Warning: Permanently added '[localhost]:13880' (ECDSA) to the list of known hosts. 2025/09/01 09:27:59 fuzzer started 2025/09/01 09:27:59 dialing manager at localhost:35473 syzkaller login: [ 52.172412] cgroup: Unknown subsys name 'net' [ 52.231984] cgroup: Unknown subsys name 'cpuset' [ 52.246443] cgroup: Unknown subsys name 'rlimit' 2025/09/01 09:28:08 syscalls: 2214 2025/09/01 09:28:08 code coverage: enabled 2025/09/01 09:28:08 comparison tracing: enabled 2025/09/01 09:28:08 extra coverage: enabled 2025/09/01 09:28:08 setuid sandbox: enabled 2025/09/01 09:28:08 namespace sandbox: enabled 2025/09/01 09:28:08 Android sandbox: enabled 2025/09/01 09:28:08 fault injection: enabled 2025/09/01 09:28:08 leak checking: enabled 2025/09/01 09:28:08 net packet injection: enabled 2025/09/01 09:28:08 net device setup: enabled 2025/09/01 09:28:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 09:28:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 09:28:08 USB emulation: enabled 2025/09/01 09:28:08 hci packet injection: enabled 2025/09/01 09:28:08 wifi device emulation: enabled 2025/09/01 09:28:08 802.15.4 emulation: enabled 2025/09/01 09:28:08 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 09:28:08 fetching corpus: 50, signal 29697/32950 (executing program) 2025/09/01 09:28:08 fetching corpus: 100, signal 37414/41969 (executing program) 2025/09/01 09:28:08 fetching corpus: 150, signal 45360/50999 (executing program) 2025/09/01 09:28:09 fetching corpus: 200, signal 51533/58122 (executing program) 2025/09/01 09:28:09 fetching corpus: 250, signal 57897/65339 (executing program) 2025/09/01 09:28:09 fetching corpus: 300, signal 61655/69957 (executing program) 2025/09/01 09:28:09 fetching corpus: 350, signal 67968/76794 (executing program) 2025/09/01 09:28:09 fetching corpus: 400, signal 71240/80797 (executing program) 2025/09/01 09:28:09 fetching corpus: 450, signal 73203/83534 (executing program) 2025/09/01 09:28:09 fetching corpus: 500, signal 75805/86748 (executing program) 2025/09/01 09:28:09 fetching corpus: 550, signal 78510/89984 (executing program) 2025/09/01 09:28:09 fetching corpus: 600, signal 80951/92932 (executing program) 2025/09/01 09:28:09 fetching corpus: 650, signal 83018/95514 (executing program) 2025/09/01 09:28:10 fetching corpus: 700, signal 85478/98374 (executing program) 2025/09/01 09:28:10 fetching corpus: 750, signal 87231/100648 (executing program) 2025/09/01 09:28:10 fetching corpus: 800, signal 90627/104110 (executing program) 2025/09/01 09:28:10 fetching corpus: 850, signal 92201/106094 (executing program) 2025/09/01 09:28:10 fetching corpus: 900, signal 94683/108738 (executing program) 2025/09/01 09:28:10 fetching corpus: 950, signal 96353/110667 (executing program) 2025/09/01 09:28:10 fetching corpus: 1000, signal 97371/112149 (executing program) 2025/09/01 09:28:10 fetching corpus: 1050, signal 99172/114184 (executing program) 2025/09/01 09:28:10 fetching corpus: 1100, signal 102119/116959 (executing program) 2025/09/01 09:28:10 fetching corpus: 1150, signal 103862/118772 (executing program) 2025/09/01 09:28:11 fetching corpus: 1200, signal 105149/120204 (executing program) 2025/09/01 09:28:11 fetching corpus: 1250, signal 107042/122118 (executing program) 2025/09/01 09:28:11 fetching corpus: 1300, signal 108663/123722 (executing program) 2025/09/01 09:28:11 fetching corpus: 1350, signal 110671/125568 (executing program) 2025/09/01 09:28:11 fetching corpus: 1400, signal 111869/126849 (executing program) 2025/09/01 09:28:11 fetching corpus: 1450, signal 112826/127959 (executing program) 2025/09/01 09:28:11 fetching corpus: 1500, signal 114402/129393 (executing program) 2025/09/01 09:28:11 fetching corpus: 1550, signal 115184/130347 (executing program) 2025/09/01 09:28:11 fetching corpus: 1600, signal 116359/131558 (executing program) 2025/09/01 09:28:11 fetching corpus: 1650, signal 117232/132521 (executing program) 2025/09/01 09:28:11 fetching corpus: 1700, signal 118672/133755 (executing program) 2025/09/01 09:28:12 fetching corpus: 1750, signal 119695/134699 (executing program) 2025/09/01 09:28:12 fetching corpus: 1800, signal 120967/135756 (executing program) 2025/09/01 09:28:12 fetching corpus: 1850, signal 121792/136570 (executing program) 2025/09/01 09:28:12 fetching corpus: 1900, signal 122902/137457 (executing program) 2025/09/01 09:28:13 fetching corpus: 1950, signal 124446/138506 (executing program) 2025/09/01 09:28:13 fetching corpus: 2000, signal 125085/139125 (executing program) 2025/09/01 09:28:13 fetching corpus: 2050, signal 125830/139823 (executing program) 2025/09/01 09:28:13 fetching corpus: 2100, signal 127712/140931 (executing program) 2025/09/01 09:28:13 fetching corpus: 2150, signal 128835/141700 (executing program) 2025/09/01 09:28:13 fetching corpus: 2200, signal 129997/142494 (executing program) 2025/09/01 09:28:13 fetching corpus: 2250, signal 131206/143286 (executing program) 2025/09/01 09:28:13 fetching corpus: 2300, signal 131963/143808 (executing program) 2025/09/01 09:28:13 fetching corpus: 2350, signal 132890/144361 (executing program) 2025/09/01 09:28:14 fetching corpus: 2400, signal 133609/144848 (executing program) 2025/09/01 09:28:14 fetching corpus: 2450, signal 134193/145252 (executing program) 2025/09/01 09:28:14 fetching corpus: 2500, signal 135088/145755 (executing program) 2025/09/01 09:28:14 fetching corpus: 2550, signal 135758/146179 (executing program) 2025/09/01 09:28:14 fetching corpus: 2600, signal 136579/146627 (executing program) 2025/09/01 09:28:14 fetching corpus: 2650, signal 137434/147055 (executing program) 2025/09/01 09:28:14 fetching corpus: 2700, signal 138172/147456 (executing program) 2025/09/01 09:28:14 fetching corpus: 2750, signal 138638/147761 (executing program) 2025/09/01 09:28:14 fetching corpus: 2800, signal 139298/148079 (executing program) 2025/09/01 09:28:15 fetching corpus: 2850, signal 139712/148323 (executing program) 2025/09/01 09:28:15 fetching corpus: 2900, signal 140565/148668 (executing program) 2025/09/01 09:28:15 fetching corpus: 2950, signal 141461/148998 (executing program) 2025/09/01 09:28:15 fetching corpus: 3000, signal 142050/149240 (executing program) 2025/09/01 09:28:15 fetching corpus: 3050, signal 142557/149448 (executing program) 2025/09/01 09:28:15 fetching corpus: 3100, signal 143312/149682 (executing program) 2025/09/01 09:28:15 fetching corpus: 3150, signal 143763/149869 (executing program) 2025/09/01 09:28:15 fetching corpus: 3200, signal 144437/150049 (executing program) 2025/09/01 09:28:15 fetching corpus: 3250, signal 145358/150267 (executing program) 2025/09/01 09:28:15 fetching corpus: 3300, signal 145698/150368 (executing program) 2025/09/01 09:28:15 fetching corpus: 3350, signal 146403/150514 (executing program) 2025/09/01 09:28:16 fetching corpus: 3400, signal 146976/150688 (executing program) 2025/09/01 09:28:16 fetching corpus: 3450, signal 147651/150798 (executing program) 2025/09/01 09:28:16 fetching corpus: 3500, signal 148142/150886 (executing program) 2025/09/01 09:28:16 fetching corpus: 3507, signal 148218/150928 (executing program) 2025/09/01 09:28:16 fetching corpus: 3507, signal 148218/150975 (executing program) 2025/09/01 09:28:16 fetching corpus: 3507, signal 148218/151016 (executing program) 2025/09/01 09:28:16 fetching corpus: 3507, signal 148218/151025 (executing program) 2025/09/01 09:28:16 fetching corpus: 3507, signal 148218/151025 (executing program) 2025/09/01 09:28:18 starting 