Warning: Permanently added '[localhost]:12262' (ECDSA) to the list of known hosts. 2025/09/01 11:15:42 fuzzer started 2025/09/01 11:15:42 dialing manager at localhost:35473 syzkaller login: [ 50.803585] cgroup: Unknown subsys name 'net' [ 51.130261] cgroup: Unknown subsys name 'cpuset' [ 51.138056] cgroup: Unknown subsys name 'rlimit' 2025/09/01 11:15:52 syscalls: 2214 2025/09/01 11:15:52 code coverage: enabled 2025/09/01 11:15:52 comparison tracing: enabled 2025/09/01 11:15:52 extra coverage: enabled 2025/09/01 11:15:52 setuid sandbox: enabled 2025/09/01 11:15:52 namespace sandbox: enabled 2025/09/01 11:15:52 Android sandbox: enabled 2025/09/01 11:15:52 fault injection: enabled 2025/09/01 11:15:52 leak checking: enabled 2025/09/01 11:15:52 net packet injection: enabled 2025/09/01 11:15:52 net device setup: enabled 2025/09/01 11:15:52 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 11:15:52 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 11:15:52 USB emulation: enabled 2025/09/01 11:15:52 hci packet injection: enabled 2025/09/01 11:15:52 wifi device emulation: enabled 2025/09/01 11:15:52 802.15.4 emulation: enabled 2025/09/01 11:15:52 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 11:15:52 fetching corpus: 50, signal 21710/25239 (executing program) 2025/09/01 11:15:53 fetching corpus: 100, signal 33109/38019 (executing program) 2025/09/01 11:15:53 fetching corpus: 150, signal 39906/46156 (executing program) 2025/09/01 11:15:53 fetching corpus: 200, signal 49373/56649 (executing program) 2025/09/01 11:15:53 fetching corpus: 250, signal 55141/63523 (executing program) 2025/09/01 11:15:53 fetching corpus: 300, signal 58615/68125 (executing program) 2025/09/01 11:15:53 fetching corpus: 350, signal 61280/71897 (executing program) 2025/09/01 11:15:53 fetching corpus: 400, signal 67747/79068 (executing program) 2025/09/01 11:15:53 fetching corpus: 450, signal 71412/83663 (executing program) 2025/09/01 11:15:53 fetching corpus: 500, signal 74023/87211 (executing program) 2025/09/01 11:15:53 fetching corpus: 550, signal 77861/91815 (executing program) 2025/09/01 11:15:53 fetching corpus: 600, signal 82496/96989 (executing program) 2025/09/01 11:15:53 fetching corpus: 650, signal 84245/99585 (executing program) 2025/09/01 11:15:53 fetching corpus: 700, signal 87398/103302 (executing program) 2025/09/01 11:15:54 fetching corpus: 750, signal 89009/105724 (executing program) 2025/09/01 11:15:54 fetching corpus: 800, signal 90314/107845 (executing program) 2025/09/01 11:15:54 fetching corpus: 850, signal 91954/110207 (executing program) 2025/09/01 11:15:54 fetching corpus: 900, signal 93793/112733 (executing program) 2025/09/01 11:15:54 fetching corpus: 950, signal 95633/115224 (executing program) 2025/09/01 11:15:54 fetching corpus: 1000, signal 96631/116936 (executing program) 2025/09/01 11:15:54 fetching corpus: 1050, signal 98835/119589 (executing program) 2025/09/01 11:15:54 fetching corpus: 1100, signal 101757/122813 (executing program) 2025/09/01 11:15:54 fetching corpus: 1150, signal 103525/125058 (executing program) 2025/09/01 11:15:54 fetching corpus: 1200, signal 105416/127385 (executing program) 2025/09/01 11:15:55 fetching corpus: 1250, signal 106700/129194 (executing program) 2025/09/01 11:15:55 fetching corpus: 1300, signal 107975/131028 (executing program) 2025/09/01 11:15:55 fetching corpus: 1350, signal 109146/132705 (executing program) 2025/09/01 11:15:55 fetching corpus: 1400, signal 110570/134549 (executing program) 2025/09/01 11:15:55 fetching corpus: 1450, signal 111579/136075 (executing program) 2025/09/01 11:15:55 fetching corpus: 1500, signal 112845/137775 (executing program) 2025/09/01 11:15:55 fetching corpus: 1550, signal 114020/139423 (executing program) 2025/09/01 11:15:55 fetching corpus: 1600, signal 115057/140886 (executing program) 2025/09/01 11:15:55 fetching corpus: 1650, signal 116069/142308 (executing program) 2025/09/01 11:15:55 fetching corpus: 1700, signal 116996/143653 (executing program) 2025/09/01 11:15:56 fetching corpus: 1750, signal 118759/145515 (executing program) 2025/09/01 11:15:56 fetching corpus: 1800, signal 119853/146939 (executing program) 2025/09/01 11:15:56 fetching corpus: 1850, signal 120850/148286 (executing program) 2025/09/01 11:15:56 fetching corpus: 1900, signal 122215/149838 (executing program) 2025/09/01 11:15:56 fetching corpus: 1950, signal 123397/151244 (executing program) 2025/09/01 11:15:56 fetching corpus: 2000, signal 124259/152438 (executing program) 2025/09/01 11:15:56 fetching corpus: 2050, signal 124901/153497 (executing program) 2025/09/01 11:15:56 fetching corpus: 2100, signal 125651/154578 (executing program) 2025/09/01 11:15:56 fetching corpus: 2150, signal 126512/155706 (executing program) 2025/09/01 11:15:56 fetching corpus: 2200, signal 127248/156762 (executing program) 2025/09/01 11:15:56 fetching corpus: 2250, signal 128011/157801 (executing program) 2025/09/01 11:15:57 fetching corpus: 2300, signal 128586/158773 (executing program) 2025/09/01 11:15:57 fetching corpus: 2350, signal 129156/159722 (executing program) 2025/09/01 11:15:57 fetching corpus: 2400, signal 129933/160768 (executing program) 2025/09/01 11:15:57 fetching corpus: 2450, signal 130942/161892 (executing program) 2025/09/01 11:15:57 fetching corpus: 2500, signal 131752/162894 (executing program) 2025/09/01 11:15:57 fetching corpus: 2550, signal 132463/163837 (executing program) 2025/09/01 11:15:57 fetching corpus: 2600, signal 133236/164835 (executing program) 2025/09/01 11:15:57 fetching corpus: 2650, signal 133884/165661 (executing program) 2025/09/01 11:15:57 fetching corpus: 2699, signal 134849/166604 (executing program) 2025/09/01 11:15:57 fetching corpus: 2749, signal 135590/167480 (executing program) 2025/09/01 11:15:57 fetching corpus: 2799, signal 136207/168304 (executing program) 2025/09/01 11:15:58 fetching corpus: 2849, signal 136807/169103 (executing program) 2025/09/01 11:15:58 fetching corpus: 2899, signal 137525/169969 (executing program) 2025/09/01 11:15:58 fetching corpus: 2949, signal 138052/170732 (executing program) 2025/09/01 11:15:58 fetching corpus: 2999, signal 138982/171662 (executing program) 2025/09/01 11:15:58 fetching corpus: 3049, signal 139666/172463 (executing program) 2025/09/01 11:15:58 fetching corpus: 3099, signal 140068/173146 (executing program) 2025/09/01 11:15:58 fetching corpus: 3149, signal 140681/173852 (executing program) 2025/09/01 11:15:58 fetching corpus: 3199, signal 141492/174617 (executing program) 2025/09/01 11:15:58 fetching corpus: 3249, signal 141983/175257 (executing program) 2025/09/01 11:15:58 fetching corpus: 3299, signal 142931/176025 (executing program) 2025/09/01 11:15:58 fetching corpus: 3349, signal 143481/176691 (executing program) 2025/09/01 11:15:59 fetching corpus: 3399, signal 