Warning: Permanently added '[localhost]:46389' (ECDSA) to the list of known hosts.
2025/08/29 11:15:08 fuzzer started
2025/08/29 11:15:08 dialing manager at localhost:43077
syzkaller login: [   51.118800] cgroup: Unknown subsys name 'net'
[   51.171850] cgroup: Unknown subsys name 'cpuset'
[   51.191834] cgroup: Unknown subsys name 'rlimit'
2025/08/29 11:15:19 syscalls: 2214
2025/08/29 11:15:19 code coverage: enabled
2025/08/29 11:15:19 comparison tracing: enabled
2025/08/29 11:15:19 extra coverage: enabled
2025/08/29 11:15:19 setuid sandbox: enabled
2025/08/29 11:15:19 namespace sandbox: enabled
2025/08/29 11:15:19 Android sandbox: enabled
2025/08/29 11:15:19 fault injection: enabled
2025/08/29 11:15:19 leak checking: enabled
2025/08/29 11:15:19 net packet injection: enabled
2025/08/29 11:15:19 net device setup: enabled
2025/08/29 11:15:19 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 11:15:19 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 11:15:19 USB emulation: enabled
2025/08/29 11:15:19 hci packet injection: enabled
2025/08/29 11:15:19 wifi device emulation: enabled
2025/08/29 11:15:19 802.15.4 emulation: enabled
2025/08/29 11:15:19 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 11:15:19 fetching corpus: 50, signal 17304/20912 (executing program)
2025/08/29 11:15:20 fetching corpus: 100, signal 27898/32972 (executing program)
2025/08/29 11:15:20 fetching corpus: 150, signal 42512/48705 (executing program)
2025/08/29 11:15:20 fetching corpus: 200, signal 47644/55087 (executing program)
2025/08/29 11:15:20 fetching corpus: 250, signal 54052/62594 (executing program)
2025/08/29 11:15:20 fetching corpus: 300, signal 58040/67623 (executing program)
2025/08/29 11:15:20 fetching corpus: 350, signal 61767/72376 (executing program)
2025/08/29 11:15:20 fetching corpus: 400, signal 65666/77329 (executing program)
2025/08/29 11:15:20 fetching corpus: 450, signal 68574/81264 (executing program)
2025/08/29 11:15:20 fetching corpus: 500, signal 73512/86864 (executing program)
2025/08/29 11:15:20 fetching corpus: 550, signal 75409/89727 (executing program)
2025/08/29 11:15:20 fetching corpus: 600, signal 78445/93558 (executing program)
2025/08/29 11:15:21 fetching corpus: 650, signal 80240/96191 (executing program)
2025/08/29 11:15:21 fetching corpus: 700, signal 82425/99126 (executing program)
2025/08/29 11:15:21 fetching corpus: 750, signal 84740/102176 (executing program)
2025/08/29 11:15:21 fetching corpus: 800, signal 85968/104250 (executing program)
2025/08/29 11:15:21 fetching corpus: 850, signal 87941/106910 (executing program)
2025/08/29 11:15:21 fetching corpus: 900, signal 91080/110426 (executing program)
2025/08/29 11:15:21 fetching corpus: 950, signal 92633/112671 (executing program)
2025/08/29 11:15:21 fetching corpus: 1000, signal 93927/114670 (executing program)
2025/08/29 11:15:21 fetching corpus: 1050, signal 95619/116958 (executing program)
2025/08/29 11:15:21 fetching corpus: 1100, signal 97022/119020 (executing program)
2025/08/29 11:15:21 fetching corpus: 1150, signal 98254/120857 (executing program)
2025/08/29 11:15:22 fetching corpus: 1200, signal 100390/123357 (executing program)
2025/08/29 11:15:22 fetching corpus: 1250, signal 102177/125580 (executing program)
2025/08/29 11:15:22 fetching corpus: 1300, signal 103973/127774 (executing program)
2025/08/29 11:15:22 fetching corpus: 1350, signal 105831/129899 (executing program)
2025/08/29 11:15:22 fetching corpus: 1400, signal 107181/131693 (executing program)
2025/08/29 11:15:22 fetching corpus: 1450, signal 108935/133725 (executing program)
2025/08/29 11:15:22 fetching corpus: 1500, signal 110617/135860 (executing program)
2025/08/29 11:15:22 fetching corpus: 1550, signal 111720/137437 (executing program)
2025/08/29 11:15:22 fetching corpus: 1600, signal 113303/139303 (executing program)
2025/08/29 11:15:22 fetching corpus: 1650, signal 114550/140865 (executing program)
2025/08/29 11:15:23 fetching corpus: 1700, signal 115999/142552 (executing program)
2025/08/29 11:15:23 fetching corpus: 1750, signal 117075/143993 (executing program)
2025/08/29 11:15:23 fetching corpus: 1800, signal 118300/145490 (executing program)
2025/08/29 11:15:23 fetching corpus: 1850, signal 119136/146751 (executing program)
2025/08/29 11:15:23 fetching corpus: 1900, signal 119846/147902 (executing program)
2025/08/29 11:15:23 fetching corpus: 1950, signal 121219/149401 (executing program)
2025/08/29 11:15:23 fetching corpus: 2000, signal 122598/150924 (executing program)
2025/08/29 11:15:23 fetching corpus: 2050, signal 123198/151995 (executing program)
2025/08/29 11:15:23 fetching corpus: 2100, signal 124039/153093 (executing program)
2025/08/29 11:15:23 fetching corpus: 2150, signal 124949/154301 (executing program)
2025/08/29 11:15:23 fetching corpus: 2200, signal 126394/155741 (executing program)
2025/08/29 11:15:24 fetching corpus: 2250, signal 127243/156782 (executing program)
2025/08/29 11:15:24 fetching corpus: 2300, signal 130334/158935 (executing program)
2025/08/29 11:15:24 fetching corpus: 2350, signal 131211/159932 (executing program)
2025/08/29 11:15:24 fetching corpus: 2400, signal 132376/161081 (executing program)
2025/08/29 11:15:24 fetching corpus: 2450, signal 133150/162007 (executing program)
2025/08/29 11:15:24 fetching corpus: 2500, signal 133887/162891 (executing program)
2025/08/29 11:15:24 fetching corpus: 2550, signal 134928/164047 (executing program)
2025/08/29 11:15:24 fetching corpus: 2600, signal 135670/164971 (executing program)
2025/08/29 11:15:24 fetching corpus: 2650, signal 136529/165866 (executing program)
2025/08/29 11:15:24 fetching corpus: 2700, signal 137651/166902 (executing program)
2025/08/29 11:15:24 fetching corpus: 2750, signal 138266/167703 (executing program)
2025/08/29 11:15:25 fetching corpus: 2800, signal 139081/168532 (executing program)
2025/08/29 11:15:25 fetching corpus: 2850, signal 139875/169400 (executing program)
2025/08/29 11:15:25 fetching corpus: 2900, signal 140418/170109 (executing program)
2025/08/29 11:15:25 fetching corpus: 2950, signal 141205/170905 (executing program)
2025/08/29 11:15:25 fetching corpus: 3000, signal 141713/171591 (executing program)
2025/08/29 11:15:25 fetching corpus: 3050, signal 142491/172430 (executing program)
2025/08/29 11:15:25 fetching corpus: 3100, signal 142967/173085 (executing program)
2025/08/29 11:15:25 fetching corpus: 3150, signal 143495/173733 (executing program)
2025/08/29 11:15:25 fetching corpus: 3200, signal 144150/174436 (executing program)
2025/08/29 11:15:25 fetching corpus: 3250, signal 144862/175092 (executing program)
2025/08/29 11:15:25 fetching corpus: 3300, signal 145346/175686 (executing program)
2025/08/29 11:15:26 fetching corpus: 3350, signal 146314/176360 (executing program)
2025/08/29 11:15:26 fetching corpus: 3400, signal 146985/176956 (executing program)
2025/08/29 11:15:26 fetching corpus: 3450, signal 147663/177625 (executing program)
2025/08/29 11:15:26 fetching corpus: 3500, signal 148166/178157 (executing program)
2025/08/29 11:15:26 fetching corpus: 3550, signal 148723/178697 (executing program)
2025/08/29 11:15:26 fetching corpus: 3600, signal 149470/179281 (executing program)
2025/08/29 11:15:26 fetching corpus: 3650, signal 150106/179852 (executing program)
2025/08/29 11:15:26 fetching corpus: 3700, signal 150586/180330 (executing program)
2025/08/29 11:15:26 fetching corpus: 3750, signal 151685/180903 (executing program)
2025/08/29 11:15:26 fetching corpus: 3800, signal 152025/181361 (executing program)
2025/08/29 11:15:27 fetching corpus: 3850, signal 152557/181840 (executing program)
2025/08/29 11:15:27 fetching corpus: 3900, signal 153194/182330 (executing program)
2025/08/29 11:15:27 fetching corpus: 3950, signal 153594/182793 (executing program)
2025/08/29 11:15:27 fetching corpus: 4000, signal 154118/183226 (executing program)
2025/08/29 11:15:27 fetching corpus: 4050, signal 155032/183760 (executing program)
2025/08/29 11:15:27 fetching corpus: 4100, signal 155510/184221 (executing program)
2025/08/29 11:15:27 fetching corpus: 4150, signal 155934/184587 (executing program)
2025/08/29 11:15:27 fetching corpus: 4200, signal 156365/184949 (executing program)
2025/08/29 11:15:27 fetching corpus: 4250, signal 157018/185308 (executing program)
2025/08/29 11:15:27 fetching corpus: 4300, signal 157403/185675 (executing program)
2025/08/29 11:15:27 fetching corpus: 4350, signal 158085/186029 (executing program)
2025/08/29 11:15:28 fetching corpus: 4400, signal 158550/186390 (executing program)
2025/08/29 11:15:28 fetching corpus: 4450, signal 158929/186702 (executing program)
2025/08/29 11:15:28 fetching corpus: 4500, signal 159509/186986 (executing program)
2025/08/29 11:15:28 fetching corpus: 4550, signal 159902/186999 (executing program)
2025/08/29 11:15:28 fetching corpus: 4600, signal 160582/187012 (executing program)
2025/08/29 11:15:28 fetching corpus: 4650, signal 160908/187027 (executing program)
2025/08/29 11:15:28 fetching corpus: 4700, signal 161252/187043 (executing program)
2025/08/29 11:15:28 fetching corpus: 4750, signal 161662/187073 (executing program)
2025/08/29 11:15:28 fetching corpus: 4800, signal 162036/187076 (executing program)
2025/08/29 11:15:28 fetching corpus: 4850, signal 162565/187080 (executing program)
2025/08/29 11:15:28 fetching corpus: 4900, signal 163041/187134 (executing program)
2025/08/29 11:15:29 fetching corpus: 4950, signal 163406/187149 (executing program)
2025/08/29 11:15:29 fetching corpus: 5000, signal 164026/187160 (executing program)
2025/08/29 11:15:29 fetching corpus: 5050, signal 164274/187168 (executing program)
2025/08/29 11:15:29 fetching corpus: 5100, signal 164828/187221 (executing program)
2025/08/29 11:15:29 fetching corpus: 5150, signal 165137/187226 (executing program)
2025/08/29 11:15:29 fetching corpus: 5200, signal 165441/187241 (executing program)
2025/08/29 11:15:29 fetching corpus: 5250, signal 165731/187250 (executing program)
2025/08/29 11:15:29 fetching corpus: 5300, signal 166110/187257 (executing program)
2025/08/29 11:15:29 fetching corpus: 5350, signal 166446/187263 (executing program)
2025/08/29 11:15:29 fetching corpus: 5400, signal 166920/187277 (executing program)
2025/08/29 11:15:29 fetching corpus: 5450, signal 167292/187279 (executing program)
2025/08/29 11:15:30 fetching corpus: 5500, signal 167671/187288 (executing program)
2025/08/29 11:15:30 fetching corpus: 5550, signal 167964/187293 (executing program)
2025/08/29 11:15:30 fetching corpus: 5600, signal 168470/187381 (executing program)
2025/08/29 11:15:30 fetching corpus: 5650, signal 168805/187397 (executing program)
2025/08/29 11:15:30 fetching corpus: 5700, signal 169217/187398 (executing program)
2025/08/29 11:15:30 fetching corpus: 5750, signal 169535/187414 (executing program)
2025/08/29 11:15:30 fetching corpus: 5800, signal 169881/187437 (executing program)
2025/08/29 11:15:30 fetching corpus: 5850, signal 170160/187442 (executing program)
2025/08/29 11:15:30 fetching corpus: 5900, signal 170522/187449 (executing program)
2025/08/29 11:15:30 fetching corpus: 5950, signal 170939/187452 (executing program)
2025/08/29 11:15:30 fetching corpus: 6000, signal 171285/187459 (executing program)
2025/08/29 11:15:30 fetching corpus: 6050, signal 171634/187478 (executing program)
2025/08/29 11:15:31 fetching corpus: 6100, signal 171850/187481 (executing program)
2025/08/29 11:15:31 fetching corpus: 6150, signal 172307/187482 (executing program)
2025/08/29 11:15:31 fetching corpus: 6200, signal 172541/187491 (executing program)
2025/08/29 11:15:31 fetching corpus: 6250, signal 172851/187497 (executing program)
2025/08/29 11:15:31 fetching corpus: 6300, signal 173185/187500 (executing program)
2025/08/29 11:15:31 fetching corpus: 6350, signal 173474/187519 (executing program)
2025/08/29 11:15:31 fetching corpus: 6400, signal 173823/187525 (executing program)
2025/08/29 11:15:31 fetching corpus: 6450, signal 174298/187535 (executing program)
2025/08/29 11:15:31 fetching corpus: 6500, signal 174581/187543 (executing program)
2025/08/29 11:15:31 fetching corpus: 6550, signal 175004/187552 (executing program)
2025/08/29 11:15:31 fetching corpus: 6600, signal 175404/187554 (executing program)
2025/08/29 11:15:32 fetching corpus: 6650, signal 175630/187556 (executing program)
2025/08/29 11:15:32 fetching corpus: 6700, signal 175896/187563 (executing program)
2025/08/29 11:15:32 fetching corpus: 6750, signal 176097/187567 (executing program)
2025/08/29 11:15:32 fetching corpus: 6800, signal 176412/187595 (executing program)
2025/08/29 11:15:32 fetching corpus: 6850, signal 176754/187597 (executing program)
2025/08/29 11:15:32 fetching corpus: 6900, signal 177151/187612 (executing program)
2025/08/29 11:15:32 fetching corpus: 6950, signal 177446/187612 (executing program)
2025/08/29 11:15:32 fetching corpus: 7000, signal 177787/187623 (executing program)
2025/08/29 11:15:32 fetching corpus: 7050, signal 178002/187625 (executing program)
2025/08/29 11:15:32 fetching corpus: 7100, signal 178411/187630 (executing program)
2025/08/29 11:15:32 fetching corpus: 7150, signal 178665/187635 (executing program)
2025/08/29 11:15:32 fetching corpus: 7200, signal 178895/187642 (executing program)
2025/08/29 11:15:33 fetching corpus: 7250, signal 179544/187645 (executing program)
2025/08/29 11:15:33 fetching corpus: 7300, signal 180033/187685 (executing program)
2025/08/29 11:15:33 fetching corpus: 7350, signal 180320/187698 (executing program)
2025/08/29 11:15:33 fetching corpus: 7400, signal 180611/187702 (executing program)
2025/08/29 11:15:33 fetching corpus: 7450, signal 180997/187703 (executing program)
2025/08/29 11:15:33 fetching corpus: 7500, signal 181342/187715 (executing program)
2025/08/29 11:15:33 fetching corpus: 7550, signal 181540/187734 (executing program)
2025/08/29 11:15:33 fetching corpus: 7600, signal 181760/187734 (executing program)
2025/08/29 11:15:33 fetching corpus: 7650, signal 182234/187766 (executing program)
2025/08/29 11:15:33 fetching corpus: 7700, signal 182489/187769 (executing program)
2025/08/29 11:15:33 fetching corpus: 7750, signal 182737/187774 (executing program)
2025/08/29 11:15:34 fetching corpus: 7800, signal 183232/187776 (executing program)
2025/08/29 11:15:34 fetching corpus: 7850, signal 183527/187803 (executing program)
2025/08/29 11:15:34 fetching corpus: 7900, signal 183818/187813 (executing program)
2025/08/29 11:15:34 fetching corpus: 7950, signal 184101/187828 (executing program)
2025/08/29 11:15:34 fetching corpus: 8000, signal 184374/187841 (executing program)
2025/08/29 11:15:34 fetching corpus: 8048, signal 184601/187847 (executing program)
2025/08/29 11:15:34 fetching corpus: 8048, signal 184601/187847 (executing program)
2025/08/29 11:15:36 starting 8 fuzzer processes
11:15:36 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034eb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200035eb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200035eb70325132510000eb703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034eb70325132510000eb7032510300000000002e2e202020202020202020100034eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034eb70325132510000eb70325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100))