8 fuzzer processes 09:28:18 executing program 0: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:28:18 executing program 1: rt_sigprocmask(0x0, 0x0, 0x0, 0x0) 09:28:18 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) [ 71.002105] audit: type=1400 audit(1756718898.581:7): avc: denied { execmem } for pid=271 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 09:28:18 executing program 2: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:28:18 executing program 6: r0 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$set_timeout(0x3, r0, 0x0) keyctl$read(0xb, r0, &(0x7f0000000040)=""/116, 0x74) 09:28:18 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) close(r0) 09:28:18 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:28:18 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x1d, 0x0, 0x0, @u32=0x91b}]}]}, 0x28}], 0x1}, 0x0) [ 72.175655] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.179819] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.181736] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.190073] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.192796] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.314577] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.318536] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.323408] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.330922] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.337634] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.393790] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.407894] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.413347] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.416460] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.424504] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.506812] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.509076] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.512364] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.525265] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.528587] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.533328] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.535346] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.537545] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.575089] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.586802] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.591392] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.596549] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.597415] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.599022] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.600557] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.602827] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.604499] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.620437] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.624389] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.635322] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.641685] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.648066] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.650600] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.661911] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.669469] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.273800] Bluetooth: hci0: command tx timeout [ 74.401455] Bluetooth: hci1: command tx timeout [ 74.465543] Bluetooth: hci2: command tx timeout [ 74.595204] Bluetooth: hci3: command tx timeout [ 74.721421] Bluetooth: hci4: command tx timeout [ 74.723360] Bluetooth: hci6: command tx timeout [ 74.723813] Bluetooth: hci5: command tx timeout [ 74.786299] Bluetooth: hci7: command tx timeout [ 76.321304] Bluetooth: hci0: command tx timeout [ 76.449230] Bluetooth: hci1: command tx timeout [ 76.513248] Bluetooth: hci2: command tx timeout [ 76.641301] Bluetooth: hci3: command tx timeout [ 76.769343] Bluetooth: hci5: command tx timeout [ 76.769822] Bluetooth: hci4: command tx timeout [ 76.770459] Bluetooth: hci6: command tx timeout [ 76.833211] Bluetooth: hci7: command tx timeout [ 78.370194] Bluetooth: hci0: command tx timeout [ 78.498269] Bluetooth: hci1: command tx timeout [ 78.561198] Bluetooth: hci2: command tx timeout [ 78.689203] Bluetooth: hci3: command tx timeout [ 78.819230] Bluetooth: hci6: command tx timeout [ 78.819696] Bluetooth: hci4: command tx timeout [ 78.820086] Bluetooth: hci5: command tx timeout [ 78.881321] Bluetooth: hci7: command tx timeout [ 80.417168] Bluetooth: hci0: command tx timeout [ 80.545278] Bluetooth: hci1: command tx timeout [ 80.609190] Bluetooth: hci2: command tx timeout [ 80.737866] Bluetooth: hci3: command tx timeout [ 80.866207] Bluetooth: hci6: command tx timeout [ 80.866670] Bluetooth: hci5: command tx timeout [ 80.866699] Bluetooth: hci4: command tx timeout [ 80.931196] Bluetooth: hci7: command tx timeout [ 110.597363] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.598025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.745710] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.746460] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:28:58 executing program 1: rt_sigprocmask(0x0, 0x0, 0x0, 0x0) 09:28:58 executing program 1: rt_sigprocmask(0x0, 0x0, 0x0, 0x0) 09:28:59 executing program 1: rt_sigprocmask(0x0, 0x0, 0x0, 0x0) 09:28:59 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$bt_hci(r0, &(0x7f0000000080), 0x6) ioctl$sock_bt_hci(r0, 0x800448d7, &(0x7f0000000180)) [ 111.585626] audit: type=1400 audit(1756718939.166:8): avc: denied { open } for pid=3813 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.590319] audit: type=1400 audit(1756718939.166:9): avc: denied { kernel } for pid=3813 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 111.611180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.611791] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:28:59 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$bt_hci(r0, &(0x7f0000000080), 0x6) ioctl$sock_bt_hci(r0, 0x800448d7, &(0x7f0000000180)) [ 111.724847] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.725481] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:28:59 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$bt_hci(r0, &(0x7f0000000080), 0x6) ioctl$sock_bt_hci(r0, 0x800448d7, &(0x7f0000000180)) [ 111.889882] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.891682] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:28:59 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$bt_hci(r0, &(0x7f0000000080), 0x6) ioctl$sock_bt_hci(r0, 0x800448d7, &(0x7f0000000180)) 09:28:59 executing program 1: mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0) [ 112.071969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.072666] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.168848] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.169906] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.305987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.306802] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.473460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.474198] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.531697] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.532501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.577341] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.579561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.608857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.609820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.639944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.640581] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.729794] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.730646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.734540] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.735827] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.821064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 