144364/177403 (executing program) 2025/09/01 11:15:59 fetching corpus: 3449, signal 144999/178031 (executing program) 2025/09/01 11:15:59 fetching corpus: 3499, signal 145573/178647 (executing program) 2025/09/01 11:15:59 fetching corpus: 3549, signal 146744/179406 (executing program) 2025/09/01 11:15:59 fetching corpus: 3599, signal 147428/180015 (executing program) 2025/09/01 11:15:59 fetching corpus: 3649, signal 147785/180555 (executing program) 2025/09/01 11:15:59 fetching corpus: 3699, signal 148681/181198 (executing program) 2025/09/01 11:15:59 fetching corpus: 3749, signal 149059/181722 (executing program) 2025/09/01 11:15:59 fetching corpus: 3799, signal 149791/182267 (executing program) 2025/09/01 11:15:59 fetching corpus: 3849, signal 150707/182830 (executing program) 2025/09/01 11:15:59 fetching corpus: 3899, signal 151101/183325 (executing program) 2025/09/01 11:16:00 fetching corpus: 3949, signal 151472/183810 (executing program) 2025/09/01 11:16:00 fetching corpus: 3999, signal 152180/184312 (executing program) 2025/09/01 11:16:00 fetching corpus: 4049, signal 152613/184768 (executing program) 2025/09/01 11:16:00 fetching corpus: 4099, signal 153181/185253 (executing program) 2025/09/01 11:16:00 fetching corpus: 4149, signal 153741/185715 (executing program) 2025/09/01 11:16:00 fetching corpus: 4199, signal 154214/186127 (executing program) 2025/09/01 11:16:00 fetching corpus: 4249, signal 154754/186575 (executing program) 2025/09/01 11:16:00 fetching corpus: 4299, signal 155399/186995 (executing program) 2025/09/01 11:16:00 fetching corpus: 4349, signal 156032/187418 (executing program) 2025/09/01 11:16:01 fetching corpus: 4399, signal 156521/187806 (executing program) 2025/09/01 11:16:01 fetching corpus: 4449, signal 157305/188185 (executing program) 2025/09/01 11:16:01 fetching corpus: 4499, signal 157810/188549 (executing program) 2025/09/01 11:16:01 fetching corpus: 4549, signal 158284/188931 (executing program) 2025/09/01 11:16:01 fetching corpus: 4599, signal 158802/189258 (executing program) 2025/09/01 11:16:01 fetching corpus: 4649, signal 159417/189406 (executing program) 2025/09/01 11:16:01 fetching corpus: 4699, signal 159875/189411 (executing program) 2025/09/01 11:16:01 fetching corpus: 4749, signal 160213/189453 (executing program) 2025/09/01 11:16:01 fetching corpus: 4799, signal 160640/189482 (executing program) 2025/09/01 11:16:01 fetching corpus: 4849, signal 161125/189496 (executing program) 2025/09/01 11:16:01 fetching corpus: 4899, signal 161443/189499 (executing program) 2025/09/01 11:16:02 fetching corpus: 4949, signal 161773/189501 (executing program) 2025/09/01 11:16:02 fetching corpus: 4999, signal 162302/189508 (executing program) 2025/09/01 11:16:02 fetching corpus: 5049, signal 162920/189523 (executing program) 2025/09/01 11:16:02 fetching corpus: 5099, signal 163498/189525 (executing program) 2025/09/01 11:16:02 fetching corpus: 5149, signal 163969/189541 (executing program) 2025/09/01 11:16:02 fetching corpus: 5199, signal 164484/189549 (executing program) 2025/09/01 11:16:02 fetching corpus: 5249, signal 164940/189569 (executing program) 2025/09/01 11:16:02 fetching corpus: 5299, signal 165280/189581 (executing program) 2025/09/01 11:16:02 fetching corpus: 5349, signal 165652/189581 (executing program) 2025/09/01 11:16:02 fetching corpus: 5399, signal 165974/189589 (executing program) 2025/09/01 11:16:02 fetching corpus: 5449, signal 166236/189612 (executing program) 2025/09/01 11:16:02 fetching corpus: 5499, signal 166578/189615 (executing program) 2025/09/01 11:16:03 fetching corpus: 5549, signal 167260/189619 (executing program) 2025/09/01 11:16:03 fetching corpus: 5599, signal 167554/189623 (executing program) 2025/09/01 11:16:03 fetching corpus: 5649, signal 167844/189630 (executing program) 2025/09/01 11:16:03 fetching corpus: 5699, signal 168282/189634 (executing program) 2025/09/01 11:16:03 fetching corpus: 5749, signal 168675/189638 (executing program) 2025/09/01 11:16:03 fetching corpus: 5799, signal 169118/189649 (executing program) 2025/09/01 11:16:03 fetching corpus: 5849, signal 169363/189653 (executing program) 2025/09/01 11:16:03 fetching corpus: 5899, signal 169783/189657 (executing program) 2025/09/01 11:16:03 fetching corpus: 5949, signal 170148/189662 (executing program) 2025/09/01 11:16:03 fetching corpus: 5999, signal 170550/189664 (executing program) 2025/09/01 11:16:03 fetching corpus: 6049, signal 170821/189673 (executing program) 2025/09/01 11:16:03 fetching corpus: 6099, signal 171231/189674 (executing program) 2025/09/01 11:16:04 fetching corpus: 6149, signal 171501/189674 (executing program) 2025/09/01 11:16:04 fetching corpus: 6199, signal 171826/189679 (executing program) 2025/09/01 11:16:04 fetching corpus: 6249, signal 172084/189689 (executing program) 2025/09/01 11:16:04 fetching corpus: 6299, signal 172402/189689 (executing program) 2025/09/01 11:16:04 fetching corpus: 6349, signal 173048/189693 (executing program) 2025/09/01 11:16:04 fetching corpus: 6399, signal 173745/189723 (executing program) 2025/09/01 11:16:04 fetching corpus: 6449, signal 174085/189761 (executing program) 2025/09/01 11:16:04 fetching corpus: 6499, signal 174392/189769 (executing program) 2025/09/01 11:16:04 fetching corpus: 6549, signal 174568/189779 (executing program) 2025/09/01 11:16:04 fetching corpus: 6599, signal 174794/189783 (executing program) 2025/09/01 11:16:04 fetching corpus: 6649, signal 175126/189793 (executing program) 2025/09/01 11:16:04 fetching corpus: 6699, signal 175444/189800 (executing program) 2025/09/01 11:16:05 fetching corpus: 6749, signal 176132/189801 (executing program) 2025/09/01 11:16:05 fetching corpus: 6799, signal 176632/189804 (executing program) 2025/09/01 11:16:05 fetching corpus: 6849, signal 177113/189857 (executing program) 2025/09/01 11:16:05 fetching corpus: 6899, signal 177532/189865 (executing program) 2025/09/01 11:16:05 fetching corpus: 6949, signal 177855/189871 (executing program) 2025/09/01 11:16:05 fetching corpus: 6999, signal 178300/189900 (executing program) 2025/09/01 11:16:05 fetching corpus: 7049, signal 178782/190002 (executing program) 2025/09/01 11:16:05 fetching corpus: 7099, signal 179190/190004 (executing program) 2025/09/01 11:16:05 fetching corpus: 7149, signal 179425/190013 (executing program) 2025/09/01 11:16:05 fetching corpus: 7199, signal 179893/190040 (executing program) 2025/09/01 11:16:05 fetching corpus: 7249, signal 180228/190045 (executing program) 2025/09/01 11:16:06 fetching corpus: 7299, signal 180505/190045 (executing program) 2025/09/01 11:16:06 fetching corpus: 7349, signal 180953/190062 (executing program) 2025/09/01 11:16:06 fetching corpus: 7399, signal 181276/190067 (executing program) 2025/09/01 11:16:06 fetching corpus: 7449, signal 181718/190081 (executing