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.331306] perf_trace_run_bpf_submit+0xef/0x180 [ 127.331326] perf_trace_contention_begin+0x235/0x3e0 [ 127.331342] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.331358] ? lock_acquire+0xc5/0x2f0 [ 127.331372] ? lock_acquire+0x18c/0x2f0 [ 127.331388] trace_contention_begin+0xae/0x110 [ 127.331403] __mutex_lock+0x14b/0x1020 [ 127.331421] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.331433] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.331445] ? lock_release+0x1c7/0x290 [ 127.331466] ? __pfx___mutex_lock+0x10/0x10 [ 127.331485] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.331505] ? lock_acquire+0xc5/0x2f0 [ 127.331520] cfg80211_wiphy_work+0x7e/0x480 [ 127.331534] process_one_work+0x8e1/0x19c0 [ 127.331553] ? __pfx_process_one_work+0x10/0x10 [ 127.331568] ? move_linked_works+0x172/0x270 [ 127.331587] ? assign_work+0x196/0x240 [ 127.331602] worker_thread+0x67e/0xe90 [ 127.331617] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.331631] ? __pfx_worker_thread+0x10/0x10 [ 127.331647] kthread+0x3c8/0x740 [ 127.331659] ? __pfx_kthread+0x10/0x10 [ 127.331670] ? ret_from_fork+0x23/0x430 [ 127.331688] ? lock_release+0xc8/0x290 [ 127.331702] ? __pfx_kthread+0x10/0x10 [ 127.331715] ret_from_fork+0x34b/0x430 [ 127.331732] ? __pfx_kthread+0x10/0x10 [ 127.331744] ret_from_fork_asm+0x1a/0x30 [ 127.331765] [ 127.331783] BUG: Bad page state in process kworker/u10:3 pfn:3a36e [ 127.331791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a36e [ 127.331801] flags: 0x100000000000000(node=0|zone=1) [ 127.331810] page_type: f9(unknown) [ 127.331820] raw: 0100000000000000 0000000000000000 ffffea0000e8db88 0000000000000000 [ 127.331830] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.331837] page dumped because: nonzero mapcount [ 127.331842] Modules linked in: [ 127.331851] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.331870] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.331875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.331882] Workqueue: events_unbound cfg80211_wiphy_work [ 127.331893] Call Trace: [ 127.331897] [ 127.331901] dump_stack_lvl+0xfa/0x120 [ 127.331918] bad_page+0x8c/0x1c0 [ 127.331929] __free_frozen_pages+0xaf9/0xe10 [ 127.331946] ? rcu_core+0x7c3/0x1800 [ 127.331959] rcu_core+0x7c8/0x1800 [ 127.331976] ? __pfx_rcu_core+0x10/0x10 [ 127.331991] ? clockevents_program_event+0x135/0x360 [ 127.332008] ? tick_program_event+0xac/0x140 [ 127.332020] ? hrtimer_interrupt+0x652/0x830 [ 127.332032] handle_softirqs+0x1b1/0x770 [ 127.332054] __irq_exit_rcu+0xc4/0x100 [ 127.332073] irq_exit_rcu+0x9/0x20 [ 127.332084] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.332101] [ 127.332105] [ 127.332110] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.332124] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.332142] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.332154] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.332163] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.332171] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.332178] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.332185] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.332193] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.332204] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.332216] ? console_flush_all+0x8bd/0xb70 [ 127.332237] ? __pfx_console_flush_all+0x10/0x10 [ 127.332253] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.332270] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.332286] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.332299] console_unlock+0xc2/0x1f0 [ 127.332316] ? __pfx_console_unlock+0x10/0x10 [ 127.332332] ? do_raw_spin_unlock+0x53/0x220 [ 127.332349] ? _printk+0xbe/0xf0 [ 127.332363] vprintk_emit+0x3f6/0x630 [ 127.332381] ? __pfx_vprintk_emit+0x10/0x10 [ 127.332399] ? irq_work_queue+0x9c/0x100 [ 127.332415] _printk+0xbe/0xf0 [ 127.332428] ? __pfx__printk+0x10/0x10 [ 127.332442] ? _printk+0xbe/0xf0 [ 127.332455] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.332471] ? perf_tp_event+0x14b/0xe70 [ 127.332485] show_opcodes+0xb3/0xd0 [ 127.332505] show_iret_regs+0x31/0x60 [ 127.332523] __show_regs+0x2a/0x750 [ 127.332538] ? printk_percpu_data_ready+0x9/0x20 [ 127.332554] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.332569] oops_end+0x7d/0xe0 [ 127.332587] exc_general_protection+0x1a2/0x330 [ 127.332605] asm_exc_general_protection+0x26/0x30 [ 127.332621] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.332636] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.332647] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.332656] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.332663] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.332671] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.332679] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.332686] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.332697] ? perf_tp_event+0x167/0xe70 [ 127.332717] ? __pfx_perf_tp_event+0x10/0x10 [ 127.332735] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.332751] ? ret_from_fork_asm+0x1a/0x30 [ 127.332768] ? stack_trace_save+0x8e/0xc0 [ 127.332784] ? do_raw_spin_lock+0x123/0x260 [ 127.332801] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.332817] ? lock_acquire+0x18c/0x2f0 [ 127.332834] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.332849] ? lock_release+0x1c7/0x290 [ 127.332865] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.332883] perf_trace_run_bpf_submit+0xef/0x180 [ 127.332901] perf_trace_contention_begin+0x235/0x3e0 [ 127.332917] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.332933] ? lock_acquire+0xc5/0x2f0 [ 127.332947] ? lock_acquire+0x18c/0x2f0 [ 127.332963] trace_contention_begin+0xae/0x110 [ 127.332979] __mutex_lock+0x14b/0x1020 [ 127.332996] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.333008] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.333021] ? lock_release+0x1c7/0x290 [ 127.333036] ? __pfx___mutex_lock+0x10/0x10 [ 127.333054] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.333074] ? lock_acquire+0xc5/0x2f0 [ 127.333089] cfg80211_wiphy_work+0x7e/0x480 [ 127.333103] process_one_work+0x8e1/0x19c0 [ 127.333122] ? __pfx_process_one_work+0x10/0x10 [ 127.333137] ? move_linked_works+0x172/0x270 [ 127.333156] ? assign_work+0x196/0x240 [ 127.333171] worker_thread+0x67e/0xe90 [ 127.333186] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.333201] ? __pfx_worker_thread+0x10/0x10 [ 127.333216] kthread+0x3c8/0x740 [ 127.333230] ? __pfx_kthread+0x10/0x10 [ 127.333242] ? ret_from_fork+0x23/0x430 [ 127.333261] ? lock_release+0xc8/0x290 [ 127.333275] ? __pfx_kthread+0x10/0x10 [ 127.333289] ret_from_fork+0x34b/0x430 [ 127.333308] ? __pfx_kthread+0x10/0x10 [ 127.333321] ret_from_fork_asm+0x1a/0x30 [ 127.333342] [ 127.333361] BUG: Bad page state in process kworker/u10:3 pfn:3a36f [ 127.333370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a36f [ 127.333381] flags: 0x100000000000000(node=0|zone=1) [ 127.333389] page_type: f9(unknown) [ 127.333399] raw: 0100000000000000 0000000000000000 ffffea0000e8dbc8 0000000000000000 [ 127.333411] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.333419] page dumped because: nonzero mapcount [ 127.333424] Modules linked in: [ 127.333433] CPU: 1 UID: 0 PID: 184 Comm: kworker/u10:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.333453] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.333458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.333465] Workqueue: events_unbound cfg80211_wiphy_work [ 127.333477] Call Trace: [ 127.333481] [ 127.333486] dump_stack_lvl+0xfa/0x120 [ 127.333505] bad_page+0x8c/0x1c0 [ 127.333516] __free_frozen_pages+0xaf9/0xe10 [ 127.333534] ? rcu_core+0x7c3/0x1800 [ 127.333548] rcu_core+0x7c8/0x1800 [ 127.333566] ? __pfx_rcu_core+0x10/0x10 [ 127.333580] ? clockevents_program_event+0x135/0x360 [ 127.333598] ? tick_program_event+0xac/0x140 [ 127.333609] ? hrtimer_interrupt+0x652/0x830 [ 127.333625] handle_softirqs+0x1b1/0x770 [ 127.333646] __irq_exit_rcu+0xc4/0x100 [ 127.333664] irq_exit_rcu+0x9/0x20 [ 127.333674] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.333690] [ 127.333693] [ 127.333697] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.333710] RIP: 0010:console_flush_all+0x8c1/0xb70 [ 127.333727] Code: 01 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 0f 85 6c 02 00 00 49 89 6f 58 e9 3a ff ff ff e8 98 6e 1f 00 e8 83 b3 27 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 30 00 0f 84 19 ff ff ff 4c 89 ef e8 18 7e 5b [ 127.333738] RSP: 0018:ffff88800f8af150 EFLAGS: 00000246 [ 127.333747] RAX: ffffffff85f37a58 RBX: 0000000000000001 RCX: ffffffff817c2b86 [ 127.333755] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff815478ed [ 127.333762] RBP: 0000000000000200 R08: 0000000000000000 R09: 0000000000000000 [ 127.333769] R10: ffffffff8643ac57 R11: 0000000065646f43 R12: 0000000000000000 [ 127.333776] R13: ffffffff85f37a58 R14: dffffc0000000000 R15: ffffffff85f37a00 [ 127.333787] ? trace_irq_enable.constprop.0+0x26/0x100 [ 127.333799] ? console_flush_all+0x8bd/0xb70 [ 127.333820] ? __pfx_console_flush_all+0x10/0x10 [ 127.333836] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.333853] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.333869] ? is_printk_cpu_sync_owner+0x32/0x40 [ 127.333882] console_unlock+0xc2/0x1f0 [ 127.333898] ? __pfx_console_unlock+0x10/0x10 [ 127.333915] ? do_raw_spin_unlock+0x53/0x220 [ 127.333932] ? _printk+0xbe/0xf0 [ 127.333946] vprintk_emit+0x3f6/0x630 [ 127.333964] ? __pfx_vprintk_emit+0x10/0x10 [ 127.333982] ? irq_work_queue+0x9c/0x100 [ 127.333998] _printk+0xbe/0xf0 [ 127.334010] ? __pfx__printk+0x10/0x10 [ 127.334025] ? _printk+0xbe/0xf0 [ 127.334038] ? copy_from_kernel_nofault_allowed+0xc7/0x100 [ 127.334053] ? perf_tp_event+0x14b/0xe70 [ 127.334069] show_opcodes+0xb3/0xd0 [ 127.334089] show_iret_regs+0x31/0x60 [ 127.334108] __show_regs+0x2a/0x750 [ 127.334123] ? printk_percpu_data_ready+0x9/0x20 [ 127.334140] ? nbcon_get_cpu_emergency_nesting+0x3c/0x50 [ 127.334156] oops_end+0x7d/0xe0 [ 127.334173] exc_general_protection+0x1a2/0x330 [ 127.334192] asm_exc_general_protection+0x26/0x30 [ 127.334204] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.334221] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.334233] RSP: 0018:ffff88800f8af700 EFLAGS: 00010213 [ 127.334244] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.334252] RDX: ffff88800f5e0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.334260] RBP: ffff88800f8af970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.334268] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.334275] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.334286] ? perf_tp_event+0x167/0xe70 [ 127.334306] ? __pfx_perf_tp_event+0x10/0x10 [ 127.334325] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.334339] ? ret_from_fork_asm+0x1a/0x30 [ 127.334357] ? stack_trace_save+0x8e/0xc0 [ 127.334372] ? do_raw_spin_lock+0x123/0x260 [ 127.334388] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.334404] ? lock_acquire+0x18c/0x2f0 [ 127.334419] ? _raw_spin_lock_irqsave+0x42/0x60 [ 127.334434] ? lock_release+0x1c7/0x290 [ 127.334450] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.334466] perf_trace_run_bpf_submit+0xef/0x180 [ 127.334484] perf_trace_contention_begin+0x235/0x3e0 [ 127.334500] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.334516] ? lock_acquire+0xc5/0x2f0 [ 127.334530] ? lock_acquire+0x18c/0x2f0 [ 127.334545] trace_contention_begin+0xae/0x110 [ 127.334560] __mutex_lock+0x14b/0x1020 [ 127.334577] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.334588] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.334600] ? lock_release+0x1c7/0x290 [ 127.334614] ? __pfx___mutex_lock+0x10/0x10 [ 127.334631] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.334651] ? lock_acquire+0xc5/0x2f0 [ 127.334665] cfg80211_wiphy_work+0x7e/0x480 [ 127.334678] process_one_work+0x8e1/0x19c0 [ 127.334697] ? __pfx_process_one_work+0x10/0x10 [ 127.334712] ? move_linked_works+0x172/0x270 [ 127.334731] ? assign_work+0x196/0x240 [ 127.334746] worker_thread+0x67e/0xe90 [ 127.334761] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.334776] ? __pfx_worker_thread+0x10/0x10 [ 127.334792] kthread+0x3c8/0x740 [ 127.334805] ? __pfx_kthread+0x10/0x10 [ 127.334818] ? ret_from_fork+0x23/0x430 [ 127.334837] ? lock_release+0xc8/0x290 [ 127.334852] ? __pfx_kthread+0x10/0x10 [ 127.334865] ret_from_fork+0x34b/0x430 [ 127.334883] ? __pfx_kthread+0x10/0x10 [ 127.334897] ret_from_fork_asm+0x1a/0x30 [ 127.334918] [ 127.669373] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 127.669821] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 127.670389] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.670970] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.671541] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 127.672129] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.672721] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.673365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.673851] CR2: 00007f7f350147a0 CR3: 000000003d6b7000 CR4: 0000000000350ef0 [ 127.674421] note: kworker/u10:3[184] exited with preempt_count 2 [ 127.676238] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#11] SMP KASAN NOPTI [ 127.677135] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 127.677819] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.678759] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.679160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.679814] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.680196] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.681621] RSP: 0018:ffff88801772f6c0 EFLAGS: 00010213 [ 127.682046] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.682608] RDX: ffff888018cb0000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.683172] RBP: ffff88801772f930 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.683741] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.684306] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.684873] FS: 000055557e45d400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.685507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.685969] CR2: 00007fced0a60019 CR3: 000000001733a000 CR4: 0000000000350ef0 [ 127.686534] Call Trace: [ 127.686741] [ 127.686927] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.687348] ? __pfx_perf_tp_event+0x10/0x10 [ 127.687717] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.688105] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.688493] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.688883] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.689302] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.689727] ? lock_acquire+0xc5/0x2f0 [ 127.690042] ? lock_acquire+0x18c/0x2f0 [ 127.690364] ? lock_acquire+0xc5/0x2f0 [ 127.690681] ? lock_acquire+0x18c/0x2f0 [ 127.691005] ? lock_acquire+0x18c/0x2f0 [ 127.691329] ? lock_release+0x1c7/0x290 [ 127.691657] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.692062] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.692449] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 127.692886] ? __kernel_text_address+0xd/0x40 [ 127.693250] perf_trace_run_bpf_submit+0xef/0x180 [ 127.693641] perf_trace_contention_begin+0x235/0x3e0 [ 127.694053] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.694499] ? lock_acquire+0xc5/0x2f0 [ 127.694816] ? lock_acquire+0x18c/0x2f0 [ 127.695136] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.695531] trace_contention_begin+0xae/0x110 [ 127.695900] __mutex_lock+0x14b/0x1020 [ 127.696219] ? __set_oom_adj.isra.0+0x68/0xf40 [ 127.696590] ? __set_oom_adj.isra.0+0x68/0xf40 [ 127.696959] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.697378] ? do_sys_openat2+0x13c/0x1b0 [ 127.697714] ? __x64_sys_openat+0x142/0x200 [ 127.698062] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.698493] ? __pfx___mutex_lock+0x10/0x10 [ 127.698846] ? lock_acquire+0xc5/0x2f0 [ 127.699160] ? lock_acquire+0x18c/0x2f0 [ 127.699487] ? lock_acquire+0xc5/0x2f0 [ 127.699801] ? lock_release+0x1c7/0x290 [ 127.700132] __set_oom_adj.isra.0+0x68/0xf40 [ 127.700495] oom_score_adj_write+0x1ba/0x200 [ 127.700854] ? __pfx_oom_score_adj_write+0x10/0x10 [ 127.701249] ? lock_acquire+0xc5/0x2f0 [ 127.701565] ? lock_acquire+0x18c/0x2f0 [ 127.701889] ? security_file_permission+0x22/0x90 [ 127.702283] vfs_write+0x2b7/0x1150 [ 127.702579] ? __pfx_oom_score_adj_write+0x10/0x10 [ 127.702975] ? __pfx_vfs_write+0x10/0x10 [ 127.703299] ? putname+0x3c/0x50 [ 127.703585] ? do_sys_openat2+0x141/0x1b0 [ 127.703920] ? __pfx_do_sys_openat2+0x10/0x10 [ 127.704288] ? putname.part.0+0x11b/0x160 [ 127.704627] ksys_write+0x121/0x240 [ 127.704921] ? __pfx_ksys_write+0x10/0x10 [ 127.705253] do_syscall_64+0xbf/0x360 [ 127.705560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.705969] RIP: 0033:0x7fced09b85ff [ 127.706274] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 127.707715] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.708315] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.708885] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.709451] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.710013] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.710573] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.711137] [ 127.711328] Modules linked in: [ 127.712254] ---[ end trace 0000000000000000 ]--- [ 127.713146] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.713536] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.715055] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 127.715491] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 127.716074] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.716652] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.717215] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 127.717791] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.718358] FS: 000055557e45d400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.719009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.719477] CR2: 00007fced0a60019 CR3: 000000001733a000 CR4: 0000000000350ef0 [ 127.720062] note: syz-executor.0[3952] exited with preempt_count 2 [ 127.720615] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#12] SMP KASAN NOPTI [ 127.721503] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 127.722190] CPU: 1 UID: 0 PID: 3956 Comm: journal-offline Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.723136] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.723536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.724186] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.724562] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.725998] RSP: 0018:ffff888046fe7880 EFLAGS: 00010213 [ 127.726418] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.726979] RDX: ffff8880167a1b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.727546] RBP: ffff888046fe7af0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.728110] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.728689] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.729274] FS: 00007f39bef0f700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.729928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.730402] CR2: 00007fced0a60019 CR3: 000000000f371000 CR4: 0000000000350ef0 [ 127.730978] Call Trace: [ 127.731195] [ 127.731389] ? __pfx_perf_tp_event+0x10/0x10 [ 127.731769] ? zap_page_range_single_batched+0x384/0x5a0 [ 127.732219] ? __pfx_zap_page_range_single_batched+0x10/0x10 [ 127.732693] ? mtree_range_walk+0x74a/0xb90 [ 127.733052] ? madvise_vma_behavior+0x738/0x25d0 [ 127.733445] ? blk_mq_flush_plug_list+0x13e/0x5b0 [ 127.733849] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 127.734270] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 127.734697] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.735114] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.735525] perf_trace_run_bpf_submit+0xef/0x180 [ 127.735928] perf_trace_contention_begin+0x235/0x3e0 [ 127.736340] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.736802] ? lock_acquire+0xc5/0x2f0 [ 127.737125] ? lock_acquire+0x18c/0x2f0 [ 127.737456] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.737892] trace_contention_begin+0xae/0x110 [ 127.738273] __mutex_lock+0x14b/0x1020 [ 127.738599] ? perf_event_exit_task+0x46/0x510 [ 127.738982] ? perf_event_exit_task+0x46/0x510 [ 127.739370] ? do_raw_spin_lock+0x123/0x260 [ 127.739726] ? lock_acquire+0x18c/0x2f0 [ 127.740058] ? __pfx___mutex_lock+0x10/0x10 [ 127.740421] ? _raw_spin_unlock_irq+0x23/0x40 [ 127.740795] ? lock_release+0x1c7/0x290 [ 127.741125] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.741559] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 127.741978] ? taskstats_exit+0x8c/0xba0 [ 127.742323] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.742712] perf_event_exit_task+0x46/0x510 [ 127.743087] do_exit+0x626/0x2970 [ 127.743380] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 127.743867] ? __pfx_do_exit+0x10/0x10 [ 127.744199] ? __secure_computing+0x18d/0x290 [ 127.744581] __x64_sys_exit+0x42/0x50 [ 127.744899] x64_sys_call+0x18ca/0x18d0 [ 127.745228] do_syscall_64+0xbf/0x360 [ 127.745551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.745973] RIP: 0033:0x7f39bff15f56 [ 127.746271] Code: 00 00 0f 84 3d 01 00 00 48 8b 44 24 08 f6 80 08 03 00 00 40 0f 85 41 01 00 00 ba 3c 00 00 00 0f 1f 44 00 00 31 ff 89 d0 0f 05 f8 ff d0 48 98 e9 46 ff ff ff 48 8b 44 24 08 45 31 d2 ba 01 00 [ 127.747710] RSP: 002b:00007f39bef0ed40 EFLAGS: 00000246 ORIG_RAX: 000000000000003c [ 127.748302] RAX: ffffffffffffffda RBX: 00007f39bef0f700 RCX: 00007f39bff15f56 [ 127.748879] RDX: 000000000000003c RSI: 00000000007fb000 RDI: 0000000000000000 [ 127.749454] RBP: 00007f39be70f000 R08: 00007f39bef0f700 R09: 00007f39bef0f700 [ 127.750038] R10: 0000000000000014 R11: 0000000000000246 R12: 00007ffc87d17b4e [ 127.750597] R13: 00007ffc87d17b4f R14: 00007f39bef0ee00 R15: 000055c839de8310 [ 127.751158] [ 127.751348] Modules linked in: [ 127.751650] ---[ end trace 0000000000000000 ]--- [ 127.752023] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.752396] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.754023] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 127.754458] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 127.755158] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.755817] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.756388] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 127.757042] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.757684] FS: 00007f39bef0f700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.758339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.758893] CR2: 00007fced0a60019 CR3: 000000000f371000 CR4: 0000000000350ef0 [ 127.759479] note: journal-offline[3956] exited