112.821698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:29:00 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:29:00 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) 09:29:00 executing program 2: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:29:00 executing program 0: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:29:00 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) close(r0) 09:29:00 executing program 1: mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0) 09:29:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x1d, 0x0, 0x0, @u32=0x91b}]}]}, 0x28}], 0x1}, 0x0) 09:29:00 executing program 6: r0 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$set_timeout(0x3, r0, 0x0) keyctl$read(0xb, r0, &(0x7f0000000040)=""/116, 0x74) 09:29:00 executing program 1: mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0) 09:29:00 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) 09:29:00 executing program 0: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:29:00 executing program 6: r0 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$set_timeout(0x3, r0, 0x0) keyctl$read(0xb, r0, &(0x7f0000000040)=""/116, 0x74) [ 113.107344] kmemleak: Found object by alias at 0x607f1a63db50 [ 113.107365] CPU: 1 UID: 0 PID: 3918 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.107384] Tainted: [W]=WARN [ 113.107388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.107396] Call Trace: [ 113.107400] [ 113.107405] dump_stack_lvl+0xca/0x120 [ 113.107436] __lookup_object+0x94/0xb0 [ 113.107455] delete_object_full+0x27/0x70 [ 113.107472] free_percpu+0x30/0x1160 [ 113.107490] ? arch_uprobe_clear_state+0x16/0x140 [ 113.107510] futex_hash_free+0x38/0xc0 [ 113.107525] mmput+0x2d3/0x390 [ 113.107545] do_exit+0x79d/0x2970 [ 113.107559] ? signal_wake_up_state+0x85/0x120 [ 113.107575] ? zap_other_threads+0x2b9/0x3a0 [ 113.107591] ? __pfx_do_exit+0x10/0x10 [ 113.107604] ? do_group_exit+0x1c3/0x2a0 [ 113.107618] ? lock_release+0xc8/0x290 [ 113.107636] do_group_exit+0xd3/0x2a0 [ 113.107651] __x64_sys_exit_group+0x3e/0x50 [ 113.107666] x64_sys_call+0x18c5/0x18d0 [ 113.107682] do_syscall_64+0xbf/0x360 [ 113.107695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.107707] RIP: 0033:0x7f15b5d40b19 [ 113.107717] Code: Unable to access opcode bytes at 0x7f15b5d40aef. [ 113.107722] RSP: 002b:00007ffc42acbd48 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.107734] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f15b5d40b19 [ 113.107742] RDX: 00007f15b5cf372b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 113.107749] RBP: 0000000000000000 R08: 0000001b2d123b9c R09: 0000000000000000 [ 113.107756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.107763] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc42acbe30 [ 113.107778] [ 113.107782] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.107789] kmemleak: comm "syz-executor.1", pid 279, jiffies 4294779935 [ 113.107797] kmemleak: min_count = 1 [ 113.107801] kmemleak: count = 0 [ 113.107804] kmemleak: flags = 0x21 [ 113.107808] kmemleak: checksum = 0 [ 113.107812] kmemleak: backtrace: [ 113.107816] pcpu_alloc_noprof+0x87a/0x1170 [ 113.107831] mm_init+0x99b/0x1170 [ 113.107840] copy_process+0x3ab7/0x73c0 [ 113.107850] kernel_clone+0xea/0x7f0 [ 113.107860] __do_sys_clone+0xce/0x120 [ 113.107870] do_syscall_64+0xbf/0x360 [ 113.107880] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:29:00 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) close(r0) [ 113.161875] kmemleak: Found object by alias at 0x607f1a63db4c [ 113.161890] CPU: 1 UID: 0 PID: 3935 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.161908] Tainted: [W]=WARN [ 113.161912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.161919] Call Trace: [ 113.161922] [ 113.161927] dump_stack_lvl+0xca/0x120 [ 113.161954] __lookup_object+0x94/0xb0 [ 113.161971] delete_object_full+0x27/0x70 [ 113.161988] free_percpu+0x30/0x1160 [ 113.162004] ? arch_uprobe_clear_state+0x16/0x140 [ 113.162024] futex_hash_free+0x38/0xc0 [ 113.162039] mmput+0x2d3/0x390 [ 113.162057] do_exit+0x79d/0x2970 [ 113.162071] ? signal_wake_up_state+0x85/0x120 [ 113.162087] ? zap_other_threads+0x2b9/0x3a0 [ 113.162103] ? __pfx_do_exit+0x10/0x10 [ 113.162121] ? do_group_exit+0x1c3/0x2a0 [ 113.162141] ? lock_release+0xc8/0x290 [ 113.162158] do_group_exit+0xd3/0x2a0 [ 113.162174] __x64_sys_exit_group+0x3e/0x50 [ 113.162188] x64_sys_call+0x18c5/0x18d0 [ 113.162204] do_syscall_64+0xbf/0x360 [ 113.162217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.162229] RIP: 0033:0x7fd29fa55b19 [ 113.162238] Code: Unable to access opcode bytes at 0x7fd29fa55aef. [ 113.162243] RSP: 002b:00007ffcdca7e0d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.162254] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fd29fa55b19 [ 113.162262] RDX: 00007fd29fa0872b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 113.162270] RBP: 0000000000000000 R08: 0000001b2d22145c R09: 0000000000000000 [ 113.162278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.162285] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffcdca7e1c0 [ 113.162300] [ 113.162304] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.162311] kmemleak: comm "syz-executor.1", pid 279, jiffies 4294779935 [ 113.162319] kmemleak: min_count = 1 [ 113.162323] kmemleak: count = 0 [ 113.162326] kmemleak: flags = 0x21 [ 113.162330] kmemleak: checksum = 0 [ 113.162334] kmemleak: backtrace: [ 113.162338] pcpu_alloc_noprof+0x87a/0x1170 [ 113.162354] mm_init+0x99b/0x1170 [ 113.162362] copy_process+0x3ab7/0x73c0 [ 113.162373] kernel_clone+0xea/0x7f0 [ 113.162383] __do_sys_clone+0xce/0x120 [ 113.162393] do_syscall_64+0xbf/0x360 [ 113.162402] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:29:00 executing program 1: mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0) 09:29:00 executing program 2: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:29:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x1d, 0x0, 0x0, @u32=0x91b}]}]}, 0x28}], 0x1}, 0x0) 09:29:00 executing program 6: r0 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$set_timeout(0x3, r0, 0x0) keyctl$read(0xb, r0, &(0x7f0000000040)=""/116, 0x74) 09:29:00 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) 09:29:00 executing program 7: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) close(r0) 09:29:00 executing program 0: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:29:00 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:29:00 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)={0x28, 0x12, 0xffffffffffffffff, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x10, 0x0, 0x0, 0x1, [@typed={0x4}, @typed={0x8, 0x1d, 0x0, 0x0, @u32=0x91b}]}]}, 0x28}], 0x1}, 0x0) [ 113.352573] kmemleak: Found object by alias at 0x607f1a63db50 [ 113.352595] CPU: 0 UID: 0 PID: 3955 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.352613] Tainted: [W]=WARN [ 113.352617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.352625] Call