11:15:36 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xb, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736676209600088020000200000004f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736676209600088020000200000004f80000200040000000000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b4ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b4ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b4ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b4ea70325132510000ea703251070064000000", 0x120, 0x11000}, {&(0x7f0000010800)="2e202020202020202020201000b4ea70325132510000ea7032510300000000002e2e2020202020202020201000b4ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b4ea70325132510000ea70325104001a040000", 0x80, 0x51000}, {&(0x7f0000010900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x91000}, {&(0x7f0000010e00)='syzkallers\x00'/32, 0x20, 0xd1000}, {&(0x7f0000010f00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x151000}], 0x0, &(0x7f0000011000))

11:15:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73666e6c9200080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b4ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b4ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b4ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b4ea70325132510000ea7032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b4ea70325132510000ea7032510300000000002e2e2020202020202020201000b4ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b4ea70325132510000ea70325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

11:15:36 executing program 7:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000440008000f801002000400003000000000000008000297eb190f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100087ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200087ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200087ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200087ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e20202020202020202020100087ea70325132510000ea7032510300000000002e2e202020202020202020100087ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200087ea70325132510000ea70325104001a040000", 0x80, 0x1400}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1600}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x1c00}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4200}], 0x0, &(0x7f0000010f00))

11:15:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000470008000f80100200040000300000000000000800029842f98f153595a4b414c4c4552202046415431362020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x600}, {&(0x7f0000010400)="f8fffffff0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x800}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b9ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b9ea70325132510000ea70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b9ea70325132510000ea70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b9ea70325132510000ea7032511a0064000000", 0x120, 0xa00}, {&(0x7f0000010700)="2e202020202020202020201000b9ea70325132510000ea7032510300000000002e2e2020202020202020201000b9ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b9ea70325132510000ea70325104001a040000", 0x80, 0x1a00}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c00}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x2200}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x4800}], 0x0, &(0x7f0000010f00))