with preempt_count 2 [ 127.760041] Fixing recursive fault but reboot is needed! [ 127.760471] BUG: scheduling while atomic: journal-offline/3956/0x00000000 [ 127.761038] INFO: lockdep is turned off. [ 127.761362] Modules linked in: [ 127.761640] CPU: 1 UID: 0 PID: 3956 Comm: journal-offline Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.761659] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.761664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.761670] Call Trace: [ 127.761673] [ 127.761677] dump_stack_lvl+0xfa/0x120 [ 127.761694] __schedule_bug+0xb9/0x100 [ 127.761706] __schedule+0x24f3/0x3590 [ 127.761719] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.761733] ? __pfx_vprintk_emit+0x10/0x10 [ 127.761749] ? perf_event_exit_task+0x46/0x510 [ 127.761765] ? __pfx___schedule+0x10/0x10 [ 127.761779] ? do_raw_spin_lock+0x123/0x260 [ 127.761794] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 127.761808] ? lock_acquire+0x18c/0x2f0 [ 127.761821] ? __pfx_do_exit+0x10/0x10 [ 127.761833] ? lock_release+0x1c7/0x290 [ 127.761846] ? do_task_dead+0x3e/0x110 [ 127.761859] do_task_dead+0xdc/0x110 [ 127.761872] make_task_dead+0x373/0x3b0 [ 127.761884] ? do_syscall_64+0xbf/0x360 [ 127.761894] rewind_stack_and_make_dead+0x16/0x20 [ 127.761909] RIP: 0033:0x7f39bff15f56 [ 127.761917] Code: 00 00 0f 84 3d 01 00 00 48 8b 44 24 08 f6 80 08 03 00 00 40 0f 85 41 01 00 00 ba 3c 00 00 00 0f 1f 44 00 00 31 ff 89 d0 0f 05 f8 ff d0 48 98 e9 46 ff ff ff 48 8b 44 24 08 45 31 d2 ba 01 00 [ 127.761928] RSP: 002b:00007f39bef0ed40 EFLAGS: 00000246 ORIG_RAX: 000000000000003c [ 127.761938] RAX: ffffffffffffffda RBX: 00007f39bef0f700 RCX: 00007f39bff15f56 [ 127.761945] RDX: 000000000000003c RSI: 00000000007fb000 RDI: 0000000000000000 [ 127.761951] RBP: 00007f39be70f000 R08: 00007f39bef0f700 R09: 00007f39bef0f700 [ 127.761959] R10: 0000000000000014 R11: 0000000000000246 R12: 00007ffc87d17b4e [ 127.761965] R13: 00007ffc87d17b4f R14: 00007f39bef0ee00 R15: 000055c839de8310 [ 127.761978] [ 127.762008] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#13] SMP KASAN NOPTI [ 127.776403] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 127.777106] CPU: 1 UID: 0 PID: 57 Comm: kworker/u10:2 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.778063] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.778471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.779140] Workqueue: events_unbound cfg80211_wiphy_work [ 127.779594] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.779980] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.781441] RSP: 0018:ffff88800a587700 EFLAGS: 00010213 [ 127.781871] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 127.782446] RDX: ffff88800a5f9b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.783023] RBP: ffff88800a587970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.783602] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 127.784183] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.784759] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.785399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.785875] CR2: 00007fced0a60019 CR3: 000000000f371000 CR4: 0000000000350ef0 [ 127.786456] Call Trace: [ 127.786668] [ 127.786860] ? __pfx_perf_tp_event+0x10/0x10 [ 127.787235] ? kvm_sched_clock_read+0x16/0x30 [ 127.787607] ? sched_clock+0x37/0x60 [ 127.787917] ? sched_clock_cpu+0x6c/0x4e0 [ 127.788263] ? __pfx_sched_clock_cpu+0x10/0x10 [ 127.788629] ? do_raw_spin_lock+0x123/0x260 [ 127.788987] ? need_active_balance+0x1ee/0x6a0 [ 127.789371] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.789774] ? sched_balance_rq+0x1690/0x29a0 [ 127.790151] ? sched_clock+0x37/0x60 [ 127.790470] ? perf_trace_lock_acquire+0xc9/0x700 [ 127.790872] ? perf_trace_run_bpf_submit+0xef/0x180 [ 127.791284] perf_trace_run_bpf_submit+0xef/0x180 [ 127.791687] perf_trace_contention_begin+0x235/0x3e0 [ 127.792094] ? trace_pelt_cfs_tp+0xdf/0x130 [ 127.792445] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 127.792896] ? lock_acquire+0xc5/0x2f0 [ 127.793219] ? lock_acquire+0x18c/0x2f0 [ 127.793552] trace_contention_begin+0xae/0x110 [ 127.793931] __mutex_lock+0x14b/0x1020 [ 127.794255] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.794629] ? cfg80211_wiphy_work+0x7e/0x480 [ 127.795002] ? lock_release+0x1c7/0x290 [ 127.795328] ? __pfx___mutex_lock+0x10/0x10 [ 127.795692] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 127.796111] ? __call_rcu_common.constprop.0+0x4c1/0x960 [ 127.796555] ? lock_acquire+0xc5/0x2f0 [ 127.796878] cfg80211_wiphy_work+0x7e/0x480 [ 127.797232] process_one_work+0x8e1/0x19c0 [ 127.797586] ? __pfx_process_one_work+0x10/0x10 [ 127.797976] ? move_linked_works+0x172/0x270 [ 127.798347] ? assign_work+0x196/0x240 [ 127.798663] worker_thread+0x67e/0xe90 [ 127.798988] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 127.799414] ? __pfx_worker_thread+0x10/0x10 [ 127.799783] kthread+0x3c8/0x740 [ 127.800065] ? __pfx_kthread+0x10/0x10 [ 127.800384] ? ret_from_fork+0x23/0x430 [ 127.800719] ? lock_release+0xc8/0x290 [ 127.801043] ? __pfx_kthread+0x10/0x10 [ 127.801370] ret_from_fork+0x34b/0x430 [ 127.801697] ? __pfx_kthread+0x10/0x10 [ 127.802014] ret_from_fork_asm+0x1a/0x30 [ 127.802356] [ 127.802552] Modules linked in: [ 127.803402] ---[ end trace 0000000000000000 ]--- [ 127.804178] RIP: 0010:perf_tp_event+0x175/0xe70 [ 127.804576] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 127.806033] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 127.806473] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 127.807079] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 127.807685] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 127.808262] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 127.808924] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 127.809510] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 127.810228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.810805] CR2: 00007fced0a60019 CR3: 000000000f371000 CR4: 0000000000350ef0 [ 127.811390] note: kworker/u10:2[57] exited with preempt_count 2 [ 127.813738] BUG: Bad page state in process syz-executor.0 pfn:46fe1 [ 127.814260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe1 [ 127.814925] flags: 0x100000000000000(node=0|zone=1) [ 127.815337] page_type: f9(unknown) [ 127.815658] raw: 0100000000000000 ffffea00011bf848 ffffea00011bf848 0000000000000000 [ 127.816306] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.816948] page dumped because: nonzero mapcount [ 127.817344] Modules linked in: [ 127.817614] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.817640] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.817645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.817652] Call Trace: [ 127.817657] [ 127.817661] dump_stack_lvl+0xfa/0x120 [ 127.817681] bad_page+0x8c/0x1c0 [ 127.817694] __free_frozen_pages+0xaf9/0xe10 [ 127.817712] ? rcu_core+0x7c3/0x1800 [ 127.817727] rcu_core+0x7c8/0x1800 [ 127.817745] ? __pfx_rcu_core+0x10/0x10 [ 127.817760] ? clockevents_program_event+0x135/0x360 [ 127.817778] ? tick_program_event+0xac/0x140 [ 127.817790] ? hrtimer_interrupt+0x652/0x830 [ 127.817803] handle_softirqs+0x1b1/0x770 [ 127.817826] __irq_exit_rcu+0xc4/0x100 [ 127.817845] irq_exit_rcu+0x9/0x20 [ 127.817856] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.817873] [ 127.817877] [ 127.817882] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.817896] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.817912] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.817925] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.817935] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.817943] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.817951] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.817959] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.817967] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.817979] ? unmap_page_range+0xc2c/0x36d0 [ 127.817998] unmap_page_range+0xc2c/0x36d0 [ 127.818022] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.818038] ? __pfx_unmap_page_range+0x10/0x10 [ 127.818056] ? mas_next_slot+0x13cc/0x1ac0 [ 127.818078] ? uprobe_munmap+0x20/0x600 [ 127.818094] unmap_single_vma.constprop.0+0x153/0x230 [ 127.818114] unmap_vmas+0x1d6/0x430 [ 127.818132] ? __pfx_unmap_vmas+0x10/0x10 [ 127.818149] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.818172] exit_mmap+0x181/0xaa0 [ 127.818190] ? __pfx_exit_mmap+0x10/0x10 [ 127.818207] ? __mutex_lock+0x166/0x1020 [ 127.818228] ? __pfx___mutex_lock+0x10/0x10 [ 127.818251] ? do_raw_spin_lock+0x123/0x260 [ 127.818268] ? arch_uprobe_clear_state+0x16/0x140 [ 127.818288] mmput+0xd5/0x390 [ 127.818307] do_exit+0x79d/0x2970 [ 127.818322] ? _printk+0xbe/0xf0 [ 127.818335] ? __pfx__printk+0x10/0x10 [ 127.818351] ? __pfx_do_exit+0x10/0x10 [ 127.818365] ? __pfx_ksys_write+0x10/0x10 [ 127.818381] make_task_dead+0x174/0x3b0 [ 127.818395] ? do_syscall_64+0xbf/0x360 [ 127.818407] rewind_stack_and_make_dead+0x16/0x20 [ 127.818424] RIP: 0033:0x7fced09b85ff [ 127.818433] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.818438] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.818450] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.818458] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.818466] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.818473] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.818481] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.818494] [ 127.843825] BUG: Bad page state in process syz-executor.0 pfn:46fe2 [ 127.844346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe2 [ 127.845022] flags: 0x100000000000000(node=0|zone=1) [ 127.845431] page_type: f9(unknown) [ 127.845747] raw: 0100000000000000 ffffea00011bf888 ffffea00011bf888 0000000000000000 [ 127.846405] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.847054] page dumped because: nonzero mapcount [ 127.847453] Modules linked in: [ 127.847760] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.847784] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.847789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.847796] Call Trace: [ 127.847800] [ 127.847805] dump_stack_lvl+0xfa/0x120 [ 127.847825] bad_page+0x8c/0x1c0 [ 127.847838] __free_frozen_pages+0xaf9/0xe10 [ 127.847857] ? rcu_core+0x7c3/0x1800 [ 127.847872] rcu_core+0x7c8/0x1800 [ 127.847890] ? __pfx_rcu_core+0x10/0x10 [ 127.847906] ? clockevents_program_event+0x135/0x360 [ 127.847925] ? tick_program_event+0xac/0x140 [ 127.847938] ? hrtimer_interrupt+0x652/0x830 [ 127.847950] handle_softirqs+0x1b1/0x770 [ 127.847974] __irq_exit_rcu+0xc4/0x100 [ 127.847995] irq_exit_rcu+0x9/0x20 [ 127.848005] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.848024] [ 127.848028] [ 127.848032] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.848047] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.848064] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.848076] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.848088] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.848098] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.848106] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.848114] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.848122] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.848136] ? unmap_page_range+0xc2c/0x36d0 [ 127.848155] unmap_page_range+0xc2c/0x36d0 [ 127.848180] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.848199] ? __pfx_unmap_page_range+0x10/0x10 [ 127.848216] ? mas_next_slot+0x13cc/0x1ac0 [ 127.848239] ? uprobe_munmap+0x20/0x600 [ 127.848256] unmap_single_vma.constprop.0+0x153/0x230 [ 127.848277] unmap_vmas+0x1d6/0x430 [ 127.848295] ? __pfx_unmap_vmas+0x10/0x10 [ 127.848312] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.848335] exit_mmap+0x181/0xaa0 [ 127.848355] ? __pfx_exit_mmap+0x10/0x10 [ 127.848372] ? __mutex_lock+0x166/0x1020 [ 127.848393] ? __pfx___mutex_lock+0x10/0x10 [ 127.848417] ? do_raw_spin_lock+0x123/0x260 [ 127.848435] ? arch_uprobe_clear_state+0x16/0x140 [ 127.848456] mmput+0xd5/0x390 [ 127.848476] do_exit+0x79d/0x2970 [ 127.848492] ? _printk+0xbe/0xf0 [ 127.848505] ? __pfx__printk+0x10/0x10 [ 127.848521] ? __pfx_do_exit+0x10/0x10 [ 127.848535] ? __pfx_ksys_write+0x10/0x10 [ 127.848551] make_task_dead+0x174/0x3b0 [ 127.848565] ? do_syscall_64+0xbf/0x360 [ 127.848577] rewind_stack_and_make_dead+0x16/0x20 [ 127.848594] RIP: 0033:0x7fced09b85ff [ 127.848603] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.848608] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.848623] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.848632] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.848639] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.848647] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.848655] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.848668] [ 127.873659] BUG: Bad page state in process syz-executor.0 pfn:46fe3 [ 127.874178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe3 [ 127.874846] flags: 0x100000000000000(node=0|zone=1) [ 127.875268] page_type: f9(unknown) [ 127.875573] raw: 0100000000000000 ffffea00011bf8c8 ffffea00011bf8c8 0000000000000000 [ 127.876248] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.876899] page dumped because: nonzero mapcount [ 127.877307] Modules linked in: [ 127.877581] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.877603] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.877608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.877615] Call Trace: [ 127.877622] [ 127.877627] dump_stack_lvl+0xfa/0x120 [ 127.877646] bad_page+0x8c/0x1c0 [ 127.877658] __free_frozen_pages+0xaf9/0xe10 [ 127.877677] ? rcu_core+0x7c3/0x1800 [ 127.877691] rcu_core+0x7c8/0x1800 [ 127.877709] ? __pfx_rcu_core+0x10/0x10 [ 127.877724] ? clockevents_program_event+0x135/0x360 [ 127.877742] ? tick_program_event+0xac/0x140 [ 127.877754] ? hrtimer_interrupt+0x652/0x830 [ 127.877767] handle_softirqs+0x1b1/0x770 [ 127.877789] __irq_exit_rcu+0xc4/0x100 [ 127.877808] irq_exit_rcu+0x9/0x20 [ 127.877819] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.877836] [ 127.877840] [ 127.877845] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.877858] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.877875] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.877887] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.877896] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.877905] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.877916] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.877924] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.877932] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.877944] ? unmap_page_range+0xc2c/0x36d0 [ 127.877962] unmap_page_range+0xc2c/0x36d0 [ 127.877986] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.878003] ? __pfx_unmap_page_range+0x10/0x10 [ 127.878020] ? mas_next_slot+0x13cc/0x1ac0 [ 127.878042] ? uprobe_munmap+0x20/0x600 [ 127.878059] unmap_single_vma.constprop.0+0x153/0x230 [ 127.878078] unmap_vmas+0x1d6/0x430 [ 127.878096] ? __pfx_unmap_vmas+0x10/0x10 [ 127.878113] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.878136] exit_mmap+0x181/0xaa0 [ 127.878154] ? __pfx_exit_mmap+0x10/0x10 [ 127.878171] ? __mutex_lock+0x166/0x1020 [ 127.878192] ? __pfx___mutex_lock+0x10/0x10 [ 127.878215] ? do_raw_spin_lock+0x123/0x260 [ 127.878232] ? arch_uprobe_clear_state+0x16/0x140 [ 127.878252] mmput+0xd5/0x390 [ 127.878272] do_exit+0x79d/0x2970 [ 127.878286] ? _printk+0xbe/0xf0 [ 127.878300] ? __pfx__printk+0x10/0x10 [ 127.878315] ? __pfx_do_exit+0x10/0x10 [ 127.878332] ? __pfx_ksys_write+0x10/0x10 [ 127.878350] make_task_dead+0x174/0x3b0 [ 127.878365] ? do_syscall_64+0xbf/0x360 [ 127.878377] rewind_stack_and_make_dead+0x16/0x20 [ 127.878394] RIP: 0033:0x7fced09b85ff [ 127.878403] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.878408] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.878420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.878428] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.878435] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.878443] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.878451] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.878464] [ 127.903754] BUG: Bad page state in process syz-executor.0 pfn:46fe4 [ 127.904288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe4 [ 127.904954] flags: 0x100000000000000(node=0|zone=1) [ 127.905367] page_type: f9(unknown) [ 127.905698] raw: 0100000000000000 ffffea00011bf908 ffffea00011bf908 0000000000000000 [ 127.906343] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.906995] page dumped because: nonzero mapcount [ 127.907401] Modules linked in: [ 127.907706] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.907728] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.907733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.907740] Call Trace: [ 127.907744] [ 127.907749] dump_stack_lvl+0xfa/0x120 [ 127.907768] bad_page+0x8c/0x1c0 [ 127.907780] __free_frozen_pages+0xaf9/0xe10 [ 127.907799] ? rcu_core+0x7c3/0x1800 [ 127.907813] rcu_core+0x7c8/0x1800 [ 127.907832] ? __pfx_rcu_core+0x10/0x10 [ 127.907847] ? clockevents_program_event+0x135/0x360 [ 127.907866] ? tick_program_event+0xac/0x140 [ 127.907880] ? hrtimer_interrupt+0x652/0x830 [ 127.907894] handle_softirqs+0x1b1/0x770 [ 127.907916] __irq_exit_rcu+0xc4/0x100 [ 127.907937] irq_exit_rcu+0x9/0x20 [ 127.907947] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.907967] [ 127.907970] [ 127.907975] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.907989] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.908007] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.908019] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.908029] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.908039] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.908048] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.908055] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.908064] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.908076] ? unmap_page_range+0xc2c/0x36d0 [ 127.908094] unmap_page_range+0xc2c/0x36d0 [ 127.908118] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.908135] ? __pfx_unmap_page_range+0x10/0x10 [ 127.908152] ? mas_next_slot+0x13cc/0x1ac0 [ 127.908174] ? uprobe_munmap+0x20/0x600 [ 127.908190] unmap_single_vma.constprop.0+0x153/0x230 [ 127.908211] unmap_vmas+0x1d6/0x430 [ 127.908229] ? __pfx_unmap_vmas+0x10/0x10 [ 127.908247] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.908270] exit_mmap+0x181/0xaa0 [ 127.908289] ? __pfx_exit_mmap+0x10/0x10 [ 127.908306] ? __mutex_lock+0x166/0x1020 [ 127.908327] ? __pfx___mutex_lock+0x10/0x10 [ 127.908350] ? do_raw_spin_lock+0x123/0x260 [ 127.908367] ? arch_uprobe_clear_state+0x16/0x140 [ 127.908387] mmput+0xd5/0x390 [ 127.908406] do_exit+0x79d/0x2970 [ 127.908421] ? _printk+0xbe/0xf0 [ 127.908434] ? __pfx__printk+0x10/0x10 [ 127.908449] ? __pfx_do_exit+0x10/0x10 [ 127.908463] ? __pfx_ksys_write+0x10/0x10 [ 127.908479] make_task_dead+0x174/0x3b0 [ 127.908494] ? do_syscall_64+0xbf/0x360 [ 127.908505] rewind_stack_and_make_dead+0x16/0x20 [ 127.908523] RIP: 0033:0x7fced09b85ff [ 127.908531] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.908537] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.908548] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.908556] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.908564] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.908572] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.908579] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.908593] [ 127.908597] BUG: Bad page state in process syz-executor.0 pfn:46fe5 [ 127.935003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe5 [ 127.935681] flags: 0x100000000000000(node=0|zone=1) [ 127.936097] page_type: f9(unknown) [ 127.936399] raw: 0100000000000000 ffffea00011bf948 ffffea00011bf948 0000000000000000 [ 127.937023] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.937640] page dumped because: nonzero mapcount [ 127.938015] Modules linked in: [ 127.938275] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.938297] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.938302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.938309] Call Trace: [ 127.938313] [ 127.938317] dump_stack_lvl+0xfa/0x120 [ 127.938337] bad_page+0x8c/0x1c0 [ 127.938349] __free_frozen_pages+0xaf9/0xe10 [ 127.938367] ? rcu_core+0x7c3/0x1800 [ 127.938382] rcu_core+0x7c8/0x1800 [ 127.938399] ? __pfx_rcu_core+0x10/0x10 [ 127.938414] ? clockevents_program_event+0x135/0x360 [ 127.938432] ? tick_program_event+0xac/0x140 [ 127.938444] ? hrtimer_interrupt+0x652/0x830 [ 127.938457] handle_softirqs+0x1b1/0x770 [ 127.938479] __irq_exit_rcu+0xc4/0x100 [ 127.938499] irq_exit_rcu+0x9/0x20 [ 127.938509] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.938527] [ 127.938531] [ 127.938535] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.938549] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.938565] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.938577] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.938586] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.938595] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.938603] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.938611] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.938623] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.938635] ? unmap_page_range+0xc2c/0x36d0 [ 127.938653] unmap_page_range+0xc2c/0x36d0 [ 127.938677] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.938694] ? __pfx_unmap_page_range+0x10/0x10 [ 127.938711] ? mas_next_slot+0x13cc/0x1ac0 [ 127.938733] ? uprobe_munmap+0x20/0x600 [ 127.938749] unmap_single_vma.constprop.0+0x153/0x230 [ 127.938769] unmap_vmas+0x1d6/0x430 [ 127.938787] ? __pfx_unmap_vmas+0x10/0x10 [ 127.938804] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.938827] exit_mmap+0x181/0xaa0 [ 127.938845] ? __pfx_exit_mmap+0x10/0x10 [ 127.938862] ? __mutex_lock+0x166/0x1020 [ 127.938883] ? __pfx___mutex_lock+0x10/0x10 [ 127.938906] ? do_raw_spin_lock+0x123/0x260 [ 127.938923] ? arch_uprobe_clear_state+0x16/0x140 [ 127.938943] mmput+0xd5/0x390 [ 127.938962] do_exit+0x79d/0x2970 [ 127.938976] ? _printk+0xbe/0xf0 [ 127.938990] ? __pfx__printk+0x10/0x10 [ 127.939005] ? __pfx_do_exit+0x10/0x10 [ 127.939019] ? __pfx_ksys_write+0x10/0x10 [ 127.939035] make_task_dead+0x174/0x3b0 [ 127.939050] ? do_syscall_64+0xbf/0x360 [ 127.939061] rewind_stack_and_make_dead+0x16/0x20 [ 127.939079] RIP: 0033:0x7fced09b85ff [ 127.939087] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.939093] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.939104] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.939112] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.939120] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.939127] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.939135] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.939149] [ 