Trace: [ 113.352629] [ 113.352634] dump_stack_lvl+0xca/0x120 [ 113.352665] __lookup_object+0x94/0xb0 [ 113.352683] delete_object_full+0x27/0x70 [ 113.352700] free_percpu+0x30/0x1160 [ 113.352718] ? arch_uprobe_clear_state+0x16/0x140 [ 113.352738] futex_hash_free+0x38/0xc0 [ 113.352753] mmput+0x2d3/0x390 [ 113.352773] do_exit+0x79d/0x2970 [ 113.352791] ? __pfx_do_exit+0x10/0x10 [ 113.352805] ? find_held_lock+0x2b/0x80 [ 113.352823] ? get_signal+0x835/0x2340 [ 113.352844] do_group_exit+0xd3/0x2a0 [ 113.352860] get_signal+0x2315/0x2340 [ 113.352878] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 113.352896] ? __pfx_get_signal+0x10/0x10 [ 113.352913] ? __schedule+0xe91/0x3590 [ 113.352934] arch_do_signal_or_restart+0x80/0x790 [ 113.352953] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.352969] ? __x64_sys_futex+0x1c9/0x4d0 [ 113.352982] ? __x64_sys_futex+0x1d2/0x4d0 [ 113.352998] ? __pfx___x64_sys_futex+0x10/0x10 [ 113.353012] ? xfd_validate_state+0x55/0x180 [ 113.353033] exit_to_user_mode_loop+0x8b/0x110 [ 113.353046] do_syscall_64+0x2f7/0x360 [ 113.353060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.353072] RIP: 0033:0x7f15b5d40b19 [ 113.353082] Code: Unable to access opcode bytes at 0x7f15b5d40aef. [ 113.353087] RSP: 002b:00007f15b32b6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.353099] RAX: 0000000000000001 RBX: 00007f15b5e53f68 RCX: 00007f15b5d40b19 [ 113.353107] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f15b5e53f6c [ 113.353118] RBP: 00007f15b5e53f60 R08: 000000000000000e R09: 0000000000000000 [ 113.353126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f15b5e53f6c [ 113.353133] R13: 00007ffc42acbb1f R14: 00007f15b32b6300 R15: 0000000000022000 [ 113.353149] [ 113.353153] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.353160] kmemleak: comm "syz-executor.5", pid 285, jiffies 4294780188 [ 113.353167] kmemleak: min_count = 1 [ 113.353171] kmemleak: count = 0 [ 113.353175] kmemleak: flags = 0x21 [ 113.353179] kmemleak: checksum = 0 [ 113.353183] kmemleak: backtrace: [ 113.353187] pcpu_alloc_noprof+0x87a/0x1170 [ 113.353203] mm_init+0x99b/0x1170 [ 113.353211] copy_process+0x3ab7/0x73c0 [ 113.353222] kernel_clone+0xea/0x7f0 [ 113.353232] __do_sys_clone+0xce/0x120 [ 113.353243] do_syscall_64+0xbf/0x360 [ 113.353252] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:29:00 executing program 7: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:29:00 executing program 2: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:29:00 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) 09:29:00 executing program 3: unshare(0x24000000) unshare(0x2c040600) 09:29:00 executing program 4: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 09:29:00 executing program 1: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:29:01 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, 0x0, 0x0) 09:29:01 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000002380)=[{&(0x7f0000000100)="889f", 0x2}], 0x1}, 0x48d0) 09:29:01 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) 09:29:01 executing program 1: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:29:01 executing program 2: mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x300000c) [ 113.509325] kmemleak: Found object by alias at 0x607f1a63db50 [ 113.509346] CPU: 1 UID: 0 PID: 3969 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.509364] Tainted: [W]=WARN [ 113.509368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.509376] Call Trace: [ 113.509380] [ 113.509385] dump_stack_lvl+0xca/0x120 [ 113.509417] __lookup_object+0x94/0xb0 [ 113.509436] delete_object_full+0x27/0x70 [ 113.509453] free_percpu+0x30/0x1160 [ 113.509471] ? arch_uprobe_clear_state+0x16/0x140 [ 113.509492] futex_hash_free+0x38/0xc0 [ 113.509507] mmput+0x2d3/0x390 [ 113.509526] do_exit+0x79d/0x2970 [ 113.509545] ? __pfx_do_exit+0x10/0x10 [ 113.509559] ? find_held_lock+0x2b/0x80 [ 113.509578] ? get_signal+0x835/0x2340 [ 113.509598] do_group_exit+0xd3/0x2a0 [ 113.509614] get_signal+0x2315/0x2340 [ 113.509632] ? put_task_stack+0xd2/0x240 [ 113.509647] ? __pfx_get_signal+0x10/0x10 [ 113.509663] ? __schedule+0xe91/0x3590 [ 113.509685] arch_do_signal_or_restart+0x80/0x790 [ 113.509704] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.509720] ? __x64_sys_futex+0x1c9/0x4d0 [ 113.509733] ? __x64_sys_futex+0x1d2/0x4d0 [ 113.509748] ? __pfx___x64_sys_futex+0x10/0x10 [ 113.509762] ? xfd_validate_state+0x55/0x180 [ 113.509784] exit_to_user_mode_loop+0x8b/0x110 [ 113.509797] do_syscall_64+0x2f7/0x360 [ 113.509811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.509823] RIP: 0033:0x7f15b5d40b19 [ 113.509832] Code: Unable to access opcode bytes at 0x7f15b5d40aef. [ 113.509838] RSP: 002b:00007f15b32b6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.509850] RAX: 0000000000000001 RBX: 00007f15b5e53f68 RCX: 00007f15b5d40b19 [ 113.509857] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f15b5e53f6c [ 113.509865] RBP: 00007f15b5e53f60 R08: 000000000000000e R09: 0000000000000000 [ 113.509872] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f15b5e53f6c [ 113.509880] R13: 00007ffc42acbb1f R14: 00007f15b32b6300 R15: 0000000000022000 [ 113.509895] [ 113.509899] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.509906] kmemleak: comm "syz-executor.7", pid 287, jiffies 4294780249 [ 113.509913] kmemleak: min_count = 1 [ 113.509917] kmemleak: count = 0 [ 113.509921] kmemleak: flags = 0x21 [ 113.509925] kmemleak: checksum = 0 [ 113.509929] kmemleak: backtrace: [ 113.509933] pcpu_alloc_noprof+0x87a/0x1170 [ 113.509949] mm_init+0x99b/0x1170 [ 113.509957] copy_process+0x3ab7/0x73c0 [ 113.509967] kernel_clone+0xea/0x7f0 [ 113.509977] __do_sys_clone+0xce/0x120 [ 113.509988] do_syscall_64+0xbf/0x360 [ 113.509997] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:29:01 executing program 7: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:29:01 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, 0x0, 0x0) [ 113.568503] kmemleak: Found object by alias at 0x607f1a63db4c [ 113.568517] CPU: 1 UID: 0 PID: 3974 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.568535] Tainted: [W]=WARN [ 113.568538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.568545] Call Trace: [ 113.568549] [ 113.568553] dump_stack_lvl+0xca/0x120 [ 113.568579] __lookup_object+0x94/0xb0 [ 113.568595] delete_object_full+0x27/0x70 [ 113.568612] free_percpu+0x30/0x1160 [ 113.568628] ? arch_uprobe_clear_state+0x16/0x140 [ 113.568648] futex_hash_free+0x38/0xc0 [ 113.568662] mmput+0x2d3/0x390 [ 113.568680] do_exit+0x79d/0x2970 [ 113.568693] ? lock_release+0xc8/0x290 [ 113.568710] ? __pfx_do_exit+0x10/0x10 [ 113.568724] ? find_held_lock+0x2b/0x80 [ 113.568742] ? get_signal+0x835/0x2340 [ 113.568762] do_group_exit+0xd3/0x2a0 [ 113.568777] get_signal+0x2315/0x2340 [ 113.568800] ? __pfx_get_signal+0x10/0x10 [ 113.568816] ? do_futex+0x135/0x370 [ 113.568830] ? __pfx_do_futex+0x10/0x10 [ 113.568845] arch_do_signal_or_restart+0x80/0x790 [ 113.568863] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.568880] ? __x64_sys_futex+0x1c9/0x4d0 [ 113.568892] ? __x64_sys_futex+0x1d2/0x4d0 [ 113.568906] ? __sys_socket+0x9f/0x260 [ 113.568922] ? __pfx___x64_sys_futex+0x10/0x10 [ 113.568936] ? xfd_validate_state+0x55/0x180 [ 113.568957] exit_to_user_mode_loop+0x8b/0x110 [ 113.568969] do_syscall_64+0x2f7/0x360 [ 113.568982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.568994] RIP: 0033:0x7fd29fa55b19 [ 113.569003] Code: Unable to access opcode bytes at 0x7fd29fa55aef. [ 113.569009] RSP: 002b:00007fd29cfcb218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.569020] RAX: 0000000000000000 RBX: 00007fd29fb68f68 RCX: 00007fd29fa55b19 [ 113.569027] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd29fb68f68 [ 113.569034] RBP: 00007fd29fb68f60 R08: 0000000000000000 R09: 0000000000000000 [ 113.569041] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd29fb68f6c [ 113.569048] R13: 00007ffcdca7deaf R14: 00007fd29cfcb300 R15: 0000000000022000 [ 113.569064] 09:29:01 executing program 1: r0 = shmget$private(0x0, 0x5000, 0x1800, &(0x7f0000ffb000/0x5000)=nil) shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0x5000) mbind(&(0x7f000056b000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080), 0x6, 0x3) 09:29:01 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0)=0x5, 0x4) sendmmsg$inet6(r0, &(0x7f0000002280)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) [ 113.569067] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.569074] kmemleak: comm "syz-executor.5", pid 285, jiffies 4294780414 [ 113.569081] kmemleak: min_count = 1 [ 113.569085] kmemleak: count = 0 [ 113.569089] kmemleak: flags = 0x21 [ 113.569093] kmemleak: checksum = 0 [ 113.569096] kmemleak: backtrace: [ 113.569100] pcpu_alloc_noprof+0x87a/0x1170 [ 113.569120] mm_init+0x99b/0x1170 [ 113.569128] copy_process+0x3ab7/0x73c0 [ 113.569138] kernel_clone+0xea/0x7f0 [ 113.569148] __do_sys_clone+0xce/0x120 [ 113.569158] do_syscall_64+0xbf/0x360 [ 113.569168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.574401] kmemleak: Found object by alias at 0x607f1a63db54 [ 113.574419] CPU: 0 UID: 0 PID: 3970 Comm: syz-executor.3 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.574438] Tainted: [W]=WARN [ 113.574442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.574449] Call Trace: [ 113.574453] [ 113.574458] dump_stack_lvl+0xca/0x120 [ 113.574484] __lookup_object+0x94/0xb0 [ 113.574502] delete_object_full+0x27/0x70 [ 113.574519] free_percpu+0x30/0x1160 [ 113.574536] ? arch_uprobe_clear_state+0x16/0x140 [ 113.574557] futex_hash_free+0x38/0xc0 [ 113.574572] mmput+0x2d3/0x390 [ 113.574592] do_exit+0x79d/0x2970 [ 113.574610] ? __pfx_do_exit+0x10/0x10 [ 113.574624] ? find_held_lock+0x2b/0x80 [ 113.574643] ? get_signal+0x835/0x2340 [ 113.574663] do_group_exit+0xd3/0x2a0 [ 113.574678] get_signal+0x2315/0x2340 [ 113.574695] ? lock_release+0xc8/0x290 [ 113.574711] ? __virt_addr_valid+0x100/0x5d0 [ 113.574733] ? __pfx_get_signal+0x10/0x10 [ 113.574750] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 113.574765] ? kasan_quarantine_put+0x84/0x1e0 [ 113.574783] arch_do_signal_or_restart+0x80/0x790 [ 113.574802] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.574820] ? ksys_unshare+0x220/0xa10 [ 113.574833] ? __pfx_ksys_unshare+0x10/0x10 [ 113.574847] ? xfd_validate_state+0x55/0x180 [ 113.574869] exit_to_user_mode_loop+0x8b/0x110 [ 113.574882] do_syscall_64+0x2f7/0x360 [ 113.574896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.574908] RIP: 0033:0x7fb2e1adab19 [ 113.574917] Code: Unable to access opcode bytes at 0x7fb2e1adaaef. [ 113.574923] RSP: 002b:00007fb2df050188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 113.574934] RAX: ffffffffffffffea RBX: 00007fb2e1bedf60 RCX: 00007fb2e1adab19 [ 113.574942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c040600 [ 113.574949] RBP: 00007fb2e1b34f6d R08: 0000000000000000 R09: 0000000000000000 [ 113.574956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.574963] R13: 00007fff7229d2cf R14: 00007fb2df050300 R15: 0000000000022000 [ 113.574979] [ 113.574983] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.574990] kmemleak: comm "syz-executor.5", pid 285, jiffies 4294780414 [ 113.574998] kmemleak: min_count = 1 [ 113.575003] kmemleak: count = 0 [ 113.575007] kmemleak: flags = 0x21 [ 113.575011] kmemleak: checksum = 0 [ 113.575015] kmemleak: backtrace: [ 113.575020] pcpu_alloc_noprof+0x87a/0x1170 [ 113.575036] mm_init+0x99b/0x1170 [ 113.575045] copy_process+0x3ab7/0x73c0 [ 113.575055] kernel_clone+0xea/0x7f0 [ 113.575065] __do_sys_clone+0xce/0x120 [ 113.575076] do_syscall_64+0xbf/0x360 [ 113.575086] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:29:01 executing program 3: unshare(0x24000000) unshare(0x2c040600) [ 113.657835] kmemleak: Cannot insert 0x607f1a63db4c into the object search tree (overlaps existing) [ 113.657854] CPU: 0 UID: 0 PID: 3989 Comm: syz-executor.3 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 113.657873] Tainted: [W]=WARN [ 113.657876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 113.657884] Call Trace: [ 113.657888] [ 113.657893] dump_stack_lvl+0xca/0x120 [ 113.657925] __link_object+0x190/0x210 [ 113.657945] __create_object+0x48/0x80 [ 113.657963] pcpu_alloc_noprof+0x87a/0x1170 [ 113.657988] alloc_vfsmnt+0x135/0x6e0 [ 113.658005] vfs_create_mount.part.0+0x40/0x440 [ 113.658024] fc_mount_longterm+0x126/0x160 [ 113.658041] mq_init_ns+0x42e/0x630 [ 113.658056] copy_ipcs+0x38d/0x630 [ 113.658067] ? copy_utsname+0xae/0x470 [ 113.658083] create_new_namespaces+0x210/0xab0 [ 113.658102] ? security_capable+0x2f/0x90 [ 113.658125] unshare_nsproxy_namespaces+0xc0/0x200 [ 113.658152] ksys_unshare+0x468/0xa10 [ 113.658168] ? __pfx_ksys_unshare+0x10/0x10 [ 113.658182] ? xfd_validate_state+0x55/0x180 [ 113.658207] __x64_sys_unshare+0x31/0x40 [ 113.658223] do_syscall_64+0xbf/0x360 [ 113.658236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.658249] RIP: 0033:0x7fb2e1adab19 [ 113.658259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.658270] RSP: 002b:00007fb2df050188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 113.658282] RAX: ffffffffffffffda RBX: 00007fb2e1bedf60 RCX: 00007fb2e1adab19 [ 113.658290] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c040600 [ 113.658297] RBP: 00007fb2e1b34f6d R08: 0000000000000000 R09: 0000000000000000 [ 113.658304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.658311] R13: 00007fff7229d2cf R14: 00007fb2df050300 R15: 0000000000022000 [ 113.658326] [ 113.658920] kmemleak: Kernel memory leak detector disabled [ 113.658924] kmemleak: Object (percpu) 0x607f1a63db48 (size 16): [ 113.658931] kmemleak: comm "syz-executor.5", pid 285, jiffies 4294780414 [ 113.658938] kmemleak: min_count = 1 [ 113.658942] kmemleak: count = 0 [ 113.658946] kmemleak: flags = 0x21 [ 113.658950] kmemleak: checksum = 0 [ 113.658954] kmemleak: backtrace: [ 113.658958] pcpu_alloc_noprof+0x87a/0x1170 [ 113.658974] mm_init+0x99b/0x1170 [ 113.658983] copy_process+0x3ab7/0x73c0 [ 113.658994] kernel_clone+0xea/0x7f0 [ 113.659004] __do_sys_clone+0xce/0x120 [ 113.659014] do_syscall_64+0xbf/0x360 [ 113.659023] entry_SYSCALL_64_after_hwframe+0x77/0x7f 09:29:01 executing program 2: mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x300000c) 09:29:01 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000002380)=[{&(0x7f0000000100)="889f", 0x2}], 0x1}, 0x48d0) 09:29:01 executing program 7: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x28002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) pipe(0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x8040, 0x0) 09:29:01 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, 0x0, 0x0) 09:29:01 executing program 3: unshare(0x24000000) unshare(0x2c040600) [ 113.760443] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode [ 113.764035] mac80211_hwsim hwsim17 wlan1: left promiscuous mode 09:29:01 executing