program) 2025/09/01 11:16:06 fetching corpus: 7499, signal 181956/190097 (executing program) 2025/09/01 11:16:06 fetching corpus: 7549, signal 182173/190109 (executing program) 2025/09/01 11:16:06 fetching corpus: 7599, signal 182407/190116 (executing program) 2025/09/01 11:16:06 fetching corpus: 7649, signal 182834/190116 (executing program) 2025/09/01 11:16:06 fetching corpus: 7699, signal 183158/190152 (executing program) 2025/09/01 11:16:06 fetching corpus: 7749, signal 183522/190154 (executing program) 2025/09/01 11:16:06 fetching corpus: 7799, signal 183768/190159 (executing program) 2025/09/01 11:16:07 fetching corpus: 7849, signal 184493/190167 (executing program) 2025/09/01 11:16:07 fetching corpus: 7899, signal 184724/190168 (executing program) 2025/09/01 11:16:07 fetching corpus: 7949, signal 185051/190172 (executing program) 2025/09/01 11:16:07 fetching corpus: 7999, signal 185421/190178 (executing program) 2025/09/01 11:16:07 fetching corpus: 8049, signal 185592/190182 (executing program) 2025/09/01 11:16:07 fetching corpus: 8099, signal 185840/190183 (executing program) 2025/09/01 11:16:07 fetching corpus: 8149, signal 186079/190184 (executing program) 2025/09/01 11:16:07 fetching corpus: 8199, signal 186333/190185 (executing program) 2025/09/01 11:16:07 fetching corpus: 8249, signal 186535/190205 (executing program) 2025/09/01 11:16:07 fetching corpus: 8299, signal 186789/190213 (executing program) 2025/09/01 11:16:07 fetching corpus: 8349, signal 186988/190230 (executing program) 2025/09/01 11:16:08 fetching corpus: 8399, signal 187387/190232 (executing program) 2025/09/01 11:16:08 fetching corpus: 8428, signal 187558/190234 (executing program) 2025/09/01 11:16:08 fetching corpus: 8428, signal 187558/190234 (executing program) 2025/09/01 11:16:10 starting 8 fuzzer processes 11:16:10 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x200) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) splice(r0, 0x0, r1, 0x0, 0x7ff, 0x0) 11:16:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}]}, 0x20}}, 0x0) 11:16:10 executing program 6: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x141802, 0x0) ioctl$DVD_AUTH(r0, 0x5317, &(0x7f0000000140)=@lsc={0x3, 0x0, "8c2e9c993edfe1625d5a"}) 11:16:10 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) 11:16:10 executing program 2: r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20) fstat(r0, &(0x7f0000000100)) 11:16:10 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000100)='asymmetric\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', r1}) 11:16:10 executing program 4: r0 = eventfd2(0x0, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) io_submit(r1, 0x2, &(0x7f00000007c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x0, r2, 0x0}]) [ 77.913310] audit: type=1400 audit(1756725370.238:7): avc: denied { execmem } for pid=273 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:16:10 executing program 5: fork() [ 79.084306] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.089034] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.091402] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.098540] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.101238] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.217183] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.221946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.225771] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.227206] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.229467] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.230936] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.234564] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.236994] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.240330] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.242158] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.244519] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.245849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.262499] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 79.273147] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 79.276990] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 79.278400] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 79.279656] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.282594] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 79.288089] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 79.294323] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 79.303041] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.313365] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.315174] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 79.323120] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 79.330989] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 79.351235] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 79.353185] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 79.354622] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 79.368367] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.375318] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 79.391275] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 79.393841] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 79.397632] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 79.412841] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 79.423998] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 81.179155] Bluetooth: hci0: command tx timeout [ 81.306777] Bluetooth: hci2: command tx timeout [ 81.307392] Bluetooth: hci3: command tx timeout [ 81.370769] Bluetooth: hci6: command tx timeout [ 81.435239] Bluetooth: hci4: command tx timeout [ 81.435871] Bluetooth: hci1: command tx timeout [ 81.498839] Bluetooth: hci7: command tx timeout [ 81.499527] Bluetooth: hci5: command tx timeout [ 83.226809] Bluetooth: hci0: command tx timeout [ 83.354755] Bluetooth: hci3: command tx timeout [ 83.355162] Bluetooth: hci2: command tx timeout [ 83.418748] Bluetooth: hci6: command tx timeout [ 83.482944] Bluetooth: hci1: command tx timeout [ 83.483338] Bluetooth: hci4: command tx timeout [ 83.546845] Bluetooth: hci5: command tx timeout [ 83.547238] Bluetooth: hci7: command tx timeout [ 85.274803] Bluetooth: hci0: command tx timeout [ 85.402918] Bluetooth: hci2: command tx timeout [ 85.403335] Bluetooth: hci3: command tx timeout [ 85.466829] Bluetooth: hci6: command tx timeout [ 85.530746] Bluetooth: hci1: command tx timeout [ 85.531151] Bluetooth: hci4: command tx timeout [ 85.594734] Bluetooth: hci5: command tx timeout [ 85.595133] Bluetooth: hci7: command tx timeout [ 87.322834] Bluetooth: hci0: command tx timeout [ 87.450843] Bluetooth: hci2: command tx timeout [ 87.451264] Bluetooth: hci3: command tx timeout [ 87.514738] Bluetooth: hci6: command tx timeout [ 