127.963351] BUG: Bad page state in process syz-executor.0 pfn:46fe6 [ 127.963870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe6 [ 127.964490] flags: 0x100000000000000(node=0|zone=1) [ 127.964902] page_type: f9(unknown) [ 127.965188] raw: 0100000000000000 ffffea00011bf988 ffffea00011bf988 0000000000000000 [ 127.965813] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.966415] page dumped because: nonzero mapcount [ 127.966810] Modules linked in: [ 127.967076] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.967099] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.967104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.967110] Call Trace: [ 127.967114] [ 127.967119] dump_stack_lvl+0xfa/0x120 [ 127.967138] bad_page+0x8c/0x1c0 [ 127.967150] __free_frozen_pages+0xaf9/0xe10 [ 127.967168] ? rcu_core+0x7c3/0x1800 [ 127.967183] rcu_core+0x7c8/0x1800 [ 127.967201] ? __pfx_rcu_core+0x10/0x10 [ 127.967216] ? clockevents_program_event+0x135/0x360 [ 127.967233] ? tick_program_event+0xac/0x140 [ 127.967245] ? hrtimer_interrupt+0x652/0x830 [ 127.967258] handle_softirqs+0x1b1/0x770 [ 127.967280] __irq_exit_rcu+0xc4/0x100 [ 127.967300] irq_exit_rcu+0x9/0x20 [ 127.967310] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.967328] [ 127.967332] [ 127.967336] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.967350] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.967366] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.967378] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.967388] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.967396] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.967404] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.967412] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.967420] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.967432] ? unmap_page_range+0xc2c/0x36d0 [ 127.967450] unmap_page_range+0xc2c/0x36d0 [ 127.967481] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.967498] ? __pfx_unmap_page_range+0x10/0x10 [ 127.967515] ? mas_next_slot+0x13cc/0x1ac0 [ 127.967537] ? uprobe_munmap+0x20/0x600 [ 127.967553] unmap_single_vma.constprop.0+0x153/0x230 [ 127.967573] unmap_vmas+0x1d6/0x430 [ 127.967591] ? __pfx_unmap_vmas+0x10/0x10 [ 127.967607] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.967634] exit_mmap+0x181/0xaa0 [ 127.967653] ? __pfx_exit_mmap+0x10/0x10 [ 127.967670] ? __mutex_lock+0x166/0x1020 [ 127.967690] ? __pfx___mutex_lock+0x10/0x10 [ 127.967714] ? do_raw_spin_lock+0x123/0x260 [ 127.967730] ? arch_uprobe_clear_state+0x16/0x140 [ 127.967750] mmput+0xd5/0x390 [ 127.967770] do_exit+0x79d/0x2970 [ 127.967784] ? _printk+0xbe/0xf0 [ 127.967798] ? __pfx__printk+0x10/0x10 [ 127.967813] ? __pfx_do_exit+0x10/0x10 [ 127.967827] ? __pfx_ksys_write+0x10/0x10 [ 127.967843] make_task_dead+0x174/0x3b0 [ 127.967858] ? do_syscall_64+0xbf/0x360 [ 127.967869] rewind_stack_and_make_dead+0x16/0x20 [ 127.967887] RIP: 0033:0x7fced09b85ff [ 127.967895] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.967901] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.967912] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.967920] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.967928] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.967936] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.967943] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.967957] [ 127.992162] BUG: Bad page state in process syz-executor.0 pfn:46fe7 [ 127.992675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46fe7 [ 127.993292] flags: 0x100000000000000(node=0|zone=1) [ 127.993713] page_type: f9(unknown) [ 127.994000] raw: 0100000000000000 ffffea00011bf9c8 ffffea00011bf9c8 0000000000000000 [ 127.994603] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 127.995221] page dumped because: nonzero mapcount [ 127.995603] Modules linked in: [ 127.995884] CPU: 1 UID: 0 PID: 3952 Comm: syz-executor.0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 127.995907] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 127.995912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 127.995919] Call Trace: [ 127.995924] [ 127.995929] dump_stack_lvl+0xfa/0x120 [ 127.995949] bad_page+0x8c/0x1c0 [ 127.995961] __free_frozen_pages+0xaf9/0xe10 [ 127.995981] ? rcu_core+0x7c3/0x1800 [ 127.995996] rcu_core+0x7c8/0x1800 [ 127.996015] ? __pfx_rcu_core+0x10/0x10 [ 127.996031] ? clockevents_program_event+0x135/0x360 [ 127.996049] ? tick_program_event+0xac/0x140 [ 127.996062] ? hrtimer_interrupt+0x652/0x830 [ 127.996076] handle_softirqs+0x1b1/0x770 [ 127.996100] __irq_exit_rcu+0xc4/0x100 [ 127.996120] irq_exit_rcu+0x9/0x20 [ 127.996132] sysvec_apic_timer_interrupt+0x70/0x80 [ 127.996149] [ 127.996154] [ 127.996159] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.996174] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 [ 127.996191] Code: 4a 03 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 88 48 10 06 65 8b 05 99 48 10 06 a9 00 01 ff 00 74 27 [ 127.996204] RSP: 0018:ffff88801772f8b8 EFLAGS: 00000246 [ 127.996214] RAX: ffff88800d48baa8 RBX: ffffea0000f71f80 RCX: dffffc0000000000 [ 127.996223] RDX: ffff888018cb0000 RSI: ffffffff819cebac RDI: 0000000000000001 [ 127.996233] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940001ee3f0 [ 127.996242] R10: 0000000000000001 R11: 0000000000000000 R12: 0400000000000040 [ 127.996249] R13: 00007fcecef55000 R14: ffff88801772fd20 R15: 800000003dc7e007 [ 127.996261] ? unmap_page_range+0xc2c/0x36d0 [ 127.996280] unmap_page_range+0xc2c/0x36d0 [ 127.996304] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 127.996321] ? __pfx_unmap_page_range+0x10/0x10 [ 127.996338] ? mas_next_slot+0x13cc/0x1ac0 [ 127.996360] ? uprobe_munmap+0x20/0x600 [ 127.996377] unmap_single_vma.constprop.0+0x153/0x230 [ 127.996396] unmap_vmas+0x1d6/0x430 [ 127.996414] ? __pfx_unmap_vmas+0x10/0x10 [ 127.996432] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 127.996455] exit_mmap+0x181/0xaa0 [ 127.996476] ? __pfx_exit_mmap+0x10/0x10 [ 127.996493] ? __mutex_lock+0x166/0x1020 [ 127.996514] ? __pfx___mutex_lock+0x10/0x10 [ 127.996538] ? do_raw_spin_lock+0x123/0x260 [ 127.996555] ? arch_uprobe_clear_state+0x16/0x140 [ 127.996575] mmput+0xd5/0x390 [ 127.996594] do_exit+0x79d/0x2970 [ 127.996609] ? _printk+0xbe/0xf0 [ 127.996627] ? __pfx__printk+0x10/0x10 [ 127.996642] ? __pfx_do_exit+0x10/0x10 [ 127.996656] ? __pfx_ksys_write+0x10/0x10 [ 127.996672] make_task_dead+0x174/0x3b0 [ 127.996687] ? do_syscall_64+0xbf/0x360 [ 127.996698] rewind_stack_and_make_dead+0x16/0x20 [ 127.996717] RIP: 0033:0x7fced09b85ff [ 127.996726] Code: Unable to access opcode bytes at 0x7fced09b85d5. [ 127.996732] RSP: 002b:00007ffc34d29260 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 127.996744] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fced09b85ff [ 127.996754] RDX: 0000000000000004 RSI: 00007ffc34d292b0 RDI: 0000000000000003 [ 127.996763] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffc34d29200 [ 127.996771] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fced0a5fff5 [ 127.996780] R13: 00007ffc34d292b0 R14: 0000000000000000 R15: 00007ffc34d29850 [ 127.996795] [ 128.021308] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#14] SMP KASAN NOPTI [ 128.022203] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.022891] CPU: 1 UID: 0 PID: 3960 Comm: syz-executor.7 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.023840] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.024244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.024895] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.025273] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.026706] RSP: 0018:ffff88800f8ef640 EFLAGS: 00010213 [ 128.027130] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.027702] RDX: ffff8880167a3700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.028268] RBP: ffff88800f8ef8b0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.028830] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.029394] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.029958] FS: 00007f9650def700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.030596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.031056] CR2: 00007fced0a60019 CR3: 00000000140d9000 CR4: 0000000000350ef0 [ 128.031637] Call Trace: [ 128.031848] [ 128.032036] ? __pfx_perf_tp_event+0x10/0x10 [ 128.032410] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.032811] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.033202] perf_trace_run_bpf_submit+0xef/0x180 [ 128.033592] perf_trace_contention_begin+0x235/0x3e0 [ 128.034002] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.034442] ? lock_acquire+0xc5/0x2f0 [ 128.034754] ? lock_acquire+0x18c/0x2f0 [ 128.035075] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.035504] trace_contention_begin+0xae/0x110 [ 128.035874] __mutex_lock+0x14b/0x1020 [ 128.036189] ? perf_event_exit_task+0x46/0x510 [ 128.036562] ? perf_event_exit_task+0x46/0x510 [ 128.036934] ? do_raw_spin_lock+0x123/0x260 [ 128.037280] ? lock_acquire+0x18c/0x2f0 [ 128.037599] ? __pfx___mutex_lock+0x10/0x10 [ 128.037946] ? _raw_spin_unlock_irq+0x23/0x40 [ 128.038308] ? lock_release+0x1c7/0x290 [ 128.038629] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.039043] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.039452] ? taskstats_exit+0x8c/0xba0 [ 128.039790] ? lock_acquire+0x18c/0x2f0 [ 128.040109] ? lock_release+0x1c7/0x290 [ 128.040429] perf_event_exit_task+0x46/0x510 [ 128.040792] do_exit+0x626/0x2970 [ 128.041078] ? __pfx_do_exit+0x10/0x10 [ 128.041394] ? do_raw_spin_lock+0x123/0x260 [ 128.041742] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 128.042122] do_group_exit+0xd3/0x2a0 [ 128.042430] get_signal+0x2315/0x2340 [ 128.042746] ? __pfx_get_signal+0x10/0x10 [ 128.043081] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.043514] arch_do_signal_or_restart+0x80/0x790 [ 128.043902] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 128.044332] ? lock_acquire+0xc5/0x2f0 [ 128.044650] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.045124] ? do_raw_spin_lock+0x123/0x260 [ 128.045474] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 128.045855] exit_to_user_mode_loop+0x8b/0x110 [ 128.046228] ret_from_fork+0x3ac/0x430 [ 128.046546] ret_from_fork_asm+0x1a/0x30 [ 128.046884] [ 128.047074] Modules linked in: [ 128.048177] ---[ end trace 0000000000000000 ]--- [ 128.048561] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.049459] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.051023] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.051448] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.052040] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.052609] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.053193] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.053780] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.054339] FS: 00007f9650def700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.054992] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.055454] CR2: 00007fced0a60019 CR3: 00000000140d9000 CR4: 0000000000350ef0 [ 128.056047] note: syz-executor.7[3960] exited with preempt_count 2 [ 128.056548] Fixing recursive fault but reboot is needed! [ 128.056990] BUG: scheduling while atomic: syz-executor.7/3960/0x00000000 [ 128.057520] INFO: lockdep is turned off. [ 128.057851] Modules linked in: [ 128.058117] CPU: 1 UID: 0 PID: 3960 Comm: syz-executor.7 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.058136] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.058140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.058146] Call Trace: [ 128.058150] [ 128.058154] dump_stack_lvl+0xfa/0x120 [ 128.058171] __schedule_bug+0xb9/0x100 [ 128.058182] __schedule+0x24f3/0x3590 [ 128.058196] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.058209] ? __pfx_vprintk_emit+0x10/0x10 [ 128.058226] ? arch_do_signal_or_restart+0x80/0x790 [ 128.058242] ? __pfx___schedule+0x10/0x10 [ 128.058256] ? do_raw_spin_lock+0x123/0x260 [ 128.058271] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 128.058285] ? lock_acquire+0x18c/0x2f0 [ 128.058298] ? lock_release+0x1c7/0x290 [ 128.058312] ? do_task_dead+0x3e/0x110 [ 128.058326] do_task_dead+0xdc/0x110 [ 128.058340] make_task_dead+0x373/0x3b0 [ 128.058353] ? ret_from_fork+0x3ac/0x430 [ 128.058371] rewind_stack_and_make_dead+0x16/0x20 [ 128.058387] RIP: 0033:0x7f96538ddf41 [ 128.058397] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 128.058408] RSP: 002b:00007f9650def2f0 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 128.058420] RAX: 0000000000000000 RBX: 00007f9650def700 RCX: 00007f96538ddf41 [ 128.058428] RDX: 00007f9650def9d0 RSI: 00007f9650def2f0 RDI: 00000000003d0f00 [ 128.058437] RBP: 00007ffd12867560 R08: 00007f9650def700 R09: 00007f9650def700 [ 128.058445] R10: 00007f9650def9d0 R11: 0000000000000206 R12: 00007ffd128673de [ 128.058453] R13: 00007ffd128673df R14: 00007f9650def300 R15: 0000000000022000 [ 128.058465] [ 128.058516] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#15] SMP KASAN NOPTI [ 128.072217] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.072899] CPU: 1 UID: 0 PID: 3955 Comm: syz-executor.4 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.073890] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.074292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.074940] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.075316] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.076753] RSP: 0018:ffff88803a057640 EFLAGS: 00010213 [ 128.077175] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.077736] RDX: ffff88801bc73700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.078293] RBP: ffff88803a0578b0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.078861] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.079419] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.079992] FS: 00007f7f325d6700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.080625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.081089] CR2: 00007fced0a60019 CR3: 000000000ca93000 CR4: 0000000000350ef0 [ 128.081654] Call Trace: [ 128.081862] [ 128.082050] ? __pfx_perf_tp_event+0x10/0x10 [ 128.082406] ? stack_depot_save_flags+0x2c/0xa20 [ 128.082782] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.083167] ? css_rstat_updated+0x1b8/0x4d0 [ 128.083544] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.083934] ? sched_clock_cpu+0x6c/0x4e0 [ 128.084273] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.084694] ? __update_load_avg_se+0x428/0xa40 [ 128.085073] ? __pfx___mm_cid_try_get.constprop.0+0x10/0x10 [ 128.085526] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.085930] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.086316] perf_trace_run_bpf_submit+0xef/0x180 [ 128.086707] perf_trace_contention_begin+0x235/0x3e0 [ 128.087111] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.087558] ? lock_acquire+0xc5/0x2f0 [ 128.087876] ? lock_acquire+0x18c/0x2f0 [ 128.088196] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.088616] trace_contention_begin+0xae/0x110 [ 128.088984] __mutex_lock+0x14b/0x1020 [ 128.089299] ? perf_event_exit_task+0x46/0x510 [ 128.089670] ? perf_event_exit_task+0x46/0x510 [ 128.090037] ? do_raw_spin_lock+0x123/0x260 [ 128.090385] ? lock_acquire+0x18c/0x2f0 [ 128.090706] ? __pfx___mutex_lock+0x10/0x10 [ 128.091073] ? _raw_spin_unlock_irq+0x23/0x40 [ 128.091449] ? lock_release+0x1c7/0x290 [ 128.091784] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.092199] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.092618] ? taskstats_exit+0x8c/0xba0 [ 128.092958] perf_event_exit_task+0x46/0x510 [ 128.093329] do_exit+0x626/0x2970 [ 128.093623] ? lock_release+0x1c7/0x290 [ 128.093958] ? __pfx_do_exit+0x10/0x10 [ 128.094282] ? do_raw_spin_lock+0x123/0x260 [ 128.094643] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 128.095034] do_group_exit+0xd3/0x2a0 [ 128.095351] get_signal+0x2315/0x2340 [ 128.095675] ? kmem_cache_free+0x2a1/0x540 [ 128.096023] ? __pfx_get_signal+0x10/0x10 [ 128.096372] ? do_futex+0x135/0x370 [ 128.096679] ? __pfx_do_futex+0x10/0x10 [ 128.097014] arch_do_signal_or_restart+0x80/0x790 [ 128.097414] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 128.097864] ? __x64_sys_futex+0x1c9/0x4d0 [ 128.098210] ? __x64_sys_futex+0x1d2/0x4d0 [ 128.098555] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.099029] ? __pfx___x64_sys_futex+0x10/0x10 [ 128.099405] ? xfd_validate_state+0x55/0x180 [ 128.099780] ? kcov_ioctl+0x386/0x6c0 [ 128.100101] exit_to_user_mode_loop+0x8b/0x110 [ 128.100485] do_syscall_64+0x2f7/0x360 [ 128.100809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.101234] RIP: 0033:0x7f7f35060b19 [ 128.101534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.102986] RSP: 002b:00007f7f325d6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.103613] RAX: fffffffffffffe00 RBX: 00007f7f35173f68 RCX: 00007f7f35060b19 [ 128.104192] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7f35173f68 [ 128.104778] RBP: 00007f7f35173f60 R08: 0000000000000000 R09: 0000000000000000 [ 128.105361] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7f35173f6c [ 128.105937] R13: 00007ffeea85abdf R14: 00007f7f325d6300 R15: 0000000000022000 [ 128.106521] [ 128.106718] Modules linked in: [ 128.107609] ---[ end trace 0000000000000000 ]--- [ 128.108422] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.108977] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.110549] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.111067] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.111678] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.112264] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.112865] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.113454] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.114050] FS: 00007f7f325d6700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.114732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.115216] CR2: 00007fced0a60019 CR3: 000000000ca93000 CR4: 0000000000350ef0 [ 128.115822] note: syz-executor.4[3955] exited with preempt_count 2 [ 128.116319] Fixing recursive fault but reboot is needed! [ 128.116772] BUG: scheduling while atomic: syz-executor.4/3955/0x00000000 [ 128.117322] INFO: lockdep is turned off. [ 128.117666] Modules linked in: [ 128.117943] CPU: 1 UID: 0 PID: 3955 Comm: syz-executor.4 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.117963] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.117968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.117975] Call Trace: [ 128.117979] [ 128.117984] dump_stack_lvl+0xfa/0x120 [ 128.118002] __schedule_bug+0xb9/0x100 [ 128.118014] __schedule+0x24f3/0x3590 [ 128.118027] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 128.118041] ? __pfx_vprintk_emit+0x10/0x10 [ 128.118059] ? arch_do_signal_or_restart+0x80/0x790 [ 128.118075] ? __pfx___schedule+0x10/0x10 [ 128.118089] ? do_raw_spin_lock+0x123/0x260 [ 128.118106] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 128.118120] ? lock_acquire+0x18c/0x2f0 [ 128.118134] ? lock_release+0x1c7/0x290 [ 128.118148] ? do_task_dead+0x3e/0x110 [ 128.118161] do_task_dead+0xdc/0x110 [ 128.118175] make_task_dead+0x373/0x3b0 [ 128.118187] ? do_syscall_64+0x2f7/0x360 [ 128.118198] rewind_stack_and_make_dead+0x16/0x20 [ 128.118214] RIP: 0033:0x7f7f35060b19 [ 128.118222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.118233] RSP: 002b:00007f7f325d6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.118245] RAX: fffffffffffffe00 RBX: 00007f7f35173f68 RCX: 00007f7f35060b19 [ 128.118252] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7f35173f68 [ 128.118259] RBP: 00007f7f35173f60 R08: 0000000000000000 R09: 0000000000000000 [ 128.118265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7f35173f6c [ 128.118273] R13: 00007ffeea85abdf R14: 00007f7f325d6300 R15: 0000000000022000 [ 128.118286] [ 128.132664] BUG: Bad page state in process kmemleak pfn:0f8e9 [ 128.133160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8e9 [ 128.133828] flags: 0x100000000000000(node=0|zone=1) [ 128.134244] page_type: f9(unknown) [ 128.134535] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 128.135180] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.135832] page dumped because: nonzero mapcount [ 128.136230] Modules linked in: [ 128.136508] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.136530] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.136535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.136542] Call Trace: [ 128.136546] [ 128.136550] dump_stack_lvl+0xfa/0x120 [ 128.136570] bad_page+0x8c/0x1c0 [ 128.136582] __free_frozen_pages+0xaf9/0xe10 [ 128.136601] ? rcu_core+0x7c3/0x1800 [ 128.136615] rcu_core+0x7c8/0x1800 [ 128.136637] ? __pfx_rcu_core+0x10/0x10 [ 128.136652] ? clockevents_program_event+0x135/0x360 [ 128.136670] ? tick_program_event+0xac/0x140 [ 128.136682] ? hrtimer_interrupt+0x652/0x830 [ 128.136695] handle_softirqs+0x1b1/0x770 [ 128.136717] __irq_exit_rcu+0xc4/0x100 [ 128.136737] irq_exit_rcu+0x9/0x20 [ 128.136747] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.136765] [ 128.136768] [ 128.136773] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.136787] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.136804] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.136817] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.136826] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.136834] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.136842] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.136850] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.136858] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.136869] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.136883] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.136901] scan_gray_list+0x213/0x290 [ 128.136920] kmemleak_scan+0x574/0xe00 [ 128.136938] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.136957] kmemleak_scan_thread+0x78/0xc0 [ 128.136976] kthread+0x3c8/0x740 [ 128.136989] ? __pfx_kthread+0x10/0x10 [ 128.137002] ? ret_from_fork+0x23/0x430 [ 128.137021] ? lock_release+0xc8/0x290 [ 128.137036] ? __pfx_kthread+0x10/0x10 [ 128.137049] ret_from_fork+0x34b/0x430 [ 128.137069] ? __pfx_kthread+0x10/0x10 [ 128.137082] ret_from_fork_asm+0x1a/0x30 [ 128.137104] [ 128.154542] BUG: Bad page state in process kmemleak pfn:0f8ea [ 128.155038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8ea [ 128.155702] flags: 0x100000000000000(node=0|zone=1) [ 128.156103] page_type: f9(unknown) [ 128.156393] raw: 0100000000000000 0000000000000000 ffffea00003e3a90 0000000000000000 [ 128.157021] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.157651] page dumped because: nonzero mapcount [ 128.158040] Modules linked in: [ 