program 1: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) statx(r0, 0x0, 0x1000, 0xfeffffff, 0x0) 09:29:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x50, 0x1, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0) 09:29:01 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, 0x0, 0x0) 09:29:01 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/unix\x00') pread64(r0, &(0x7f0000000240)=""/168, 0xf2, 0x2000005) [ 113.787187] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode 09:29:01 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000002380)=[{&(0x7f0000000100)="889f", 0x2}], 0x1}, 0x48d0) [ 113.794510] mac80211_hwsim hwsim17 wlan1: left promiscuous mode 09:29:01 executing program 2: mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x300000c) 09:29:01 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/unix\x00') pread64(r0, &(0x7f0000000240)=""/168, 0xf2, 0x2000005) 09:29:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x50, 0x1, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0) 09:29:01 executing program 3: unshare(0x24000000) unshare(0x2c040600) 09:29:01 executing program 1: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) statx(r0, 0x0, 0x1000, 0xfeffffff, 0x0) 09:29:01 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/unix\x00') pread64(r0, &(0x7f0000000240)=""/168, 0xf2, 0x2000005) 09:29:01 executing program 2: mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x300000c) [ 113.883473] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode [ 113.888181] mac80211_hwsim hwsim17 wlan1: left promiscuous mode 09:29:01 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 6: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000002380)=[{&(0x7f0000000100)="889f", 0x2}], 0x1}, 0x48d0) 09:29:01 executing program 1: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) statx(r0, 0x0, 0x1000, 0xfeffffff, 0x0) 09:29:01 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/unix\x00') pread64(r0, &(0x7f0000000240)=""/168, 0xf2, 0x2000005) 09:29:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x50, 0x1, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0) 09:29:01 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) close(r1) 09:29:01 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000)=0x2, 0x4) [ 113.973511] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode [ 113.982325] mac80211_hwsim hwsim5 wlan1: left promiscuous mode 09:29:01 executing program 1: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) statx(r0, 0x0, 0x1000, 0xfeffffff, 0x0) [ 114.001302] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode [ 114.002290] mac80211_hwsim hwsim17 wlan1: left promiscuous mode 09:29:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x50, 0x1, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0) 09:29:01 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000)=0x2, 0x4) 09:29:01 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) close(r1) 09:29:01 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) 09:29:01 executing program 6: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="180ba7eb9c3237e3c7e5686aa7225dac3b608cc126d5664070080dd1cc65928d286fae54bf6fbbb0e50321d045eed7307bfb1b528066e15e11625f81cd03af98d22a1376a4b61bfb39aeadf8ab0d09423fd698c67fcf3fe36fdf923f720e995e06be67a2b971293504fcddf11610", 0x6e}}, 0x0) 09:29:01 executing program 7: r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$search(0xa, 0x0, &(0x7f0000000000)='keyring\x00', 0x0, 0x0) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0x1d, r1, &(0x7f0000000000)=""/246, 0xf6) 09:29:01 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000180)=""/170, &(0x7f0000000100)=0xaa) [ 114.103554] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode [ 114.108317] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode [ 114.109287] mac80211_hwsim hwsim17 wlan1: left promiscuous mode [ 114.112430] mac80211_hwsim hwsim5 wlan1: left promiscuous mode [ 114.126961] ieee802154 phy0 wpan0: encryption failed: -90 09:29:01 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000180)=""/170, &(0x7f0000000100)=0xaa) [ 114.158833] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted 09:29:01 executing program 6: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="180ba7eb9c3237e3c7e5686aa7225dac3b608cc126d5664070080dd1cc65928d286fae54bf6fbbb0e50321d045eed7307bfb1b528066e15e11625f81cd03af98d22a1376a4b61bfb39aeadf8ab0d09423fd698c67fcf3fe36fdf923f720e995e06be67a2b971293504fcddf11610", 0x6e}}, 0x0) 09:29:01 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r1, 0x1, 0x6, @multicast}, 0x10) 09:29:01 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000180)=""/170, &(0x7f0000000100)=0xaa) 09:29:01 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000091b73ef4b8d944c4be6aeaa0d6c47e6c010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000d4f4655fd5f4655fd5f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000d4f4655fd4f4655fd4f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000000040)="80641c0000180000d4f4655fd4f4655fd4f4655f000000000000010080e50000100008feff0000000a", 0x29, 0x4c00}, {&(0x7f0000013900)="111fc0d901", 0x5, 0x30000}], 0x0, &(0x7f0000014a00)) 09:29:01 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000)=0x2, 0x4) 09:29:01 executing program 7: r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$search(0xa, 0x0, &(0x7f0000000000)='keyring\x00', 0x0, 0x0) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0x1d, r1, &(0x7f0000000000)=""/246, 0xf6) 09:29:01 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) close(r1) [ 114.239965] ieee802154 phy0 wpan0: encryption failed: -90 [ 114.250202] audit: type=1400 audit(1756718941.826:10): avc: denied { write } for pid=4059 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 114.268094] loop4: detected capacity change from 0 to 4096 [ 114.285679] EXT4-fs error (device loop4): ext4_quota_enable:7134: inode #4: comm syz-executor.4: casefold flag without casefold feature [ 114.290348] EXT4-fs error (device loop4): ext4_quota_enable:7136: comm syz-executor.4: Bad quota inode: 4, type: 1 [ 114.290870] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted 09:29:01 executing program 6: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="180ba7eb9c3237e3c7e5686aa7225dac3b608cc126d5664070080dd1cc65928d286fae54bf6fbbb0e50321d045eed7307bfb1b528066e15e11625f81cd03af98d22a1376a4b61bfb39aeadf8ab0d09423fd698c67fcf3fe36fdf923f720e995e06be67a2b971293504fcddf11610", 0x6e}}, 0x0) [ 114.296314] EXT4-fs warning (device loop4): ext4_enable_quotas:7174: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. 