11:15:36 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="0000000072724161430000001a000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100014eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200014eb70325132510000eb70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200014eb70325132510000eb70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200014eb70325132510000eb7032511a0064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100014eb70325132510000eb7032510300000000002e2e202020202020202020100014eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200014eb70325132510000eb70325104001a040000", 0x80, 0x4a00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4c00}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x5200}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000011300))

[   78.933553] audit: type=1400 audit(1756466136.882:7): avc:  denied  { execmem } for  pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:15:36 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11000}, {&(0x7f0000010700)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11800}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100037e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200037e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200037e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200037e970325132510000e9703251070064000000", 0x120, 0x12000}, {&(0x7f0000010a00)="2e20202020202020202020100037e970325132510000e97032510300000000002e2e202020202020202020100037e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200037e970325132510000e970325104001a040000", 0x80, 0x52000}, {&(0x7f0000010b00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x92000}, {&(0x7f0000011000)='syzkallers\x00'/32, 0x20, 0xd2000}, {&(0x7f0000011100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x152000}], 0x0, &(0x7f0000011200))

11:15:36 executing program 6:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000200008000f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002932e611f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="0000000072724161450000001a000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400020120000200008000f800002000400000000000000000000100000000000000020000000100060000000000000000000000000080002932e611f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010007de670325132510000e670325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c453120202020202020007de670325132510000e670325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c453220202020202020007de670325132510000e670325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c20007de670325132510000e67032511a0064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e2020202020202020202010007de670325132510000e67032510300000000002e2e20202020202020202010007de670325132510000e670325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202020007de670325132510000e670325104001a040000", 0x80, 0x4600}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4800}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x4e00}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7400}], 0x0, &(0x7f0000011100))

[   80.090755] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.093292] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.095573] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.101188] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.106338] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.290470] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.298411] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.303485] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.314400] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.318985] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.341121] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.348740] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.359289] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.361385] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.372091] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.376008] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.377374] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.385318] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.391505] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.407278] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   80.412039] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   80.414117] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   80.418482] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   80.420400] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   80.424199] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   80.426834] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   80.436346] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.450848] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   80.456058] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   80.457388] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   80.461300] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   80.462459] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   80.463854] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   80.467145] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   80.475431] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   80.476545] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   80.478354] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   80.481523] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   80.482678] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   80.484489] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   82.118059] Bluetooth: hci0: command tx timeout
[   82.374332] Bluetooth: hci1: command tx timeout
[   82.501155] Bluetooth: hci3: command tx timeout
[   82.502401] Bluetooth: hci2: command tx timeout
[   82.504041] Bluetooth: hci7: command tx timeout
[   82.565318] Bluetooth: hci6: command tx timeout
[   82.567231] Bluetooth: hci4: command tx timeout
[   82.567287] Bluetooth: hci5: command tx timeout
[   84.165062] Bluetooth: hci0: command tx timeout
[   84.422932] Bluetooth: hci1: command tx timeout
[   84.548961] Bluetooth: hci2: command tx timeout
[   84.549161] Bluetooth: hci7: command tx timeout
[   84.549465] Bluetooth: hci3: command tx timeout
[   84.613253] Bluetooth: hci5: command tx timeout
[   84.614164] Bluetooth: hci6: command tx timeout
[   84.614192] Bluetooth: hci4: command tx timeout
[   86.213010] Bluetooth: hci0: command tx timeout
[   86.469231] Bluetooth: hci1: command tx timeout
[   86.596953] Bluetooth: hci3: command tx timeout
[   86.596969] Bluetooth: hci2: command tx timeout
[   86.598894] Bluetooth: hci7: command tx timeout
[   86.660938] Bluetooth: hci4: command tx timeout
[   86.662112] Bluetooth: hci5: command tx timeout
[   86.662506] Bluetooth: hci6: command tx timeout
[   88.260983] Bluetooth: hci0: command tx timeout
[   88.516929] Bluetooth: hci1: command tx timeout
[   88.644950] Bluetooth: hci7: command tx timeout
[   88.645095] Bluetooth: hci3: command tx timeout
[   88.646027] Bluetooth: hci2: command tx timeout
[   88.710084] Bluetooth: hci6: command tx timeout
[   88.710114] Bluetooth: hci5: command tx timeout
[   88.710541] Bluetooth: hci4: command tx timeout
[  118.228354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.229006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.354072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.354633] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.786721] loop3: detected capacity change from 0 to 128
11:16:16 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000240008000f801002000400000000000000000008000294e4252f153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/96, 0x60, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ff056000ffffff09a0000bc0000de0000f000111200113400115600117800119f0ffff0f00"/64, 0x40, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000a7e870325132510000e870325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000a7e870325132510000e870325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000a7e870325132510000e870325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000a7e870325132510000e87032511a0064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000a7e870325132510000e87032510300000000002e2e2020202020202020201000a7e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000a7e870325132510000e870325104001a040000", 0x80, 0x1000}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1200}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x1800}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x3e00}], 0x0, &(0x7f0000010d00))

[  118.982528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.983500] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.989216] loop3: detected capacity change from 0 to 128
11:16:17 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpid()
setpriority(0x0, r0, 0x7)

[  119.060182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.060833] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.115654] audit: type=1400 audit(1756466177.070:8): avc:  denied  { open } for  pid=3740 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.117529] audit: type=1400 audit(1756466177.070:9): avc:  denied  { kernel } for  pid=3740 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.191899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.192548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:16:17 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000dc0), 0x0, 0x2800)
pread64(r0, 0x0, 0x0, 0x0)

[  119.347160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.347822] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:16:17 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000dc0), 0x0, 0x2800)
pread64(r0, 0x0, 0x0, 0x0)

[  119.423683] loop1: detected capacity change from 0 to 5392
[  119.525346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.526103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:16:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x17)

11:16:17 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000dc0), 0x0, 0x2800)
pread64(r0, 0x0, 0x0, 0x0)

11:16:17 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x17)

[  119.670851] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.671536] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
11:16:17 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000dc0), 0x0, 0x2800)
pread64(r0, 0x0, 0x0, 0x0)

[  119.756859] loop0: detected capacity change from 0 to 1348
[  119.958063] loop6: detected capacity change from 0 to 128
[  120.331966] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.332607] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.464877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.465525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.794572] loop2: detected capacity change from 0 to 128
[  121.180912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.181538] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.238655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.239516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.282914] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.283551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.285219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.285880] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.313445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.314092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.363244] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.363975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.406764] loop5: detected capacity change from 0 to 5408
[  121.416045] loop4: detected capacity change from 0 to 128
[  121.534673] loop7: detected capacity change from 0 to 128
11:16:19 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73666e6c9200080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b4ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b4ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b4ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b4ea70325132510000ea7032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b4ea70325132510000ea7032510300000000002e2e2020202020202020201000b4ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b4ea70325132510000ea70325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

11:16:19 executing program 3:
getresuid(&(0x7f0000000180), &(0x7f00000001c0), 0xfffffffffffffffe)

11:16:19 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc}}}}, 0x28}}, 0x0)

11:16:19 executing program 7:
timer_delete(0x0)

11:16:19 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034eb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200035eb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200035eb70325132510000eb703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034eb70325132510000eb7032510300000000002e2e202020202020202020100034eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034eb70325132510000eb70325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100))

11:16:19 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x17)

11:16:19 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11000}, {&(0x7f0000010700)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11800}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100037e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200037e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200037e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200037e970325132510000e9703251070064000000", 0x120, 0x12000}, {&(0x7f0000010a00)="2e20202020202020202020100037e970325132510000e97032510300000000002e2e202020202020202020100037e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200037e970325132510000e970325104001a040000", 0x80, 0x52000}, {&(0x7f0000010b00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x92000}, {&(0x7f0000011000)='syzkallers\x00'/32, 0x20, 0xd2000}, {&(0x7f0000011100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x152000}], 0x0, &(0x7f0000011200))

11:16:19 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="0000000072724161430000001a000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100014eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200014eb70325132510000eb70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200014eb70325132510000eb70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200014eb70325132510000eb7032511a0064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100014eb70325132510000eb7032510300000000002e2e202020202020202020100014eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200014eb70325132510000eb70325104001a040000", 0x80, 0x4a00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4c00}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x5200}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000011300))

[  121.591260] loop2: detected capacity change from 0 to 128
[  121.603608] loop4: detected capacity change from 0 to 128
[  121.605310] loop5: detected capacity change from 0 to 5408
[  121.609375] loop0: detected capacity change from 0 to 1348
11:16:19 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

11:16:19 executing program 3:
r0 = syz_io_uring_setup(0x1722, &(0x7f0000000080)={0x0, 0x0, 0x3f00, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
ppoll(&(0x7f0000000940)=[{r0}, {r0}], 0x2, &(0x7f00000009c0)={0x0, 0x3938700}, 0x0, 0x0)

11:16:19 executing program 7:
timer_delete(0x0)

11:16:19 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x17)

11:16:19 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="0000000072724161430000001a000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100014eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200014eb70325132510000eb70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200014eb70325132510000eb70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200014eb70325132510000eb7032511a0064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100014eb70325132510000eb7032510300000000002e2e202020202020202020100014eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200014eb70325132510000eb70325104001a040000", 0x80, 0x4a00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4c00}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x5200}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000011300))