128.158303] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.158324] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.158329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.158336] Call Trace: [ 128.158340] [ 128.158344] dump_stack_lvl+0xfa/0x120 [ 128.158363] bad_page+0x8c/0x1c0 [ 128.158375] __free_frozen_pages+0xaf9/0xe10 [ 128.158393] ? rcu_core+0x7c3/0x1800 [ 128.158408] rcu_core+0x7c8/0x1800 [ 128.158426] ? __pfx_rcu_core+0x10/0x10 [ 128.158441] ? clockevents_program_event+0x135/0x360 [ 128.158458] ? tick_program_event+0xac/0x140 [ 128.158470] ? hrtimer_interrupt+0x652/0x830 [ 128.158483] handle_softirqs+0x1b1/0x770 [ 128.158506] __irq_exit_rcu+0xc4/0x100 [ 128.158525] irq_exit_rcu+0x9/0x20 [ 128.158535] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.158553] [ 128.158557] [ 128.158561] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.158575] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.158592] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.158605] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.158614] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.158626] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.158634] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.158642] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.158650] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.158661] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.158674] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.158693] scan_gray_list+0x213/0x290 [ 128.158711] kmemleak_scan+0x574/0xe00 [ 128.158729] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.158749] kmemleak_scan_thread+0x78/0xc0 [ 128.158767] kthread+0x3c8/0x740 [ 128.158780] ? __pfx_kthread+0x10/0x10 [ 128.158793] ? ret_from_fork+0x23/0x430 [ 128.158813] ? lock_release+0xc8/0x290 [ 128.158827] ? __pfx_kthread+0x10/0x10 [ 128.158841] ret_from_fork+0x34b/0x430 [ 128.158860] ? __pfx_kthread+0x10/0x10 [ 128.158873] ret_from_fork_asm+0x1a/0x30 [ 128.158895] [ 128.176041] BUG: Bad page state in process kmemleak pfn:0f8eb [ 128.176519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8eb [ 128.177191] flags: 0x100000000000000(node=0|zone=1) [ 128.177604] page_type: f9(unknown) [ 128.177918] raw: 0100000000000000 0000000000000000 ffffea00003e3ac8 0000000000000000 [ 128.178557] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.179215] page dumped because: nonzero mapcount [ 128.179604] Modules linked in: [ 128.179899] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.179924] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.179929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.179936] Call Trace: [ 128.179940] [ 128.179945] dump_stack_lvl+0xfa/0x120 [ 128.179965] bad_page+0x8c/0x1c0 [ 128.179977] __free_frozen_pages+0xaf9/0xe10 [ 128.179996] ? rcu_core+0x7c3/0x1800 [ 128.180012] rcu_core+0x7c8/0x1800 [ 128.180031] ? __pfx_rcu_core+0x10/0x10 [ 128.180046] ? clockevents_program_event+0x135/0x360 [ 128.180065] ? tick_program_event+0xac/0x140 [ 128.180077] ? hrtimer_interrupt+0x652/0x830 [ 128.180089] handle_softirqs+0x1b1/0x770 [ 128.180112] __irq_exit_rcu+0xc4/0x100 [ 128.180131] irq_exit_rcu+0x9/0x20 [ 128.180142] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.180159] [ 128.180163] [ 128.180167] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.180181] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.180199] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.180211] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.180221] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.180229] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.180236] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.180244] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.180252] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.180264] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.180277] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.180296] scan_gray_list+0x213/0x290 [ 128.180316] kmemleak_scan+0x574/0xe00 [ 128.180334] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.180355] kmemleak_scan_thread+0x78/0xc0 [ 128.180375] kthread+0x3c8/0x740 [ 128.180388] ? __pfx_kthread+0x10/0x10 [ 128.180401] ? ret_from_fork+0x23/0x430 [ 128.180421] ? lock_release+0xc8/0x290 [ 128.180435] ? __pfx_kthread+0x10/0x10 [ 128.180450] ret_from_fork+0x34b/0x430 [ 128.180471] ? __pfx_kthread+0x10/0x10 [ 128.180485] ret_from_fork_asm+0x1a/0x30 [ 128.180507] [ 128.180511] BUG: Bad page state in process kmemleak pfn:0f8ec [ 128.198697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8ec [ 128.199335] flags: 0x100000000000000(node=0|zone=1) [ 128.199775] page_type: f9(unknown) [ 128.200076] raw: 0100000000000000 0000000000000000 ffffea00003e3b08 0000000000000000 [ 128.200722] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.201347] page dumped because: nonzero mapcount [ 128.201762] Modules linked in: [ 128.202038] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.202060] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.202065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.202072] Call Trace: [ 128.202076] [ 128.202080] dump_stack_lvl+0xfa/0x120 [ 128.202099] bad_page+0x8c/0x1c0 [ 128.202111] __free_frozen_pages+0xaf9/0xe10 [ 128.202129] ? rcu_core+0x7c3/0x1800 [ 128.202144] rcu_core+0x7c8/0x1800 [ 128.202162] ? __pfx_rcu_core+0x10/0x10 [ 128.202177] ? clockevents_program_event+0x135/0x360 [ 128.202195] ? tick_program_event+0xac/0x140 [ 128.202207] ? hrtimer_interrupt+0x652/0x830 [ 128.202219] handle_softirqs+0x1b1/0x770 [ 128.202242] __irq_exit_rcu+0xc4/0x100 [ 128.202261] irq_exit_rcu+0x9/0x20 [ 128.202272] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.202289] [ 128.202293] [ 128.202297] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.202311] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.202328] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.202340] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.202350] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.202358] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.202366] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.202374] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.202382] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.202393] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.202406] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.202425] scan_gray_list+0x213/0x290 [ 128.202443] kmemleak_scan+0x574/0xe00 [ 128.202461] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.202481] kmemleak_scan_thread+0x78/0xc0 [ 128.202499] kthread+0x3c8/0x740 [ 128.202512] ? __pfx_kthread+0x10/0x10 [ 128.202525] ? ret_from_fork+0x23/0x430 [ 128.202544] ? lock_release+0xc8/0x290 [ 128.202559] ? __pfx_kthread+0x10/0x10 [ 128.202573] ret_from_fork+0x34b/0x430 [ 128.202592] ? __pfx_kthread+0x10/0x10 [ 128.202605] ret_from_fork_asm+0x1a/0x30 [ 128.202631] [ 128.219973] BUG: Bad page state in process kmemleak pfn:0f8ed [ 128.220450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8ed [ 128.221106] flags: 0x100000000000000(node=0|zone=1) [ 128.221519] page_type: f9(unknown) [ 128.221835] raw: 0100000000000000 0000000000000000 ffffea00003e3b48 0000000000000000 [ 128.222473] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.223124] page dumped because: nonzero mapcount [ 128.223526] Modules linked in: [ 128.223810] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.223834] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.223839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.223846] Call Trace: [ 128.223850] [ 128.223854] dump_stack_lvl+0xfa/0x120 [ 128.223875] bad_page+0x8c/0x1c0 [ 128.223888] __free_frozen_pages+0xaf9/0xe10 [ 128.223907] ? rcu_core+0x7c3/0x1800 [ 128.223923] rcu_core+0x7c8/0x1800 [ 128.223941] ? __pfx_rcu_core+0x10/0x10 [ 128.223956] ? clockevents_program_event+0x135/0x360 [ 128.223975] ? tick_program_event+0xac/0x140 [ 128.223988] ? hrtimer_interrupt+0x652/0x830 [ 128.224003] handle_softirqs+0x1b1/0x770 [ 128.224026] __irq_exit_rcu+0xc4/0x100 [ 128.224047] irq_exit_rcu+0x9/0x20 [ 128.224058] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.224077] [ 128.224082] [ 128.224087] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.224101] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.224120] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.224133] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.224143] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.224152] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.224161] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.224169] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.224177] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.224189] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.224204] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.224223] scan_gray_list+0x213/0x290 [ 128.224242] kmemleak_scan+0x574/0xe00 [ 128.224261] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.224281] kmemleak_scan_thread+0x78/0xc0 [ 128.224299] kthread+0x3c8/0x740 [ 128.224312] ? __pfx_kthread+0x10/0x10 [ 128.224325] ? ret_from_fork+0x23/0x430 [ 128.224344] ? lock_release+0xc8/0x290 [ 128.224359] ? __pfx_kthread+0x10/0x10 [ 128.224373] ret_from_fork+0x34b/0x430 [ 128.224392] ? __pfx_kthread+0x10/0x10 [ 128.224405] ret_from_fork_asm+0x1a/0x30 [ 128.224428] [ 128.224433] BUG: Bad page state in process kmemleak pfn:0f8ee [ 128.242680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8ee [ 128.243315] flags: 0x100000000000000(node=0|zone=1) [ 128.243756] page_type: f9(unknown) [ 128.244057] raw: 0100000000000000 0000000000000000 ffffea00003e3b88 0000000000000000 [ 128.244710] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.245343] page dumped because: nonzero mapcount [ 128.245753] Modules linked in: [ 128.246037] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.246059] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.246065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.246071] Call Trace: [ 128.246075] [ 128.246079] dump_stack_lvl+0xfa/0x120 [ 128.246099] bad_page+0x8c/0x1c0 [ 128.246110] __free_frozen_pages+0xaf9/0xe10 [ 128.246129] ? rcu_core+0x7c3/0x1800 [ 128.246143] rcu_core+0x7c8/0x1800 [ 128.246161] ? __pfx_rcu_core+0x10/0x10 [ 128.246176] ? clockevents_program_event+0x135/0x360 [ 128.246194] ? tick_program_event+0xac/0x140 [ 128.246206] ? hrtimer_interrupt+0x652/0x830 [ 128.246218] handle_softirqs+0x1b1/0x770 [ 128.246241] __irq_exit_rcu+0xc4/0x100 [ 128.246260] irq_exit_rcu+0x9/0x20 [ 128.246271] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.246288] [ 128.246292] [ 128.246296] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.246310] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.246328] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.246340] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.246350] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.246358] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.246366] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.246374] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.246382] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.246393] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.246406] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.246424] scan_gray_list+0x213/0x290 [ 128.246443] kmemleak_scan+0x574/0xe00 [ 128.246460] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.246480] kmemleak_scan_thread+0x78/0xc0 [ 128.246499] kthread+0x3c8/0x740 [ 128.246512] ? __pfx_kthread+0x10/0x10 [ 128.246525] ? ret_from_fork+0x23/0x430 [ 128.246544] ? lock_release+0xc8/0x290 [ 128.246559] ? __pfx_kthread+0x10/0x10 [ 128.246572] ret_from_fork+0x34b/0x430 [ 128.246592] ? __pfx_kthread+0x10/0x10 [ 128.246605] ret_from_fork_asm+0x1a/0x30 [ 128.246631] [ 128.263824] BUG: Bad page state in process kmemleak pfn:0f8ef [ 128.264297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf8ef [ 128.264937] flags: 0x100000000000000(node=0|zone=1) [ 128.265336] page_type: f9(unknown) [ 128.265643] raw: 0100000000000000 0000000000000000 ffffea00003e3bc8 0000000000000000 [ 128.266258] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.266884] page dumped because: nonzero mapcount [ 128.267261] Modules linked in: [ 128.267531] CPU: 1 UID: 0 PID: 67 Comm: kmemleak Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.267553] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.267557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.267565] Call Trace: [ 128.267568] [ 128.267573] dump_stack_lvl+0xfa/0x120 [ 128.267592] bad_page+0x8c/0x1c0 [ 128.267604] __free_frozen_pages+0xaf9/0xe10 [ 128.267626] ? rcu_core+0x7c3/0x1800 [ 128.267640] rcu_core+0x7c8/0x1800 [ 128.267658] ? __pfx_rcu_core+0x10/0x10 [ 128.267673] ? clockevents_program_event+0x135/0x360 [ 128.267691] ? tick_program_event+0xac/0x140 [ 128.267703] ? hrtimer_interrupt+0x652/0x830 [ 128.267716] handle_softirqs+0x1b1/0x770 [ 128.267738] __irq_exit_rcu+0xc4/0x100 [ 128.267758] irq_exit_rcu+0x9/0x20 [ 128.267768] sysvec_apic_timer_interrupt+0x70/0x80 [ 128.267785] [ 128.267789] [ 128.267793] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.267807] RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50 [ 128.267825] Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 f5 93 fc 48 89 ef e8 4e 40 94 fc 80 e7 02 74 06 e8 b4 48 be fc fb 65 ff 0d 6c 4c c6 02 <74> 07 5b 5d e9 33 23 00 00 0f 1f 44 00 00 5b 5d e9 27 23 00 00 0f [ 128.267837] RSP: 0018:ffff88800f8c7df0 EFLAGS: 00000286 [ 128.267847] RAX: 0000000000000001 RBX: 0000000000000246 RCX: ffffffff817c2b86 [ 128.267855] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff84bde3bc [ 128.267862] RBP: ffffffff886eb218 R08: 0000000000000000 R09: 0000000000000000 [ 128.267870] R10: ffffffff8643ac57 R11: 0000000000000000 R12: ffff88800a775280 [ 128.267878] R13: ffff8880723e6000 R14: 0000000000000246 R15: ffff888072400000 [ 128.267889] ? trace_irq_enable.constprop.0+0x26/0x100 [ 128.267902] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 128.267921] scan_gray_list+0x213/0x290 [ 128.267939] kmemleak_scan+0x574/0xe00 [ 128.267957] ? __pfx_kmemleak_scan_thread+0x10/0x10 [ 128.267977] kmemleak_scan_thread+0x78/0xc0 [ 128.267995] kthread+0x3c8/0x740 [ 128.268008] ? __pfx_kthread+0x10/0x10 [ 128.268021] ? ret_from_fork+0x23/0x430 [ 128.268041] ? lock_release+0xc8/0x290 [ 128.268055] ? __pfx_kthread+0x10/0x10 [ 128.268069] ret_from_fork+0x34b/0x430 [ 128.268088] ? __pfx_kthread+0x10/0x10 [ 128.268102] ret_from_fork_asm+0x1a/0x30 [ 128.268123] [ 128.286322] BUG: Bad page state in process ksoftirqd/1 pfn:3a051 [ 128.286850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a051 [ 128.287516] flags: 0x100000000000000(node=0|zone=1) [ 128.287948] page_type: f9(unknown) [ 128.288247] raw: 0100000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 128.288898] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.289530] page dumped because: nonzero mapcount [ 128.289937] Modules linked in: [ 128.290212] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.290234] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.290239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.290246] Call Trace: [ 128.290250] [ 128.290254] dump_stack_lvl+0xfa/0x120 [ 128.290274] bad_page+0x8c/0x1c0 [ 128.290286] __free_frozen_pages+0xaf9/0xe10 [ 128.290304] ? rcu_core+0x7c3/0x1800 [ 128.290319] rcu_core+0x7c8/0x1800 [ 128.290336] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.290358] ? __pfx_rcu_core+0x10/0x10 [ 128.290378] handle_softirqs+0x1b1/0x770 [ 128.290400] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.290420] ? smpboot_thread_fn+0x371/0x9d0 [ 128.290440] run_ksoftirqd+0x2e/0x60 [ 128.290459] smpboot_thread_fn+0x41d/0x9d0 [ 128.290479] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.290500] kthread+0x3c8/0x740 [ 128.290513] ? __pfx_kthread+0x10/0x10 [ 128.290526] ? ret_from_fork+0x23/0x430 [ 128.290546] ? lock_release+0xc8/0x290 [ 128.290560] ? __pfx_kthread+0x10/0x10 [ 128.290574] ret_from_fork+0x34b/0x430 [ 128.290594] ? __pfx_kthread+0x10/0x10 [ 128.290607] ret_from_fork_asm+0x1a/0x30 [ 128.290633] [ 128.299990] BUG: Bad page state in process ksoftirqd/1 pfn:3a052 [ 128.300490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a052 [ 128.301158] flags: 0x100000000000000(node=0|zone=1) [ 128.301567] page_type: f9(unknown) [ 128.301880] raw: 0100000000000000 0000000000000000 ffffea0000e81490 0000000000000000 [ 128.302514] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.303165] page dumped because: nonzero mapcount [ 128.303564] Modules linked in: [ 128.303856] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.303879] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.303884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.303891] Call Trace: [ 128.303895] [ 128.303899] dump_stack_lvl+0xfa/0x120 [ 128.303920] bad_page+0x8c/0x1c0 [ 128.303932] __free_frozen_pages+0xaf9/0xe10 [ 128.303951] ? rcu_core+0x7c3/0x1800 [ 128.303967] rcu_core+0x7c8/0x1800 [ 128.303985] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.304008] ? __pfx_rcu_core+0x10/0x10 [ 128.304029] handle_softirqs+0x1b1/0x770 [ 128.304052] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.304073] ? smpboot_thread_fn+0x371/0x9d0 [ 128.304093] run_ksoftirqd+0x2e/0x60 [ 128.304112] smpboot_thread_fn+0x41d/0x9d0 [ 128.304132] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.304153] kthread+0x3c8/0x740 [ 128.304167] ? __pfx_kthread+0x10/0x10 [ 128.304180] ? ret_from_fork+0x23/0x430 [ 128.304199] ? lock_release+0xc8/0x290 [ 128.304214] ? __pfx_kthread+0x10/0x10 [ 128.304228] ret_from_fork+0x34b/0x430 [ 128.304248] ? __pfx_kthread+0x10/0x10 [ 128.304262] ret_from_fork_asm+0x1a/0x30 [ 128.304286] [ 128.304290] BUG: Bad page state in process ksoftirqd/1 pfn:3a053 [ 128.314293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a053 [ 128.314954] flags: 0x100000000000000(node=0|zone=1) [ 128.315363] page_type: f9(unknown) [ 128.315681] raw: 0100000000000000 0000000000000000 dead000000000122 0000000000000000 [ 128.316324] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.316972] page dumped because: nonzero mapcount [ 128.317361] Modules linked in: [ 128.317651] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.317673] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.317680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.317687] Call Trace: [ 128.317690] [ 128.317695] dump_stack_lvl+0xfa/0x120 [ 128.317715] bad_page+0x8c/0x1c0 [ 128.317727] __free_frozen_pages+0xaf9/0xe10 [ 128.317747] ? rcu_core+0x7c3/0x1800 [ 128.317763] rcu_core+0x7c8/0x1800 [ 128.317781] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.317805] ? __pfx_rcu_core+0x10/0x10 [ 128.317826] handle_softirqs+0x1b1/0x770 [ 128.317849] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.317870] ? smpboot_thread_fn+0x371/0x9d0 [ 128.317890] run_ksoftirqd+0x2e/0x60 [ 128.317910] smpboot_thread_fn+0x41d/0x9d0 [ 128.317932] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.317953] kthread+0x3c8/0x740 [ 128.317967] ? __pfx_kthread+0x10/0x10 [ 128.317980] ? ret_from_fork+0x23/0x430 [ 128.318001] ? lock_release+0xc8/0x290 [ 128.318016] ? __pfx_kthread+0x10/0x10 [ 128.318031] ret_from_fork+0x34b/0x430 [ 128.318051] ? __pfx_kthread+0x10/0x10 [ 128.318065] ret_from_fork_asm+0x1a/0x30 [ 128.318088] [ 128.318092] BUG: Bad page state in process ksoftirqd/1 pfn:3a054 [ 128.328097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a054 [ 128.328750] flags: 0x100000000000000(node=0|zone=1) [ 128.329162] page_type: f9(unknown) [ 128.329460] raw: 0100000000000000 0000000000000000 dead000000000122 0000000000000000 [ 128.330117] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.330764] page dumped because: nonzero mapcount [ 128.331156] Modules linked in: [ 128.331426] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.331448] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.331453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.331459] Call Trace: [ 128.331463] [ 128.331474] dump_stack_lvl+0xfa/0x120 [ 128.331494] bad_page+0x8c/0x1c0 [ 128.331506] __free_frozen_pages+0xaf9/0xe10 [ 128.331524] ? rcu_core+0x7c3/0x1800 [ 128.331539] rcu_core+0x7c8/0x1800 [ 128.331556] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.331579] ? __pfx_rcu_core+0x10/0x10 [ 128.331598] handle_softirqs+0x1b1/0x770 [ 128.331623] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.331643] ? smpboot_thread_fn+0x371/0x9d0 [ 128.331663] run_ksoftirqd+0x2e/0x60 [ 128.331682] smpboot_thread_fn+0x41d/0x9d0 [ 128.331702] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.331723] kthread+0x3c8/0x740 [ 128.331736] ? __pfx_kthread+0x10/0x10 [ 128.331749] ? ret_from_fork+0x23/0x430 [ 128.331769] ? lock_release+0xc8/0x290 [ 128.331783] ? __pfx_kthread+0x10/0x10 [ 128.331797] ret_from_fork+0x34b/0x430 [ 128.331816] ? __pfx_kthread+0x10/0x10 [ 128.331830] ret_from_fork_asm+0x1a/0x30 [ 128.331851] [ 128.341245] BUG: Bad page state in process ksoftirqd/1 pfn:3a055 [ 128.341756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a055 [ 128.342404] flags: 0x100000000000000(node=0|zone=1) [ 128.342833] page_type: f9(unknown) [ 128.343137] raw: 0100000000000000 0000000000000000 dead000000000122 0000000000000000 [ 128.343797] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.344428] page dumped because: nonzero mapcount [ 128.344829] Modules linked in: [ 128.345102] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.345124] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.345129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.345137] Call Trace: [ 128.345141] [ 128.345145] dump_stack_lvl+0xfa/0x120 [ 128.345165] bad_page+0x8c/0x1c0 [ 128.345177] __free_frozen_pages+0xaf9/0xe10 [ 128.345196] ? rcu_core+0x7c3/0x1800 [ 128.345211] rcu_core+0x7c8/0x1800 [ 128.345228] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.345251] ? __pfx_rcu_core+0x10/0x10 [ 128.345271] handle_softirqs+0x1b1/0x770 [ 128.345293] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.345313] ? smpboot_thread_fn+0x371/0x9d0 [ 128.345332] run_ksoftirqd+0x2e/0x60 [ 128.345352] smpboot_thread_fn+0x41d/0x9d0 [ 128.345373] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.345394] kthread+0x3c8/0x740 [ 128.345407] ? __pfx_kthread+0x10/0x10 [ 128.345420] ? ret_from_fork+0x23/0x430 [ 128.345440] ? lock_release+0xc8/0x290 [ 128.345455] ? __pfx_kthread+0x10/0x10 [ 128.345469] ret_from_fork+0x34b/0x430 [ 128.345489] ? __pfx_kthread+0x10/0x10 [ 128.345502] ret_from_fork_asm+0x1a/0x30 [ 128.345524] [ 128.345529] BUG: Bad page state in process ksoftirqd/1 pfn:3a056 [ 128.355569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a056 [ 128.356245] flags: 0x100000000000000(node=0|zone=1) [ 128.356685] page_type: f9(unknown) [ 128.356992] raw: 0100000000000000 0000000000000000 dead000000000122 0000000000000000 [ 128.357645] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.358277] page dumped because: nonzero mapcount [ 128.358687] Modules linked in: [ 