09:29:01 executing program 7: r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$search(0xa, 0x0, &(0x7f0000000000)='keyring\x00', 0x0, 0x0) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0x1d, r1, &(0x7f0000000000)=""/246, 0xf6) [ 114.313558] EXT4-fs (loop4): mount failed [ 114.334063] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode [ 114.344103] ieee802154 phy0 wpan0: encryption failed: -90 [ 114.345331] mac80211_hwsim hwsim5 wlan1: left promiscuous mode [ 114.362044] loop4: detected capacity change from 0 to 4096 09:29:01 executing program 6: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="180ba7eb9c3237e3c7e5686aa7225dac3b608cc126d5664070080dd1cc65928d286fae54bf6fbbb0e50321d045eed7307bfb1b528066e15e11625f81cd03af98d22a1376a4b61bfb39aeadf8ab0d09423fd698c67fcf3fe36fdf923f720e995e06be67a2b971293504fcddf11610", 0x6e}}, 0x0) [ 114.380742] EXT4-fs error (device loop4): ext4_quota_enable:7134: inode #4: comm syz-executor.4: casefold flag without casefold feature 09:29:01 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) 09:29:01 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000180)=""/170, &(0x7f0000000100)=0xaa) [ 114.395337] EXT4-fs error (device loop4): ext4_quota_enable:7136: comm syz-executor.4: Bad quota inode: 4, type: 1 09:29:01 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) close(r1) [ 114.412948] EXT4-fs warning (device loop4): ext4_enable_quotas:7174: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 114.432572] EXT4-fs (loop4): mount failed [ 114.435671] ieee802154 phy0 wpan0: encryption failed: -90 [ 114.492288] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted 09:29:02 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000)=0x2, 0x4) 09:29:02 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) 09:29:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000091b73ef4b8d944c4be6aeaa0d6c47e6c010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000d4f4655fd5f4655fd5f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000d4f4655fd4f4655fd4f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000000040)="80641c0000180000d4f4655fd4f4655fd4f4655f000000000000010080e50000100008feff0000000a", 0x29, 0x4c00}, {&(0x7f0000013900)="111fc0d901", 0x5, 0x30000}], 0x0, &(0x7f0000014a00)) 09:29:02 executing program 5: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) 09:29:02 executing program 7: r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$search(0xa, 0x0, &(0x7f0000000000)='keyring\x00', 0x0, 0x0) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$read(0x1d, r1, &(0x7f0000000000)=""/246, 0xf6) 09:29:02 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) 09:29:02 executing program 6: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) 09:29:02 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) [ 114.660563] loop4: detected capacity change from 0 to 4096 [ 114.664526] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000000: 0000 [#1] SMP KASAN NOPTI [ 114.666144] KASAN: probably user-memory-access in range [0x0000000100000000-0x0000000100000007] [ 114.667443] CPU: 0 UID: 0 PID: 4108 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 114.675218] Tainted: [W]=WARN [ 114.675673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 114.676889] RIP: 0010:__queue_work+0x202/0x1240 [ 114.677588] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 114.680266] RSP: 0018:ffff888016cb7398 EFLAGS: 00010016 [ 114.681032] RAX: 0000000020000000 RBX: ffff88800ba05118 RCX: ffffc90007825000 [ 114.682057] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 114.683130] RBP: 0000000100000000 R08: 0000000000000001 R09: fffffbfff0f128f4 [ 114.684162] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 114.684434] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted [ 114.685198] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8880162e0800 [ 114.685217] FS: 00007f15b32b6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 114.688156] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.689012] CR2: 00007f15b32b7000 CR3: 000000004376b000 CR4: 0000000000350ef0 [ 114.690053] Call Trace: [ 114.690469] [ 114.690816] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 114.691510] queue_work_on+0xd0/0xe0 [ 114.692069] loop_queue_rq+0x5c8/0x1180 [ 114.692685] __blk_mq_issue_directly+0xd5/0x260 [ 114.693384] ? __pfx___blk_mq_issue_directly+0x10/0x10 [ 114.694167] ? bdev_count_inflight_rw.part.0+0x5f/0x380 [ 114.694985] blk_mq_request_issue_directly+0x11c/0x1e0 [ 114.695762] blk_mq_issue_direct+0x192/0x640 [ 114.696418] blk_mq_dispatch_queue_requests+0x4b0/0x7c0 [ 114.697185] blk_mq_flush_plug_list+0x1ec/0x5b0 [ 114.697862] ? read_tsc+0x9/0x20 [ 114.698413] ? ktime_get+0x16d/0x270 [ 114.698967] ? trace_block_plug+0x149/0x1b0 [ 114.699607] ? blk_add_rq_to_plug+0x234/0x550 [ 114.700267] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 114.701022] ? blk_mq_submit_bio+0x4fd/0x2220 [ 114.701691] __blk_flush_plug+0x25c/0x460 [ 114.702327] ? __pfx___blk_flush_plug+0x10/0x10 [ 114.703013] ? bio_associate_blkg_from_css+0x4fe/0x1380 [ 114.703798] __submit_bio+0x480/0x5b0 [ 114.704366] ? __pfx___submit_bio+0x10/0x10 [ 114.704989] ? read_tsc+0x9/0x20 [ 114.705498] ? ktime_get+0x16d/0x270 [ 114.706049] submit_bio_noacct_nocheck+0x68e/0xcb0 [ 114.706793] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 114.707600] submit_bio_noacct+0x359/0x1350 [ 114.708226] ? __pfx_end_buffer_read_sync+0x10/0x10 [ 114.708957] ext4_read_bh+0x15a/0x2e0 [ 114.709523] ext4_read_bh_lock+0x7a/0xd0 [ 114.710121] ext4_sb_bread_unmovable+0x172/0x260 [ 114.710853] ext4_fill_super+0x662/0xba20 [ 114.711485] ? wake_bit_function+0x210/0x240 [ 114.712151] ? snprintf+0xbe/0x100 [ 114.712691] ? __pfx_snprintf+0x10/0x10 [ 114.713292] ? __pfx_ext4_fill_super+0x10/0x10 [ 114.713982] ? find_held_lock+0x2b/0x80 [ 114.714591] ? setup_bdev_super+0x2ed/0x6e0 [ 114.715238] ? set_blocksize+0x1b4/0x470 [ 114.715829] ? lock_release+0xc8/0x290 [ 114.716402] ? sb_set_blocksize+0x177/0x1c0 [ 114.717035] ? setup_bdev_super+0x31f/0x6e0 [ 114.717681] get_tree_bdev_flags+0x38a/0x620 [ 114.718353] ? __pfx_ext4_fill_super+0x10/0x10 [ 114.719032] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 114.719756] ? cap_capable+0xdb/0x3b0 [ 114.720329] ? security_capable+0x2f/0x90 [ 114.720933] vfs_get_tree+0x93/0x340 [ 114.721492] path_mount+0x132d/0x1dd0 [ 114.722058] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 114.722855] ? __pfx_path_mount+0x10/0x10 [ 114.723466] ? kmem_cache_free+0x2a1/0x540 [ 114.724078] ? putname.part.0+0x11b/0x160 [ 114.724689] ? getname_flags.part.0+0x1c6/0x540 [ 114.725377] ? putname.part.0+0x11b/0x160 [ 114.725982] __x64_sys_mount+0x27b/0x300 [ 114.726608] ? __pfx___x64_sys_mount+0x10/0x10 [ 114.727285] do_syscall_64+0xbf/0x360 [ 114.727848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.728596] RIP: 0033:0x7f15b5d4204a [ 114.729143] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.731745] RSP: 002b:00007f15b32b5fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.732834] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f15b5d4204a [ 114.733865] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f15b32b6000 [ 114.734929] RBP: 00007f15b32b6040 R08: 00007f15b32b6040 R09: 0000000020000000 [ 114.735951] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 114.736968] R13: 0000000020000100 R14: 00007f15b32b6000 R15: 0000000020014a00 [ 114.737991] [ 114.738374] Modules linked in: [ 114.738854] ---[ end trace 0000000000000000 ]--- [ 114.739531] RIP: 0010:__queue_work+0x202/0x1240 [ 114.740215] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 114.742854] RSP: 0018:ffff888016cb7398 EFLAGS: 00010016 [ 114.743628] RAX: 0000000020000000 RBX: ffff88800ba05118 RCX: ffffc90007825000 [ 114.744648] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 114.745667] RBP: 0000000100000000 R08: 0000000000000001 R09: fffffbfff0f128f4 [ 114.746712] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 114.747739] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8880162e0800 [ 114.748770] FS: 00007f15b32b6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 114.749928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.750789] CR2: 00007f15b32b7000 CR3: 000000004376b000 CR4: 0000000000350ef0 [ 114.751814] note: syz-executor.4[4108] exited with irqs disabled [ 114.753201] note: syz-executor.4[4108] exited with preempt_count 1 [ 114.754612] ------------[ cut here ]------------ [ 114.755364] WARNING: kernel/exit.c:898 at do_exit+0x1c36/0x2970, CPU#0: syz-executor.4/4108 [ 114.756630] Modules linked in: [ 114.757158] CPU: 0 UID: 0 PID: 4108 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 114.758959] Tainted: [D]=DIE, [W]=WARN [ 114.759574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 114.760792] RIP: 0010:do_exit+0x1c36/0x2970 [ 114.761467] Code: 96 0a 00 00 c7 43 18 00 00 00 00 e9 21 e6 ff ff e8 ef b3 38 00 bf 02 24 00 00 e8 f5 ab 0b 00 e9 41 ff ff ff e8 db b3 38 00 90 <0f> 0b 90 e9 87 e4 ff ff e8 cd b3 38 00 4c 89 e6 bf 05 06 00 00 e8 [ 114.764170] RSP: 0018:ffff888016cb7e40 EFLAGS: 00010246 [ 114.764963] RAX: 0000000000040000 RBX: 0000000000000200 RCX: ffffc90007825000 [ 114.766015] RDX: 0000000000040000 RSI: ffffffff813b42d5 RDI: ffff8880190aad68 [ 114.767089] RBP: ffff8880190a9b80 R08: 0000000000000001 R09: fffffbfff0f126d8 [ 114.768147] R10: 0000000000000200 R11: 0000000000000001 R12: 000000000000000b [ 114.769216] R13: 0000000000002710 R14: dffffc0020000000 R15: 0000000000000000 [ 114.770308] FS: 00007f15b32b6700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 114.771491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.772359] CR2: 00007f15b32b7000 CR3: 000000004376b000 CR4: 0000000000350ef0 [ 114.773423] Call Trace: [ 114.773808] [ 114.774195] ? _printk+0xbe/0xf0 [ 114.774721] ? __pfx__printk+0x10/0x10 [ 114.775331] ? __pfx_do_exit+0x10/0x10 [ 114.775921] make_task_dead+0x174/0x3b0 [ 114.776556] ? do_syscall_64+0xbf/0x360 [ 114.777208] rewind_stack_and_make_dead+0x16/0x20 [ 114.777935] RIP: 0033:0x7f15b5d4204a [ 114.778539] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.781214] RSP: 002b:00007f15b32b5fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.782377] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f15b5d4204a [ 114.783455] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f15b32b6000 [ 114.784523] RBP: 00007f15b32b6040 R08: 00007f15b32b6040 R09: 0000000020000000 [ 114.785605] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 114.786687] R13: 0000000020000100 R14: 00007f15b32b6000 R15: 0000000020014a00 [ 114.787766] [ 114.788143] irq event stamp: 420 [ 114.788669] hardirqs last enabled at (419): [] ktime_get+0x1c7/0x270 [ 114.789888] hardirqs last disabled at (420): [] _raw_spin_lock_irq+0x42/0x50 [ 114.791193] softirqs last enabled at (376): [] handle_softirqs+0x50c/0x770 [ 114.792481] softirqs last disabled at (347): [] __irq_exit_rcu+0xc4/0x100 [ 114.793732] ---[ end trace 0000000000000000 ]--- [ 114.794474] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 114.795822] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 4108, name: syz-executor.4 [ 114.797092] preempt_count: 0, expected: 0 [ 114.797722] RCU nest depth: 2, expected: 0 [ 114.798393] INFO: lockdep is turned off. [ 114.798987] CPU: 0 UID: 0 PID: 4108 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 114.799022] Tainted: [D]=DIE, [W]=WARN [ 114.799029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 114.799040] Call Trace: [ 114.799047] [ 114.799055] dump_stack_lvl+0xfa/0x120 [ 114.799095] __might_resched+0x2f3/0x510 [ 114.799126] exit_signals+0x25/0x940 [ 114.799159] do_exit+0x2db/0x2970 [ 114.799183] ? _printk+0xbe/0xf0 [ 114.799206] ? __pfx__printk+0x10/0x10 [ 114.799230] ? __pfx_do_exit+0x10/0x10 [ 114.799258] make_task_dead+0x174/0x3b0 [ 114.799282] ? do_syscall_64+0xbf/0x360 [ 114.799303] rewind_stack_and_make_dead+0x16/0x20 [ 114.799332] RIP: 0033:0x7f15b5d4204a [ 114.799347] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.799367] RSP: 002b:00007f15b32b5fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.799388] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f15b5d4204a [ 114.799402] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f15b32b6000 [ 114.799416] RBP: 00007f15b32b6040 R08: 00007f15b32b6040 R09: 0000000020000000 [ 114.799429] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 114.799442] R13: 0000000020000100 R14: 00007f15b32b6000 R15: 0000000020014a00 [ 114.799462] 09:29:02 executing program 2: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) [ 114.857832] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted 09:29:02 executing program 7: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x0) clone3(&(0x7f00000002c0)={0x1720e0180, 0x0, 0x0, 0x0, {0x10000}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r3, 0x0) sendmmsg$unix(r2, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000dc2295a1f12ef87d009b3d06eb113483f9a1802dc52b03cfb0", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x18}}], 0x1, 0x0) recvmsg$unix(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}], 0x20}, 0x2000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/sr0', 0x0, 0x0) getdents(r4, &(0x7f0000001d40)=""/4096, 0x1000) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0xa4ea4d52e7e4bfdf) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0x40086607, &(0x7f0000000640)=ANY=[@ANYBLOB="000600000000000000000000000000004000000000000000005bc53028000000076709c0c6621983612c2e01bbfae3a6b1a9e37c813ff646d39c07df2e88df179e3b2ae79ba085a56ab8a735eaf8d88165cefc4b0e282c53fa478fb0d92dd6f647432303ae04f143cfd7f7a58fd65f7c1f1b6ea412c812763e54de122f518c7dc0aa6b0d609b4fe2710632eec88d0a2d1b712062ee13cb7335ce"]) r6 = fork() ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r5, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff9}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000400)={'vlan1\x00'}) ptrace(0x10, r6) wait4(r6, 0x0, 0x20000000, &(0x7f0000000440)) [ 114.874653] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted [ 114.896535] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted [ 114.917927] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted [ 114.938848] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted [ 114.971177] EXT4-fs warning (device sda): ext4_group_extend:1862: can't shrink FS - resize aborted [ 115.144287] kmemleak: Automatic memory scanning thread ended VM DIAGNOSIS: 09:29:02 Registers: info registers vcpu 0 RAX=0000000000000072 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888016cb6cf0 R8 =0000000000000000 R9 =ffffed100140e046 R10=0000000000000072 R11=552030203a555043 R12=0000000000000072 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f15b32b6700 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe3d00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f15b32b7000 CR3=000000004376b000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=65756e69746e6f633d73726f7272652c XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=ffffffffffffffffffffffffffffffff XMM05=000b0000000000000001000000000000 XMM06=00005f65f4d4000000010001ef53ffff XMM07=00015f65f4d55f65f4d5000000200000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000010002 RBX=ffff88806cf28de0 RCX=ffffffff84b814e8 RDX=ffff8880131d1b80 RSI=ffffffff84b8158c RDI=ffff88806cf289f0 RBP=ffff88806cf289d8 RSP=ffff88806cf08de0 R8 =0000000000000000 R9 =fffffbfff0c8768a R10=ffff88806cf289d8 R11=0000000000021011 R12=dffffc0000000000 R13=0000001aac7ca6c0 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff8173f6d1 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe5800000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f90e27e6f68 CR3=0000000042f92000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000