[  121.703050] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  121.703110] Bluetooth: Unexpected continuation frame (len 20)
[  121.706339] Bluetooth: hci3: ACL packet for unknown connection handle 1997
[  121.712195] Bluetooth: hci3: unexpected event for opcode 0x0411
[  121.724812] ------------[ cut here ]------------
11:16:19 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034eb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200035eb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200035eb70325132510000eb703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034eb70325132510000eb7032510300000000002e2e202020202020202020100034eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034eb70325132510000eb70325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100))

[  121.725267] WARNING: fs/namespace.c:1375 at cleanup_mnt+0x33f/0x430, CPU#1: syz-executor.0/275
[  121.726169] Modules linked in:
[  121.726549] CPU: 1 UID: 0 PID: 275 Comm: syz-executor.0 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  121.728727] Tainted: [W]=WARN
[  121.729465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  121.732447] RIP: 0010:cleanup_mnt+0x33f/0x430
[  121.734665] Code: c7 a0 45 d1 85 e8 01 7c fa 02 49 8d 7d 40 5b 48 c7 c6 10 e2 be 81 5d 41 5c 41 5d 41 5e 41 5f e9 57 b3 9c ff e8 82 46 b4 ff 90 <0f> 0b 90 e9 e6 fc ff ff e8 74 46 b4 ff 4c 89 ef e8 6c d7 06 00 e9
[  121.736124] RSP: 0018:ffff888016957e20 EFLAGS: 00010293
[  121.736544] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81bf9de5
[  121.737121] RDX: ffff88800a0ed280 RSI: ffffffff81bfa0fe RDI: 0000000000000005
[  121.737131] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  121.737138] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800a0edb58
[  121.737145] R13: ffff88801eb69dc0 R14: 0000000000000001 R15: ffff88801eb69e00
[  121.737155] FS:  000055555df54400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  121.737167] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.740536] CR2: 000055555df5dc58 CR3: 0000000034823000 CR4: 0000000000350ef0
[  121.741121] Call Trace:
[  121.741333]  <TASK>
[  121.741520]  task_work_run+0x172/0x280
[  121.741838]  ? __pfx_task_work_run+0x10/0x10
[  121.742225]  ? __x64_sys_umount+0x114/0x190
[  121.742569]  ? __pfx___x64_sys_umount+0x10/0x10
[  121.742966]  exit_to_user_mode_loop+0xef/0x110
[  121.743335]  do_syscall_64+0x2f7/0x360
[  121.743649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.744075] RIP: 0033:0x7fcd05056f87
[  121.744378] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  121.745812] RSP: 002b:00007ffc3fe2da38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  121.746427] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007fcd05056f87
[  121.746999] RDX: 00007ffc3fe2db09 RSI: 000000000000000a RDI: 00007ffc3fe2db00
[  121.747558] RBP: 00007ffc3fe2db00 R08: 00000000ffffffff R09: 00007ffc3fe2d8d0
[  121.748131] R10: 000055555df55c7b R11: 0000000000000246 R12: 00007fcd050af105
[  121.748692] R13: 00007ffc3fe2ebc0 R14: 000055555df55c20 R15: 00007ffc3fe2ec00
[  121.749276]  </TASK>
[  121.749467] irq event stamp: 165137
[  121.749752] hardirqs last  enabled at (165145): [<ffffffff81541b18>] __up_console_sem+0x78/0x80
[  121.750455] hardirqs last disabled at (165154): [<ffffffff81541afd>] __up_console_sem+0x5d/0x80
[  121.751152] softirqs last  enabled at (164868): [<ffffffff813bafcc>] handle_softirqs+0x50c/0x770
[  121.751848] softirqs last disabled at (164487): [<ffffffff813bb364>] __irq_exit_rcu+0xc4/0x100
[  121.752538] ---[ end trace 0000000000000000 ]---
[  121.771450] loop4: detected capacity change from 0 to 128
[  121.853066] loop0: detected capacity change from 0 to 1348
11:16:19 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73666e6c9200080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b4ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b4ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b4ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b4ea70325132510000ea7032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b4ea70325132510000ea7032510300000000002e2e2020202020202020201000b4ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b4ea70325132510000ea70325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

11:16:19 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11000}, {&(0x7f0000010700)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11800}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100037e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200037e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200037e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200037e970325132510000e9703251070064000000", 0x120, 0x12000}, {&(0x7f0000010a00)="2e20202020202020202020100037e970325132510000e97032510300000000002e2e202020202020202020100037e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200037e970325132510000e970325104001a040000", 0x80, 0x52000}, {&(0x7f0000010b00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x92000}, {&(0x7f0000011000)='syzkallers\x00'/32, 0x20, 0xd2000}, {&(0x7f0000011100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x152000}], 0x0, &(0x7f0000011200))

11:16:19 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

11:16:19 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x80000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400028020000200000004f8000020004000000000000000000001000000000000000200000001000600000000000000000000000000800029a3169df153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x4200}, {&(0x7f0000010700)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100034eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200034eb70325132510000eb70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200035eb70325132510000eb70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200035eb70325132510000eb703251070064000000", 0x120, 0x4400}, {&(0x7f0000010900)="2e20202020202020202020100034eb70325132510000eb7032510300000000002e2e202020202020202020100034eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200034eb70325132510000eb70325104001a040000", 0x80, 0x14400}, {&(0x7f0000010a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x24400}, {&(0x7f0000010f00)='syzkallers\x00'/32, 0x20, 0x34400}, {&(0x7f0000011000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x54400}], 0x0, &(0x7f0000011100))

11:16:19 executing program 7:
timer_delete(0x0)

11:16:19 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa5252614100"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="0000000072724161430000001a000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="eb58906d6b66732e66617400020120000400008000f8000020004000030000000000000001000000000000000200000001000600000000000000000000000000800029ad1999f153595a4b414c4c4552202046415433322020200e1fbe777cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a0000000000", 0xe0, 0xc00}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4000}, {&(0x7f0000010600)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4200}, {&(0x7f0000010700)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4400}, {&(0x7f0000010800)="f8ffff0fffffff0ff8ffff0fffffff0f0500000006000000ffffff0fffffff0f090000000a0000000b0000000c0000000d0000000e0000000f00000010000000110000001200000013000000140000001500000016000000170000001800000019000000ffffff0fffffff0f00"/128, 0x80, 0x4600}, {&(0x7f0000010900)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100014eb70325132510000eb70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200014eb70325132510000eb70325107000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200014eb70325132510000eb70325108002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200014eb70325132510000eb7032511a0064000000", 0x120, 0x4800}, {&(0x7f0000010b00)="2e20202020202020202020100014eb70325132510000eb7032510300000000002e2e202020202020202020100014eb70325132510000eb70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200014eb70325132510000eb70325104001a040000", 0x80, 0x4a00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4c00}, {&(0x7f0000011100)='syzkallers\x00'/32, 0x20, 0x5200}, {&(0x7f0000011200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000011300))

11:16:19 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

11:16:19 executing program 3:
r0 = syz_io_uring_setup(0x1722, &(0x7f0000000080)={0x0, 0x0, 0x3f00, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
ppoll(&(0x7f0000000940)=[{r0}, {r0}], 0x2, &(0x7f00000009c0)={0x0, 0x3938700}, 0x0, 0x0)

[  121.938698] loop5: detected capacity change from 0 to 5408
[  121.942840] loop2: detected capacity change from 0 to 128
[  121.958439] Bluetooth: hci5: SCO packet for unknown connection handle 0
[  121.958612] Bluetooth: Unexpected continuation frame (len 20)
[  121.963823] Bluetooth: hci5: ACL packet for unknown connection handle 1997
[  121.966158] loop4: detected capacity change from 0 to 128
[  121.968129] Bluetooth: hci3: unexpected event for opcode 0x0411
[  121.970313] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  121.970351] Bluetooth: Unexpected continuation frame (len 20)
[  121.982031] Bluetooth: hci3: ACL packet for unknown connection handle 1997
[  121.988216] kmemleak: Found object by alias at 0x607f1a63921c
[  121.988230] CPU: 0 UID: 0 PID: 3946 Comm: syz-executor.1 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  121.988247] Tainted: [W]=WARN
[  121.988251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  121.988258] Call Trace:
[  121.988262]  <TASK>
[  121.988266]  dump_stack_lvl+0xca/0x120
[  121.988290]  __lookup_object+0x94/0xb0
[  121.988307]  delete_object_full+0x27/0x70
[  121.988327]  free_percpu+0x30/0x1160
[  121.988343]  ? arch_uprobe_clear_state+0x16/0x140
[  121.988363]  futex_hash_free+0x38/0xc0
[  121.988377]  mmput+0x2d3/0x390
[  121.988396]  do_exit+0x79d/0x2970
[  121.988409]  ? signal_wake_up_state+0x85/0x120
[  121.988426]  ? zap_other_threads+0x2b9/0x3a0
[  121.988441]  ? __pfx_do_exit+0x10/0x10
[  121.988454]  ? do_group_exit+0x1c3/0x2a0
[  121.988467]  ? lock_release+0xc8/0x290
[  121.988484]  do_group_exit+0xd3/0x2a0
[  121.988498]  __x64_sys_exit_group+0x3e/0x50
[  121.988512]  x64_sys_call+0x18c5/0x18d0
[  121.988528]  do_syscall_64+0xbf/0x360
[  121.988540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.988551] RIP: 0033:0x7f6887e57b19
[  121.988560] Code: Unable to access opcode bytes at 0x7f6887e57aef.
[  121.988565] RSP: 002b:00007ffdd6059058 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  121.988576] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f6887e57b19
[  121.988583] RDX: 00007f6887e0a72b RSI: ffffffffffffffbc RDI: 0000000000000000
[  121.988591] RBP: 0000000000000000 R08: 0000001b2ce2a010 R09: 0000000000000000
[  121.988598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.988604] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffdd6059140
[  121.988620]  </TASK>
[  121.988624] kmemleak: Object (percpu) 0x607f1a639218 (size 8):
[  121.988630] kmemleak:   comm "syz-executor.2", pid 3947, jiffies 4294788831
[  121.988637] kmemleak:   min_count = 1
[  121.988641] kmemleak:   count = 0
[  121.988645] kmemleak:   flags = 0x21
[  121.988648] kmemleak:   checksum = 0
[  121.988652] kmemleak:   backtrace:
[  121.988656]  pcpu_alloc_noprof+0x87a/0x1170
[  121.988670]  alloc_vfsmnt+0x135/0x6e0
[  121.988683]  vfs_create_mount.part.0+0x40/0x440
[  121.988698]  path_mount+0x1637/0x1dd0
[  121.988709]  __x64_sys_mount+0x27b/0x300
[  121.988720]  do_syscall_64+0xbf/0x360
[  121.988728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:16:19 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