87.578850] Bluetooth: hci4: command tx timeout [ 87.579247] Bluetooth: hci1: command tx timeout [ 87.643860] Bluetooth: hci7: command tx timeout [ 87.644261] Bluetooth: hci5: command tx timeout [ 118.402981] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.403741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.588987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.589712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.841050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.841701] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.003962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.004734] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:16:51 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) [ 119.109426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.110448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:16:51 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) 11:16:51 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) [ 119.314916] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.315529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:16:51 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) 11:16:51 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) [ 119.405107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.405791] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.425651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.426318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:16:51 executing program 7: ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x3, 0x0, 0x3, 0x0, 0x0, 0x0}) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0xffffff5d) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000040)=""/102400, 0x19000) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000019440)) 11:16:51 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ppoll(&(0x7f0000000100)=[{r1}], 0x1, &(0x7f00000002c0), 0x0, 0x0) dup2(r0, r1) [ 119.567799] audit: type=1400 audit(1756725411.891:8): avc: denied { open } for pid=3841 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.576094] audit: type=1400 audit(1756725411.891:9): avc: denied { kernel } for pid=3841 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:16:51 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0) r1 = dup(r0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x12, r1, 0x0) [ 120.007957] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.008638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.058921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.059588] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.264521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.265236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.300745] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.301385] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.346651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.347468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.384751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.385402] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.465572] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.466278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.551220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.551865] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:16:53 executing program 2: r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20) fstat(r0, &(0x7f0000000100)) 11:16:53 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ppoll(&(0x7f0000000100)=[{r1}], 0x1, &(0x7f00000002c0), 0x0, 0x0) dup2(r0, r1) 11:16:53 executing program 7: r0 = socket$packet(0x11, 0x2, 0x300) recvmsg(r0, &(0x7f0000005cc0)={0x0, 0x0, 0x0}, 0x1) 11:16:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}]}, 0x20}}, 0x0) 11:16:53 executing program 5: clock_settime(0x0, &(0x7f0000000100)) 11:16:53 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000100)='asymmetric\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', r1}) 11:16:53 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df6967520cdbfb383417a9437ee7abadfd3289b31374d", 0xfe74}, {&(0x7f0000000040)="ca74af528a8c7fced14b6addc57cadb344919fd061007429a606ba08958a1aa5b8f50427d1384f17fd636bf5b9e104f1ba17b6bbda050fbd8ced52a48bd2fe015187885af35e7407d41f9753f0b169a1c072bd5d006437ebdad6", 0x5a}], 0x2) 11:16:53 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x200) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) splice(r0, 0x0, r1, 0x0, 0x7ff, 0x0) 11:16:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}]}, 0x20}}, 0x0) 11:16:53 executing program 7: r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) bind$unix(r0, &(0x7f0000000140)=@abs={0x1}, 0x6e) 11:16:53 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000100)='asymmetric\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', r1}) 11:16:53 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x200) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) splice(r0, 0x0, r1, 0x0, 0x7ff, 0x0) 11:16:53 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000001480)=[{0x0}, {0x0}, {&(0x7f0000000280)="481ff747b967", 0x6, 0x6}], 0x0, &(0x7f0000010d00)=ANY=[]) [ 120.888145] kmemleak: Found object by alias at 0x607f1a63e20c [ 120.888165] CPU: 0 UID: 0 PID: 3942 Comm: syz-executor.0 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 120.888184] Tainted: [W]=WARN [ 120.888187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 120.888195] Call Trace: [ 120.888199] [ 120.888203] dump_stack_lvl+0xca/0x120 [ 120.888228] __lookup_object+0x94/0xb0 [ 120.888245] delete_object_full+0x27/0x70 [ 120.888262] free_percpu+0x30/0x1160 [ 120.888279] ? arch_uprobe_clear_state+0x16/0x140 [ 120.888300] futex_hash_free+0x38/0xc0 [ 120.888314] mmput+0x2d3/0x390 [ 120.888333] do_exit+0x79d/0x2970 [ 120.888347] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 120.888361] ? zap_other_threads+0x2b9/0x3a0 [ 120.888378] ? __pfx_do_exit+0x10/0x10 [ 120.888392] ? do_group_exit+0x1c3/0x2a0 [ 120.888407] ? _raw_spin_unlock_irq+0x23/0x40 [ 120.888425] do_group_exit+0xd3/0x2a0 [ 120.888440] __x64_sys_exit_group+0x3e/0x50 [ 120.888455] x64_sys_call+0x18c5/0x18d0 [ 120.888470] do_syscall_64+0xbf/0x360 [ 120.888483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.888495] RIP: 0033:0x7f46125cdb19 [ 120.888503] Code: Unable to access opcode bytes at 0x7f46125cdaef. [ 120.888509] RSP: 002b:00007fff5111e578 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.888521] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f46125cdb19 [ 120.888529] RDX: 00007f461258072b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 120.888536] RBP: 0000000000000000 R08: 0000001b2d122c1c R09: 0000000000000000 [ 120.888543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.888549] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fff5111e660 [ 120.888565] [ 120.888569] kmemleak: Object (percpu) 0x607f1a63e208 (size 8): [ 120.888575] kmemleak: comm "syz-executor.5", pid 3948, jiffies 4294787729 [ 120.888583] kmemleak: min_count = 1 [ 120.888586] kmemleak: count = 0 [ 120.888590] kmemleak: flags = 0x21 [ 120.888594] kmemleak: checksum = 0 [ 120.888598] kmemleak: backtrace: [ 120.888601] pcpu_alloc_noprof+0x87a/0x1170 [ 120.888617] __alloc_workqueue+0x74b/0x1820 [ 120.888635] alloc_workqueue_noprof+0xc7/0x200 [ 120.888644] loop_configure+0xf73/0x1590 [ 120.888659] lo_ioctl+0x66d/0x1c70 [ 120.888677] blkdev_ioctl+0x27c/0x6c0 [ 120.888688] __x64_sys_ioctl+0x18f/0x210 [ 120.888704] do_syscall_64+0xbf/0x360 [ 120.888713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.911724] FAT-fs (loop5): bogus number of reserved sectors [ 120.911752] FAT-fs (loop5): Can't find a valid FAT filesystem [ 120.939455] kmemleak: Cannot insert 0x607f1a63e20c into the object search tree (overlaps existing) [ 120.939472] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 120.939491] Tainted: [W]=WARN [ 120.939496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 120.939504] Call Trace: [ 120.939508] [ 120.939513] dump_stack_lvl+0xca/0x120 [ 120.939546] __link_object+0x190/0x210 [ 120.939567] __create_object+0x48/0x80 [ 120.939587] pcpu_alloc_noprof+0x87a/0x1170 [ 120.939615] __percpu_init_rwsem+0x2d/0x160 [ 120.939634] ? security_sb_alloc+0x75/0x140 [ 120.939653] alloc_super+0x29e/0xb80 [ 120.939675] ? __pfx_super_s_dev_test+0x10/0x10 [ 120.939700] sget_fc+0xfe/0xb80 [ 120.939712] ? __pfx_super_s_dev_set+0x10/0x10 [ 120.939732] get_tree_bdev_flags+0x1b8/0x620 [ 120.939745] ? __pfx_vfat_fill_super+0x10/0x10 [ 120.939759] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 120.939773] ? cap_capable+0xdb/0x3b0 [ 120.939792] ? security_capable+0x2f/0x90 [ 120.939809] vfs_get_tree+0x93/0x340 [ 120.939829] path_mount+0x132d/0x1dd0 [ 120.939846] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 120.939862] ? __pfx_path_mount+0x10/0x10 [ 120.939877] ? kmem_cache_free+0x2a1/0x540 [ 120.939889] ? putname.part.0+0x11b/0x160 [ 120.939909] ? getname_flags.part.0+0x1c6/0x540 [ 120.939928] ? putname.part.0+0x11b/0x160 [ 120.939948] __x64_sys_mount+0x27b/0x300 [ 120.939963] ? __pfx___x64_sys_mount+0x10/0x10 [ 120.939984] do_syscall_64+0xbf/0x360 [ 120.939998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.940012] RIP: 0033:0x7fa5efb5a04a [ 120.940022] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.940034] RSP: 002b:00007fa5ed0cdfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 120.940047] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007fa5efb5a04a [ 120.940056] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fa5ed0ce000 [ 120.940064] RBP: 00007fa5ed0ce040 R08: 00007fa5ed0ce040 R09: 0000000020000000 [ 120.940073] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 120.940080] R13: 0000000020000100 R14: 00007fa5ed0ce000 R15: 0000000020010d00 [ 120.940097] [ 120.940374] kmemleak: Kernel memory leak detector disabled [ 120.940378] kmemleak: Object (percpu) 0x607f1a63e208 (size 8): [ 120.940386] kmemleak: comm "syz-executor.5", pid 3948, jiffies 4294787729 [ 120.940394] kmemleak: min_count = 1 [ 120.940398] kmemleak: count = 0 [ 120.940402] kmemleak: flags = 0x21 [ 120.940406] kmemleak: checksum = 0 [ 120.940411] kmemleak: backtrace: [ 120.940415] pcpu_alloc_noprof+0x87a/0x1170 [ 120.940433] __alloc_workqueue+0x74b/0x1820 [ 120.940453] alloc_workqueue_noprof+0xc7/0x200 [ 120.940463] loop_configure+0xf73/0x1590 [ 120.940480] lo_ioctl+0x66d/0x1c70 [ 120.940494] blkdev_ioctl+0x27c/0x6c0 [ 120.940506] __x64_sys_ioctl+0x18f/0x210 [ 120.940524] do_syscall_64+0xbf/0x360 [ 120.940534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.942248] Oops: general protection fault, probably for non-canonical address 0xdffffc0003ffae00: 0000 [#1] SMP KASAN NOPTI [ 120.977579] KASAN: probably user-memory-access in range [0x000000001ffd7000-0x000000001ffd7007] [ 120.977593] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 120.977613] Tainted: [W]=WARN [ 120.977617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 120.977624] RIP: 0010:__queue_work+0x202/0x1240 [ 120.977643] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 120.977656] RSP: 0018:ffff8880463073f0 EFLAGS: 00010016 [ 120.977666] RAX: 0000000003ffae00 RBX: ffff88801d9d9818 RCX: ffffc9000b83d000 [ 120.977675] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 120.977684] RBP: 000000001ffd7000 R08: 0000000000000001 R09: fffffbfff0f128f4 [ 120.977692] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 120.977700] R13: 0000000000000001 R14: 0000000000000001 R15: ffff888015775800 [ 120.977710] FS: 00007fa5ed0ce700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 120.977723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.977731] CR2: 00007fa9649f0190 CR3: 0000000013f7c000 CR4: 0000000000350ef0 [ 120.977740] Call Trace: [ 120.977744] [ 120.977750] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 120.977769] queue_work_on+0xd0/0xe0 [ 120.994899] loop_queue_rq+0x5c8/0x1180 [ 120.994919] __blk_mq_issue_directly+0xd5/0x260 [ 120.994939] ? __pfx___blk_mq_issue_directly+0x10/0x10 [ 120.996294] ? bdev_count_inflight_rw.part.0+0x5f/0x380 [ 120.996723] blk_mq_request_issue_directly+0x11c/0x1e0 [ 120.997174] blk_mq_issue_direct+0x192/0x640 [ 120.997542] blk_mq_dispatch_queue_requests+0x4b0/0x7c0 [ 120.997966] blk_mq_flush_plug_list+0x1ec/0x5b0 [ 120.998338] ? read_tsc+0x9/0x20 [ 120.998629] ? ktime_get+0x16d/0x270 [ 120.998934] ? trace_block_plug+0x149/0x1b0 [ 120.999280] ? blk_add_rq_to_plug+0x234/0x550 [ 120.999641] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 121.000053] ? blk_mq_submit_bio+0x4fd/0x2220 [ 121.000413] __blk_flush_plug+0x25c/0x460 [ 121.000748] ? __pfx___blk_flush_plug+0x10/0x10 [ 121.001122] ? bio_associate_blkg_from_css+0x4fe/0x1380 [ 121.001551] __submit_bio+0x480/0x5b0 [ 121.001859] ? __pfx___submit_bio+0x10/0x10 [ 121.002204] ? read_tsc+0x9/0x20 [ 121.002481] ? ktime_get+0x16d/0x270 [ 121.002789] submit_bio_noacct_nocheck+0x68e/0xcb0 [ 121.003183] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 121.003612] submit_bio_noacct+0x359/0x1350 [ 121.003958] __bread_gfp+0x18b/0x3c0 [ 121.004264] fat_fill_super+0x5e1/0x3fd0 [ 121.004608] ? __pfx_setup+0x10/0x10 [ 121.004910] ? __pfx_fat_fill_super+0x10/0x10 [ 121.005274] ? snprintf+0xbe/0x100 [ 121.005570] ? __pfx_snprintf+0x10/0x10 [ 121.005895] ? find_held_lock+0x2b/0x80 [ 121.006219] ? setup_bdev_super+0x2ed/0x6e0 [ 121.006577] ? set_blocksize+0x1b4/0x470 [ 121.006903] ? lock_release+0xc8/0x290 [ 121.007217] ? sb_set_blocksize+0x177/0x1c0 [ 121.007562] ? setup_bdev_super+0x31f/0x6e0 [ 121.007915] get_tree_bdev_flags+0x38a/0x620 [ 121.008270] ? __pfx_vfat_fill_super+0x10/0x10 [ 