128.358965] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.358988] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.358993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.359000] Call Trace: [ 128.359004] [ 128.359009] dump_stack_lvl+0xfa/0x120 [ 128.359029] bad_page+0x8c/0x1c0 [ 128.359041] __free_frozen_pages+0xaf9/0xe10 [ 128.359060] ? rcu_core+0x7c3/0x1800 [ 128.359075] rcu_core+0x7c8/0x1800 [ 128.359092] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.359115] ? __pfx_rcu_core+0x10/0x10 [ 128.359135] handle_softirqs+0x1b1/0x770 [ 128.359157] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.359178] ? smpboot_thread_fn+0x371/0x9d0 [ 128.359197] run_ksoftirqd+0x2e/0x60 [ 128.359217] smpboot_thread_fn+0x41d/0x9d0 [ 128.359237] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.359259] kthread+0x3c8/0x740 [ 128.359272] ? __pfx_kthread+0x10/0x10 [ 128.359285] ? ret_from_fork+0x23/0x430 [ 128.359304] ? lock_release+0xc8/0x290 [ 128.359319] ? __pfx_kthread+0x10/0x10 [ 128.359333] ret_from_fork+0x34b/0x430 [ 128.359353] ? __pfx_kthread+0x10/0x10 [ 128.359366] ret_from_fork_asm+0x1a/0x30 [ 128.359388] [ 128.359393] BUG: Bad page state in process ksoftirqd/1 pfn:3a057 [ 128.369207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3a057 [ 128.369867] flags: 0x100000000000000(node=0|zone=1) [ 128.370275] page_type: f9(unknown) [ 128.370574] raw: 0100000000000000 0000000000000000 dead000000000122 0000000000000000 [ 128.371234] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 128.371889] page dumped because: nonzero mapcount [ 128.372274] Modules linked in: [ 128.372538] CPU: 1 UID: 0 PID: 22 Comm: ksoftirqd/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.372557] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.372562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.372568] Call Trace: [ 128.372572] [ 128.372576] dump_stack_lvl+0xfa/0x120 [ 128.372593] bad_page+0x8c/0x1c0 [ 128.372604] __free_frozen_pages+0xaf9/0xe10 [ 128.372624] ? rcu_core+0x7c3/0x1800 [ 128.372637] rcu_core+0x7c8/0x1800 [ 128.372652] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 128.372671] ? __pfx_rcu_core+0x10/0x10 [ 128.372688] handle_softirqs+0x1b1/0x770 [ 128.372707] ? __pfx_run_ksoftirqd+0x10/0x10 [ 128.372724] ? smpboot_thread_fn+0x371/0x9d0 [ 128.372741] run_ksoftirqd+0x2e/0x60 [ 128.372757] smpboot_thread_fn+0x41d/0x9d0 [ 128.372775] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 128.372793] kthread+0x3c8/0x740 [ 128.372805] ? __pfx_kthread+0x10/0x10 [ 128.372816] ? ret_from_fork+0x23/0x430 [ 128.372833] ? lock_release+0xc8/0x290 [ 128.372846] ? __pfx_kthread+0x10/0x10 [ 128.372858] ret_from_fork+0x34b/0x430 [ 128.372874] ? __pfx_kthread+0x10/0x10 [ 128.372886] ret_from_fork_asm+0x1a/0x30 [ 128.372905] [ 128.383128] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#16] SMP KASAN NOPTI [ 128.384046] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.384754] CPU: 1 UID: 0 PID: 393 Comm: kworker/u10:6 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.385706] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.386116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.386796] Workqueue: events_unbound cfg80211_wiphy_work [ 128.387245] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.387645] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.389110] RSP: 0018:ffff88804583f700 EFLAGS: 00010213 [ 128.389545] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.390130] RDX: ffff888045a7d280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.390718] RBP: ffff88804583f970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.391297] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.391881] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.392463] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.393125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.393602] CR2: 00007fced0a60019 CR3: 000000000ca93000 CR4: 0000000000350ef0 [ 128.394193] Call Trace: [ 128.394409] [ 128.394600] ? __pfx_perf_tp_event+0x10/0x10 [ 128.394972] ? kvm_sched_clock_read+0x16/0x30 [ 128.395344] ? sched_clock+0x37/0x60 [ 128.395672] ? sched_clock_cpu+0x6c/0x4e0 [ 128.396025] ? __pfx_sched_clock_cpu+0x10/0x10 [ 128.396404] ? do_raw_spin_lock+0x123/0x260 [ 128.396775] ? need_active_balance+0x1ee/0x6a0 [ 128.397155] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.397557] ? sched_balance_rq+0x1690/0x29a0 [ 128.397939] ? sched_clock+0x37/0x60 [ 128.398258] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.398668] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.399087] perf_trace_run_bpf_submit+0xef/0x180 [ 128.399500] perf_trace_contention_begin+0x235/0x3e0 [ 128.399912] ? trace_pelt_cfs_tp+0xdf/0x130 [ 128.400266] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.400730] ? lock_acquire+0xc5/0x2f0 [ 128.401055] ? lock_acquire+0x18c/0x2f0 [ 128.401386] trace_contention_begin+0xae/0x110 [ 128.401773] __mutex_lock+0x14b/0x1020 [ 128.402107] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.402482] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.402859] ? lock_release+0x1c7/0x290 [ 128.403186] ? __pfx___mutex_lock+0x10/0x10 [ 128.403552] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 128.403979] ? lock_acquire+0xc5/0x2f0 [ 128.404310] cfg80211_wiphy_work+0x7e/0x480 [ 128.404670] process_one_work+0x8e1/0x19c0 [ 128.405032] ? __pfx_process_one_work+0x10/0x10 [ 128.405424] ? move_linked_works+0x172/0x270 [ 128.405803] ? assign_work+0x196/0x240 [ 128.406128] worker_thread+0x67e/0xe90 [ 128.406452] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.406881] ? __pfx_worker_thread+0x10/0x10 [ 128.407259] kthread+0x3c8/0x740 [ 128.407557] ? __pfx_kthread+0x10/0x10 [ 128.407883] ? ret_from_fork+0x23/0x430 [ 128.408224] ? lock_release+0xc8/0x290 [ 128.408548] ? __pfx_kthread+0x10/0x10 [ 128.408877] ret_from_fork+0x34b/0x430 [ 128.409212] ? __pfx_kthread+0x10/0x10 [ 128.409542] ret_from_fork_asm+0x1a/0x30 [ 128.409878] [ 128.410072] Modules linked in: [ 128.410924] ---[ end trace 0000000000000000 ]--- [ 128.411318] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.412201] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.413723] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.414167] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.414766] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.415361] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.415968] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.416552] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.417166] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.417861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.418346] CR2: 00007fced0a60019 CR3: 000000000ca93000 CR4: 0000000000350ef0 [ 128.418948] note: kworker/u10:6[393] exited with preempt_count 2 [ 128.419460] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#17] SMP KASAN NOPTI [ 128.420393] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.421096] CPU: 1 UID: 0 PID: 26 Comm: kworker/u10:0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.422055] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.422464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.423140] Workqueue: events_unbound cfg80211_wiphy_work [ 128.423598] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.423994] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.425472] RSP: 0018:ffff888009777700 EFLAGS: 00010213 [ 128.425908] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.426485] RDX: ffff888009753700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.427074] RBP: ffff888009777970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.427669] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.428248] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.428838] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.429493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.429971] CR2: 00007fced0a60019 CR3: 000000000ca93000 CR4: 0000000000350ef0 [ 128.430555] Call Trace: [ 128.430772] [ 128.430965] ? __pfx_perf_tp_event+0x10/0x10 [ 128.431336] ? ret_from_fork_asm+0x1a/0x30 [ 128.431699] ? stack_trace_save+0x8e/0xc0 [ 128.432046] ? stack_depot_save_flags+0x2c/0xa20 [ 128.432436] ? kasan_save_stack+0x34/0x50 [ 128.432788] ? kasan_save_stack+0x24/0x50 [ 128.433133] ? kasan_save_track+0x14/0x30 [ 128.433480] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.433877] ? kfree_skbmem+0x18a/0x1f0 [ 128.434204] ? sk_skb_reason_drop+0x10e/0x1b0 [ 128.434582] ? ieee80211_iface_work+0x43c/0x1220 [ 128.434973] ? cfg80211_wiphy_work+0x245/0x480 [ 128.435343] ? process_one_work+0x8e1/0x19c0 [ 128.435721] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.436137] perf_trace_run_bpf_submit+0xef/0x180 [ 128.436549] perf_trace_contention_begin+0x235/0x3e0 [ 128.436978] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.437442] ? lock_acquire+0xc5/0x2f0 [ 128.437766] ? lock_acquire+0x18c/0x2f0 [ 128.438103] ? ieee80211_ibss_work+0xb6/0x1360 [ 128.438484] trace_contention_begin+0xae/0x110 [ 128.438863] __mutex_lock+0x14b/0x1020 [ 128.439195] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.439574] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.439949] ? update_load_avg+0x17d/0x1ef0 [ 128.440309] ? __pfx___mutex_lock+0x10/0x10 [ 128.440668] ? lock_acquire+0xc5/0x2f0 [ 128.440996] ? lock_acquire+0x18c/0x2f0 [ 128.441331] ? lock_release+0x1c7/0x290 [ 128.441663] ? lock_acquire+0xc5/0x2f0 [ 128.441987] cfg80211_wiphy_work+0x7e/0x480 [ 128.442341] process_one_work+0x8e1/0x19c0 [ 128.442695] ? __pfx_process_one_work+0x10/0x10 [ 128.443085] ? move_linked_works+0x172/0x270 [ 128.443464] ? assign_work+0x196/0x240 [ 128.443798] worker_thread+0x67e/0xe90 [ 128.444124] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.444555] ? __pfx_worker_thread+0x10/0x10 [ 128.444923] kthread+0x3c8/0x740 [ 128.445207] ? __pfx_kthread+0x10/0x10 [ 128.445532] ? ret_from_fork+0x23/0x430 [ 128.445867] ? lock_release+0xc8/0x290 [ 128.446194] ? __pfx_kthread+0x10/0x10 [ 128.446519] ret_from_fork+0x34b/0x430 [ 128.446849] ? __pfx_kthread+0x10/0x10 [ 128.447174] ret_from_fork_asm+0x1a/0x30 [ 128.447521] [ 128.447719] Modules linked in: [ 128.448022] ---[ end trace 0000000000000000 ]--- [ 128.448410] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.448905] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.450538] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.451002] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.451587] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.452177] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.452777] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.453363] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.453968] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.454649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.455129] CR2: 00007fced0a60019 CR3: 000000000ca93000 CR4: 0000000000350ef0 [ 128.455731] note: kworker/u10:0[26] exited with preempt_count 2 [ 128.456391] kworker/u10:0 (26) used greatest stack depth: 23968 bytes left [ 128.503685] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#18] SMP KASAN NOPTI [ 128.504593] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.505272] CPU: 1 UID: 0 PID: 328 Comm: kworker/u9:6 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.506184] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.506573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.507213] Workqueue: events_unbound cfg80211_wiphy_work [ 128.507652] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.508025] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.509435] RSP: 0018:ffff888017cef700 EFLAGS: 00010213 [ 128.509850] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.510403] RDX: ffff888016c13700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.510955] RBP: ffff888017cef970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.511514] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.512070] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.512623] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.513244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.513698] CR2: 00007fced0a60019 CR3: 00000000453df000 CR4: 0000000000350ef0 [ 128.514253] Call Trace: [ 128.514459] [ 128.514648] ? __pfx_perf_tp_event+0x10/0x10 [ 128.515002] ? ret_from_fork_asm+0x1a/0x30 [ 128.515336] ? stack_trace_save+0x8e/0xc0 [ 128.515669] ? stack_depot_save_flags+0x2c/0xa20 [ 128.516044] ? kasan_save_stack+0x34/0x50 [ 128.516375] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.516757] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.517137] ? kfree_skbmem+0x18a/0x1f0 [ 128.517453] ? sk_skb_reason_drop+0x10e/0x1b0 [ 128.517825] ? ieee80211_iface_work+0x43c/0x1220 [ 128.518205] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.518599] perf_trace_run_bpf_submit+0xef/0x180 [ 128.518985] perf_trace_contention_begin+0x235/0x3e0 [ 128.519387] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.519832] ? lock_acquire+0xc5/0x2f0 [ 128.520139] ? lock_acquire+0x18c/0x2f0 [ 128.520455] trace_contention_begin+0xae/0x110 [ 128.520819] __mutex_lock+0x14b/0x1020 [ 128.521130] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.521484] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.521843] ? lock_release+0x1c7/0x290 [ 128.522159] ? __pfx___mutex_lock+0x10/0x10 [ 128.522501] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 128.522907] ? lock_acquire+0xc5/0x2f0 [ 128.523216] cfg80211_wiphy_work+0x7e/0x480 [ 128.523565] process_one_work+0x8e1/0x19c0 [ 128.523907] ? __pfx_process_one_work+0x10/0x10 [ 128.524275] ? move_linked_works+0x172/0x270 [ 128.524633] ? assign_work+0x196/0x240 [ 128.524941] worker_thread+0x67e/0xe90 [ 128.525250] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.525663] ? __pfx_worker_thread+0x10/0x10 [ 128.526017] kthread+0x3c8/0x740 [ 128.526290] ? __pfx_kthread+0x10/0x10 [ 128.526600] ? ret_from_fork+0x23/0x430 [ 128.526921] ? lock_release+0xc8/0x290 [ 128.527231] ? __pfx_kthread+0x10/0x10 [ 128.527554] ret_from_fork+0x34b/0x430 [ 128.527873] ? __pfx_kthread+0x10/0x10 [ 128.528181] ret_from_fork_asm+0x1a/0x30 [ 128.528508] [ 128.528701] Modules linked in: [ 128.528996] ---[ end trace 0000000000000000 ]--- [ 128.529366] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.529765] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.531194] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.531617] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.532196] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.532767] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.533327] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.533901] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.534457] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.535100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.535568] CR2: 00007fced0a60019 CR3: 00000000453df000 CR4: 0000000000350ef0 [ 128.536142] note: kworker/u9:6[328] exited with preempt_count 2 [ 128.605686] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#19] SMP KASAN NOPTI [ 128.606575] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.607265] CPU: 1 UID: 0 PID: 321 Comm: kworker/u9:4 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.608195] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.608590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.609240] Workqueue: events_unbound cfg80211_wiphy_work [ 128.609676] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.610058] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.611488] RSP: 0018:ffff88801752f700 EFLAGS: 00010213 [ 128.611910] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.612469] RDX: ffff888016288000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.613035] RBP: ffff88801752f970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.613598] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.614159] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.614725] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.615354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.615822] CR2: 00007fced0a60019 CR3: 00000000448ac000 CR4: 0000000000350ef0 [ 128.616380] Call Trace: [ 128.616587] [ 128.616773] ? __pfx_perf_tp_event+0x10/0x10 [ 128.617133] ? ret_from_fork_asm+0x1a/0x30 [ 128.617475] ? stack_trace_save+0x8e/0xc0 [ 128.617807] ? stack_depot_save_flags+0x2c/0xa20 [ 128.618183] ? kasan_save_stack+0x34/0x50 [ 128.618513] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.618896] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.619277] ? kfree_skbmem+0x18a/0x1f0 [ 128.619610] ? sk_skb_reason_drop+0x10e/0x1b0 [ 128.619979] ? ieee80211_iface_work+0x43c/0x1220 [ 128.620364] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.620763] perf_trace_run_bpf_submit+0xef/0x180 [ 128.621151] perf_trace_contention_begin+0x235/0x3e0 [ 128.621554] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.621999] ? lock_acquire+0xc5/0x2f0 [ 128.622308] ? lock_acquire+0x18c/0x2f0 [ 128.622629] trace_contention_begin+0xae/0x110 [ 128.622998] __mutex_lock+0x14b/0x1020 [ 128.623312] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.623703] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.624063] ? lock_release+0x1c7/0x290 [ 128.624384] ? __pfx___mutex_lock+0x10/0x10 [ 128.624734] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 128.625142] ? lock_acquire+0xc5/0x2f0 [ 128.625455] cfg80211_wiphy_work+0x7e/0x480 [ 128.625797] process_one_work+0x8e1/0x19c0 [ 128.626138] ? __pfx_process_one_work+0x10/0x10 [ 128.626509] ? move_linked_works+0x172/0x270 [ 128.626869] ? assign_work+0x196/0x240 [ 128.627179] worker_thread+0x67e/0xe90 [ 128.627498] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.627913] ? __pfx_worker_thread+0x10/0x10 [ 128.628261] kthread+0x3c8/0x740 [ 128.628533] ? __pfx_kthread+0x10/0x10 [ 128.628845] ? ret_from_fork+0x23/0x430 [ 128.629164] ? lock_release+0xc8/0x290 [ 128.629475] ? __pfx_kthread+0x10/0x10 [ 128.629786] ret_from_fork+0x34b/0x430 [ 128.630099] ? __pfx_kthread+0x10/0x10 [ 128.630407] ret_from_fork_asm+0x1a/0x30 [ 128.630738] [ 128.630926] Modules linked in: [ 128.631214] ---[ end trace 0000000000000000 ]--- [ 128.631593] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.631989] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.633419] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.633857] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.634411] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.634987] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.635550] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.636128] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.636704] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.637329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.637801] CR2: 00007fced0a60019 CR3: 00000000448ac000 CR4: 0000000000350ef0 [ 128.638363] note: kworker/u9:4[321] exited with preempt_count 2 [ 128.708540] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#20] SMP KASAN NOPTI [ 128.709448] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.710144] CPU: 1 UID: 0 PID: 2732 Comm: kworker/u9:8 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.711089] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.711499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.712155] Workqueue: events_unbound cfg80211_wiphy_work [ 128.712597] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.712977] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.714418] RSP: 0018:ffff88800ef8f700 EFLAGS: 00010213 [ 128.714846] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.715421] RDX: ffff88801e5f1b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.715999] RBP: ffff88800ef8f970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.716568] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.717137] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.717706] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.718362] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.718830] CR2: 00007fced0a60019 CR3: 0000000041eac000 CR4: 0000000000350ef0 [ 128.719401] Call Trace: [ 128.719620] [ 128.719809] ? __pfx_perf_tp_event+0x10/0x10 [ 128.720175] ? ret_from_fork_asm+0x1a/0x30 [ 128.720524] ? stack_trace_save+0x8e/0xc0 [ 128.720862] ? stack_depot_save_flags+0x2c/0xa20 [ 128.721247] ? kasan_save_stack+0x34/0x50 [ 128.721588] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.721982] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.722372] ? kfree_skbmem+0x18a/0x1f0 [ 128.722697] ? sk_skb_reason_drop+0x10e/0x1b0 [ 128.723069] ? ieee80211_iface_work+0x43c/0x1220 [ 128.723460] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.723876] perf_trace_run_bpf_submit+0xef/0x180 [ 128.724270] perf_trace_contention_begin+0x235/0x3e0 [ 128.724685] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.725135] ? lock_acquire+0xc5/0x2f0 [ 128.725449] ? lock_acquire+0x18c/0x2f0 [ 128.725773] trace_contention_begin+0xae/0x110 [ 128.726147] __mutex_lock+0x14b/0x1020 [ 128.726468] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.726831] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.727195] ? lock_release+0x1c7/0x290 [ 128.727525] ? __pfx___mutex_lock+0x10/0x10 [ 128.727879] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 128.728290] ? lock_acquire+0xc5/0x2f0 [ 128.728607] cfg80211_wiphy_work+0x7e/0x480 [ 128.728956] process_one_work+0x8e1/0x19c0 [ 128.729303] ? __pfx_process_one_work+0x10/0x10 [ 128.729682] ? move_linked_works+0x172/0x270 [ 128.730043] ? assign_work+0x196/0x240 [ 128.730361] worker_thread+0x67e/0xe90 [ 128.730680] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.731100] ? __pfx_worker_thread+0x10/0x10 [ 128.731457] kthread+0x3c8/0x740 [ 128.731744] ? __pfx_kthread+0x10/0x10 [ 128.732058] ? ret_from_fork+0x23/0x430 [ 128.732384] ? lock_release+0xc8/0x290 [ 128.732703] ? __pfx_kthread+0x10/0x10 [ 128.733017] ret_from_fork+0x34b/0x430 [ 128.733337] ? __pfx_kthread+0x10/0x10 [ 128.733655] ret_from_fork_asm+0x1a/0x30 [ 128.733990] [ 128.734180] Modules linked in: [ 128.734477] ---[ end trace 0000000000000000 ]--- [ 128.734875] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.735254] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.736714] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.737144] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.737729] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.738299] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.738889] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.739454] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.740046] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.740705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.741170] CR2: 00007fced0a60019 CR3: 0000000041eac000 CR4: 0000000000350ef0 [ 128.741756] note: kworker/u9:8[2732] exited with preempt_count 2 [ 128.810687] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#21] SMP KASAN NOPTI [ 128.811635] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.812345] CPU: 1 UID: 0 PID: 47 Comm: kworker/u9:3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.813303] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.813715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.814387] Workqueue: events_unbound cfg80211_wiphy_work [ 128.814845] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.815244] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.816731] RSP: 0018:ffff88800b247700 EFLAGS: 00010213 [ 128.817168] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.817748] RDX: ffff88800b205280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.818325] RBP: ffff88800b247970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.818903] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.819496] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.820079] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.820737] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.821212] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 128.821794] Call Trace: [ 128.822011] [ 128.822203] ? __pfx_perf_tp_event+0x10/0x10 [ 128.822574] ? cfg80211_ibss_joined+0x2b7/0x550 [ 128.822967] ? netdev_watchdog_up+0xe/0x190 [ 128.823326] ? __ieee80211_sta_join_ibss+0xbe8/0x16f0 [ 128.823764] ? __pfx___ieee80211_sta_join_ibss+0x10/0x10 [ 128.824221] ? wake_up_klogd+0x61/0x90 [ 128.824554] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.824960] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.825372] perf_trace_run_bpf_submit+0xef/0x180 [ 128.825782] perf_trace_contention_begin+0x235/0x3e0 [ 128.826205] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.826666] ? lock_acquire+0xc5/0x2f0 [ 128.826991] ? lock_acquire+0x18c/0x2f0 [ 128.827323] trace_contention_begin+0xae/0x110 [ 128.827713] __mutex_lock+0x14b/0x1020 [ 128.828046] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.828417] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.828786] ? lock_release+0x1c7/0x290 [ 128.829113] ? __pfx___mutex_lock+0x10/0x10 [ 128.829477] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 128.829903] ? lock_acquire+0xc5/0x2f0 [ 128.830229] cfg80211_wiphy_work+0x7e/0x480 [ 128.830586] process_one_work+0x8e1/0x19c0 [ 128.830944] ? __pfx_process_one_work+0x10/0x10 [ 128.831332] ? move_linked_works+0x172/0x270 [ 128.831712] ? assign_work+0x196/0x240 [ 128.832040] worker_thread+0x67e/0xe90 [ 128.832363] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.832797] ? __pfx_worker_thread+0x10/0x10 [ 128.833163] kthread+0x3c8/0x740 [ 128.833454] ? __pfx_kthread+0x10/0x10 [ 128.833776] ? ret_from_fork+0x23/0x430 [ 128.834109] ? lock_release+0xc8/0x290 [ 128.834434] ? __pfx_kthread+0x10/0x10 [ 128.834760] ret_from_fork+0x34b/0x430 [ 128.835089] ? __pfx_kthread+0x10/0x10 [ 128.835418] ret_from_fork_asm+0x1a/0x30 [ 128.835771] [ 128.835966] Modules linked in: [ 128.836279] ---[ end trace 0000000000000000 ]--- [ 128.836681] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.837073] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.838559] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.839015] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.839602] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.840199] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.840844] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.841603] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.842378] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.843212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.843817] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 128.844404] note: kworker/u9:3[47] exited with preempt_count 2 [ 128.913511] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#22] SMP KASAN NOPTI [ 128.914512] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 128.915267] CPU: 1 UID: 0 PID: 324 Comm: kworker/u9:5 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 128.916289] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 128.916726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 128.917448] Workqueue: events_unbound cfg80211_wiphy_work [ 128.917935] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.918357] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.919942] RSP: 0018:ffff88801b967700 EFLAGS: 00010213 [ 128.920410] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 128.921031] RDX: ffff888016c15280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.921648] RBP: ffff88801b967970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.922269] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 128.922892] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.923526] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.924224] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.924734] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 128.925355] Call Trace: [ 128.925585] [ 128.925794] ? __pfx_perf_tp_event+0x10/0x10 [ 128.926192] ? ret_from_fork_asm+0x1a/0x30 [ 128.926572] ? stack_trace_save+0x8e/0xc0 [ 128.926946] ? stack_depot_save_flags+0x2c/0xa20 [ 128.927368] ? kasan_save_stack+0x34/0x50 [ 128.927747] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.928178] ? perf_trace_lock_acquire+0xc9/0x700 [ 128.928606] ? kfree_skbmem+0x18a/0x1f0 [ 128.928962] ? sk_skb_reason_drop+0x10e/0x1b0 [ 128.929363] ? ieee80211_iface_work+0x43c/0x1220 [ 128.929793] ? perf_trace_run_bpf_submit+0xef/0x180 [ 128.930236] perf_trace_run_bpf_submit+0xef/0x180 [ 128.930669] perf_trace_contention_begin+0x235/0x3e0 [ 128.931119] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 128.931622] ? lock_acquire+0xc5/0x2f0 [ 128.931972] ? lock_acquire+0x18c/0x2f0 [ 128.932329] trace_contention_begin+0xae/0x110 [ 128.932739] __mutex_lock+0x14b/0x1020 [ 128.933096] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.933494] ? cfg80211_wiphy_work+0x7e/0x480 [ 128.933892] ? lock_release+0x1c7/0x290 [ 128.934248] ? __pfx___mutex_lock+0x10/0x10 [ 128.934635] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 128.935087] ? xfd_validate_state+0x55/0x180 [ 128.935493] ? lock_acquire+0xc5/0x2f0 [ 128.935842] cfg80211_wiphy_work+0x7e/0x480 [ 128.936227] process_one_work+0x8e1/0x19c0 [ 128.936609] ? __pfx_process_one_work+0x10/0x10 [ 128.937026] ? move_linked_works+0x172/0x270 [ 128.937427] ? assign_work+0x196/0x240 [ 128.937781] worker_thread+0x67e/0xe90 [ 128.938128] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 128.938591] ? __pfx_worker_thread+0x10/0x10 [ 128.938990] kthread+0x3c8/0x740 [ 128.939296] ? __pfx_kthread+0x10/0x10 [ 128.939647] ? ret_from_fork+0x23/0x430 [ 128.940007] ? lock_release+0xc8/0x290 [ 128.940356] ? __pfx_kthread+0x10/0x10 [ 128.940707] ret_from_fork+0x34b/0x430 [ 128.941058] ? __pfx_kthread+0x10/0x10 [ 128.941405] ret_from_fork_asm+0x1a/0x30 [ 128.941774] [ 128.941987] Modules linked in: [ 128.942321] ---[ end trace 0000000000000000 ]--- [ 128.942764] RIP: 0010:perf_tp_event+0x175/0xe70 [ 128.943183] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 128.944793] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 128.945266] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 128.945916] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 128.946544] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 128.947187] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 128.947832] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 128.948460] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 128.949176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.949707] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 128.950332] note: kworker/u9:5[324] exited with preempt_count 2 [ 128.951014] kworker/u9:5 (324) used greatest stack depth: 23792 bytes left [ 129.015691] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#23] SMP KASAN NOPTI [ 129.016754] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 129.017557] CPU: 1 UID: 0 PID: 25 Comm: kworker/u9:0 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.018626] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.019089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.019860] Workqueue: events_unbound cfg80211_wiphy_work [ 129.020378] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.020820] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.022503] RSP: 0018:ffff88800976f700 EFLAGS: 00010213 [ 129.022998] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 129.023658] RDX: ffff888009751b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.024313] RBP: ffff88800976f970 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.024976] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 129.025634] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.026294] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.027036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.027589] CR2: 00007fced0a60019 CR3: 00000000453df000 CR4: 0000000000350ef0 [ 129.028252] Call Trace: [ 129.028498] [ 129.028715] ? __pfx_perf_tp_event+0x10/0x10 [ 129.029138] ? ret_from_fork_asm+0x1a/0x30 [ 129.029545] ? stack_trace_save+0x8e/0xc0 [ 129.029938] ? stack_depot_save_flags+0x2c/0xa20 [ 129.030385] ? kasan_save_stack+0x34/0x50 [ 129.030777] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.031232] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.031698] ? kfree_skbmem+0x18a/0x1f0 [ 129.032074] ? sk_skb_reason_drop+0x10e/0x1b0 [ 129.032504] ? ieee80211_iface_work+0x43c/0x1220 [ 129.032953] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.033411] ? perf_trace_run_bpf_submit+0xef/0x180 [ 129.033891] perf_trace_run_bpf_submit+0xef/0x180 [ 129.034356] perf_trace_contention_begin+0x235/0x3e0 [ 129.034842] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 129.035361] ? lock_acquire+0xc5/0x2f0 [ 129.035736] ? lock_acquire+0x18c/0x2f0 [ 129.036116] trace_contention_begin+0xae/0x110 [ 129.036550] __mutex_lock+0x14b/0x1020 [ 129.036926] ? cfg80211_wiphy_work+0x7e/0x480 [ 129.037349] ? cfg80211_wiphy_work+0x7e/0x480 [ 129.037777] ? lock_release+0x1c7/0x290 [ 129.038153] ? __pfx___mutex_lock+0x10/0x10 [ 129.038564] ? _raw_spin_unlock_irqrestore+0x22/0x50 [ 129.039045] ? lock_acquire+0xc5/0x2f0 [ 129.039418] cfg80211_wiphy_work+0x7e/0x480 [ 129.039829] process_one_work+0x8e1/0x19c0 [ 129.040235] ? __pfx_process_one_work+0x10/0x10 [ 129.040672] ? move_linked_works+0x172/0x270 [ 129.041095] ? assign_work+0x196/0x240 [ 129.041470] worker_thread+0x67e/0xe90 [ 129.041839] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 129.042330] ? __pfx_worker_thread+0x10/0x10 [ 129.042749] kthread+0x3c8/0x740 [ 129.043075] ? __pfx_kthread+0x10/0x10 [ 129.043443] ? ret_from_fork+0x23/0x430 [ 129.043838] ? lock_release+0xc8/0x290 [ 129.044208] ? __pfx_kthread+0x10/0x10 [ 129.044573] ret_from_fork+0x34b/0x430 [ 129.044946] ? __pfx_kthread+0x10/0x10 [ 129.045313] ret_from_fork_asm+0x1a/0x30 [ 129.045707] [ 129.045929] Modules linked in: [ 129.046283] ---[ end trace 0000000000000000 ]--- [ 129.046748] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.047193] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.048896] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 129.049394] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 129.050082] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.050763] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.051425] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 129.052114] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.052794] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.053540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.054108] CR2: 00007fced0a60019 CR3: 00000000453df000 CR4: 0000000000350ef0 [ 129.054792] note: kworker/u9:0[25] exited with preempt_count 2 [ 129.615894] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#24] SMP KASAN NOPTI [ 129.616849] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 129.617537] CPU: 1 UID: 0 PID: 3923 Comm: syz-executor.3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.618473] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.618869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.619519] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.619897] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.621309] RSP: 0018:ffff888046bef640 EFLAGS: 00010213 [ 129.621728] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 129.622281] RDX: ffff888016a11b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.622844] RBP: ffff888046bef8b0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.623401] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 129.623970] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.624527] FS: 00007fa54757d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.625153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.625612] CR2: 00007fced0a60019 CR3: 000000001e277000 CR4: 0000000000350ef0 [ 129.626171] Call Trace: [ 129.626380] [ 129.626562] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.626952] ? __pfx_perf_tp_event+0x10/0x10 [ 129.627308] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.627698] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 129.628112] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 129.628528] ? lock_acquire+0xc5/0x2f0 [ 129.628841] ? lock_acquire+0x18c/0x2f0 [ 129.629160] ? lock_acquire+0xc5/0x2f0 [ 129.629470] ? lock_acquire+0x18c/0x2f0 [ 129.629788] ? lock_acquire+0x18c/0x2f0 [ 129.630106] ? lock_release+0x1c7/0x290 [ 129.630426] ? __is_insn_slot_addr+0x140/0x290 [ 129.630798] ? kernel_text_address+0x5b/0xc0 [ 129.631153] ? __kernel_text_address+0xd/0x40 [ 129.631514] ? perf_trace_run_bpf_submit+0xef/0x180 [ 129.631914] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.632299] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.632685] perf_trace_run_bpf_submit+0xef/0x180 [ 129.633070] perf_trace_contention_begin+0x235/0x3e0 [ 129.633473] ? stack_depot_save_flags+0x2c/0xa20 [ 129.633852] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 129.634290] ? lock_acquire+0xc5/0x2f0 [ 129.634596] ? lock_acquire+0x18c/0x2f0 [ 129.634914] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 129.635327] trace_contention_begin+0xae/0x110 [ 129.635700] __mutex_lock+0x14b/0x1020 [ 129.636018] ? perf_event_exit_task+0x46/0x510 [ 129.636381] ? perf_event_exit_task+0x46/0x510 [ 129.636747] ? do_raw_spin_lock+0x123/0x260 [ 129.637088] ? lock_acquire+0x18c/0x2f0 [ 129.637401] ? __pfx___mutex_lock+0x10/0x10 [ 129.637747] ? _raw_spin_unlock_irq+0x23/0x40 [ 129.638105] ? lock_release+0x1c7/0x290 [ 129.638421] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 129.638830] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 129.639230] ? taskstats_exit+0x8c/0xba0 [ 129.639564] perf_event_exit_task+0x46/0x510 [ 129.639919] do_exit+0x626/0x2970 [ 129.640202] ? lock_release+0xc8/0x290 [ 129.640515] ? __pfx_do_exit+0x10/0x10 [ 129.640824] ? do_raw_spin_lock+0x123/0x260 [ 129.641166] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 129.641536] do_group_exit+0xd3/0x2a0 [ 129.641848] get_signal+0x2315/0x2340 [ 129.642159] ? __pfx_get_signal+0x10/0x10 [ 129.642490] ? do_futex+0x135/0x370 [ 129.642783] ? __pfx_do_futex+0x10/0x10 [ 129.643097] ? trace_contention_begin+0x30/0x140 [ 129.643477] arch_do_signal_or_restart+0x80/0x790 [ 129.643873] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 129.644300] ? __x64_sys_futex+0x1c9/0x4d0 [ 129.644634] ? __x64_sys_futex+0x1d2/0x4d0 [ 129.644973] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 129.645434] ? __pfx___x64_sys_futex+0x10/0x10 [ 129.645798] ? selinux_file_ioctl+0xb9/0x280 [ 129.646152] exit_to_user_mode_loop+0x8b/0x110 [ 129.646513] do_syscall_64+0x2f7/0x360 [ 129.646823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.647227] RIP: 0033:0x7fa54a028b19 [ 129.647535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.648946] RSP: 002b:00007fa54757d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 129.649534] RAX: fffffffffffffe00 RBX: 00007fa54a13c028 RCX: 00007fa54a028b19 [ 129.650085] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa54a13c028 [ 129.650637] RBP: 00007fa54a13c020 R08: 0000000000000000 R09: 0000000000000000 [ 129.651186] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa54a13c02c [ 129.651742] R13: 00007ffd34d0d3ff R14: 00007fa54757d300 R15: 0000000000022000 [ 129.652300] [ 129.652488] Modules linked in: [ 129.653437] ---[ end trace 0000000000000000 ]--- [ 129.654291] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.654699] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.656135] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 129.656557] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 129.657134] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.657714] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.658269] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 129.658846] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.659407] FS: 00007fa54757d700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.660066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.660524] CR2: 00007fced0a60019 CR3: 000000001e277000 CR4: 0000000000350ef0 [ 129.661106] note: syz-executor.3[3923] exited with preempt_count 2 [ 129.661588] Fixing recursive fault but reboot is needed! [ 129.662029] BUG: scheduling while atomic: syz-executor.3/3923/0x00000000 [ 129.662554] INFO: lockdep is turned off. [ 129.662884] Modules linked in: [ 129.663147] CPU: 1 UID: 0 PID: 3923 Comm: syz-executor.3 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.663167] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.663172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.663178] Call Trace: [ 129.663182] [ 129.663186] dump_stack_lvl+0xfa/0x120 [ 129.663205] __schedule_bug+0xb9/0x100 [ 129.663218] __schedule+0x24f3/0x3590 [ 129.663232] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 129.663245] ? __pfx_vprintk_emit+0x10/0x10 [ 129.663264] ? arch_do_signal_or_restart+0x80/0x790 [ 129.663279] ? __pfx___schedule+0x10/0x10 [ 129.663293] ? do_raw_spin_lock+0x123/0x260 [ 129.663308] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 129.663322] ? lock_acquire+0x18c/0x2f0 [ 129.663335] ? selinux_file_ioctl+0xb9/0x280 [ 129.663348] ? lock_release+0x1c7/0x290 [ 129.663361] ? do_task_dead+0x3e/0x110 [ 129.663374] do_task_dead+0xdc/0x110 [ 129.663387] make_task_dead+0x373/0x3b0 [ 129.663399] ? do_syscall_64+0x2f7/0x360 [ 129.663410] rewind_stack_and_make_dead+0x16/0x20 [ 129.663425] RIP: 0033:0x7fa54a028b19 [ 129.663433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.663444] RSP: 002b:00007fa54757d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 129.663455] RAX: fffffffffffffe00 RBX: 00007fa54a13c028 RCX: 00007fa54a028b19 [ 129.663462] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa54a13c028 [ 129.663469] RBP: 00007fa54a13c020 R08: 0000000000000000 R09: 0000000000000000 [ 129.663476] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa54a13c02c [ 129.663483] R13: 00007ffd34d0d3ff R14: 00007fa54757d300 R15: 0000000000022000 [ 129.663503] [ 129.663557] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#25] SMP KASAN NOPTI [ 129.677374] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 129.678046] CPU: 1 UID: 101 PID: 126 Comm: systemd-timesyn Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.678982] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.679375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.680019] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.680390] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.681797] RSP: 0018:ffff88800f78f6c0 EFLAGS: 00010213 [ 129.682211] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 129.682765] RDX: ffff88800f928000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.683317] RBP: ffff88800f78f930 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.683879] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 129.684433] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.684988] FS: 00007f6bed149900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.685608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.686061] CR2: 00007fced0a60019 CR3: 000000000ea27000 CR4: 0000000000350ef0 [ 129.686618] Call Trace: [ 129.686825] [ 129.687011] ? __lock_acquire+0x694/0x1b70 [ 129.687346] ? __pfx_perf_tp_event+0x10/0x10 [ 129.687706] ? lock_acquire+0x15e/0x2f0 [ 129.688022] ? __is_insn_slot_addr+0x2e/0x290 [ 129.688383] ? __lock_acquire+0x694/0x1b70 [ 129.688722] ? __rb_erase_color+0x2b7/0xe80 [ 129.689065] ? __pfx_min_vruntime_cb_rotate+0x10/0x10 [ 129.689478] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.689862] ? __dequeue_entity+0x68e/0x1900 [ 129.690213] ? perf_trace_run_bpf_submit+0xef/0x180 [ 129.690607] perf_trace_run_bpf_submit+0xef/0x180 [ 129.690993] perf_trace_contention_begin+0x235/0x3e0 [ 129.691393] ? lock_acquire+0xc5/0x2f0 [ 129.691714] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 129.692153] ? lock_acquire+0xc5/0x2f0 [ 129.692463] ? lock_acquire+0x18c/0x2f0 [ 129.692782] trace_contention_begin+0xae/0x110 [ 129.693145] __mutex_lock+0x14b/0x1020 [ 129.693455] ? ep_send_events+0xff/0xaa0 [ 129.693783] ? ep_send_events+0xff/0xaa0 [ 129.694106] ? __pfx___mutex_lock+0x10/0x10 [ 129.694451] ? lock_acquire+0x15e/0x2f0 [ 129.694768] ? find_held_lock+0x2b/0x80 [ 129.695086] ? schedule+0x2c7/0x390 [ 129.695380] ? lock_release+0xc8/0x290 [ 129.695695] ep_send_events+0xff/0xaa0 [ 129.696006] ? schedule_hrtimeout_range_clock+0x1c0/0x310 [ 129.696439] ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10 [ 129.696904] ? __pfx_ep_send_events+0x10/0x10 [ 129.697264] ? lock_release+0xc8/0x290 [ 129.697575] do_epoll_wait+0x42e/0xee0 [ 129.697889] ? fput+0x6a/0x100 [ 129.698151] ? __pfx_do_epoll_wait+0x10/0x10 [ 129.698500] ? do_timerfd_settime+0x1e4/0x1110 [ 129.698866] ? populate_seccomp_data+0x213/0x540 [ 129.699244] ? __pfx_ep_autoremove_wake_function+0x10/0x10 [ 129.699690] ? __pfx___seccomp_filter+0x10/0x10 [ 129.700059] __x64_sys_epoll_wait+0x15b/0x280 [ 129.700421] ? __pfx___x64_sys_epoll_wait+0x10/0x10 [ 129.700821] ? __secure_computing+0x18d/0x290 [ 129.701182] do_syscall_64+0xbf/0x360 [ 129.701482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.701889] RIP: 0033:0x7f6beda3e116 [ 129.702185] Code: 10 89 7c 24 0c 89 4c 24 1c e8 86 6c f8 ff 44 8b 54 24 1c 8b 54 24 18 41 89 c0 48 8b 74 24 10 8b 7c 24 0c b8 e8 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 32 44 89 c7 89 44 24 0c e8 b6 6c f8 ff 8b 44 [ 129.703595] RSP: 002b:00007ffcb1b2e140 EFLAGS: 00000293 ORIG_RAX: 00000000000000e8 [ 129.704181] RAX: ffffffffffffffda RBX: 0000563f0887c310 RCX: 00007f6beda3e116 [ 129.704734] RDX: 0000000000000008 RSI: 0000563f08881e50 RDI: 0000000000000004 [ 129.705287] RBP: ffffffffffffffff R08: 0000000000000000 R09: 0000563f0887bb60 [ 129.705840] R10: 00000000ffffffff R11: 0000000000000293 R12: 0000000000000001 [ 129.706394] R13: 0000000000000008 R14: 0000000000000065 R15: 0000000000000000 [ 129.706954] [ 129.707140] Modules linked in: [ 129.707463] ---[ end trace 0000000000000000 ]--- [ 129.707861] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.708236] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.709666] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 129.710084] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 129.710660] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.711215] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.711797] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 129.712354] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.712935] FS: 00007f6bed149900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.713572] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.714054] CR2: 00007fced0a60019 CR3: 000000000ea27000 CR4: 0000000000350ef0 [ 129.714642] note: systemd-timesyn[126] exited with preempt_count 2 [ 129.716697] BUG: Bad page state in process swapper/1 pfn:46be9 [ 129.717198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46be9 [ 129.717856] flags: 0x100000000000000(node=0|zone=1) [ 129.718262] page_type: f9(unknown) [ 129.718555] raw: 0100000000000000 ffffea00011afa48 ffffea00011afa48 0000000000000000 [ 129.719190] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.719834] page dumped because: nonzero mapcount [ 129.720216] Modules linked in: [ 129.720482] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.720504] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.720509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.720516] Call Trace: [ 129.720520] [ 129.720525] dump_stack_lvl+0xfa/0x120 [ 129.720545] bad_page+0x8c/0x1c0 [ 129.720558] __free_frozen_pages+0xaf9/0xe10 [ 129.720578] ? rcu_core+0x7c3/0x1800 [ 129.720593] rcu_core+0x7c8/0x1800 [ 129.720611] ? __pfx_rcu_core+0x10/0x10 [ 129.720630] ? clockevents_program_event+0x135/0x360 [ 129.720649] ? tick_program_event+0xac/0x140 [ 129.720661] ? hrtimer_interrupt+0x652/0x830 [ 129.720675] handle_softirqs+0x1b1/0x770 [ 129.720698] __irq_exit_rcu+0xc4/0x100 [ 129.720717] irq_exit_rcu+0x9/0x20 [ 129.720728] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.720746] [ 129.720750] [ 129.720754] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.720768] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.720787] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.720800] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.720810] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.720819] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.720827] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.720835] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.720844] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.720855] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.720876] ? do_idle+0x344/0x490 [ 129.720892] default_idle+0xe/0x20 [ 129.720903] default_idle_call+0x6d/0xb0 [ 129.720914] do_idle+0x344/0x490 [ 129.720929] ? __pfx_do_idle+0x10/0x10 [ 129.720945] ? trace_sched_exit_tp+0x26/0x100 [ 129.720966] cpu_startup_entry+0x4f/0x60 [ 129.720982] start_secondary+0x1bd/0x210 [ 129.720996] common_startup_64+0x13e/0x148 [ 129.721016] [ 129.736444] BUG: Bad page state in process swapper/1 pfn:46bea [ 129.736935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46bea [ 129.737555] flags: 0x100000000000000(node=0|zone=1) [ 129.737969] page_type: f9(unknown) [ 129.738257] raw: 0100000000000000 ffffea00011afa88 ffffea00011afa88 0000000000000000 [ 129.738887] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.739503] page dumped because: nonzero mapcount [ 129.739903] Modules linked in: [ 129.740168] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.740191] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.740196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.740203] Call Trace: [ 129.740207] [ 129.740211] dump_stack_lvl+0xfa/0x120 [ 129.740231] bad_page+0x8c/0x1c0 [ 129.740243] __free_frozen_pages+0xaf9/0xe10 [ 129.740261] ? rcu_core+0x7c3/0x1800 [ 129.740276] rcu_core+0x7c8/0x1800 [ 129.740294] ? __pfx_rcu_core+0x10/0x10 [ 129.740309] ? clockevents_program_event+0x135/0x360 [ 129.740327] ? tick_program_event+0xac/0x140 [ 129.740339] ? hrtimer_interrupt+0x652/0x830 [ 129.740352] handle_softirqs+0x1b1/0x770 [ 129.740375] __irq_exit_rcu+0xc4/0x100 [ 129.740394] irq_exit_rcu+0x9/0x20 [ 129.740404] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.740422] [ 129.740426] [ 129.740430] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.740444] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.740462] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.740475] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.740485] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.740493] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.740502] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.740510] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.740518] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.740529] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.740550] ? do_idle+0x344/0x490 [ 129.740566] default_idle+0xe/0x20 [ 129.740576] default_idle_call+0x6d/0xb0 [ 129.740587] do_idle+0x344/0x490 [ 129.740603] ? __pfx_do_idle+0x10/0x10 [ 129.740622] ? trace_sched_exit_tp+0x26/0x100 [ 129.740643] cpu_startup_entry+0x4f/0x60 [ 129.740659] start_secondary+0x1bd/0x210 [ 129.740671] common_startup_64+0x13e/0x148 [ 129.740691] [ 129.756184] BUG: Bad page state in process swapper/1 pfn:46beb [ 129.756669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46beb [ 129.757291] flags: 0x100000000000000(node=0|zone=1) [ 129.757712] page_type: f9(unknown) [ 129.758000] raw: 0100000000000000 ffffea00011afac8 ffffea00011afac8 0000000000000000 [ 129.758612] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.759238] page dumped because: nonzero mapcount [ 129.759641] Modules linked in: [ 129.759909] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.759931] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.759936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.759943] Call Trace: [ 129.759947] [ 129.759952] dump_stack_lvl+0xfa/0x120 [ 129.759971] bad_page+0x8c/0x1c0 [ 129.759984] __free_frozen_pages+0xaf9/0xe10 [ 129.760002] ? rcu_core+0x7c3/0x1800 [ 129.760017] rcu_core+0x7c8/0x1800 [ 129.760035] ? __pfx_rcu_core+0x10/0x10 [ 129.760051] ? clockevents_program_event+0x135/0x360 [ 129.760069] ? tick_program_event+0xac/0x140 [ 129.760081] ? hrtimer_interrupt+0x652/0x830 [ 129.760094] handle_softirqs+0x1b1/0x770 [ 129.760117] __irq_exit_rcu+0xc4/0x100 [ 129.760137] irq_exit_rcu+0x9/0x20 [ 129.760147] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.760165] [ 129.760169] [ 129.760173] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.760188] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.760206] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.760219] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.760228] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.760237] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.760246] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.760254] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.760263] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.760274] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.760294] ? do_idle+0x344/0x490 [ 129.760310] default_idle+0xe/0x20 [ 129.760321] default_idle_call+0x6d/0xb0 [ 129.760332] do_idle+0x344/0x490 [ 129.760348] ? __pfx_do_idle+0x10/0x10 [ 129.760363] ? trace_sched_exit_tp+0x26/0x100 [ 129.760384] cpu_startup_entry+0x4f/0x60 [ 129.760400] start_secondary+0x1bd/0x210 [ 129.760412] common_startup_64+0x13e/0x148 [ 129.760433] [ 129.760438] BUG: Bad page state in process swapper/1 pfn:46bec [ 129.776570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46bec [ 129.777210] flags: 0x100000000000000(node=0|zone=1) [ 129.777606] page_type: f9(unknown) [ 129.777911] raw: 0100000000000000 ffffea00011afb08 ffffea00011afb08 0000000000000000 [ 129.778514] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.779139] page dumped because: nonzero mapcount [ 129.779522] Modules linked in: [ 129.779805] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.779825] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.779831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.779838] Call Trace: [ 129.779842] [ 129.779848] dump_stack_lvl+0xfa/0x120 [ 129.779866] bad_page+0x8c/0x1c0 [ 129.779878] __free_frozen_pages+0xaf9/0xe10 [ 129.779895] ? rcu_core+0x7c3/0x1800 [ 129.779908] rcu_core+0x7c8/0x1800 [ 129.779924] ? __pfx_rcu_core+0x10/0x10 [ 129.779937] ? clockevents_program_event+0x135/0x360 [ 129.779953] ? tick_program_event+0xac/0x140 [ 129.779965] ? hrtimer_interrupt+0x652/0x830 [ 129.779978] handle_softirqs+0x1b1/0x770 [ 129.779999] __irq_exit_rcu+0xc4/0x100 [ 129.780016] irq_exit_rcu+0x9/0x20 [ 129.780025] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.780041] [ 129.780044] [ 129.780048] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.780060] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.780076] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.780087] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.780095] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.780103] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.780110] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.780118] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.780125] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.780135] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.780152] ? do_idle+0x344/0x490 [ 129.780166] default_idle+0xe/0x20 [ 129.780175] default_idle_call+0x6d/0xb0 [ 129.780184] do_idle+0x344/0x490 [ 129.780198] ? __pfx_do_idle+0x10/0x10 [ 129.780212] ? trace_sched_exit_tp+0x26/0x100 [ 129.780229] cpu_startup_entry+0x4f/0x60 [ 129.780243] start_secondary+0x1bd/0x210 [ 129.780254] common_startup_64+0x13e/0x148 [ 129.780271] [ 129.780276] BUG: Bad page state in process swapper/1 pfn:46bed [ 129.796365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46bed [ 129.797015] flags: 0x100000000000000(node=0|zone=1) [ 129.797412] page_type: f9(unknown) [ 129.797722] raw: 0100000000000000 ffffea00011afb48 ffffea00011afb48 0000000000000000 [ 129.798330] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.798954] page dumped because: nonzero mapcount [ 129.799332] Modules linked in: [ 129.799603] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.799625] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.799630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.799636] Call Trace: [ 129.799639] [ 129.799644] dump_stack_lvl+0xfa/0x120 [ 129.799660] bad_page+0x8c/0x1c0 [ 129.799671] __free_frozen_pages+0xaf9/0xe10 [ 129.799687] ? rcu_core+0x7c3/0x1800 [ 129.799700] rcu_core+0x7c8/0x1800 [ 129.799715] ? __pfx_rcu_core+0x10/0x10 [ 129.799728] ? clockevents_program_event+0x135/0x360 [ 129.799744] ? tick_program_event+0xac/0x140 [ 129.799755] ? hrtimer_interrupt+0x652/0x830 [ 129.799766] handle_softirqs+0x1b1/0x770 [ 129.799785] __irq_exit_rcu+0xc4/0x100 [ 129.799802] irq_exit_rcu+0x9/0x20 [ 129.799811] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.799826] [ 129.799830] [ 129.799834] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.799846] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.799862] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.799873] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.799881] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.799889] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.799896] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.799904] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.799911] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.799921] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.799939] ? do_idle+0x344/0x490 [ 129.799952] default_idle+0xe/0x20 [ 129.799961] default_idle_call+0x6d/0xb0 [ 129.799971] do_idle+0x344/0x490 [ 129.799985] ? __pfx_do_idle+0x10/0x10 [ 129.799999] ? trace_sched_exit_tp+0x26/0x100 [ 129.800016] cpu_startup_entry+0x4f/0x60 [ 129.800030] start_secondary+0x1bd/0x210 [ 129.800041] common_startup_64+0x13e/0x148 [ 129.800058] [ 129.815450] BUG: Bad page state in process swapper/1 pfn:46bee [ 129.815942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46bee [ 129.816568] flags: 0x100000000000000(node=0|zone=1) [ 129.816981] page_type: f9(unknown) [ 129.817267] raw: 0100000000000000 ffffea00011afb88 ffffea00011afb88 0000000000000000 [ 129.817895] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.818502] page dumped because: nonzero mapcount [ 129.818899] Modules linked in: [ 129.819166] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.819186] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.819190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.819196] Call Trace: [ 129.819200] [ 129.819204] dump_stack_lvl+0xfa/0x120 [ 129.819221] bad_page+0x8c/0x1c0 [ 129.819231] __free_frozen_pages+0xaf9/0xe10 [ 129.819247] ? rcu_core+0x7c3/0x1800 [ 129.819260] rcu_core+0x7c8/0x1800 [ 129.819276] ? __pfx_rcu_core+0x10/0x10 [ 129.819289] ? clockevents_program_event+0x135/0x360 [ 129.819304] ? tick_program_event+0xac/0x140 [ 129.819315] ? hrtimer_interrupt+0x652/0x830 [ 129.819326] handle_softirqs+0x1b1/0x770 [ 129.819345] __irq_exit_rcu+0xc4/0x100 [ 129.819362] irq_exit_rcu+0x9/0x20 [ 129.819371] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.819386] [ 129.819389] [ 129.819393] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.819406] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.819421] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.819432] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.819441] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.819448] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.819455] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.819463] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.819470] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.819480] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.819506] ? do_idle+0x344/0x490 [ 129.819520] default_idle+0xe/0x20 [ 129.819529] default_idle_call+0x6d/0xb0 [ 129.819539] do_idle+0x344/0x490 [ 129.819552] ? __pfx_do_idle+0x10/0x10 [ 129.819566] ? trace_sched_exit_tp+0x26/0x100 [ 129.819584] cpu_startup_entry+0x4f/0x60 [ 129.819598] start_secondary+0x1bd/0x210 [ 129.819609] common_startup_64+0x13e/0x148 [ 129.819631] [ 129.835028] BUG: Bad page state in process swapper/1 pfn:46bef [ 129.835508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46bef [ 129.836150] flags: 0x100000000000000(node=0|zone=1) [ 129.836544] page_type: f9(unknown) [ 129.836845] raw: 0100000000000000 ffffea00011afbc8 ffffea00011afbc8 0000000000000000 [ 129.837451] raw: 0000000000000000 0000000000000000 00000000f9000000 0000000000000000 [ 129.838077] page dumped because: nonzero mapcount [ 129.838459] Modules linked in: [ 129.838748] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.838768] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.838772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.838779] Call Trace: [ 129.838784] [ 129.838788] dump_stack_lvl+0xfa/0x120 [ 129.838806] bad_page+0x8c/0x1c0 [ 129.838818] __free_frozen_pages+0xaf9/0xe10 [ 129.838835] ? rcu_core+0x7c3/0x1800 [ 129.838850] rcu_core+0x7c8/0x1800 [ 129.838866] ? __pfx_rcu_core+0x10/0x10 [ 129.838879] ? clockevents_program_event+0x135/0x360 [ 129.838894] ? tick_program_event+0xac/0x140 [ 129.838905] ? hrtimer_interrupt+0x652/0x830 [ 129.838917] handle_softirqs+0x1b1/0x770 [ 129.838936] __irq_exit_rcu+0xc4/0x100 [ 129.838954] irq_exit_rcu+0x9/0x20 [ 129.838964] sysvec_apic_timer_interrupt+0x70/0x80 [ 129.838980] [ 129.838984] [ 129.838988] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 129.839002] RIP: 0010:pv_native_safe_halt+0x1e/0x30 [ 129.839018] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d 69 f7 09 00 0f 1f 44 00 00 fb f4 dd 83 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 [ 129.839030] RSP: 0018:ffff888009717e58 EFLAGS: 00000246 [ 129.839039] RAX: ffff8880e56dd000 RBX: 0000000000000001 RCX: ffffffff84bb95f7 [ 129.839047] RDX: ffffed100d9e630b RSI: 0000000000000004 RDI: ffffffff814c8304 [ 129.839055] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffed100d9e630a [ 129.839063] R10: ffff88806cf31853 R11: 1ffff1100d9e6f7b R12: ffffffff8643ac50 [ 129.839072] R13: 1ffff110012e2fd2 R14: 0000000000000000 R15: 0000000000000000 [ 129.839083] ? ct_kernel_exit.constprop.0+0x127/0x150 [ 129.839102] ? do_idle+0x344/0x490 [ 129.839117] default_idle+0xe/0x20 [ 129.839126] default_idle_call+0x6d/0xb0 [ 129.839136] do_idle+0x344/0x490 [ 129.839150] ? __pfx_do_idle+0x10/0x10 [ 129.839164] ? trace_sched_exit_tp+0x26/0x100 [ 129.839183] cpu_startup_entry+0x4f/0x60 [ 129.839198] start_secondary+0x1bd/0x210 [ 129.839210] common_startup_64+0x13e/0x148 [ 129.839230] [ 129.856204] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#26] SMP KASAN NOPTI [ 129.857135] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 129.857860] CPU: 1 UID: 0 PID: 175 Comm: rs:main Q:Reg Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 129.858834] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 129.859249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 129.859906] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.860282] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.861719] RSP: 0018:ffff888016d4f940 EFLAGS: 00010213 [ 129.862142] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 129.862706] RDX: ffff88801bcab700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.863273] RBP: ffff888016d4fbb0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.863851] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 129.864414] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.864976] FS: 00007fbd6cee1700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.865603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.866060] CR2: 00007fced0a60019 CR3: 000000001cd0f000 CR4: 0000000000350ef0 [ 129.866618] Call Trace: [ 129.866824] [ 129.867010] ? __pfx_perf_tp_event+0x10/0x10 [ 129.867363] ? __pfx___schedule+0x10/0x10 [ 129.867701] ? lock_acquire+0xc5/0x2f0 [ 129.868013] ? lock_acquire+0x18c/0x2f0 [ 129.868333] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.868715] ? lock_release+0x1c7/0x290 [ 129.869032] ? perf_trace_lock_acquire+0xc9/0x700 [ 129.869417] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 129.869833] ? __pfx___futex_wait+0x10/0x10 [ 129.870179] ? perf_trace_run_bpf_submit+0xef/0x180 [ 129.870575] perf_trace_run_bpf_submit+0xef/0x180 [ 129.870962] perf_trace_contention_begin+0x235/0x3e0 [ 129.871367] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 129.871820] ? lock_acquire+0xc5/0x2f0 [ 129.872129] ? lock_acquire+0x18c/0x2f0 [ 129.872446] trace_contention_begin+0xae/0x110 [ 129.872810] __mutex_lock+0x14b/0x1020 [ 129.873124] ? fdget_pos+0x2a8/0x380 [ 129.873424] ? fdget_pos+0x2a8/0x380 [ 129.873723] ? __pfx___mutex_lock+0x10/0x10 [ 129.874067] ? lock_acquire+0x18c/0x2f0 [ 129.874382] ? lock_release+0x1c7/0x290 [ 129.874704] ? __fget_files+0x20d/0x3b0 [ 129.875021] fdget_pos+0x2a8/0x380 [ 129.875306] ksys_write+0x71/0x240 [ 129.875599] ? __pfx_ksys_write+0x10/0x10 [ 129.875932] do_syscall_64+0xbf/0x360 [ 129.876234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.876639] RIP: 0033:0x7fbd6dd24fef [ 129.876935] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 5c fd ff ff 48 [ 129.878344] RSP: 002b:00007fbd6cee0860 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 129.878934] RAX: ffffffffffffffda RBX: 00007fbd64021e80 RCX: 00007fbd6dd24fef [ 129.879496] RDX: 0000000000000e33 RSI: 00007fbd64022120 RDI: 0000000000000007 [ 129.880050] RBP: 0000000000000e33 R08: 0000000000000000 R09: 0000000000000000 [ 129.880603] R10: 0000000000000000 R11: 0000000000000293 R12: 00007fbd64022120 [ 129.881158] R13: 0000000000000000 R14: 000000000000003a R15: 00007fbd64021e80 [ 129.881719] [ 129.881913] Modules linked in: [ 129.882887] ---[ end trace 0000000000000000 ]--- [ 129.883265] RIP: 0010:perf_tp_event+0x175/0xe70 [ 129.883678] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 129.885107] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 129.885526] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 129.886104] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 129.886676] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 129.887230] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 129.887816] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 129.888373] FS: 00007fbd6cee1700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 129.889022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.889485] CR2: 00007fced0a60019 CR3: 000000001cd0f000 CR4: 0000000000350ef0 [ 129.890069] note: rs:main Q:Reg[175] exited with preempt_count 2 [ 131.017580] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#27] SMP KASAN NOPTI [ 131.018558] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 131.019238] CPU: 1 UID: 0 PID: 389 Comm: kworker/u10:5 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.020164] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 131.020557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.021193] Workqueue: 0x0 (flush-8:0) [ 131.021519] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.021901] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.023303] RSP: 0018:ffff888045a8f780 EFLAGS: 00010213 [ 131.023728] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 131.024278] RDX: ffff888045a79b80 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.024834] RBP: ffff888045a8f9f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.025386] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 131.025942] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.026494] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.027117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.027579] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 131.028135] Call Trace: [ 131.028340] [ 131.028527] ? __pfx_perf_tp_event+0x10/0x10 [ 131.028882] ? kasan_save_stack+0x34/0x50 [ 131.029213] ? kasan_save_stack+0x24/0x50 [ 131.029543] ? kasan_save_track+0x14/0x30 [ 131.029872] ? __kasan_save_free_info+0x3a/0x60 [ 131.030239] ? __kasan_slab_free+0x3f/0x50 [ 131.030575] ? kfree+0x281/0x550 [ 131.030853] ? __kthread_create_on_node+0x29d/0x3c0 [ 131.031253] ? kthread_create_on_node+0xbe/0x100 [ 131.031639] ? create_worker+0x408/0x800 [ 131.031959] ? worker_thread+0x956/0xe90 [ 131.032280] ? kthread+0x3c8/0x740 [ 131.032565] ? ret_from_fork+0x34b/0x430 [ 131.032899] ? ret_from_fork_asm+0x1a/0x30 [ 131.033239] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.033656] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.034038] ? wq_worker_running+0x57/0x250 [ 131.034386] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.034767] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.035234] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.035705] ? perf_trace_run_bpf_submit+0xef/0x180 [ 131.036100] perf_trace_run_bpf_submit+0xef/0x180 [ 131.036485] perf_trace_contention_begin+0x235/0x3e0 [ 131.036884] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 131.037320] ? lock_acquire+0xc5/0x2f0 [ 131.037630] ? lock_acquire+0x18c/0x2f0 [ 131.037950] trace_contention_begin+0xae/0x110 [ 131.038314] __mutex_lock+0x14b/0x1020 [ 131.038631] ? worker_attach_to_pool+0x25/0x3c0 [ 131.039003] ? worker_attach_to_pool+0x25/0x3c0 [ 131.039376] ? wait_task_inactive+0x669/0xa20 [ 131.039743] ? set_cpus_allowed_fair+0xd/0x20 [ 131.040098] ? __do_set_cpus_allowed+0x1a6/0x8d0 [ 131.040483] ? __pfx___mutex_lock+0x10/0x10 [ 131.040828] ? do_set_cpus_allowed+0x7a/0xd0 [ 131.041176] ? __pfx_do_set_cpus_allowed+0x10/0x10 [ 131.041561] ? lock_release+0x1c7/0x290 [ 131.041878] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 131.042287] worker_attach_to_pool+0x25/0x3c0 [ 131.042648] create_worker+0x2a9/0x800 [ 131.042957] ? __pfx_create_worker+0x10/0x10 [ 131.043311] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 131.043689] ? lock_release+0x1c7/0x290 [ 131.044008] worker_thread+0x956/0xe90 [ 131.044320] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 131.044731] ? __pfx_worker_thread+0x10/0x10 [ 131.045081] kthread+0x3c8/0x740 [ 131.045351] ? __pfx_kthread+0x10/0x10 [ 131.045660] ? ret_from_fork+0x23/0x430 [ 131.045980] ? lock_release+0xc8/0x290 [ 131.046290] ? __pfx_kthread+0x10/0x10 [ 131.046598] ret_from_fork+0x34b/0x430 [ 131.046911] ? __pfx_kthread+0x10/0x10 [ 131.047222] ret_from_fork_asm+0x1a/0x30 [ 131.047561] [ 131.047747] Modules linked in: [ 131.048048] ---[ end trace 0000000000000000 ]--- [ 131.048421] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.048815] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.050246] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 131.050681] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 131.051233] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.051817] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.052374] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.052949] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.053506] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.054153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.054608] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 131.055185] note: kworker/u10:5[389] exited with preempt_count 2 [ 131.066846] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#28] SMP KASAN NOPTI [ 131.067735] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 131.068404] CPU: 1 UID: 0 PID: 3965 Comm: kworker/u9:9 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.069313] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 131.069704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.070337] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.070709] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.072126] RSP: 0018:ffff888045a8f880 EFLAGS: 00010213 [ 131.072540] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 131.073094] RDX: ffff888017795280 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.073649] RBP: ffff888045a8faf0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.074202] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 131.074753] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.075304] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.075942] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.076391] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 131.076948] Call Trace: [ 131.077153] [ 131.077336] ? __pfx_perf_tp_event+0x10/0x10 [ 131.077702] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.078085] ? perf_trace_run_bpf_submit+0xef/0x180 [ 131.078479] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.078860] perf_trace_run_bpf_submit+0xef/0x180 [ 131.079244] perf_trace_contention_begin+0x235/0x3e0 [ 131.079652] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 131.080088] ? lock_acquire+0xc5/0x2f0 [ 131.080398] ? lock_acquire+0x18c/0x2f0 [ 131.080715] trace_contention_begin+0xae/0x110 [ 131.081077] __mutex_lock+0x14b/0x1020 [ 131.081387] ? worker_thread+0x58/0xe90 [ 131.081705] ? worker_thread+0x58/0xe90 [ 131.082020] ? finish_task_switch.isra.0+0x206/0x840 [ 131.082425] ? __pfx___mutex_lock+0x10/0x10 [ 131.082770] ? __schedule+0xe91/0x3590 [ 131.083083] ? do_raw_spin_lock+0x123/0x260 [ 131.083428] worker_thread+0x58/0xe90 [ 131.083739] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 131.084149] ? __kthread_parkme+0x1a7/0x250 [ 131.084493] ? __pfx_worker_thread+0x10/0x10 [ 131.084844] kthread+0x3c8/0x740 [ 131.085118] ? __pfx_kthread+0x10/0x10 [ 131.085428] ? __pfx_kthread+0x10/0x10 [ 131.085737] ? lock_release+0x1c7/0x290 [ 131.086053] ? __pfx_kthread+0x10/0x10 [ 131.086361] ret_from_fork+0x34b/0x430 [ 131.086675] ? __pfx_kthread+0x10/0x10 [ 131.086985] ret_from_fork_asm+0x1a/0x30 [ 131.087313] [ 131.087499] Modules linked in: [ 131.087793] ---[ end trace 0000000000000000 ]--- [ 131.088162] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.088533] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.090143] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 131.090563] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 131.091139] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.091719] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.092272] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.092844] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.093400] FS: 0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.094046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.094501] CR2: 00007fced0a60019 CR3: 000000003da28000 CR4: 0000000000350ef0 [ 131.095080] note: kworker/u9:9[3965] exited with preempt_count 2 [ 131.167450] ================================================================== [ 131.168648] BUG: KASAN: slab-use-after-free in kick_pool+0x5fe/0x660 [ 131.169632] Read of size 4 at addr ffff8880177952e4 by task kworker/u9:7/2195 [ 131.170701] [ 131.170988] CPU: 0 UID: 0 PID: 2195 Comm: kworker/u9:7 Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.171028] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 131.171038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.171054] Workqueue: events_unbound cfg80211_wiphy_work [ 131.171083] Call Trace: [ 131.171091] [ 131.171101] dump_stack_lvl+0xca/0x120 [ 131.171136] print_report+0xcb/0x610 [ 131.171167] ? __virt_addr_valid+0x100/0x5d0 [ 131.171203] ? kick_pool+0x5fe/0x660 [ 131.171235] ? kick_pool+0x5fe/0x660 [ 131.171267] kasan_report+0xca/0x100 [ 131.171298] ? kick_pool+0x5fe/0x660 [ 131.171334] kick_pool+0x5fe/0x660 [ 131.171370] process_one_work+0x632/0x19c0 [ 131.171406] ? __pfx_process_one_work+0x10/0x10 [ 131.171432] ? move_linked_works+0x172/0x270 [ 131.171467] ? assign_work+0x196/0x240 [ 131.171494] worker_thread+0x67e/0xe90 [ 131.171532] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 131.171560] ? __pfx_worker_thread+0x10/0x10 [ 131.171588] kthread+0x3c8/0x740 [ 131.171612] ? __pfx_kthread+0x10/0x10 [ 131.171634] ? ret_from_fork+0x23/0x430 [ 131.171668] ? lock_release+0xc8/0x290 [ 131.171695] ? __pfx_kthread+0x10/0x10 [ 131.171719] ret_from_fork+0x34b/0x430 [ 131.171751] ? __pfx_kthread+0x10/0x10 [ 131.171774] ret_from_fork_asm+0x1a/0x30 [ 131.171814] [ 131.171821] [ 131.190927] Allocated by task 2: [ 131.191432] kasan_save_stack+0x24/0x50 [ 131.192042] kasan_save_track+0x14/0x30 [ 131.192656] __kasan_slab_alloc+0x59/0x70 [ 131.193280] kmem_cache_alloc_node_noprof+0x21a/0x690 [ 131.194058] copy_process+0x461/0x73c0 [ 131.194638] kernel_clone+0xea/0x7f0 [ 131.195197] kernel_thread+0xd7/0x120 [ 131.195771] kthreadd+0x4ab/0x760 [ 131.196288] ret_from_fork+0x34b/0x430 [ 131.196876] ret_from_fork_asm+0x1a/0x30 [ 131.197483] [ 131.197741] Freed by task 0: [ 131.198197] kasan_save_stack+0x24/0x50 [ 131.198792] kasan_save_track+0x14/0x30 [ 131.199392] __kasan_save_free_info+0x3a/0x60 [ 131.200084] __kasan_slab_free+0x3f/0x50 [ 131.200694] kmem_cache_free+0x2a1/0x540 [ 131.201294] rcu_core+0x7c8/0x1800 [ 131.201835] handle_softirqs+0x1b1/0x770 [ 131.202447] __irq_exit_rcu+0xc4/0x100 [ 131.203045] irq_exit_rcu+0x9/0x20 [ 131.203591] sysvec_apic_timer_interrupt+0x70/0x80 [ 131.204322] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.205104] [ 131.205368] Last potentially related work creation: [ 131.206085] kasan_save_stack+0x24/0x50 [ 131.206679] kasan_record_aux_stack+0x89/0xa0 [ 131.207340] __call_rcu_common.constprop.0+0x70/0x960 [ 131.208119] delayed_put_task_struct+0xde/0x260 [ 131.208812] rcu_core+0x7c8/0x1800 [ 131.209344] handle_softirqs+0x1b1/0x770 [ 131.209956] __irq_exit_rcu+0xc4/0x100 [ 131.210542] irq_exit_rcu+0x9/0x20 [ 131.211066] sysvec_apic_timer_interrupt+0x70/0x80 [ 131.211800] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.212570] [ 131.212826] Second to last potentially related work creation: [ 131.213658] kasan_save_stack+0x24/0x50 [ 131.214247] kasan_record_aux_stack+0x89/0xa0 [ 131.214904] __call_rcu_common.constprop.0+0x70/0x960 [ 131.215669] put_task_struct_rcu_user+0x75/0xc0 [ 131.216375] __schedule+0xe86/0x3590 [ 131.216933] schedule+0xdb/0x390 [ 131.217442] syslog_print+0x1c4/0x5c0 [ 131.218014] do_syslog.part.0+0x20b/0x5b0 [ 131.218627] do_syslog+0xcd/0x110 [ 131.219147] kmsg_read+0x8e/0xc0 [ 131.219660] proc_reg_read+0x120/0x310 [ 131.220239] vfs_read+0x1eb/0xc70 [ 131.220766] ksys_read+0x121/0x240 [ 131.221285] do_syscall_64+0xbf/0x360 [ 131.221838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.222589] [ 131.222843] The buggy address belongs to the object at ffff888017795280 [ 131.222843] which belongs to the cache task_struct of size 6784 [ 131.224625] The buggy address is located 100 bytes inside of [ 131.224625] freed 6784-byte region [ffff888017795280, ffff888017796d00) [ 131.226346] [ 131.226600] The buggy address belongs to the physical page: [ 131.227399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x17790 [ 131.228536] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 131.229633] memcg:ffff88800d633741 [ 131.230143] anon flags: 0x100000000000040(head|node=0|zone=1) [ 131.230978] page_type: f5(slab) [ 131.231467] raw: 0100000000000040 ffff888008ff7640 0000000000000000 dead000000000001 [ 131.232591] raw: 0000000000000000 0000000080040004 00000000f5000000 ffff88800d633741 [ 131.233688] head: 0100000000000040 ffff888008ff7640 0000000000000000 dead000000000001 [ 131.234794] head: 0000000000000000 0000000080040004 00000000f5000000 ffff88800d633741 [ 131.235913] head: 0100000000000003 ffffea00005de401 00000000ffffffff 00000000ffffffff [ 131.237018] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008 [ 131.238122] page dumped because: kasan: bad access detected [ 131.238909] [ 131.239160] Memory state around the buggy address: [ 131.239870] ffff888017795180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 131.240896] ffff888017795200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 131.241922] >ffff888017795280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 131.242939] ^ [ 131.243848] ffff888017795300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 131.244870] ffff888017795380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 131.245886] ================================================================== [ 131.246974] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#29] SMP KASAN NOPTI [ 131.247884] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 131.248557] CPU: 1 UID: 0 PID: 174 Comm: in:imklog Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.249447] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 131.249843] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.250483] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.250859] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.252273] RSP: 0018:ffff888009f37440 EFLAGS: 00010213 [ 131.252687] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 131.253239] RDX: ffff888016a13700 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.253793] RBP: ffff888009f376b0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.254348] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 131.254906] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.255462] FS: 00007fbd6d2e2700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.256093] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.256548] CR2: 00007fced0a60019 CR3: 000000001cd0f000 CR4: 0000000000350ef0 [ 131.257102] Call Trace: [ 131.257307] [ 131.257490] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.257876] ? __pfx_perf_tp_event+0x10/0x10 [ 131.258230] ? sched_balance_rq+0x391/0x29a0 [ 131.258585] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.258969] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.259350] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.259770] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.260185] ? kvm_sched_clock_read+0x16/0x30 [ 131.260549] ? do_raw_spin_lock+0x123/0x260 [ 131.260893] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.261276] ? perf_trace_run_bpf_submit+0xef/0x180 [ 131.261671] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.262053] perf_trace_run_bpf_submit+0xef/0x180 [ 131.262438] perf_trace_contention_begin+0x235/0x3e0 [ 131.262845] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 131.263282] ? lock_acquire+0xc5/0x2f0 [ 131.263596] ? lock_acquire+0x18c/0x2f0 [ 131.263914] trace_contention_begin+0xae/0x110 [ 131.264278] __mutex_lock+0x14b/0x1020 [ 131.264589] ? syslog_print+0x244/0x5c0 [ 131.264910] ? syslog_print+0x244/0x5c0 [ 131.265228] ? __pfx___mutex_lock+0x10/0x10 [ 131.265574] ? prb_read_valid+0x78/0xa0 [ 131.265895] ? __pfx_prb_read_valid+0x10/0x10 [ 131.266255] syslog_print+0x244/0x5c0 [ 131.266560] ? __pfx_syslog_print+0x10/0x10 [ 131.266904] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.267285] ? __cgroup_account_cputime+0x30/0xc0 [ 131.267678] ? __pfx_autoremove_wake_function+0x10/0x10 [ 131.268097] ? __pick_eevdf+0x326/0x570 [ 131.268413] ? lock_acquire+0xc5/0x2f0 [ 131.268725] ? lock_acquire+0x18c/0x2f0 [ 131.269046] do_syslog.part.0+0x20b/0x5b0 [ 131.269375] ? __pfx_do_syslog.part.0+0x10/0x10 [ 131.269747] ? avc_has_perm+0x12b/0x1d0 [ 131.270070] ? __pfx_avc_has_perm+0x10/0x10 [ 131.270417] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.270829] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 131.271292] ? lock_acquire+0xc5/0x2f0 [ 131.271610] do_syslog+0xcd/0x110 [ 131.271896] kmsg_read+0x8e/0xc0 [ 131.272169] ? __pfx_kmsg_read+0x10/0x10 [ 131.272491] proc_reg_read+0x120/0x310 [ 131.272804] ? __pfx_proc_reg_read+0x10/0x10 [ 131.273157] vfs_read+0x1eb/0xc70 [ 131.273437] ? __pfx_vfs_read+0x10/0x10 [ 131.273758] ? lock_release+0x1c7/0x290 [ 131.274074] ? __fget_files+0x20d/0x3b0 [ 131.274392] ksys_read+0x121/0x240 [ 131.274678] ? __pfx_ksys_read+0x10/0x10 [ 131.275003] do_syscall_64+0xbf/0x360 [ 131.275308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.275722] RIP: 0033:0x7fbd6dd2508c [ 131.276019] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 89 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf fc ff ff 48 [ 131.277421] RSP: 002b:00007fbd6d2c14d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 131.278008] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbd6dd2508c [ 131.278559] RDX: 0000000000001fa0 RSI: 00007fbd6d2c1d00 RDI: 0000000000000005 [ 131.279115] RBP: 000055cc1b6724c0 R08: 0000000000000000 R09: 0000000000000000 [ 131.279677] R10: a3d70a3d70a3d70b R11: 0000000000000246 R12: 00007fbd6d2c1d00 [ 131.280228] R13: 0000000000001fa0 R14: 00007fbd6d2c1d00 R15: 00007fbd6d2c1d9b [ 131.280785] [ 131.280971] Modules linked in: [ 131.281941] ---[ end trace 0000000000000000 ]--- [ 131.282316] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.283122] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.284713] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 131.285137] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 131.285708] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.286265] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.286835] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.287390] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.287972] FS: 00007fbd6d2e2700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.288596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.289069] CR2: 00007fced0a60019 CR3: 000000001cd0f000 CR4: 0000000000350ef0 [ 131.289637] note: in:imklog[174] exited with preempt_count 2 [ 131.346154] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#30] SMP KASAN NOPTI [ 131.347077] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f] [ 131.347768] CPU: 1 UID: 0 PID: 1 Comm: systemd Tainted: G B D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) [ 131.348650] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN [ 131.349048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 131.349693] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.350075] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.351503] RSP: 0018:ffff888009547480 EFLAGS: 00010213 [ 131.351935] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002 [ 131.352496] RDX: ffff8880094f8000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.353065] RBP: ffff8880095476f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.353621] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 131.354184] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.354743] FS: 00007fa28f80a900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.355372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.355836] CR2: 00007fced0a60019 CR3: 000000000fba4000 CR4: 0000000000350ef0 [ 131.356392] Call Trace: [ 131.356598] [ 131.356781] ? kernel_text_address+0x5b/0xc0 [ 131.357148] ? __pfx_perf_tp_event+0x10/0x10 [ 131.357503] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.357922] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.358337] ? lock_acquire+0xc5/0x2f0 [ 131.358649] ? lock_acquire+0x18c/0x2f0 [ 131.358966] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.359348] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.359744] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.360129] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.360513] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.360901] ? perf_trace_run_bpf_submit+0xef/0x180 [ 131.361300] perf_trace_run_bpf_submit+0xef/0x180 [ 131.361690] perf_trace_contention_begin+0x235/0x3e0 [ 131.362097] ? lock_acquire+0x18c/0x2f0 [ 131.362414] ? __pfx_perf_trace_contention_begin+0x10/0x10 [ 131.362857] ? lock_acquire+0xc5/0x2f0 [ 131.363167] ? lock_acquire+0x18c/0x2f0 [ 131.363485] trace_contention_begin+0xae/0x110 [ 131.363858] __mutex_lock+0x14b/0x1020 [ 131.364175] ? kernfs_fop_open+0x6bd/0xdd0 [ 131.364519] ? kernfs_fop_open+0x6bd/0xdd0 [ 131.364862] ? __memcg_slab_post_alloc_hook+0x4ac/0x9d0 [ 131.365292] ? __pfx___mutex_lock+0x10/0x10 [ 131.365640] ? __create_object+0x59/0x80 [ 131.365968] ? lockdep_init_map_type+0x4b/0x240 [ 131.366341] ? __raw_spin_lock_init+0x3a/0x110 [ 131.366708] ? lockdep_init_map_type+0x4b/0x240 [ 131.367082] ? debug_mutex_init+0x37/0x70 [ 131.367415] kernfs_fop_open+0x6bd/0xdd0 [ 131.367753] do_dentry_open+0x71c/0x1420 [ 131.368077] ? __pfx_kernfs_fop_open+0x10/0x10 [ 131.368445] ? inode_permission+0x134/0x610 [ 131.368791] vfs_open+0x82/0x3f0 [ 131.369069] ? may_open+0x1f3/0x420 [ 131.369364] path_openat+0x1c3f/0x2880 [ 131.369681] ? __pfx_path_openat+0x10/0x10 [ 131.370014] ? perf_trace_lock_acquire+0xc9/0x700 [ 131.370396] ? __pfx_perf_trace_lock_acquire+0x10/0x10 [ 131.370811] do_filp_open+0x1e8/0x450 [ 131.371113] ? __pfx_do_filp_open+0x10/0x10 [ 131.371453] ? lock_acquire+0x18c/0x2f0 [ 131.371782] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 131.372155] ? lock_release+0x1c7/0x290 [ 131.372474] ? alloc_fd+0x2c1/0x560 [ 131.372767] do_sys_openat2+0x104/0x1b0 [ 131.373086] ? __pfx_do_sys_openat2+0x10/0x10 [ 131.373448] ? __fput+0x67b/0xb50 [ 131.373734] __x64_sys_openat+0x142/0x200 [ 131.374066] ? __pfx___x64_sys_openat+0x10/0x10 [ 131.374438] ? __pfx_fput_close_sync+0x10/0x10 [ 131.374808] do_syscall_64+0xbf/0x360 [ 131.375109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.375517] RIP: 0033:0x7fa28ffd7c64 [ 131.375830] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44 [ 131.377242] RSP: 002b:00007ffc3d4aefc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 131.377832] RAX: ffffffffffffffda RBX: 0000560915b646e0 RCX: 00007fa28ffd7c64 [ 131.378386] RDX: 0000000000080000 RSI: 0000560915afd1c0 RDI: 00000000ffffff9c [ 131.378941] RBP: 0000560915afd1c0 R08: 0000000000000000 R09: 0000000000000001 [ 131.379495] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080000 [ 131.380056] R13: 0000560915b646e0 R14: 0000000000000001 R15: 00007ffc3d4af3d0 [ 131.380613] [ 131.380803] Modules linked in: [ 131.381707] ---[ end trace 0000000000000000 ]--- [ 131.382083] RIP: 0010:perf_tp_event+0x175/0xe70 [ 131.382456] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01 [ 131.384389] RSP: 0018:ffff888046ba7580 EFLAGS: 00010213 [ 131.384900] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: ffffc90000a8f000 [ 131.385459] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 000000010000018f [ 131.386047] RBP: ffff888046ba77f0 R08: ffff88806cf31340 R09: ffffe8ffffd16238 [ 131.386605] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 131.387175] R13: 000000000000001c R14: ffff88806cf31340 R15: dffffc0000000000 [ 131.387757] FS: 00007fa28f80a900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000 [ 131.388388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.388904] CR2: 00007fced0a60019 CR3: 000000000fba4000 CR4: 0000000000350ef0 [ 131.389462] note: systemd[1] exited with preempt_count 2 [ 131.389917] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 131.390787] Kernel Offset: disabled [ 131.391072] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b ]--- VM DIAGNOSIS: 13:05:06 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffff8880e55dd000 RCX=0000000000000003 RDX=0000000000000000 RSI=ffffffff81a6680e RDI=ffff88806ce31850 RBP=ffffffff85cfee40 RSP=ffff88801beb7298 R8 =ffffffff81a6680e R9 =0000000000000001 R10=ffffffff85b23640 R11=00000000000001ff R12=ffffffff81a6680e R13=ffff88801beb7454 R14=ffff88801beb7408 R15=ffff88801beb7440 RIP=ffffffff815af2cd RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055558ef41400 00000000 00000000 GS =0000 ffff8880e55dd000 00000000 00000000 LDT=0000 fffffe4c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb81cdb5718 CR3=00000000351c6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888046ba6ef0 R8 =0000000000000000 R9 =ffffed10014f9046 R10=0000000000000038 R11=313030203a505352 R12=0000000000000038 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0 RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9650e52700 00000000 00000000 GS =0000 ffff8880e56dd000 00000000 00000000 LDT=0000 fffffe4000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=00000000140d9000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000