11:16:19 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73666e6c9200080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b4ea70325132510000ea70325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b4ea70325132510000ea70325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b4ea70325132510000ea70325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b4ea70325132510000ea7032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b4ea70325132510000ea7032510300000000002e2e2020202020202020201000b4ea70325132510000ea70325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b4ea70325132510000ea70325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

[  122.042970] Bluetooth: hci5: unexpected event for opcode 0x0411
[  122.050483] Bluetooth: hci5: SCO packet for unknown connection handle 0
[  122.050516] Bluetooth: Unexpected continuation frame (len 20)
11:16:20 executing program 7:
timer_delete(0x0)

11:16:20 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  122.063149] Bluetooth: hci5: ACL packet for unknown connection handle 1997
[  122.071708] loop0: detected capacity change from 0 to 1348
11:16:20 executing program 3:
r0 = syz_io_uring_setup(0x1722, &(0x7f0000000080)={0x0, 0x0, 0x3f00, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
ppoll(&(0x7f0000000940)=[{r0}, {r0}], 0x2, &(0x7f00000009c0)={0x0, 0x3938700}, 0x0, 0x0)

11:16:20 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  122.130643] Bluetooth: hci5: unexpected event for opcode 0x0411
[  122.144532] Bluetooth: hci5: SCO packet for unknown connection handle 0
[  122.144573] Bluetooth: Unexpected continuation frame (len 20)
[  122.145817] Bluetooth: hci5: ACL packet for unknown connection handle 1997
[  122.150260] loop2: detected capacity change from 0 to 128
[  122.163738] Bluetooth: hci3: unexpected event for opcode 0x0411
[  122.166656] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  122.167110] Bluetooth: Unexpected continuation frame (len 20)
[  122.181844] Bluetooth: hci3: ACL packet for unknown connection handle 1997
[  122.223947] kmemleak: Found object by alias at 0x607f1a6396bc
[  122.223971] CPU: 1 UID: 0 PID: 3966 Comm: syz-executor.2 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.223989] Tainted: [W]=WARN
[  122.223993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.224000] Call Trace:
[  122.224004]  <TASK>
[  122.224008]  dump_stack_lvl+0xca/0x120
[  122.224033]  __lookup_object+0x94/0xb0
[  122.224050]  delete_object_full+0x27/0x70
[  122.224066]  free_percpu+0x30/0x1160
[  122.224083]  ? arch_uprobe_clear_state+0x16/0x140
[  122.224102]  futex_hash_free+0x38/0xc0
[  122.224117]  mmput+0x2d3/0x390
[  122.224135]  do_exit+0x79d/0x2970
[  122.224149]  ? lock_release+0xc8/0x290
[  122.224166]  ? __pfx_do_exit+0x10/0x10
[  122.224180]  ? find_held_lock+0x2b/0x80
[  122.224197]  ? get_signal+0x835/0x2340
[  122.224217]  do_group_exit+0xd3/0x2a0
[  122.224231]  get_signal+0x2315/0x2340
[  122.224249]  ? locks_remove_posix+0x258/0x410
[  122.224263]  ? __call_rcu_common.constprop.0+0x4c1/0x960
[  122.224279]  ? __pfx_get_signal+0x10/0x10
[  122.224295]  ? do_futex+0x135/0x370
[  122.224309]  ? __pfx_do_futex+0x10/0x10
[  122.224324]  arch_do_signal_or_restart+0x80/0x790
[  122.224341]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  122.224357]  ? __x64_sys_futex+0x1c9/0x4d0
[  122.224369]  ? __x64_sys_futex+0x1d2/0x4d0
[  122.224383]  ? fput_close_sync+0x114/0x240
[  122.224399]  ? __pfx___x64_sys_futex+0x10/0x10
[  122.224411]  ? __pfx_fput_close_sync+0x10/0x10
[  122.224426]  ? dnotify_flush+0x79/0x4c0
[  122.224441]  exit_to_user_mode_loop+0x8b/0x110
[  122.224453]  do_syscall_64+0x2f7/0x360
[  122.224465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.224476] RIP: 0033:0x7fd04fb0db19
[  122.224485] Code: Unable to access opcode bytes at 0x7fd04fb0daef.
[  122.224490] RSP: 002b:00007fd04d083218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.224501] RAX: fffffffffffffe00 RBX: 00007fd04fc20f68 RCX: 00007fd04fb0db19
[  122.224509] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd04fc20f68
[  122.224516] RBP: 00007fd04fc20f60 R08: 0000000000000000 R09: 0000000000000000
[  122.224522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd04fc20f6c
[  122.224529] R13: 00007ffca62549bf R14: 00007fd04d083300 R15: 0000000000022000
[  122.224544]  </TASK>
[  122.224548] kmemleak: Object (percpu) 0x607f1a6396b8 (size 8):
[  122.224555] kmemleak:   comm "syz-executor.0", pid 3959, jiffies 4294789035
[  122.224561] kmemleak:   min_count = 1
[  122.224565] kmemleak:   count = 0
[  122.224569] kmemleak:   flags = 0x21
[  122.224572] kmemleak:   checksum = 0
[  122.224576] kmemleak:   backtrace:
[  122.224579]  pcpu_alloc_noprof+0x87a/0x1170
[  122.224594]  alloc_vfsmnt+0x135/0x6e0
[  122.224607]  vfs_create_mount.part.0+0x40/0x440
[  122.224621]  path_mount+0x1637/0x1dd0
[  122.224632]  __x64_sys_mount+0x27b/0x300
[  122.224643]  do_syscall_64+0xbf/0x360
[  122.224651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:16:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60}, {&(0x7f0000010100)='RRaA\x00'/32, 0x20, 0x800}, {&(0x7f0000010200)="00000000727241610100000007000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010300)="601c6d6b646f736677c66200088020000400000004f80000200040000300000000000000010000000000000002000000010006000000000000000000000000008000"/96, 0x60, 0x3000}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10000}, {&(0x7f0000010500)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x10800}, {&(0x7f0000010600)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11000}, {&(0x7f0000010700)="f8ffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0fffffff0f", 0x20, 0x11800}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100037e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531202020202020200037e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c4532202020202020200037e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c200037e970325132510000e9703251070064000000", 0x120, 0x12000}, {&(0x7f0000010a00)="2e20202020202020202020100037e970325132510000e97032510300000000002e2e202020202020202020100037e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020200037e970325132510000e970325104001a040000", 0x80, 0x52000}, {&(0x7f0000010b00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x92000}, {&(0x7f0000011000)='syzkallers\x00'/32, 0x20, 0xd2000}, {&(0x7f0000011100)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x152000}], 0x0, &(0x7f0000011200))

11:16:20 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c, &(0x7f0000000a00)=[{&(0x7f0000000080)="add176fd18e8d85c98cf9586689cb0c6472de50db9306a43f1a0f561cde9ce1524df0d44a17877e54d7a19bfb7b81e2a6d955dcc9ee40efa03b6ca85edafbe67554d9f0997c720db58d1daf4bc2ccadf65b14022e56f9275edcc44f8d578119f", 0x60}, {&(0x7f0000000700)="63a8544c060000001a49ad1dd5fbc344b1ef32463c9cc29ae63d360e894327d3825a0adee47e1a21da1b8a21c09017493959a73a9f21f8810f82b885f0088d1d97832f11661fb66f5a093fd7f1d1db85cea3aec5e28c463a2f6e2cc6507d1bde945e95986ced97f07a14f66ee1473cc9dc4322aa865c3d739a065db09a007bfb46be6c04c50efcba99d42ebd165094ab0307b6626100eaddf7c22e6f8c9ee0a456a1523d1251cf6daa36e95fe32b72b5cfe98c324f1a8d4da6df5b0ec0167830ab9127ef144bb397c5e8ad4cf0e170a36ef360490893e83b5a4b59f5b990875a382dc6b0b5ad59f552a44161e3f384", 0xef}, {&(0x7f0000000100)="011b0bc7fc29ce89ef6f206adf67cad40912e17ebe9578b8963a", 0x1a}, {&(0x7f0000000280)="eb1f30142ba292c625d3e7fa5fd720beb44301aa5dec5340b54263df8466204926321ed7375fdb498a7bd4d5e1808d2805033f77aadd9ae64c4991fde2575d0f633ecd8d4c689c11c31a30cc58e0441e3ad63a3a1472cfb1e5e99ba189cf9099e6a1e63d5b51d44dac74b995617664daead3de3ed77277f6887e8d864b0ebb93fde208a82ec081d6bbc372c109d25756d580e9451114dd25d072a7de93f5af5605ba03551097825d024f1c29add179a20f3bfdef5bcff534927f92c9830ad55e1b58c3be458a2b2ae7cedf3bff3a7e7765f4d6c84e2885806e06efcc08ee03e23bf165490e41cd41de0b0cb48618e51fe7b7f4c111ff982860b70829a4fa971130b585d2b410200917303618060f9187b0bd952d2d147aef5ff4696d63fb87e606e1290e638d5796315638c4ad6d34366e053f6379b0d7c1960594948d9a9fb7959b610b168feb95ea021417eb9115c464b1ddd7251489776a94f4248885ab2383ec175d208304459fb12d937602e0308dd36d49e5b09e4f9b7801d4df0f9339d5ae17902e09b8b4934b1873c4821c45d625b58b03389f6555d5e54ddc94f318e7ecc9229fb94e7c47c9f3b7604c7a9f5e92d79ad840a8e87db9bf7632eda96a74ebc1cc930a94d7c0d9bac238afd126dc3637571ddb2397177fbf5a4ff5a960bea2bdb20b71d30cddac7989d3659f9de2b6edac077b300d50dac5c9cad7ad9122ef6e572212ea752022e578b542db3b68d208c3e505e08eb44e1a95fb31814656994ac87d48a1c7953e50772e7974b89297091823af40ee5c1a0485b58fde537388065b6e41ac009020f404b5f77a068269a574ed954e810da2984fa6129401e395c50979b8dbae4b518f54fca84360678497744a74c4ba880291b2fa974c0662acaba5a9c0fa28cb704ee3556c37993d1525c26dc9f004fe2449facb21928083a4b302f3a04a638085a13e2d21b22eee2127dd956f6b3466e26a7d86f1e5614145cf33ecad8d545c364e20ed97c7933e522a983e0a011d564e6006d0f343ce08e5de65189eb2de5b8a40c82da74c7ee0a7e7cfc7e996a37e848a0d7e82bca457e60bfd4389d9335c6c03739b4479bdcc1fdfc92618467cf4b2ec68828aa1f6942b904e4e102fc85c94891ad07aa8e63a2d6298f103c810ce840b5965315bb0a9f8e1185af0f11ff968ce8a9e9aaec60b684a175a06690db7994998fe4c09aabc073c59840e9f65b144bb9e5e379a44bf79c3f31df4a73aa3b4bff250848f4a429093fb02a10af511c0c63e202fcdba0ba20f24568082902e6005dc7ef423cc359f203c51595eda07133c348ce0e5f731617cd9177d17b4f875aa2ac3d944351b067f476199b40ae69476e17f67217335af8eb4e38afd29cd5e0a2e3081d19d4255e259a1f6be94686fc12488ec391af4be70e29eb70307b441d71c5c21bf336ba9ca86891665de6c723ceb5af9221b362f81e43eec7256ec1ce3366044afeda98eeb72d3baf00755af74241853b07d2ccb83ad2971a847471befd81079da6688f8df6d", 0x444}], 0x4}}], 0x1, 0x0)

11:16:20 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000480)={0x77359400}, 0x10)

11:16:20 executing program 1:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x0, 0x0, 0x8})

11:16:20 executing program 3:
r0 = syz_io_uring_setup(0x1722, &(0x7f0000000080)={0x0, 0x0, 0x3f00, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
ppoll(&(0x7f0000000940)=[{r0}, {r0}], 0x2, &(0x7f00000009c0)={0x0, 0x3938700}, 0x0, 0x0)

11:16:20 executing program 6:
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/14], 0xe)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x4, 0x0, 0x411}}}, 0x7)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x13}, @hci_ev_le_conn_complete={{}, {0x8, 0xc9, 0x40, 0x1, @any, 0x8, 0x7ff, 0x5, 0x9}}}}, 0x16)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x3f, 0xc8, 0x6}}}, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
syz_emit_vhci(&(0x7f00000005c0)=@HCI_SCODATA_PKT={0x3, {0x0, 0x50}, "2bbbe9325c2f4825ed4e2e792fdda73f228ffd7503c16d40f44ecf7770235540cb73eb566b3336d7090da483b85a7eff476ae95f6fe07629ad9d0d92926932bbae11c89a05bab2b57521c5d80fdc4c24"}, 0x54)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c91014001000050017000ce4bd85cf500772f10001800400ccc3cf49b6000300"], 0x19)
getdents64(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x15c)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x7, 0xc9}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
r1 = syz_open_dev$sg(&(0x7f00000001c0), 0x1fb, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="fd6fc138c83356e493c144c7d7a6434e8fc22851ec94962e06e62faf0e62ca749f8ee127bf7eb013c08d9f94cda24fa1706ad88afd8d086d258b889765d6f5bc69c65f433af811fe31dbe3df59e6a0a30b03c95e14f89b322a3c13c4b81c75743e8acd85f038aedeee59549912e767f510670734e9dca059aa"])
syz_emit_vhci(&(0x7f0000000400)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02cda7e00b8da2fc2600131b020080"], 0xf)
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c9008cb85bd39cdd9c8132caf9a52aaed54f1beac66b0d20609795f390b6e6be884c05ed0745a531794b2f525f129dab6f54a99c60c7e214bf219734e69f08e326aef661b51cb4e9cd7eeb3572dd65d0bb6a60899dde430f28eb92f08f1a14ea87df5dec048a0b787386a6a3b5216632f1f1a8f5be29ffb813b5b0c5905eb9d38e163ef73386531ce3000000000000"], 0x90)
clone(0xc11fb00, 0x0, &(0x7f0000000080), 0x0, 0x0)

[  122.322720] loop5: detected capacity change from 0 to 5408
[  122.324326] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  122.326085] Bluetooth: hci3: unexpected event for opcode 0x0411
[  122.331590] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  122.331628] Bluetooth: Unexpected continuation frame (len 20)
[  122.339148] EXT4-fs warning (device sda): verify_group_input:158: Reserved blocks too high (8)
11:16:20 executing program 2:
io_setup(0xfff, &(0x7f0000000040)=<r0=>0x0)
r1 = syz_open_dev$sg(&(0x7f0000002ac0), 0x0, 0x0)
io_submit(r0, 0x2, &(0x7f00000003c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffff34}])

11:16:20 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x3, 0x2f)
bind$802154_dgram(r0, &(0x7f0000000100)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14)

11:16:20 executing program 4:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000500), 0x4)

[  122.418291] Bluetooth: hci3: ACL packet for unknown connection handle 1997
[  122.450784] kmemleak: Found object by alias at 0x607f1a63921c
[  122.450803] CPU: 1 UID: 0 PID: 3979 Comm: syz-executor.1 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.450821] Tainted: [W]=WARN
[  122.450825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.450831] Call Trace:
[  122.450836]  <TASK>
[  122.450840]  dump_stack_lvl+0xca/0x120
[  122.450870]  __lookup_object+0x94/0xb0
[  122.450886]  delete_object_full+0x27/0x70
[  122.450901]  free_percpu+0x30/0x1160
[  122.450918]  ? arch_uprobe_clear_state+0x16/0x140
[  122.450938]  futex_hash_free+0x38/0xc0
[  122.450952]  mmput+0x2d3/0x390
[  122.450970]  do_exit+0x79d/0x2970
[  122.450983]  ? lock_release+0xc8/0x290
[  122.451000]  ? __pfx_do_exit+0x10/0x10
[  122.451013]  ? find_held_lock+0x2b/0x80
[  122.451030]  ? get_signal+0x835/0x2340
[  122.451050]  do_group_exit+0xd3/0x2a0
[  122.451065]  get_signal+0x2315/0x2340
[  122.451082]  ? kmem_cache_free+0x2a1/0x540
[  122.451096]  ? __pfx_get_signal+0x10/0x10
[  122.451112]  ? do_futex+0x135/0x370
[  122.451125]  ? __pfx_do_futex+0x10/0x10
[  122.451140]  arch_do_signal_or_restart+0x80/0x790
[  122.451157]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  122.451173]  ? __x64_sys_futex+0x1c9/0x4d0
[  122.451184]  ? __x64_sys_futex+0x1d2/0x4d0
[  122.451199]  ? __pfx___x64_sys_futex+0x10/0x10
[  122.451212]  ? xfd_validate_state+0x55/0x180
[  122.451233]  exit_to_user_mode_loop+0x8b/0x110
[  122.451245]  do_syscall_64+0x2f7/0x360
[  122.451256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.451268] RIP: 0033:0x7f6887e57b19
[  122.451277] Code: Unable to access opcode bytes at 0x7f6887e57aef.
[  122.451282] RSP: 002b:00007f68853cd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.451293] RAX: 0000000000000000 RBX: 00007f6887f6af68 RCX: 00007f6887e57b19
[  122.451300] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6887f6af68
[  122.451307] RBP: 00007f6887f6af60 R08: 0000000000000000 R09: 0000000000000000
[  122.451314] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6887f6af6c
[  122.451320] R13: 00007ffdd6058e2f R14: 00007f68853cd300 R15: 0000000000022000
[  122.451336]  </TASK>
[  122.451340] kmemleak: Object (percpu) 0x607f1a639218 (size 8):
[  122.451346] kmemleak:   comm "syz-executor.3", pid 3983, jiffies 4294789297
[  122.451353] kmemleak:   min_count = 1
[  122.451357] kmemleak:   count = 0
[  122.451360] kmemleak:   flags = 0x21
[  122.451364] kmemleak:   checksum = 0
[  122.451367] kmemleak:   backtrace:
[  122.451371]  pcpu_alloc_noprof+0x87a/0x1170
[  122.451385]  percpu_ref_init+0x37/0x400
[  122.451405]  io_uring_setup+0x44c/0x2000
[  122.451419]  __x64_sys_io_uring_setup+0xc8/0x170
[  122.451430]  do_syscall_64+0xbf/0x360
[  122.451438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
11:16:20 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)={0x20, r1, 0x1, 0x0, 0x0, {0x10}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0)

[  122.501409] ------------[ cut here ]------------
[  122.502067] WARNING: fs/namespace.c:1434 at mntput_no_expire+0x78e/0xbe0, CPU#1: syz-executor.5/287
[  122.502823] Modules linked in:
[  122.503173] CPU: 1 UID: 0 PID: 287 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.504146] Tainted: [W]=WARN
[  122.504406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.505081] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[  122.505493] Code: 05 16 42 81 04 01 e8 31 f8 91 ff e9 41 fc ff ff e8 b7 50 b4 ff 31 ff 44 89 ee e8 dd 4b b4 ff 45 85 ed 79 09 e8 a3 50 b4 ff 90 <0f> 0b 90 e8 9a 50 b4 ff e8 75 f6 fb 02 31 ff 89 c5 89 c6 e8 ba 4b
[  122.507003] RSP: 0018:ffff88801552fce0 EFLAGS: 00010293
[  122.507470] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#1] SMP KASAN NOPTI
[  122.507482] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.507494] CPU: 1 UID: 0 PID: 287 Comm: syz-executor.5 Tainted: G        W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.507510] Tainted: [W]=WARN
[  122.507515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.507521] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.507539] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.507550] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.507559] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.507567] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.507575] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.507583] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.507590] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.507599] FS:  0000555564701400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.507610] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.507618] CR2: 00007f19c8860ee0 CR3: 0000000043ba3000 CR4: 0000000000350ef0
[  122.507625] Call Trace:
[  122.507629]  <TASK>
[  122.507636]  ? __pfx_perf_tp_event+0x10/0x10
[  122.507654]  ? __asan_memcpy+0x3d/0x60
[  122.507668]  ? __lock_acquire+0xc65/0x1b70
[  122.507682]  ? prb_read_valid+0x78/0xa0
[  122.507697]  ? io_serial_in+0x10/0x80
[  122.507712]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.507727]  ? __lock_acquire+0xc65/0x1b70
[  122.507739]  perf_trace_run_bpf_submit+0xef/0x180
[  122.507755]  perf_trace_preemptirq_template+0x259/0x430
[  122.507775]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.507794]  ? console_flush_all+0x7c9/0xb70
[  122.507810]  ? console_flush_all+0x8b8/0xb70
[  122.507825]  ? console_flush_all+0x8bd/0xb70
[  122.507841]  ? trace_irq_enable.constprop.0+0x3b/0x100
[  122.507857]  ? console_flush_all+0x8bd/0xb70
[  122.507872]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.507884]  trace_hardirqs_on+0x26/0x40
[  122.507894]  console_flush_all+0x8bd/0xb70
[  122.507911]  ? __pfx_console_flush_all+0x10/0x10
[  122.507927]  ? __lock_acquire+0x694/0x1b70
[  122.507941]  ? is_printk_cpu_sync_owner+0x32/0x40
[  122.507952]  console_unlock+0xc2/0x1f0
[  122.507968]  ? __pfx_console_unlock+0x10/0x10
[  122.507984]  ? _printk+0xbe/0xf0
[  122.507997]  vprintk_emit+0x3f6/0x630
[  122.508013]  ? __pfx_vprintk_emit+0x10/0x10
[  122.508030]  ? __pfx__printk+0x10/0x10
[  122.508043]  _printk+0xbe/0xf0
[  122.508055]  ? __pfx__printk+0x10/0x10
[  122.508067]  ? mntput_no_expire+0x764/0xbe0
[  122.508083]  ? show_opcodes+0xb3/0xd0
[  122.508101]  ? __show_regs+0x528/0x750
[  122.508116]  ? __show_regs+0x5c/0x750
[  122.508129]  __show_regs+0x534/0x750
[  122.508142]  ? dump_stack_print_info+0x19b/0x240
[  122.508161]  ? mntput_no_expire+0x78e/0xbe0
[  122.508177]  show_regs+0x33/0x60
[  122.508193]  __warn+0xfc/0x3a0
[  122.508207]  ? mntput_no_expire+0x78e/0xbe0
[  122.508224]  report_bug+0x2f5/0x3f0
[  122.508238]  ? mntput_no_expire+0x78e/0xbe0
[  122.508254]  handle_bug+0x2d7/0x410
[  122.508266]  exc_invalid_op+0x35/0x80
[  122.508277]  asm_exc_invalid_op+0x1a/0x20
[  122.508287] RIP: 0010:mntput_no_expire+0x78e/0xbe0
[  122.508304] Code: 05 16 42 81 04 01 e8 31 f8 91 ff e9 41 fc ff ff e8 b7 50 b4 ff 31 ff 44 89 ee e8 dd 4b b4 ff 45 85 ed 79 09 e8 a3 50 b4 ff 90 <0f> 0b 90 e8 9a 50 b4 ff e8 75 f6 fb 02 31 ff 89 c5 89 c6 e8 ba 4b
[  122.508314] RSP: 0018:ffff88801552fce0 EFLAGS: 00010293
[  122.508323] RAX: 0000000000000000 RBX: 1ffff11002aa5fa1 RCX: ffffffff81bf96d3
[  122.508331] RDX: ffff88800e793700 RSI: ffffffff81bf96dd RDI: 0000000000000005
[  122.508338] RBP: ffff888015b9a700 R08: 0000000000000001 R09: 0000000000000000
[  122.508345] R10: 00000000ffffffff R11: 0000000000000001 R12: ffff88801552fd48
[  122.508352] R13: 00000000ffffffff R14: ffff888015b9a700 R15: ffff888015b9a7e8
[  122.508361]  ? mntput_no_expire+0x783/0xbe0
[  122.508377]  ? mntput_no_expire+0x78d/0xbe0
[  122.508395]  ? __pfx_mntput_no_expire+0x10/0x10
[  122.508411]  ? dput.part.0+0xce/0x930
[  122.508426]  ? lock_release+0xc8/0x290
[  122.508439]  path_umount+0x6e0/0x1100
[  122.508450]  ? kmem_cache_free+0x2a1/0x540
[  122.508462]  ? __pfx_path_umount+0x10/0x10
[  122.508473]  ? putname.part.0+0x11b/0x160
[  122.508489]  __x64_sys_umount+0x15c/0x190
[  122.508501]  ? __pfx___x64_sys_umount+0x10/0x10
[  122.508514]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.508528]  do_syscall_64+0xbf/0x360
[  122.508539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.508549] RIP: 0033:0x7f1bb8c07f87
[  122.508558] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.508568] RSP: 002b:00007fff516fd6e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  122.508579] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f1bb8c07f87
[  122.508586] RDX: 00007fff516fd7b9 RSI: 000000000000000a RDI: 00007fff516fd7b0
[  122.508593] RBP: 00007fff516fd7b0 R08: 00000000ffffffff R09: 00007fff516fd580
[  122.508601] R10: 0000555564702c7b R11: 0000000000000246 R12: 00007f1bb8c60105
[  122.508608] R13: 00007fff516fe870 R14: 0000555564702c20 R15: 00007fff516fe8b0
[  122.508618]  </TASK>
[  122.508622] Modules linked in:
[  122.508629] ---[ end trace 0000000000000000 ]---
[  122.508634] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.508649] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.508659] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.508668] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.508675] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.508683] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.508690] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.508697] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.508706] FS:  0000555564701400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.508717] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.508724] CR2: 00007f19c8860ee0 CR3: 0000000043ba3000 CR4: 0000000000350ef0
[  122.508733] note: syz-executor.5[287] exited with irqs disabled
[  122.508765] note: syz-executor.5[287] exited with preempt_count 5
[  122.508780] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51
[  122.508787] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 287, name: syz-executor.5
[  122.508797] preempt_count: 0, expected: 0
[  122.508802] RCU nest depth: 1, expected: 0
[  122.508808] INFO: lockdep is turned off.
[  122.508815] CPU: 1 UID: 0 PID: 287 Comm: syz-executor.5 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.508832] Tainted: [D]=DIE, [W]=WARN
[  122.508835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.508841] Call Trace:
[  122.508845]  <TASK>
[  122.508848]  dump_stack_lvl+0xfa/0x120
[  122.508868]  __might_resched+0x2f3/0x510
[  122.508882]  exit_signals+0x25/0x940
[  122.508899]  do_exit+0x2db/0x2970
[  122.508911]  ? _printk+0xbe/0xf0
[  122.508923]  ? __pfx__printk+0x10/0x10
[  122.508935]  ? __pfx_do_exit+0x10/0x10
[  122.508949]  make_task_dead+0x174/0x3b0
[  122.508962]  ? do_syscall_64+0xbf/0x360
[  122.508971]  rewind_stack_and_make_dead+0x16/0x20
[  122.508986] RIP: 0033:0x7f1bb8c07f87
[  122.508994] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.509004] RSP: 002b:00007fff516fd6e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  122.509014] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f1bb8c07f87
[  122.509021] RDX: 00007fff516fd7b9 RSI: 000000000000000a RDI: 00007fff516fd7b0
[  122.509028] RBP: 00007fff516fd7b0 R08: 00000000ffffffff R09: 00007fff516fd580
[  122.509035] R10: 0000555564702c7b R11: 0000000000000246 R12: 00007f1bb8c60105
[  122.509042] R13: 00007fff516fe870 R14: 0000555564702c20 R15: 00007fff516fe8b0
[  122.509052]  </TASK>
[  122.509079] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#2] SMP KASAN NOPTI
[  122.509091] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.509101] CPU: 1 UID: 0 PID: 15 Comm: rcu_preempt Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.509118] Tainted: [D]=DIE, [W]=WARN
[  122.509122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.509128] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.509144] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.509154] RSP: 0018:ffff888009627640 EFLAGS: 00010013
[  122.509163] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.509170] RDX: ffff888009603700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.509178] RBP: ffff8880096278b0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.509185] R10: 0000000000000000 R11: ffff88800e793bb8 R12: dffffc0000000000
[  122.509192] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.509201] FS:  0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.509212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.509219] CR2: 00007f19c8860ee0 CR3: 0000000043ba3000 CR4: 0000000000350ef0
[  122.509226] Call Trace:
[  122.509230]  <TASK>
[  122.509234]  ? unwind_next_frame+0x3bc/0x2540
[  122.509254]  ? __pfx_perf_tp_event+0x10/0x10
[  122.509270]  ? ret_from_fork_asm+0x1a/0x30
[  122.509285]  ? stack_trace_save+0x8e/0xc0
[  122.509300]  ? stack_depot_save_flags+0x2c/0xa20
[  122.509312]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  122.509328]  ? kasan_save_stack+0x34/0x50
[  122.509341]  ? kasan_save_stack+0x24/0x50
[  122.509354]  ? kasan_record_aux_stack+0x89/0xa0
[  122.509364]  ? __call_rcu_common.constprop.0+0x70/0x960
[  122.509377]  ? put_task_struct_rcu_user+0x75/0xc0
[  122.509390]  ? __schedule+0xe86/0x3590
[  122.509404]  ? lock_is_held_type+0x9e/0x120
[  122.509421]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.509436]  ? sched_clock_cpu+0x6c/0x4e0
[  122.509450]  ? lock_is_held_type+0x9e/0x120
[  122.509465]  perf_trace_run_bpf_submit+0xef/0x180
[  122.509482]  perf_trace_preemptirq_template+0x259/0x430
[  122.509501]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.509519]  ? update_load_avg+0x17d/0x1ef0
[  122.509531]  ? lock_is_held_type+0x9e/0x120
[  122.509546]  ? lock_acquire+0x18c/0x2f0
[  122.509559]  ? finish_task_switch.isra.0+0x206/0x840
[  122.509576]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.509587]  trace_hardirqs_on+0x26/0x40
[  122.509597]  finish_task_switch.isra.0+0x206/0x840
[  122.509616]  __schedule+0xe86/0x3590
[  122.509631]  ? __pfx___schedule+0x10/0x10
[  122.509645]  ? lock_acquire+0x15e/0x2f0
[  122.509657]  ? find_held_lock+0x2b/0x80
[  122.509674]  ? schedule+0x2c7/0x390
[  122.509687]  ? lock_release+0xc8/0x290
[  122.509699]  schedule+0xdb/0x390
[  122.509713]  schedule_timeout+0x11a/0x280
[  122.509726]  ? __pfx_schedule_timeout+0x10/0x10
[  122.509738]  ? __pfx_process_timeout+0x10/0x10
[  122.509750]  ? 0xffffffff81000000
[  122.509757]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  122.509772]  ? prepare_to_swait_event+0xf6/0x380
[  122.509787]  rcu_gp_fqs_loop+0x1a7/0xa60
[  122.509798]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  122.509809]  ? rcu_gp_kthread+0x2ee/0x390
[  122.509820]  ? lock_release+0xc8/0x290
[  122.509832]  ? finish_swait+0xca/0x230
[  122.509843]  rcu_gp_kthread+0x289/0x390
[  122.509859]  ? lock_release+0xc8/0x290
[  122.509871]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  122.509884]  ? __kthread_parkme+0x1a7/0x250
[  122.509901]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  122.509914]  kthread+0x3c8/0x740
[  122.509925]  ? __pfx_kthread+0x10/0x10
[  122.509936]  ? ret_from_fork+0x23/0x430
[  122.509953]  ? lock_release+0xc8/0x290
[  122.509966]  ? __pfx_kthread+0x10/0x10
[  122.509977]  ret_from_fork+0x34b/0x430
[  122.509994]  ? __pfx_kthread+0x10/0x10
[  122.510005]  ret_from_fork_asm+0x1a/0x30
[  122.510022]  </TASK>
[  122.510026] Modules linked in:
[  122.510032] ---[ end trace 0000000000000000 ]---
[  122.510037] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.510052] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.510070] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.510078] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.510086] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.510093] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.510101] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.510107] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.510116] FS:  0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.510126] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.510134] CR2: 00007f19c8860ee0 CR3: 0000000043ba3000 CR4: 0000000000350ef0
[  122.510142] note: rcu_preempt[15] exited with irqs disabled
[  122.510160] note: rcu_preempt[15] exited with preempt_count 2
[  122.510289] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#3] SMP KASAN NOPTI
[  122.510301] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.510311] CPU: 1 UID: 0 PID: 252 Comm: syz-fuzzer Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.510328] Tainted: [D]=DIE, [W]=WARN
[  122.510332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.510338] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.510354] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.510365] RSP: 0018:ffff888016917700 EFLAGS: 00010013
[  122.510374] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.510381] RDX: ffff8880161f5280 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.510388] RBP: ffff888016917970 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.510396] R10: 0000000000000000 R11: 1ffff1100d9e6f7b R12: dffffc0000000000
[  122.510403] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.510412] FS:  000000c000030090(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.510423] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.510430] CR2: 00007f19c8860ee0 CR3: 000000000ecf0000 CR4: 0000000000350ef0
[  122.510438] Call Trace:
[  122.510441]  <TASK>
[  122.510445]  ? __is_insn_slot_addr+0x140/0x290
[  122.510464]  ? __pfx_perf_tp_event+0x10/0x10
[  122.510481]  ? stack_trace_save+0x8e/0xc0
[  122.510495]  ? stack_depot_save_flags+0x2c/0xa20
[  122.510507]  ? kasan_save_stack+0x34/0x50
[  122.510519]  ? kasan_save_stack+0x24/0x50
[  122.510532]  ? kasan_record_aux_stack+0x89/0xa0
[  122.510542]  ? __call_rcu_common.constprop.0+0x70/0x960
[  122.510555]  ? put_task_struct_rcu_user+0x75/0xc0
[  122.510568]  ? trace_sched_set_need_resched_tp+0xd4/0x110
[  122.510585]  ? css_rstat_updated+0x1b8/0x4d0
[  122.510603]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.510618]  perf_trace_run_bpf_submit+0xef/0x180
[  122.510634]  perf_trace_preemptirq_template+0x259/0x430
[  122.510653]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.510671]  ? update_load_avg+0x17d/0x1ef0
[  122.510682]  ? lock_is_held_type+0x9e/0x120
[  122.510698]  ? lock_acquire+0x18c/0x2f0
[  122.510711]  ? finish_task_switch.isra.0+0x206/0x840
[  122.510728]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.510739]  trace_hardirqs_on+0x26/0x40
[  122.510748]  finish_task_switch.isra.0+0x206/0x840
[  122.510767]  __schedule+0xe86/0x3590
[  122.510782]  ? __pfx___schedule+0x10/0x10
[  122.510796]  ? lock_acquire+0x15e/0x2f0
[  122.510808]  ? find_held_lock+0x2b/0x80
[  122.510824]  ? schedule+0x2c7/0x390
[  122.510837]  ? lock_release+0xc8/0x290
[  122.510851]  schedule+0xdb/0x390
[  122.510868]  do_nanosleep+0x15e/0x560
[  122.510881]  ? __pfx_do_nanosleep+0x10/0x10
[  122.510893]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  122.510906]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  122.510922]  ? __hrtimer_setup+0x1a4/0x2c0
[  122.510938]  hrtimer_nanosleep+0x13a/0x340
[  122.510948]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  122.510960]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  122.510976]  ? __pfx_get_timespec64+0x10/0x10
[  122.510990]  ? __x64_sys_futex+0x1c9/0x4d0
[  122.511003]  ? __x64_sys_futex+0x1d2/0x4d0
[  122.511016]  __x64_sys_nanosleep+0x212/0x2a0
[  122.511027]  ? __pfx___x64_sys_nanosleep+0x10/0x10
[  122.511039]  do_syscall_64+0xbf/0x360
[  122.511049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.511060] RIP: 0033:0x465f2d
[  122.511068] