Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:12503' (ECDSA) to the list of known hosts. 2025/09/01 11:48:29 fuzzer started 2025/09/01 11:48:29 dialing manager at localhost:35473 syzkaller login: [ 50.077340] cgroup: Unknown subsys name 'net' [ 50.161801] cgroup: Unknown subsys name 'cpuset' [ 50.180075] cgroup: Unknown subsys name 'rlimit' 2025/09/01 11:48:39 syscalls: 2214 2025/09/01 11:48:39 code coverage: enabled 2025/09/01 11:48:39 comparison tracing: enabled 2025/09/01 11:48:39 extra coverage: enabled 2025/09/01 11:48:39 setuid sandbox: enabled 2025/09/01 11:48:39 namespace sandbox: enabled 2025/09/01 11:48:39 Android sandbox: enabled 2025/09/01 11:48:39 fault injection: enabled 2025/09/01 11:48:39 leak checking: enabled 2025/09/01 11:48:39 net packet injection: enabled 2025/09/01 11:48:39 net device setup: enabled 2025/09/01 11:48:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2025/09/01 11:48:39 devlink PCI setup: PCI device 0000:00:10.0 is not available 2025/09/01 11:48:39 USB emulation: enabled 2025/09/01 11:48:39 hci packet injection: enabled 2025/09/01 11:48:39 wifi device emulation: enabled 2025/09/01 11:48:39 802.15.4 emulation: enabled 2025/09/01 11:48:39 fetching corpus: 0, signal 0/2000 (executing program) 2025/09/01 11:48:39 fetching corpus: 50, signal 21975/25519 (executing program) 2025/09/01 11:48:39 fetching corpus: 100, signal 34163/39124 (executing program) 2025/09/01 11:48:39 fetching corpus: 150, signal 40720/47052 (executing program) 2025/09/01 11:48:39 fetching corpus: 200, signal 45371/53042 (executing program) 2025/09/01 11:48:39 fetching corpus: 250, signal 50315/59173 (executing program) 2025/09/01 11:48:39 fetching corpus: 300, signal 54927/64967 (executing program) 2025/09/01 11:48:39 fetching corpus: 350, signal 60194/71222 (executing program) 2025/09/01 11:48:40 fetching corpus: 400, signal 64760/76712 (executing program) 2025/09/01 11:48:40 fetching corpus: 450, signal 67274/80286 (executing program) 2025/09/01 11:48:40 fetching corpus: 500, signal 69746/83850 (executing program) 2025/09/01 11:48:40 fetching corpus: 550, signal 72601/87654 (executing program) 2025/09/01 11:48:40 fetching corpus: 600, signal 76438/92209 (executing program) 2025/09/01 11:48:40 fetching corpus: 650, signal 78793/95442 (executing program) 2025/09/01 11:48:40 fetching corpus: 700, signal 81495/98916 (executing program) 2025/09/01 11:48:40 fetching corpus: 750, signal 84278/102412 (executing program) 2025/09/01 11:48:40 fetching corpus: 800, signal 86121/105067 (executing program) 2025/09/01 11:48:40 fetching corpus: 850, signal 87565/107362 (executing program) 2025/09/01 11:48:40 fetching corpus: 900, signal 89729/110174 (executing program) 2025/09/01 11:48:41 fetching corpus: 950, signal 92011/113031 (executing program) 2025/09/01 11:48:41 fetching corpus: 1000, signal 93610/115297 (executing program) 2025/09/01 11:48:41 fetching corpus: 1050, signal 95560/117862 (executing program) 2025/09/01 11:48:41 fetching corpus: 1100, signal 96659/119714 (executing program) 2025/09/01 11:48:41 fetching corpus: 1150, signal 97900/121635 (executing program) 2025/09/01 11:48:41 fetching corpus: 1200, signal 99229/123616 (executing program) 2025/09/01 11:48:41 fetching corpus: 1250, signal 101285/126110 (executing program) 2025/09/01 11:48:41 fetching corpus: 1300, signal 102875/128204 (executing program) 2025/09/01 11:48:41 fetching corpus: 1350, signal 104039/129967 (executing program) 2025/09/01 11:48:41 fetching corpus: 1400, signal 105267/131697 (executing program) 2025/09/01 11:48:41 fetching corpus: 1450, signal 106452/133399 (executing program) 2025/09/01 11:48:41 fetching corpus: 1500, signal 109682/136473 (executing program) 2025/09/01 11:48:42 fetching corpus: 1550, signal 110858/138208 (executing program) 2025/09/01 11:48:42 fetching corpus: 1600, signal 112031/139919 (executing program) 2025/09/01 11:48:42 fetching corpus: 1650, signal 113759/141847 (executing program) 2025/09/01 11:48:42 fetching corpus: 1700, signal 115074/143483 (executing program) 2025/09/01 11:48:42 fetching corpus: 1750, signal 115946/144848 (executing program) 2025/09/01 11:48:42 fetching corpus: 1800, signal 116840/146209 (executing program) 2025/09/01 11:48:42 fetching corpus: 1850, signal 118288/147838 (executing program) 2025/09/01 11:48:42 fetching corpus: 1900, signal 119477/149296 (executing program) 2025/09/01 11:48:42 fetching corpus: 1950, signal 123531/152417 (executing program) 2025/09/01 11:48:42 fetching corpus: 2000, signal 124889/153960 (executing program) 2025/09/01 11:48:43 fetching corpus: 2050, signal 125940/155267 (executing program) 2025/09/01 11:48:43 fetching corpus: 2100, signal 126822/156446 (executing program) 2025/09/01 11:48:43 fetching corpus: 2150, signal 127552/157503 (executing program) 2025/09/01 11:48:43 fetching corpus: 2200, signal 128178/158548 (executing program) 2025/09/01 11:48:43 fetching corpus: 2250, signal 129259/159833 (executing program) 2025/09/01 11:48:43 fetching corpus: 2300, signal 129932/160818 (executing program) 2025/09/01 11:48:43 fetching corpus: 2350, signal 130969/161989 (executing program) 2025/09/01 11:48:43 fetching corpus: 2400, signal 131676/162942 (executing program) 2025/09/01 11:48:43 fetching corpus: 2450, signal 132611/164038 (executing program) 2025/09/01 11:48:43 fetching corpus: 2500, signal 133580/165150 (executing program) 2025/09/01 11:48:43 fetching corpus: 2550, signal 134427/166248 (executing program) 2025/09/01 11:48:44 fetching corpus: 2600, signal 135129/167178 (executing program) 2025/09/01 11:48:44 fetching corpus: 2650, signal 136019/168128 (executing program) 2025/09/01 11:48:44 fetching corpus: 2700, signal 137178/169272 (executing program) 2025/09/01 11:48:44 fetching corpus: 2750, signal 137679/170076 (executing program) 2025/09/01 11:48:44 fetching corpus: 2800, signal 138415/170949 (executing program) 2025/09/01 11:48:44 fetching corpus: 2850, signal 139158/171776 (executing program) 2025/09/01 11:48:44 fetching corpus: 2900, signal 139973/172715 (executing program) 2025/09/01 11:48:44 fetching corpus: 2950, signal 140631/173529 (executing program) 2025/09/01 11:48:44 fetching corpus: 3000, signal 141341/174345 (executing program) 2025/09/01 11:48:44 fetching corpus: 3050, signal 141970/175152 (executing program) 2025/09/01 11:48:45 fetching corpus: 3100, signal 142652/175949 (executing program) 2025/09/01 11:48:45 fetching corpus: 3150, signal 143251/176696 (executing program) 2025/09/01 11:48:45 fetching corpus: 3200, signal 144012/177485 (executing program) 2025/09/01 11:48:45 fetching corpus: 3250, signal 144763/178275 (executing program) 2025/09/01 11:48:45 fetching corpus: 3300, signal 145449/178981 (executing program) 2025/09/01 11:48:45 fetching corpus: 3350, signal 146041/179638 (executing program) 2025/09/01 11:48:45 fetching corpus: 3400, signal 146894/180377 (executing program) 2025/09/01 11:48:45 fetching corpus: 3450, signal 147494/181034 (executing program) 2025/09/01 11:48:45 fetching corpus: 3500, signal 147935/181661 (executing program) 2025/09/01 11:48:45 fetching corpus: 3550, signal 148580/182360 (executing program) 2025/09/01 11:48:46 fetching corpus: 3600, signal 149233/182981 (executing program) 2025/09/01 11:48:46 fetching corpus: 3650, signal 150177/183624 (executing program) 2025/09/01 11:48:46 fetching corpus: 3700, signal 150631/184145 (executing program) 2025/09/01 11:48:46 fetching corpus: 3750, signal 151092/184694 (executing program) 2025/09/01 11:48:46 fetching corpus: 3800, signal 151548/185255 (executing program) 2025/09/01 11:48:46 fetching corpus: 3850, signal 152093/185772 (executing program) 2025/09/01 11:48:46 fetching corpus: 3900, signal 152856/186358 (executing program) 2025/09/01 11:48:46 fetching corpus: 3950, signal 153366/186879 (executing program) 2025/09/01 11:48:46 fetching corpus: 4000, signal 153832/187384 (executing program) 2025/09/01 11:48:46 fetching corpus: 4050, signal 154437/187909 (executing program) 2025/09/01 11:48:46 fetching corpus: 4100, signal 154847/188383 (executing program) 2025/09/01 11:48:46 fetching corpus: 4150, signal 155380/188885 (executing program) 2025/09/01 11:48:47 fetching corpus: 4200, signal 156134/189383 (executing program) 2025/09/01 11:48:47 fetching corpus: 4250, signal 156659/189877 (executing program) 2025/09/01 11:48:47 fetching corpus: 4300, signal 157257/190321 (executing program) 2025/09/01 11:48:47 fetching corpus: 4350, signal 157858/190800 (executing program) 2025/09/01 11:48:47 fetching corpus: 4400, signal 158290/191204 (executing program) 2025/09/01 11:48:47 fetching corpus: 4450, signal 158771/191612 (executing program) 2025/09/01 11:48:47 fetching corpus: 4500, signal 159203/192034 (executing program) 2025/09/01 11:48:47 fetching corpus: 4550, signal 159587/192411 (executing program) 2025/09/01 11:48:47 fetching corpus: 4600, signal 160076/192762 (executing program) 2025/09/01 11:48:47 fetching corpus: 4650, signal 160587/193121 (executing program) 2025/09/01 11:48:48 fetching corpus: 4700, signal 161030/193531 (executing program) 2025/09/01 11:48:48 fetching corpus: 4750, signal 161432/193730 (executing program) 2025/09/01 11:48:48 fetching corpus: 4800, signal 161740/193737 (executing program) 2025/09/01 11:48:48 fetching corpus: 4850, signal 162142/193739 (executing program) 2025/09/01 11:48:48 fetching corpus: 4900, signal 162719/193859 (executing program) 2025/09/01 11:48:48 fetching corpus: 4950, signal 163076/193874 (executing program) 2025/09/01 11:48:48 fetching corpus: 5000, signal 163532/193888 (executing program) 2025/09/01 11:48:48 fetching corpus: 5050, signal 163924/193890 (executing program) 2025/09/01 11:48:48 fetching corpus: 5100, signal 164322/193896 (executing program) 2025/09/01 11:48:48 fetching corpus: 5150, signal 164707/193898 (executing program) 2025/09/01 11:48:48 fetching corpus: 5200, signal 165050/193902 (executing program) 2025/09/01 11:48:48 fetching corpus: 5250, signal 165412/193904 (executing program) 2025/09/01 11:48:49 fetching corpus: 5300, signal 165736/193905 (executing program) 2025/09/01 11:48:49 fetching corpus: 5350, signal 166153/193909 (executing program) 2025/09/01 11:48:49 fetching corpus: 5400, signal 166460/193915 (executing program) 2025/09/01 11:48:49 fetching corpus: 5450, signal 166875/193916 (executing program) 2025/09/01 11:48:49 fetching corpus: 5500, signal 167279/193971 (executing program) 2025/09/01 11:48:49 fetching corpus: 5550, signal 167740/193983 (executing program) 2025/09/01 11:48:49 fetching corpus: 5600, signal 168014/193994 (executing program) 2025/09/01 11:48:49 fetching corpus: 5650, signal 168690/194067 (executing program) 2025/09/01 11:48:49 fetching corpus: 5700, signal 169027/194102 (executing program) 2025/09/01 11:48:49 fetching corpus: 5750, signal 169374/194142 (executing program) 2025/09/01 11:48:49 fetching corpus: 5800, signal 169627/194150 (executing program) 2025/09/01 11:48:49 fetching corpus: 5850, signal 170083/194156 (executing program) 2025/09/01 11:48:50 fetching corpus: 5900, signal 170391/194188 (executing program) 2025/09/01 11:48:50 fetching corpus: 5950, signal 170646/194202 (executing program) 2025/09/01 11:48:50 fetching corpus: 6000, signal 170875/194203 (executing program) 2025/09/01 11:48:50 fetching corpus: 6050, signal 171258/194208 (executing program) 2025/09/01 11:48:50 fetching corpus: 6100, signal 171757/194240 (executing program) 2025/09/01 11:48:50 fetching corpus: 6150, signal 172222/194258 (executing program) 2025/09/01 11:48:50 fetching corpus: 6200, signal 172642/194266 (executing program) 2025/09/01 11:48:50 fetching corpus: 6250, signal 172933/194276 (executing program) 2025/09/01 11:48:50 fetching corpus: 6300, signal 173379/194278 (executing program) 2025/09/01 11:48:50 fetching corpus: 6350, signal 173721/194288 (executing program) 2025/09/01 11:48:50 fetching corpus: 6400, signal 174086/194316 (executing program) 2025/09/01 11:48:50 fetching corpus: 6450, signal 174680/194317 (executing program) 2025/09/01 11:48:51 fetching corpus: 6500, signal 174962/194319 (executing program) 2025/09/01 11:48:51 fetching corpus: 6550, signal 175431/194326 (executing program) 2025/09/01 11:48:51 fetching corpus: 6600, signal 175774/194326 (executing program) 2025/09/01 11:48:51 fetching corpus: 6650, signal 176077/194327 (executing program) 2025/09/01 11:48:51 fetching corpus: 6700, signal 176359/194328 (executing program) 2025/09/01 11:48:51 fetching corpus: 6750, signal 176674/194329 (executing program) 2025/09/01 11:48:51 fetching corpus: 6800, signal 177146/194333 (executing program) 2025/09/01 11:48:51 fetching corpus: 6850, signal 177635/194348 (executing program) 2025/09/01 11:48:51 fetching corpus: 6900, signal 177907/194348 (executing program) 2025/09/01 11:48:51 fetching corpus: 6950, signal 178231/194367 (executing program) 2025/09/01 11:48:51 fetching corpus: 7000, signal 178670/194367 (executing program) 2025/09/01 11:48:52 fetching corpus: 7050, signal 178897/194368 (executing program) 2025/09/01 11:48:52 fetching corpus: 7100, signal 179167/194373 (executing program) 2025/09/01 11:48:52 fetching corpus: 7150, signal 179501/194412 (executing program) 2025/09/01 11:48:52 fetching corpus: 7200, signal 179802/194416 (executing program) 2025/09/01 11:48:52 fetching corpus: 7250, signal 180167/194422 (executing program) 2025/09/01 11:48:52 fetching corpus: 7300, signal 180437/194426 (executing program) 2025/09/01 11:48:52 fetching corpus: 7350, signal 180673/194439 (executing program) 2025/09/01 11:48:52 fetching corpus: 7400, signal 180873/194444 (executing program) 2025/09/01 11:48:52 fetching corpus: 7450, signal 181159/194451 (executing program) 2025/09/01 11:48:52 fetching corpus: 7500, signal 181642/194476 (executing program) 2025/09/01 11:48:52 fetching corpus: 7550, signal 182110/194478 (executing program) 2025/09/01 11:48:53 fetching corpus: 7600, signal 182413/194490 (executing program) 2025/09/01 11:48:53 fetching corpus: 7650, signal 182667/194493 (executing program) 2025/09/01 11:48:53 fetching corpus: 7700, signal 182955/194501 (executing program) 2025/09/01 11:48:53 fetching corpus: 7750, signal 183119/194505 (executing program) 2025/09/01 11:48:53 fetching corpus: 7800, signal 183364/194505 (executing program) 2025/09/01 11:48:53 fetching corpus: 7850, signal 184175/194531 (executing program) 2025/09/01 11:48:53 fetching corpus: 7900, signal 184481/194535 (executing program) 2025/09/01 11:48:53 fetching corpus: 7950, signal 184772/194558 (executing program) 2025/09/01 11:48:53 fetching corpus: 8000, signal 185256/194573 (executing program) 2025/09/01 11:48:53 fetching corpus: 8050, signal 185805/194580 (executing program) 2025/09/01 11:48:53 fetching corpus: 8100, signal 186033/194582 (executing program) 2025/09/01 11:48:53 fetching corpus: 8150, signal 186439/194582 (executing program) 2025/09/01 11:48:54 fetching corpus: 8200, signal 186707/194582 (executing program) 2025/09/01 11:48:54 fetching corpus: 8250, signal 186940/194584 (executing program) 2025/09/01 11:48:54 fetching corpus: 8300, signal 187105/194587 (executing program) 2025/09/01 11:48:54 fetching corpus: 8350, signal 187823/194591 (executing program) 2025/09/01 11:48:54 fetching corpus: 8400, signal 188086/194595 (executing program) 2025/09/01 11:48:54 fetching corpus: 8450, signal 188289/194605 (executing program) 2025/09/01 11:48:54 fetching corpus: 8500, signal 188620/194608 (executing program) 2025/09/01 11:48:54 fetching corpus: 8550, signal 188946/194611 (executing program) 2025/09/01 11:48:54 fetching corpus: 8600, signal 189210/194611 (executing program) 2025/09/01 11:48:54 fetching corpus: 8650, signal 189469/194620 (executing program) 2025/09/01 11:48:54 fetching corpus: 8700, signal 189677/194633 (executing program) 2025/09/01 11:48:54 fetching corpus: 8750, signal 190185/194641 (executing program) 2025/09/01 11:48:54 fetching corpus: 8800, signal 190379/194641 (executing program) 2025/09/01 11:48:55 fetching corpus: 8850, signal 190580/194643 (executing program) 2025/09/01 11:48:55 fetching corpus: 8900, signal 190834/194675 (executing program) 2025/09/01 11:48:55 fetching corpus: 8950, signal 191144/194694 (executing program) 2025/09/01 11:48:55 fetching corpus: 9000, signal 191411/194696 (executing program) 2025/09/01 11:48:55 fetching corpus: 9050, signal 191660/194708 (executing program) 2025/09/01 11:48:55 fetching corpus: 9080, signal 191753/194709 (executing program) 2025/09/01 11:48:55 fetching corpus: 9080, signal 191753/194709 (executing program) 2025/09/01 11:48:57 starting 8 fuzzer processes 11:48:57 executing program 0: r0 = syz_mount_image$tmpfs(&(0x7f0000000cc0), &(0x7f0000000d00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=ANY=[]) mknodat$loop(r0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) setxattr$security_evm(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), &(0x7f0000000200)=ANY=[@ANYBLOB], 0x15, 0x0) unlink(&(0x7f0000000080)='./file0/file0\x00') 11:48:57 executing program 5: creat(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x200, 0x0) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000180)) 11:48:57 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000100)={0x0, 0x0, 0xffffff88}) 11:48:57 executing program 1: setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000000)={{{@in6=@private2, @in=@private=0xa010100, 0x4e21, 0x100, 0x4e24, 0x101, 0x0, 0x0, 0xa0}, {0x7ff, 0x8001, 0x100000001, 0x2, 0x0, 0x0, 0x5, 0x8}, {0x0, 0x2, 0x4, 0x8f}, 0x3ff, 0x6e6bbb, 0x1, 0x0, 0x1, 0x3}, {{@in6=@private0, 0x4d2, 0xff}, 0x2, @in=@multicast2, 0x3506, 0x2, 0x2, 0x6, 0xe24, 0x7b989731, 0x7ff}}, 0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000100)={{{@in=@private, @in6=@remote}}, {{@in6}, 0x0, @in6=@private2}}, 0x0) syz_read_part_table(0x3ff, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000240)="ca7f8ec84ce8073e87c0be6f1976fea957844e9de9ba4a4bf0932a58a9b84f7b8af7e34d1301cf6af690869cfec18a95aee8b309f18c2a67747a70cce15964aabb2d6d6e5f3f0e9884d5520c25b9164b6a2ef842408a756e037f5f05d1eaf866b59c0cc2a046e9838c1c39867e135df1d5e04e08fa8b0d756886d3f80561e357526c47c15fe773896c3c27b72b2dd8bcb165ee1c34dc6fb51ad4df5eedcb09ce4bc90a860cdbc6274a45cdc85c64bfbd3a89d4a89b94bdbb7f09af53e6d1b76a08c3ed0a28f277f25b4aae84710f219ed2cc", 0xd2, 0x6}, {&(0x7f0000000340)="eba059a4d93f957204f3b2ccdf7eca2191bdf644e6be025832129a33e079e62d66b621b96ffbe2aa18d953aee16412932a7d69ed2de5af9ed1b43da830349640fdcdfee4e1f26786a61a1560cd7313bf67e3ca2ecab83e246b0e9bc0d4907a1577d1195e68221f9ee8b833", 0x6b, 0x80000000}]) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000400)={{{@in=@remote, @in=@remote}}, {{@in=@multicast2}, 0x0, @in=@private}}, &(0x7f0000000500)=0xe8) r0 = socket$inet6(0xa, 0x6, 0x40) getsockname(r0, &(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @multicast1}}}}, &(0x7f00000005c0)=0x80) keyctl$search(0xa, 0x0, &(0x7f0000000600)='big_key\x00', &(0x7f0000000640)={'syz', 0x3}, 0x0) getsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f0000000700), &(0x7f0000000740)=0x4) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000780)) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000a40), 0x20000, 0x0) 11:48:57 executing program 2: setresuid(0xee01, 0xee00, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r1, 0x89f6, &(0x7f0000000100)={'sit0\x00', 0x0}) 11:48:57 executing program 6: clock_gettime(0x1, &(0x7f0000000040)) [ 77.784213] audit: type=1400 audit(1756727337.110:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:48:57 executing program 3: r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x2840, 0x0) ioctl$CDROMRESUME(r0, 0x5319) 11:48:57 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000d00)={'ip6tnl0\x00', 0x0}) [ 78.913397] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.915850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.917662] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.922291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.924839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.976881] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.979450] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.983258] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.991464] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.001284] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.114953] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.119532] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 79.123894] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 79.129778] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 79.132618] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 79.134946] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 79.137369] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.138861] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 79.140015] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 79.141517] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.142635] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 79.146521] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.148025] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 79.151779] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 79.163346] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 79.170638] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 79.172478] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 79.176107] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 79.181456] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 79.190042] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.192488] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 79.194732] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 79.202620] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.206313] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.217241] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 79.223397] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 79.224998] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 79.226247] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.239187] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.241621] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.006550] Bluetooth: hci0: command tx timeout [ 81.070112] Bluetooth: hci1: command tx timeout [ 81.262570] Bluetooth: hci4: command tx timeout [ 81.263099] Bluetooth: hci3: command tx timeout [ 81.263533] Bluetooth: hci7: command tx timeout [ 81.326153] Bluetooth: hci2: command tx timeout [ 81.327367] Bluetooth: hci6: command tx timeout [ 81.328245] Bluetooth: hci5: command tx timeout [ 83.055617] Bluetooth: hci0: command tx timeout [ 83.118025] Bluetooth: hci1: command tx timeout [ 83.310083] Bluetooth: hci7: command tx timeout [ 83.310542] Bluetooth: hci4: command tx timeout [ 83.311094] Bluetooth: hci3: command tx timeout [ 83.374050] Bluetooth: hci2: command tx timeout [ 83.375156] Bluetooth: hci6: command tx timeout [ 83.375560] Bluetooth: hci5: command tx timeout [ 85.102170] Bluetooth: hci0: command tx timeout [ 85.167104] Bluetooth: hci1: command tx timeout [ 85.358064] Bluetooth: hci7: command tx timeout [ 85.358106] Bluetooth: hci3: command tx timeout [ 85.358522] Bluetooth: hci4: command tx timeout [ 85.422516] Bluetooth: hci6: command tx timeout [ 85.423034] Bluetooth: hci5: command tx timeout [ 85.423421] Bluetooth: hci2: command tx timeout [ 87.151019] Bluetooth: hci0: command tx timeout [ 87.216005] Bluetooth: hci1: command tx timeout [ 87.407064] Bluetooth: hci3: command tx timeout [ 87.407097] Bluetooth: hci4: command tx timeout [ 87.407489] Bluetooth: hci7: command tx timeout [ 87.471034] Bluetooth: hci6: command tx timeout [ 87.471059] Bluetooth: hci2: command tx timeout [ 87.471468] Bluetooth: hci5: command tx timeout [ 118.624564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.625292] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.766780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.768475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.932007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.932669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.129141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.129772] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.250023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.250655] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.418985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.419625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:49:38 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x0, @multicast1}}, 0x0, 0x0, 0xffff, 0x0, "4620e36081ff3d010c773e64f8a099ca5ef0fa4855d262f29f527d4cb1b546aa355bfec49c57066ddd2e19fcdfba18fc3082e9adff54b43072d06988dae41b4978f5af1cd714e637356d42aadaeb800a"}, 0xd8) 11:49:38 executing program 5: clock_adjtime(0x3, &(0x7f0000000380)) 11:49:39 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000003c0)={0x13, 0x43, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 11:49:39 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2321202e2f66696c6531200a9138340d892bce249e3a268138314f4cab476785bc627c39c5b45cc211396b3dce"], 0xc) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) [ 120.000180] audit: type=1400 audit(1756727379.322:8): avc: denied { open } for pid=3810 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.010918] audit: type=1400 audit(1756727379.322:9): avc: denied { kernel } for pid=3810 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 120.014471] process 'syz-executor.5' launched './file1' with NULL argv: empty string added 11:49:39 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2321202e2f66696c6531200a9138340d892bce249e3a268138314f4cab476785bc627c39c5b45cc211396b3dce"], 0xc) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) [ 120.135748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.137017] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.275015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.275656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.570679] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.714026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.714643] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.803381] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.804203] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.100805] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.101514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.183672] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.184348] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.227800] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.228482] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.312840] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.314252] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.427247] loop1: detected capacity change from 0 to 264192 [ 121.558357] loop1: detected capacity change from 0 to 264192 [ 121.662749] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.663978] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.726692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.728081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.865466] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 121.868879] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO 11:49:41 executing program 1: madvise(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x0) 11:49:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81001f8b}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:49:41 executing program 2: perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, &(0x7f0000001bc0)=""/119, &(0x7f0000001c40)=0x77) 11:49:41 executing program 3: r0 = fsopen(&(0x7f00000000c0)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000100)='$\\:^-]&\x00', 0x0, 0x0) 11:49:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000440)=ANY=[]) 11:49:41 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2321202e2f66696c6531200a9138340d892bce249e3a268138314f4cab476785bc627c39c5b45cc211396b3dce"], 0xc) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) 11:49:41 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) [ 121.915419] loop6: detected capacity change from 0 to 4 11:49:41 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000100)={0x0, 0x0, 0xffffff88}) [ 121.928560] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities 11:49:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81001f8b}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:49:41 executing program 1: setresuid(0xee00, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0}, &(0x7f0000008600)=0xc) setreuid(r1, 0x0) 11:49:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000440)=ANY=[]) [ 122.008491] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO 11:49:41 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2321202e2f66696c6531200a9138340d892bce249e3a268138314f4cab476785bc627c39c5b45cc211396b3dce"], 0xc) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) [ 122.059569] loop6: detected capacity change from 0 to 4 [ 122.070882] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities [ 122.083350] kmemleak: Found object by alias at 0x607f1a63e974 [ 122.083379] CPU: 0 UID: 0 PID: 3932 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.083415] Tainted: [W]=WARN [ 122.083423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.083437] Call Trace: [ 122.083444] [ 122.083453] dump_stack_lvl+0xca/0x120 [ 122.083504] __lookup_object+0x94/0xb0 [ 122.083537] delete_object_full+0x27/0x70 [ 122.083570] free_percpu+0x30/0x1160 [ 122.083602] ? arch_uprobe_clear_state+0x16/0x140 [ 122.083641] futex_hash_free+0x38/0xc0 [ 122.083669] mmput+0x2d3/0x390 [ 122.083707] do_exit+0x79d/0x2970 [ 122.083734] ? lock_release+0xc8/0x290 [ 122.083767] ? __pfx_do_exit+0x10/0x10 [ 122.083796] ? find_held_lock+0x2b/0x80 [ 122.083830] ? get_signal+0x835/0x2340 [ 122.083870] do_group_exit+0xd3/0x2a0 [ 122.083900] get_signal+0x2315/0x2340 [ 122.083946] ? __pfx_get_signal+0x10/0x10 [ 122.083979] ? do_futex+0x135/0x370 [ 122.084007] ? __pfx_do_futex+0x10/0x10 [ 122.084038] arch_do_signal_or_restart+0x80/0x790 [ 122.084072] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 122.084106] ? __x64_sys_futex+0x1c9/0x4d0 [ 122.084131] ? __x64_sys_futex+0x1d2/0x4d0 [ 122.084161] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.084187] ? selinux_file_ioctl+0xb9/0x280 [ 122.084217] ? xfd_validate_state+0x55/0x180 [ 122.084259] exit_to_user_mode_loop+0x8b/0x110 [ 122.084284] do_syscall_64+0x2f7/0x360 [ 122.084310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.084333] RIP: 0033:0x7f57eddedb19 [ 122.084350] Code: Unable to access opcode bytes at 0x7f57eddedaef. [ 122.084361] RSP: 002b:00007f57eb363218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.084383] RAX: fffffffffffffe00 RBX: 00007f57edf00f68 RCX: 00007f57eddedb19 [ 122.084398] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f57edf00f68 [ 122.084412] RBP: 00007f57edf00f60 R08: 0000000000000000 R09: 0000000000000000 [ 122.084437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f57edf00f6c [ 122.084451] R13: 00007fffe99bdd8f R14: 00007f57eb363300 R15: 0000000000022000 [ 122.084483] [ 122.084490] kmemleak: Object (percpu) 0x607f1a63e970 (size 8): [ 122.084504] kmemleak: comm "syz-executor.5", pid 3940, jiffies 4294788979 [ 122.084518] kmemleak: min_count = 1 [ 122.084526] kmemleak: count = 0 [ 122.084533] kmemleak: flags = 0x21 [ 122.084541] kmemleak: checksum = 0 [ 122.084548] kmemleak: backtrace: [ 122.084554] pcpu_alloc_noprof+0x87a/0x1170 [ 122.084586] perf_trace_event_init+0x366/0xa10 [ 122.084613] perf_trace_init+0x1a4/0x2f0 [ 122.084637] perf_tp_event_init+0xa6/0x120 [ 122.084669] perf_try_init_event+0x140/0x9f0 [ 122.084696] perf_event_alloc.part.0+0x118e/0x45f0 [ 122.084730] __do_sys_perf_event_open+0x719/0x2c20 [ 122.084756] do_syscall_64+0xbf/0x360 [ 122.084775] entry_SYSCALL_64_after_hwframe+0x77/0x7f 11:49:41 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) 11:49:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000440)=ANY=[]) 11:49:41 executing program 1: setresuid(0xee00, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0}, &(0x7f0000008600)=0xc) setreuid(r1, 0x0) 11:49:41 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) 11:49:41 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) 11:49:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81001f8b}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:49:41 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000100)={0x0, 0x0, 0xffffff88}) [ 122.251938] loop6: detected capacity change from 0 to 4 [ 122.259737] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities [ 122.261020] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 122.290946] kmemleak: Found object by alias at 0x607f1a63e974 [ 122.290972] CPU: 1 UID: 0 PID: 3945 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.290991] Tainted: [W]=WARN [ 122.290997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.291004] Call Trace: [ 122.291009] [ 122.291014] dump_stack_lvl+0xca/0x120 [ 122.291040] __lookup_object+0x94/0xb0 [ 122.291058] delete_object_full+0x27/0x70 [ 122.291075] free_percpu+0x30/0x1160 [ 122.291092] ? arch_uprobe_clear_state+0x16/0x140 [ 122.291113] futex_hash_free+0x38/0xc0 [ 122.291128] mmput+0x2d3/0x390 [ 122.291147] do_exit+0x79d/0x2970 [ 122.291161] ? lock_release+0xc8/0x290 [ 122.291179] ? __pfx_do_exit+0x10/0x10 [ 122.291193] ? find_held_lock+0x2b/0x80 [ 122.291211] ? get_signal+0x835/0x2340 [ 122.291232] do_group_exit+0xd3/0x2a0 [ 122.291247] get_signal+0x2315/0x2340 [ 122.291270] ? __pfx_get_signal+0x10/0x10 [ 122.291286] ? do_futex+0x135/0x370 [ 122.291300] ? __pfx_do_futex+0x10/0x10 [ 122.291316] arch_do_signal_or_restart+0x80/0x790 [ 122.291334] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 122.291350] ? __x64_sys_futex+0x1c9/0x4d0 [ 122.291363] ? __x64_sys_futex+0x1d2/0x4d0 [ 122.291378] ? __pfx___x64_sys_futex+0x10/0x10 [ 122.291391] ? selinux_file_ioctl+0xb9/0x280 [ 122.291407] ? xfd_validate_state+0x55/0x180 [ 122.291428] exit_to_user_mode_loop+0x8b/0x110 [ 122.291441] do_syscall_64+0x2f7/0x360 [ 122.291454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.291466] RIP: 0033:0x7f57eddedb19 [ 122.291476] Code: Unable to access opcode bytes at 0x7f57eddedaef. [ 122.291481] RSP: 002b:00007f57eb363218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.291493] RAX: fffffffffffffe00 RBX: 00007f57edf00f68 RCX: 00007f57eddedb19 [ 122.291501] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f57edf00f68 [ 122.291508] RBP: 00007f57edf00f60 R08: 0000000000000000 R09: 0000000000000000 [ 122.291515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f57edf00f6c [ 122.291522] R13: 00007fffe99bdd8f R14: 00007f57eb363300 R15: 0000000000022000 [ 122.291538] [ 122.291542] kmemleak: Object (percpu) 0x607f1a63e968 (size 16): [ 122.291549] kmemleak: comm "syz-executor.6", pid 287, jiffies 4294789123 [ 122.291556] kmemleak: min_count = 1 [ 122.291560] kmemleak: count = 0 [ 122.291563] kmemleak: flags = 0x21 [ 122.291567] kmemleak: checksum = 0 [ 122.291571] kmemleak: backtrace: [ 122.291575] pcpu_alloc_noprof+0x87a/0x1170 [ 122.291590] mm_init+0x99b/0x1170 [ 122.291599] copy_process+0x3ab7/0x73c0 [ 122.291609] kernel_clone+0xea/0x7f0 [ 122.291619] __do_sys_clone+0xce/0x120 [ 122.291629] do_syscall_64+0xbf/0x360 [ 122.291639] entry_SYSCALL_64_after_hwframe+0x77/0x7f 11:49:41 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000440)=ANY=[]) [ 122.416652] kmemleak: Found object by alias at 0x607f1a63e970 [ 122.416672] CPU: 1 UID: 0 PID: 3957 Comm: syz-executor.1 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.416691] Tainted: [W]=WARN [ 122.416695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 11:49:41 executing program 1: setresuid(0xee00, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000085c0)={0x0, 0x0}, &(0x7f0000008600)=0xc) setreuid(r1, 0x0) 11:49:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff81001f8b}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 122.416702] Call Trace: [ 122.416706] [ 122.416711] dump_stack_lvl+0xca/0x120 [ 122.416738] __lookup_object+0x94/0xb0 [ 122.416756] delete_object_full+0x27/0x70 [ 122.416772] free_percpu+0x30/0x1160 [ 122.416790] ? arch_uprobe_clear_state+0x16/0x140 [ 122.416811] futex_hash_free+0x38/0xc0 [ 122.416826] mmput+0x2d3/0x390 [ 122.416845] do_exit+0x79d/0x2970 [ 122.416863] ? __pfx_do_exit+0x10/0x10 [ 122.416877] ? trace_irq_enable.constprop.0+0x26/0x100 [ 122.416890] ? _raw_spin_unlock_irq+0x23/0x40 [ 122.416909] do_group_exit+0xd3/0x2a0 [ 122.416924] __x64_sys_exit_group+0x3e/0x50 [ 122.416938] x64_sys_call+0x18c5/0x18d0 [ 122.416958] do_syscall_64+0xbf/0x360 [ 122.416971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.416982] RIP: 0033:0x7f98a3635b19 [ 122.416991] Code: Unable to access opcode bytes at 0x7f98a3635aef. [ 122.416996] RSP: 002b:00007ffc16d2a718 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.417008] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f98a3635b19 [ 122.417016] RDX: 00007f98a35e872b RSI: ffffffffffffffbc RDI: 0000000000000000 [ 122.417023] RBP: 0000000000000000 R08: 0000001b2d222034 R09: 0000000000000000 [ 122.417030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 122.417037] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffc16d2a800 [ 122.417052] [ 122.417056] kmemleak: Object (percpu) 0x607f1a63e968 (size 16): [ 122.417063] kmemleak: comm "syz-executor.7", pid 285, jiffies 4294789292 [ 122.417070] kmemleak: min_count = 1 [ 122.417074] kmemleak: count = 0 [ 122.417077] kmemleak: flags = 0x21 [ 122.417081] kmemleak: checksum = 0 [ 122.417085] kmemleak: backtrace: [ 122.417088] pcpu_alloc_noprof+0x87a/0x1170 [ 122.417104] mm_init+0x99b/0x1170 [ 122.417112] copy_process+0x3ab7/0x73c0 [ 122.417122] kernel_clone+0xea/0x7f0 [ 122.417132] __do_sys_clone+0xce/0x120 [ 122.417142] do_syscall_64+0xbf/0x360 [ 122.417152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.437123] loop6: detected capacity change from 0 to 4 [ 122.438003] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO 11:49:41 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000100)={0x0, 0x0, 0xffffff88}) 11:49:41 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) 11:49:41 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1100) setuid(r0) ioprio_get$uid(0x3, r0) [ 122.505300] kmemleak: Cannot insert 0x607f1a63e970 into the object search tree (overlaps existing) [ 122.505334] CPU: 0 UID: 0 PID: 3964 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 122.505372] Tainted: [W]=WARN [ 122.505380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 122.505395] Call Trace: [ 122.505403] [ 122.505412] dump_stack_lvl+0xca/0x120 [ 122.505468] __link_object+0x190/0x210 [ 122.505506] __create_object+0x48/0x80 [ 122.505543] pcpu_alloc_noprof+0x87a/0x1170 [ 122.505594] alloc_trace_kprobe+0xc9/0x560 [ 122.505627] ? paravirt_ret0+0xb/0xb [ 122.505654] ? paravirt_ret0+0xb/0xb [ 122.505680] ? paravirt_ret0+0xb/0xb [ 122.505707] ? paravirt_ret0+0xb/0xb [ 122.505732] create_local_trace_kprobe+0x73/0x410 [ 122.505773] perf_kprobe_init+0x119/0x210 [ 122.505807] perf_kprobe_event_init+0xfc/0x1d0 [ 122.505836] perf_try_init_event+0x140/0x9f0 [ 122.505873] perf_event_alloc.part.0+0x118e/0x45f0 [ 122.505911] ? perf_event_alloc.part.0+0x1074/0x45f0 [ 122.505965] ? __fget_files+0x203/0x3b0 [ 122.505997] ? __pfx_perf_event_alloc.part.0+0x10/0x10 [ 122.506036] ? find_held_lock+0x2b/0x80 [ 122.506073] ? __do_sys_perf_event_open+0x11df/0x2c20 [ 122.506110] __do_sys_perf_event_open+0x719/0x2c20 [ 122.506151] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 122.506180] ? find_held_lock+0x2b/0x80 [ 122.506221] ? paravirt_ret0+0xb/0xb [ 122.506261] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 122.506293] do_syscall_64+0xbf/0x360 [ 122.506320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.506344] RIP: 0033:0x7f646c18db19 [ 122.506363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.506386] RSP: 002b:00007f6469703188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 122.506410] RAX: ffffffffffffffda RBX: 00007f646c2a0f60 RCX: 00007f646c18db19 [ 122.506427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 122.506442] RBP: 00007f646c1e7f6d R08: 0000000000000000 R09: 0000000000000000 [ 122.506457] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 122.506471] R13: 00007ffcf69db08f R14: 00007f6469703300 R15: 0000000000022000 [ 122.506505] [ 122.507626] kmemleak: Kernel memory leak detector disabled [ 122.507634] kmemleak: Object (percpu) 0x607f1a63e968 (size 16): [ 122.507649] kmemleak: comm "syz-executor.7", pid 285, jiffies 4294789292 [ 122.507663] kmemleak: min_count = 1 [ 122.507672] kmemleak: count = 0 [ 122.507679] kmemleak: flags = 0x21 [ 122.507687] kmemleak: checksum = 0 [ 122.507695] kmemleak: backtrace: [ 122.507701] pcpu_alloc_noprof+0x87a/0x1170 [ 122.507734] mm_init+0x99b/0x1170 [ 122.507754] copy_process+0x3ab7/0x73c0 [ 122.507776] kernel_clone+0xea/0x7f0 [ 122.507796] __do_sys_clone+0xce/0x120 [ 122.507818] do_syscall_64+0xbf/0x360 [ 122.507837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.551893] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [syz-executor.2:3966] [ 148.551926] Modules linked in: [ 148.551939] irq event stamp: 108732 [ 148.551947] hardirqs last enabled at (108731): [] irqentry_exit+0x3b/0x90 [ 148.551992] hardirqs last disabled at (108732): [] sysvec_apic_timer_interrupt+0xf/0x80 [ 148.552027] softirqs last enabled at (108680): [] handle_softirqs+0x50c/0x770 [ 148.552066] softirqs last disabled at (108675): [] __irq_exit_rcu+0xc4/0x100 [ 148.552111] CPU: 0 UID: 0 PID: 3966 Comm: syz-executor.2 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 148.552143] Tainted: [W]=WARN [ 148.552150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 148.552163] RIP: 0010:smp_call_function_many_cond+0xa38/0x1110 [ 148.552200] Code: 31 ff 83 e5 01 89 ee e8 26 71 0b 00 85 ed 74 43 4d 89 ec 4c 89 ed 49 c1 ec 03 83 e5 07 4d 01 fc 83 c5 03 e8 da 75 0b 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 d5 04 00 00 8b 43 08 31 [ 148.552221] RSP: 0018:ffff88801756f5a8 EFLAGS: 00000246 [ 148.552238] RAX: 0000000000040000 RBX: ffff88806cf3c300 RCX: ffffc900029fa000 [ 148.552252] RDX: 0000000000040000 RSI: ffffffff816880d6 RDI: 0000000000000005 [ 148.552266] RBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000001 [ 148.552278] R10: 0000000000000001 R11: 1ffff1100d9c6bb1 R12: ffffed100d9e7861 [ 148.552292] R13: ffff88806cf3c308 R14: 0000000000000001 R15: dffffc0000000000 [ 148.552310] FS: 00007f0edde98700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000 [ 148.552330] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.552344] CR2: 00007f0ee0a36018 CR3: 000000001ea04000 CR4: 0000000000350ef0 [ 148.552358] Call Trace: [ 148.552365] [ 148.552389] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 148.552428] ? __pfx___text_poke+0x10/0x10 [ 148.552454] ? __pfx_do_sync_core+0x10/0x10 [ 148.552477] on_each_cpu_cond_mask+0x57/0xa0 [ 148.552513] smp_text_poke_batch_finish+0x36b/0xb50 [ 148.552546] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 148.552576] ? __mutex_lock+0x166/0x1020 [ 148.552620] ? arch_static_call_transform+0x2c/0xd0 [ 148.552656] ? __SCT__tp_func_cgroup_rstat_unlock+0x8/0x8 [ 148.552686] ? __SCT__tp_func_cgroup_rstat_unlock+0x8/0x8 [ 148.552714] __static_call_transform+0x337/0x740 [ 148.552740] ? __pfx___static_call_transform+0x10/0x10 [ 148.552764] ? lock_acquire+0x15e/0x2f0 [ 148.552789] ? __static_call_update+0x8c/0x630 [ 148.552818] ? __SCT__tp_func_cgroup_rstat_unlock+0x8/0x8 [ 148.552845] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.552868] ? __SCT__tp_func_cgroup_rstat_unlock+0x8/0x8 [ 148.552895] arch_static_call_transform+0xcb/0xd0 [ 148.552926] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.552949] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.552972] __static_call_update+0xd6/0x630 [ 148.552999] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.553020] ? __SCT__tp_func_cgroup_rstat_unlock+0x8/0x8 [ 148.553049] ? __pfx___static_call_update+0x10/0x10 [ 148.553074] ? trace_kmalloc+0x1f/0xb0 [ 148.553099] ? __kmalloc_noprof+0x29d/0x6e0 [ 148.553132] ? tracepoint_add_func+0x2a2/0xec0 [ 148.553158] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.553182] tracepoint_add_func+0xab9/0xec0 [ 148.553211] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.553234] tracepoint_probe_register+0xa4/0xf0 [ 148.553257] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 148.553278] ? pcpu_obj_full_size+0x3c/0x90 [ 148.553305] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 148.553328] ? pcpu_alloc_noprof+0x12d/0x1170 [ 148.553361] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.553391] trace_event_reg+0x297/0x350 [ 148.553423] perf_trace_event_init+0x511/0xa10 [ 148.553455] perf_trace_init+0x1a4/0x2f0 [ 148.553484] perf_tp_event_init+0xa6/0x120 [ 148.553515] perf_try_init_event+0x140/0x9f0 [ 148.553547] perf_event_alloc.part.0+0x118e/0x45f0 [ 148.553581] ? perf_event_alloc.part.0+0x1074/0x45f0 [ 148.553619] ? __fget_files+0x203/0x3b0 [ 148.553648] ? __pfx_perf_event_alloc.part.0+0x10/0x10 [ 148.553682] ? find_held_lock+0x2b/0x80 [ 148.553714] ? __do_sys_perf_event_open+0x11df/0x2c20 [ 148.553746] __do_sys_perf_event_open+0x719/0x2c20 [ 148.553782] ? __pfx___do_sys_perf_event_open+0x10/0x10 [ 148.553807] ? find_held_lock+0x2b/0x80 [ 148.553858] ? trace_irq_enable.constprop.0+0xc2/0x100 [ 148.553885] do_syscall_64+0xbf/0x360 [ 148.553908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.553930] RIP: 0033:0x7f0ee0922b19 [ 148.553948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 148.553967] RSP: 002b:00007f0edde98188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 148.553987] RAX: ffffffffffffffda RBX: 00007f0ee0a35f60 RCX: 00007f0ee0922b19 [ 148.554001] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000000 [ 148.554014] RBP: 00007f0ee097cf6d R08: 0000000000000000 R09: 0000000000000000 [ 148.554027] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 148.554040] R13: 00007ffc5c264bef R14: 00007f0edde98300 R15: 0000000000022000 [ 148.554069] [ 148.554077] Sending NMI from CPU 0 to CPUs 1: [ 148.633708] NMI backtrace for cpu 1 [ 148.633733] CPU: 1 UID: 0 PID: 15 Comm: rcu_preempt Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary) [ 148.633751] Tainted: [W]=WARN [ 148.633755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 148.633762] RIP: 0010:__mm_cid_try_get.constprop.0+0x393/0x490 [ 148.633789] Code: 89 c3 89 c2 89 54 24 68 0f b6 55 00 84 d2 74 09 80 fa 03 0f 8e b0 00 00 00 41 8b 95 d8 00 00 00 39 da 0f 87 38 ff ff ff f3 90 <41> 80 3e 00 0f 85 ad 00 00 00 49 8b 04 24 48 83 f8 ff 75 ba ba 40 [ 148.633800] RSP: 0018:ffff888009627900 EFLAGS: 00000046 [ 148.633810] RAX: 0000000000000002 RBX: 0000000000000002 RCX: ffffffff8146741d [ 148.633818] RDX: 0000000000000002 RSI: 0000000000000004 RDI: ffff888009627968 [ 148.633825] RBP: ffffed10027faa9b R08: 0000000000000001 R09: ffffed10012c4f2d [ 148.633832] R10: 0000000000000003 R11: 1ffff1100d9e6f7b R12: ffff888013fd5dd0 [ 148.633840] R13: ffff888013fd5400 R14: ffffed10027fabba R15: ffff888013fd54c4 [ 148.633849] FS: 0000000000000000(0000) GS:ffff8880e56d8000(0000) knlGS:0000000000000000 [ 148.633860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.633867] CR2: 00007ff9a13a3fc0 CR3: 000000000d921000 CR4: 0000000000350ef0 [ 148.633874] Call Trace: [ 148.633881] [ 148.633888] ? __update_load_avg_se+0x428/0xa40 [ 148.633907] ? __pfx___mm_cid_try_get.constprop.0+0x10/0x10 [ 148.633920] ? __perf_event_task_sched_out+0x103/0x14e0 [ 148.633935] ? update_load_avg+0x17d/0x1ef0 [ 148.633947] ? lock_is_held_type+0x9e/0x120 [ 148.633966] mm_cid_get.isra.0+0x16a/0x570 [ 148.633983] ? set_next_entity+0x331/0x940 [ 148.633995] ? __pfx_mm_cid_get.isra.0+0x10/0x10 [ 148.634012] ? switch_mm_irqs_off+0x534/0x6f0 [ 148.634026] __schedule+0x1744/0x3590 [ 148.634044] ? __pfx___schedule+0x10/0x10 [ 148.634059] ? lock_acquire+0x15e/0x2f0 [ 148.634073] ? find_held_lock+0x2b/0x80 [ 148.634089] ? schedule+0x2c7/0x390 [ 148.634103] ? lock_release+0xc8/0x290 [ 148.634116] schedule+0xdb/0x390 [ 148.634130] schedule_timeout+0x11a/0x280 [ 148.634144] ? __pfx_schedule_timeout+0x10/0x10 [ 148.634157] ? __pfx_process_timeout+0x10/0x10 [ 148.634170] ? 0xffffffff81000000 [ 148.634178] ? _raw_spin_unlock_irqrestore+0x2c/0x50 [ 148.634193] ? prepare_to_swait_event+0xf6/0x380 [ 148.634209] rcu_gp_fqs_loop+0x1a7/0xa60 [ 148.634222] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 148.634233] ? rcu_gp_kthread+0x2ee/0x390 [ 148.634246] ? lock_release+0xc8/0x290 [ 148.634257] ? finish_swait+0xca/0x230 [ 148.634269] rcu_gp_kthread+0x289/0x390 [ 148.634280] ? lock_release+0xc8/0x290 [ 148.634292] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 148.634305] ? __kthread_parkme+0x1a7/0x250 [ 148.634322] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 148.634335] kthread+0x3c8/0x740 [ 148.634347] ? __pfx_kthread+0x10/0x10 [ 148.634358] ? ret_from_fork+0x23/0x430 [ 148.634375] ? lock_release+0xc8/0x290 [ 148.634387] ? __pfx_kthread+0x10/0x10 [ 148.634399] ret_from_fork+0x34b/0x430 [ 148.634415] ? __pfx_kthread+0x10/0x10 [ 148.634426] ret_from_fork_asm+0x1a/0x30 [ 148.634446] VM DIAGNOSIS: 11:50:08 Registers: info registers vcpu 0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff88806ce08928 R8 =0000000000000000 R9 =ffffed100166d046 R10=0000000000000039 R11=0000000000000001 R12=0000000000000039 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0 RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f0edde98700 00000000 00000000 GS =0000 ffff8880e55d8000 00000000 00000000 LDT=0000 fffffe0600000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f0ee0a36018 CR3=000000001ea04000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f0ee0a097c000007f0ee0a097c8 XMM02=00007f0ee0a097e000007f0ee0a097c0 XMM03=00007f0ee0a097c800007f0ee0a097c0 XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000002 RBX=0000000000000002 RCX=ffffffff8146741d RDX=0000000000000002 RSI=0000000000000004 RDI=ffff888009627968 RBP=ffffed10027faa9b RSP=ffff888009627900 R8 =0000000000000001 R9 =ffffed10012c4f2d R10=0000000000000003 R11=1ffff1100d9e6f7b R12=ffff888013fd5dd0 R13=ffff888013fd5400 R14=ffffed10027fabba R15=ffff888013fd54c4 RIP=ffffffff81467503 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff8880e56d8000 00000000 00000000 LDT=0000 fffffe2500000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff9a13a3fc0 CR3=000000000d921000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ff00000000ff000000000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000