121.008638] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 121.009029] ? cap_capable+0xdb/0x3b0 [ 121.009341] ? security_capable+0x2f/0x90 [ 121.009677] vfs_get_tree+0x93/0x340 [ 121.009983] path_mount+0x132d/0x1dd0 [ 121.010294] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.010721] ? __pfx_path_mount+0x10/0x10 [ 121.011055] ? kmem_cache_free+0x2a1/0x540 [ 121.011389] ? putname.part.0+0x11b/0x160 [ 121.011728] ? getname_flags.part.0+0x1c6/0x540 [ 121.012109] ? putname.part.0+0x11b/0x160 [ 121.012446] __x64_sys_mount+0x27b/0x300 [ 121.012775] ? __pfx___x64_sys_mount+0x10/0x10 [ 121.013146] do_syscall_64+0xbf/0x360 [ 121.013456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.013864] RIP: 0033:0x7fa5efb5a04a [ 121.014163] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.015594] RSP: 002b:00007fa5ed0cdfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.016195] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007fa5efb5a04a [ 121.016754] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fa5ed0ce000 [ 121.017311] RBP: 00007fa5ed0ce040 R08: 00007fa5ed0ce040 R09: 0000000020000000 [ 121.017870] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 121.018429] R13: 0000000020000100 R14: 00007fa5ed0ce000 R15: 0000000020010d00 [ 121.018998] [ 121.019188] Modules linked in: [ 121.019447] ---[ end trace 0000000000000000 ]--- [ 121.019822] RIP: 0010:__queue_work+0x202/0x1240 [ 121.020201] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 121.021628] RSP: 0018:ffff8880463073f0 EFLAGS: 00010016 [ 121.022047] RAX: 0000000003ffae00 RBX: ffff88801d9d9818 RCX: ffffc9000b83d000 [ 121.022619] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 121.023179] RBP: 000000001ffd7000 R08: 0000000000000001 R09: fffffbfff0f128f4 [ 121.023746] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 121.024307] R13: 0000000000000001 R14: 0000000000000001 R15: ffff888015775800 [ 121.024873] FS: 00007fa5ed0ce700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 121.025505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.025966] CR2: 00007fa9649f0190 CR3: 0000000013f7c000 CR4: 0000000000350ef0 [ 121.026527] note: syz-executor.5[3948] exited with irqs disabled [ 121.027310] note: syz-executor.5[3948] exited with preempt_count 1 [ 121.028120] ------------[ cut here ]------------ [ 121.028498] WARNING: kernel/exit.c:898 at do_exit+0x1c36/0x2970, CPU#1: syz-executor.5/3948 [ 121.029206] Modules linked in: [ 121.029476] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.030431] Tainted: [D]=DIE, [W]=WARN [ 121.030764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.031416] RIP: 0010:do_exit+0x1c36/0x2970 [ 121.031780] Code: 96 0a 00 00 c7 43 18 00 00 00 00 e9 21 e6 ff ff e8 ef b3 38 00 bf 02 24 00 00 e8 f5 ab 0b 00 e9 41 ff ff ff e8 db b3 38 00 90 <0f> 0b 90 e9 87 e4 ff ff e8 cd b3 38 00 4c 89 e6 bf 05 06 00 00 e8 [ 121.033228] RSP: 0018:ffff888046307e40 EFLAGS: 00010246 [ 121.033651] RAX: 0000000000040000 RBX: 0000000000000200 RCX: ffffc9000b83d000 [ 121.034224] RDX: 0000000000040000 RSI: ffffffff813b42d5 RDI: ffff888045546468 [ 121.034810] RBP: ffff888045545280 R08: 0000000000000001 R09: fffffbfff0f126d8 [ 121.035376] R10: 0000000000000200 R11: 0000000000000001 R12: 000000000000000b [ 121.035951] R13: 0000000000002710 R14: dffffc0003ffae00 R15: 0000000000000000 [ 121.036513] FS: 00007fa5ed0ce700(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 121.037187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.037651] CR2: 00007fa9649f0190 CR3: 0000000013f7c000 CR4: 0000000000350ef0 [ 121.038229] Call Trace: [ 121.038436] [ 121.038628] ? _printk+0xbe/0xf0 [ 121.038923] ? __pfx__printk+0x10/0x10 [ 121.039242] ? __pfx_do_exit+0x10/0x10 [ 121.039564] make_task_dead+0x174/0x3b0 [ 121.039901] ? do_syscall_64+0xbf/0x360 [ 121.040221] rewind_stack_and_make_dead+0x16/0x20 [ 121.040618] RIP: 0033:0x7fa5efb5a04a [ 121.040930] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.042365] RSP: 002b:00007fa5ed0cdfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.042990] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007fa5efb5a04a [ 121.043552] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fa5ed0ce000 [ 121.044125] RBP: 00007fa5ed0ce040 R08: 00007fa5ed0ce040 R09: 0000000020000000 [ 121.044699] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 121.045263] R13: 0000000020000100 R14: 00007fa5ed0ce000 R15: 0000000020010d00 [ 121.045847] [ 121.046037] irq event stamp: 2434 [ 121.046313] hardirqs last enabled at (2433): [] ktime_get+0x1c7/0x270 [ 121.046975] hardirqs last disabled at (2434): [] _raw_spin_lock_irq+0x42/0x50 [ 121.047696] softirqs last enabled at (2036): [] handle_softirqs+0x50c/0x770 [ 121.048386] softirqs last disabled at (1951): [] __irq_exit_rcu+0xc4/0x100 [ 121.049073] ---[ end trace 0000000000000000 ]--- [ 121.049449] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51 [ 121.050372] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3948, name: syz-executor.5 [ 121.051254] preempt_count: 0, expected: 0 [ 121.051588] RCU nest depth: 2, expected: 0 [ 121.051937] INFO: lockdep is turned off. [ 121.052263] CPU: 1 UID: 0 PID: 3948 Comm: syz-executor.5 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.052282] Tainted: [D]=DIE, [W]=WARN [ 121.052286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.052293] Call Trace: [ 121.052297] [ 121.052301] dump_stack_lvl+0xfa/0x120 [ 121.052325] __might_resched+0x2f3/0x510 [ 121.052339] exit_signals+0x25/0x940 [ 121.052357] do_exit+0x2db/0x2970 [ 121.052370] ? _printk+0xbe/0xf0 [ 121.052383] ? __pfx__printk+0x10/0x10 [ 121.052396] ? __pfx_do_exit+0x10/0x10 [ 121.052411] make_task_dead+0x174/0x3b0 [ 121.052424] ? do_syscall_64+0xbf/0x360 [ 121.052436] rewind_stack_and_make_dead+0x16/0x20 [ 121.052452] RIP: 0033:0x7fa5efb5a04a [ 121.052460] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.052471] RSP: 002b:00007fa5ed0cdfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.052482] RAX: ffffffffffffffda RBX: 0000000020001480 RCX: 00007fa5efb5a04a [ 121.052490] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fa5ed0ce000 [ 121.052497] RBP: 00007fa5ed0ce040 R08: 00007fa5ed0ce040 R09: 0000000020000000 [ 121.052505] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 121.052512] R13: 0000000020000100 R14: 00007fa5ed0ce000 R15: 0000000020010d00 [ 121.052523] 11:16:53 executing program 2: r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20) fstat(r0, &(0x7f0000000100)) 11:16:53 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ppoll(&(0x7f0000000100)=[{r1}], 0x1, &(0x7f00000002c0), 0x0, 0x0) dup2(r0, r1) 11:16:53 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000100)='asymmetric\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', r1}) 11:16:53 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x200) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) splice(r0, 0x0, r1, 0x0, 0x7ff, 0x0) 11:16:53 executing program 7: syz_mount_image$iso9660(&(0x7f0000004f80), &(0x7f0000004fc0)='./file0\x00', 0x0, 0x1, &(0x7f0000005080)=[{0x0, 0x0, 0x100000001}], 0x0, &(0x7f00000050c0)) 11:16:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}]}, 0x20}}, 0x0) 11:16:53 executing program 5: iopl(0x19) 11:16:53 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df6967520cdbfb383417a9437ee7abadfd3289b31374d", 0xfe74}, {&(0x7f0000000040)="ca74af528a8c7fced14b6addc57cadb344919fd061007429a606ba08958a1aa5b8f50427d1384f17fd636bf5b9e104f1ba17b6bbda050fbd8ced52a48bd2fe015187885af35e7407d41f9753f0b169a1c072bd5d006437ebdad6", 0x5a}], 0x2) [ 121.119402] loop7: detected capacity change from 0 to 264192 [ 121.164463] ISOFS: Unable to identify CD-ROM format. [ 121.181487] loop7: detected capacity change from 0 to 264192 [ 121.210150] ISOFS: Unable to identify CD-ROM format. 11:16:53 executing program 7: syz_mount_image$iso9660(&(0x7f0000004f80), &(0x7f0000004fc0)='./file0\x00', 0x0, 0x1, &(0x7f0000005080)=[{0x0, 0x0, 0x100000001}], 0x0, &(0x7f00000050c0)) 11:16:53 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @source_quench={0x3, 0x4, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}}}}}}, 0x0) 11:16:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x1ff, 0x9, 0x1, 0x8}, {0x0, 0x81, 0x20, 0x3f}, {0x5, 0x6, 0x6, 0xbc}]}) 11:16:53 executing program 2: r0 = memfd_create(&(0x7f0000000000)=':^/\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20) fstat(r0, &(0x7f0000000100)) 11:16:53 executing program 1: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="3b25000004000000c2041000010007d1"], 0x130) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 11:16:53 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ppoll(&(0x7f0000000100)=[{r1}], 0x1, &(0x7f00000002c0), 0x0, 0x0) dup2(r0, r1) 11:16:53 executing program 6: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a20e73f1b1812c8df6967520cdbfb383417a9437ee7abadfd3289b31374d", 0xfe74}, {&(0x7f0000000040)="ca74af528a8c7fced14b6addc57cadb344919fd061007429a606ba08958a1aa5b8f50427d1384f17fd636bf5b9e104f1ba17b6bbda050fbd8ced52a48bd2fe015187885af35e7407d41f9753f0b169a1c072bd5d006437ebdad6", 0x5a}], 0x2) 11:16:53 executing program 0: r0 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) r1 = dup(r0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x1a, &(0x7f0000001680)=[{&(0x7f0000000580)=""/199, 0xc7}], 0x1) [ 121.381818] loop7: detected capacity change from 0 to 264192 [ 121.385251] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 121.388935] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#2] SMP KASAN NOPTI [ 121.390577] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 121.390604] CPU: 0 UID: 0 PID: 3975 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.390640] Tainted: [D]=DIE, [W]=WARN [ 121.390649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.390662] RIP: 0010:__queue_work+0x202/0x1240 [ 121.390699] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 121.390720] RSP: 0018:ffff888046a274a0 EFLAGS: 00010056 [ 121.390740] RAX: 0000000000000000 RBX: ffff888043f6ce18 RCX: ffffc90006a16000 [ 121.390756] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 121.390770] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff0f128f4 [ 121.390783] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 121.390797] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880464cf000 [ 121.390814] FS: 00007fd273825700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.390836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.390851] CR2: 00007fd273826000 CR3: 000000000d5c2000 CR4: 0000000000350ef0 [ 121.390865] Call Trace: [ 121.390872] [ 121.390883] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 121.390916] queue_work_on+0xd0/0xe0 [ 121.390944] loop_queue_rq+0x5c8/0x1180 [ 121.390976] __blk_mq_issue_directly+0xd5/0x260 [ 121.391010] ? __pfx___blk_mq_issue_directly+0x10/0x10 [ 121.391042] ? blk_mq_put_tag+0x101/0x160 [ 121.391068] ? bdev_count_inflight_rw.part.0+0x5f/0x380 [ 121.391097] blk_mq_request_issue_directly+0x11c/0x1e0 [ 121.413386] blk_mq_issue_direct+0x192/0x640 [ 121.414030] ? __blk_mq_alloc_requests+0xa16/0x15a0 [ 121.414770] blk_mq_dispatch_queue_requests+0x4b0/0x7c0 [ 121.415554] blk_mq_flush_plug_list+0x1ec/0x5b0 [ 121.416232] ? read_tsc+0x9/0x20 [ 121.416738] ? ktime_get+0x16d/0x270 [ 121.417301] ? trace_block_plug+0x149/0x1b0 [ 121.418103] ? blk_add_rq_to_plug+0x234/0x550 [ 121.418902] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 121.419658] ? blk_mq_submit_bio+0x4fd/0x2220 [ 121.420331] __blk_flush_plug+0x25c/0x460 [ 121.420935] ? __pfx___blk_flush_plug+0x10/0x10 [ 121.421615] ? __pfx_css_rstat_updated+0x10/0x10 [ 121.422416] __submit_bio+0x480/0x5b0 [ 121.423097] ? __pfx___submit_bio+0x10/0x10 [ 121.423764] ? lock_acquire+0x18c/0x2f0 [ 121.424353] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.425110] ? read_tsc+0x9/0x20 [ 121.425623] ? ktime_get+0x16d/0x270 [ 121.426177] submit_bio_noacct_nocheck+0x68e/0xcb0 [ 121.426920] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 121.427908] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 121.428705] ? __getblk_slow+0x3db/0x550 [ 121.429300] submit_bio_noacct+0x359/0x1350 [ 121.429926] __bread_gfp+0x18b/0x3c0 [ 121.430476] isofs_fill_super+0x582/0x2bd0 [ 121.431117] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 121.431814] ? __pfx_isofs_fill_super+0x10/0x10 [ 121.432490] ? lock_release+0x1c7/0x290 [ 121.433069] ? sb_set_blocksize+0x177/0x1c0 [ 121.433691] ? setup_bdev_super+0x31f/0x6e0 [ 121.434341] get_tree_bdev_flags+0x38a/0x620 [ 121.435001] ? __pfx_isofs_fill_super+0x10/0x10 [ 121.435680] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 121.436387] ? cap_capable+0xdb/0x3b0 [ 121.436947] ? security_capable+0x2f/0x90 [ 121.437553] vfs_get_tree+0x93/0x340 [ 121.438106] path_mount+0x132d/0x1dd0 [ 121.438673] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 121.439460] ? __pfx_path_mount+0x10/0x10 [ 121.440142] ? kmem_cache_free+0x2a1/0x540 [ 121.440825] ? putname.part.0+0x11b/0x160 [ 121.441518] ? getname_flags.part.0+0x1c6/0x540 [ 121.442380] ? putname.part.0+0x11b/0x160 [ 121.443180] __x64_sys_mount+0x27b/0x300 [ 121.443839] ? __pfx___x64_sys_mount+0x10/0x10 [ 121.444747] do_syscall_64+0xbf/0x360 [ 121.445482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.446502] RIP: 0033:0x7fd2762b104a [ 121.447244] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.450280] RSP: 002b:00007fd273824fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.451512] RAX: ffffffffffffffda RBX: 0000000020005080 RCX: 00007fd2762b104a [ 121.452646] RDX: 0000000020004f80 RSI: 0000000020004fc0 RDI: 00007fd273825000 [ 121.453888] RBP: 00007fd273825040 R08: 00007fd273825040 R09: 0000000020004f80 [ 121.455041] R10: 0000000000000001 R11: 0000000000000206 R12: 0000000020004f80 [ 121.456184] R13: 0000000020004fc0 R14: 00007fd273825000 R15: 00000000200050c0 [ 121.457322] [ 121.457716] Modules linked in: [ 121.458234] ---[ end trace 0000000000000000 ]--- [ 121.458991] RIP: 0010:__queue_work+0x202/0x1240 [ 121.459744] Code: 48 8b 6d 00 e8 4f ee 79 03 31 ff 41 89 c5 89 c6 e8 c3 02 32 00 45 85 ed 0f 85 e1 05 00 00 e8 85 07 32 00 48 89 e8 48 c1 e8 03 <42> 80 3c 20 00 0f 85 a0 0e 00 00 4c 8b 75 00 48 89 df 4c 89 34 24 [ 121.462631] RSP: 0018:ffff8880463073f0 EFLAGS: 00010016 [ 121.463553] RAX: 0000000003ffae00 RBX: ffff88801d9d9818 RCX: ffffc9000b83d000 [ 121.464777] RDX: 0000000000040000 RSI: ffffffff8141ef2b RDI: 0000000000000005 [ 121.465900] RBP: 000000001ffd7000 R08: 0000000000000001 R09: fffffbfff0f128f4 [ 121.467040] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 121.468155] R13: 0000000000000001 R14: 0000000000000001 R15: ffff888015775800 [ 121.469281] FS: 00007fd273825700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.470538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.471677] CR2: 00007fd273826000 CR3: 000000000d5c2000 CR4: 0000000000350ef0 [ 121.473073] note: syz-executor.7[3975] exited with irqs disabled [ 121.475607] note: syz-executor.7[3975] exited with preempt_count 1 [ 121.477653] ------------[ cut here ]------------ [ 121.478446] WARNING: kernel/exit.c:898 at do_exit+0x1c36/0x2970, CPU#0: syz-executor.7/3975 [ 121.479827] Modules linked in: [ 121.480525] CPU: 0 UID: 0 PID: 3975 Comm: syz-executor.7 Tainted: G D W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 121.482722] Tainted: [D]=DIE, [W]=WARN [ 121.483447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 121.485086] RIP: 0010:do_exit+0x1c36/0x2970 [ 121.486008] Code: 96 0a 00 00 c7 43 18 00 00 00 00 e9 21 e6 ff ff e8 ef b3 38 00 bf 02 24 00 00 e8 f5 ab 0b 00 e9 41 ff ff ff e8 db b3 38 00 90 <0f> 0b 90 e9 87 e4 ff ff e8 cd b3 38 00 4c 89 e6 bf 05 06 00 00 e8 [ 121.489019] RSP: 0018:ffff888046a27e40 EFLAGS: 00010216 [ 121.489892] RAX: 000000000003ec8f RBX: 0000000000000200 RCX: ffffc90006a16000 [ 121.491060] RDX: 0000000000040000 RSI: ffffffff813b42d5 RDI: ffff88800fa86468 [ 121.492257] RBP: ffff88800fa85280 R08: 0000000000000001 R09: fffffbfff0f126d8 [ 121.493698] R10: 0000000000000200 R11: 0000000000000001 R12: 000000000000000b 11:16:53 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x10b302, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) [ 121.495146] R13: 0000000000002710 R14: dffffc0000000000 R15: 0000000000000000 [ 121.497056] FS: 00007fd273825700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 121.498373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.499340] CR2: 00007fd273826000 CR3: 000000000d5c2000 CR4: 0000000000350ef0 [ 121.500497] Call Trace: [ 121.500941] [ 121.501309] ? _printk+0xbe/0xf0 [ 121.501944] ? __pfx__printk+0x10/0x10 [ 121.502833] ? __pfx_do_exit+0x10/0x10 [ 121.503478] make_task_dead+0x174/0x3b0 [ 121.504152] ? do_syscall_64+0xbf/0x360 [ 121.504835] rewind_stack_and_make_dead+0x16/0x20 [ 121.505617] RIP: 0033:0x7fd2762b104a [ 121.506244] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.509133] RSP: 002b:00007fd273824fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.510430] RAX: ffffffffffffffda RBX: 0000000020005080 RCX: 00007fd2762b104a [ 121.511660] RDX: 0000000020004f80 RSI: 0000000020004fc0 RDI: 00007fd273825000 [ 121.512836] RBP: 00007fd273825040 R08: 00007fd273825040 R09: 0000000020004f80 [ 121.514006] R10: 0000000000000001 R11: 0000000000000206 R12: 0000000020004f80 [ 121.515168] R13: 0000000020004fc0 R14: 00007fd273825000 R15: 00000000200050c0 [ 121.516325] [ 121.516732] irq event stamp: 0 [ 121.517246] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.518518] hardirqs last disabled at (0): [] copy_process+0x1e08/0x73c0 [ 121.519987] softirqs last enabled at (0): [] copy_process+0x1e58/0x73c0 [ 121.521366] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.522472] ---[ end trace 0000000000000000 ]--- 11:16:53 executing program 0: r0 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) r1 = dup(r0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x1a, &(0x7f0000001680)=[{&(0x7f0000000580)=""/199, 0xc7}], 0x1) 11:16:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x1ff, 0x9, 0x1, 0x8}, {0x0, 0x81, 0x20, 0x3f}, {0x5, 0x6, 0x6, 0xbc}]}) 11:16:53 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x10b302, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) 11:16:53 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) listen(r0, 0x0) 11:16:53 executing program 0: r0 = syz_io_uring_setup(0x2260, &(0x7f0000003a00), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000003a80), &(0x7f0000003ac0)) r1 = dup(r0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x1a, &(0x7f0000001680)=[{&(0x7f0000000580)=""/199, 0xc7}], 0x1) 11:16:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x1ff, 0x9, 0x1, 0x8}, {0x0, 0x81, 0x20, 0x3f}, {0x5, 0x6, 0x6, 0xbc}]}) [ 121.872628] kmemleak: Automatic memory scanning thread ended VM DIAGNOSIS: 11:16:53 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffed1002bbdf50 RCX=0000000000000000 RDX=ffff88800f111b80 RSI=ffff888015defaa0 RDI=ffffffff816087b0 RBP=ffff888015defa70 RSP=ffff888015defa60 R8 =ffff888045651100 R9 =0000000000000000 R10=ffff888045652100 R11=0000000000000001 R12=0000000000000cc0 R13=0000000000000000 R14=ffff88800f111b80 R15=0000000000000cc0 RIP=ffffffff812d9a82 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f990acc68c0 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe2c00000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa964a023f0 CR3=000000000c9ac000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffff0000ffffffffff000000 XMM02=00000000000002210000000000716d2f XMM03=7269762f736563697665642f7379732f XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00005564f2b652f000005564f2b26310 XMM06=00005564f2b6eee00000000000000000 XMM07=00000000000000000000000000000000 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888046306ce8 R8 =0000000000000000 R9 =ffffed100141b046 R10=0000000000000030 R11=313030203a505352 R12=0000000000000030 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa5ed0ce700 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe4f00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa9649f0190 CR3=0000000013f7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000002f002f2e2e2f002e2e XMM01=0000000000000000696c61766e49002f XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=33706f6f6c2f6b636f6c622f6c617574 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00005564f2b6685000005564f2b539e0 XMM06=000000000000000000000000ffffffff XMM07=00000000000000000000000000000000 XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000