------------[ cut here ]------------
WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#1: syz-executor.5/111
Modules linked in:
CPU: 1 UID: 0 PID: 111 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:mntput_no_expire+0x78e/0xbe0
Code: 05 16 42 81 04 01 e8 31 f8 91 ff e9 41 fc ff ff e8 b7 50 b4 ff 31 ff 44 89 ee e8 dd 4b b4 ff 45 85 ed 79 09 e8 a3 50 b4 ff 90 <0f> 0b 90 e8 9a 50 b4 ff e8 75 f6 fb 02 31 ff 89 c5 89 c6 e8 ba 4b
RSP: 0018:ffff888046a2f9b8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 1ffff11008d45f3c RCX: ffffffff81bf96d3
RDX: ffff88800f415280 RSI: ffffffff81bf96dd RDI: 0000000000000005
RBP: ffff88801e53fa40 R08: 0000000000000001 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000001 R12: ffff888046a2fa20
R13: 00000000ffffffff R14: dead000000000100 R15: ffff88801e53fa40
FS:  0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2cf2a000 CR3: 000000004496c000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 namespace_unlock+0x7f1/0x810
 put_mnt_ns+0xf5/0x120
 free_nsproxy+0x3a/0x400
 switch_task_namespaces+0xe2/0x100
 do_exit+0x841/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 irqentry_exit_to_user_mode+0x106/0x1c0
 exc_page_fault+0xd9/0x180
 asm_exc_page_fault+0x26/0x30
RIP: 0033:0x0
Code: Unable to access opcode bytes at 0xffffffffffffffd6.
RSP: 002b:000000002000021c EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007f1c5325ff60 RCX: 00007f1c5314cb19
RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000240
RBP: 00007f1c531a6f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe962e53af R14: 00007f1c506c2300 R15: 0000000000022000
 </TASK>
irq event stamp: 1115
hardirqs last  enabled at (1125): [<ffffffff81541b18>] __up_console_sem+0x78/0x80
hardirqs last disabled at (1134): [<ffffffff81541afd>] __up_console_sem+0x5d/0x80
softirqs last  enabled at (1064): [<ffffffff813bafcc>] handle_softirqs+0x50c/0x770
softirqs last disabled at (1057): [<ffffffff813bb364>] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
loop3: detected capacity change from 0 to 736
loop1: detected capacity change from 0 to 512
EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
ext4 filesystem being mounted at /syzkaller-testdir928183612/syzkaller.Byv8yT/4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
loop4: detected capacity change from 0 to 1024
EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
kmemleak: Found object by alias at 0x607f1a6395b4
CPU: 1 UID: 0 PID: 4107 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 irqentry_exit_to_user_mode+0x106/0x1c0
 asm_exc_general_protection+0x26/0x30
RIP: 0033:0x7fc544c6db21
Code: Unable to access opcode bytes at 0x7fc544c6daf7.
RSP: 002b:0000000020000080 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007fc544d80f60 RCX: 00007fc544c6db19
RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000140000
RBP: 00007fc544cc7f6d R08: 0000000020000140 R09: 0000000000000000
R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd95eb51ef R14: 00007fc5421e3300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a6395b0 (size 8):
kmemleak:   comm "syz-executor.6", pid 4111, jiffies 4294829531
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 percpu_ref_init+0x37/0x400
 blk_alloc_queue+0x571/0x750
 blk_mq_alloc_queue+0x170/0x280
 __blk_mq_alloc_disk+0x2a/0x120
 loop_add+0x494/0xb60
 loop_probe+0x53/0x80
 blk_probe_dev+0x10c/0x180
 blk_request_module+0x16/0xb0
 blkdev_get_no_open+0xa8/0x100
 blkdev_open+0x143/0x400
 do_dentry_open+0x71c/0x1420
 vfs_open+0x82/0x3f0
 path_openat+0x1c3f/0x2880
 do_filp_open+0x1e8/0x450
 do_sys_openat2+0x104/0x1b0
block device autoloading is deprecated and will be removed.
kmemleak: Found object by alias at 0x607f1a6395b4
CPU: 1 UID: 0 PID: 4092 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 irqentry_exit_to_user_mode+0x106/0x1c0
 asm_exc_general_protection+0x26/0x30
RIP: 0033:0x7fc544c6db21
Code: Unable to access opcode bytes at 0x7fc544c6daf7.
RSP: 002b:0000000020000080 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007fc544d80f60 RCX: 00007fc544c6db19
RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000140000
RBP: 00007fc544cc7f6d R08: 0000000020000140 R09: 0000000000000000
R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd95eb51ef R14: 00007fc5421e3300 R15: 0000000000022000
 </TASK>
kmemleak: Object (percpu) 0x607f1a6395b0 (size 8):
kmemleak:   comm "syz-executor.6", pid 4111, jiffies 4294829531
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 percpu_ref_init+0x37/0x400
 blk_alloc_queue+0x571/0x750
 blk_mq_alloc_queue+0x170/0x280
 __blk_mq_alloc_disk+0x2a/0x120
 loop_add+0x494/0xb60
 loop_probe+0x53/0x80
 blk_probe_dev+0x10c/0x180
 blk_request_module+0x16/0xb0
 blkdev_get_no_open+0xa8/0x100
 blkdev_open+0x143/0x400
 do_dentry_open+0x71c/0x1420
 vfs_open+0x82/0x3f0
 path_openat+0x1c3f/0x2880
 do_filp_open+0x1e8/0x450
 do_sys_openat2+0x104/0x1b0
program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO
ata1.00: invalid transfer count 0
program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO
ata1.00: non-matching transfer count (6656/0)
kmemleak: Found object by alias at 0x607f1a6395b4
CPU: 0 UID: 0 PID: 4123 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xca/0x120
 __lookup_object+0x94/0xb0
 delete_object_full+0x27/0x70
 free_percpu+0x30/0x1160
 futex_hash_free+0x38/0xc0
 mmput+0x2d3/0x390
 do_exit+0x79d/0x2970
 do_group_exit+0xd3/0x2a0
 __x64_sys_exit_group+0x3e/0x50
 x64_sys_call+0x18c5/0x18d0
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc544c6db19
Code: Unable to access opcode bytes at 0x7fc544c6daef.
RSP: 002b:00007ffd95eb5418 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007fc544c6db19
RDX: 00007fc544c2072b RSI: ffffffffffffffbc RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 0000000000000001 R14: 0000000000000001 R15: 00007ffd95eb5500
 </TASK>
kmemleak: Object (percpu) 0x607f1a6395b0 (size 8):
kmemleak:   comm "syz-executor.6", pid 4111, jiffies 4294829531
kmemleak:   min_count = 1
kmemleak:   count = 0
kmemleak:   flags = 0x21
kmemleak:   checksum = 0
kmemleak:   backtrace:
 pcpu_alloc_noprof+0x87a/0x1170
 percpu_ref_init+0x37/0x400
 blk_alloc_queue+0x571/0x750
 blk_mq_alloc_queue+0x170/0x280
 __blk_mq_alloc_disk+0x2a/0x120
 loop_add+0x494/0xb60
 loop_probe+0x53/0x80
 blk_probe_dev+0x10c/0x180
 blk_request_module+0x16/0xb0
 blkdev_get_no_open+0xa8/0x100
 blkdev_open+0x143/0x400
 do_dentry_open+0x71c/0x1420
 vfs_open+0x82/0x3f0
 path_openat+0x1c3f/0x2880
 do_filp_open+0x1e8/0x450
 do_sys_openat2+0x104/0x1b0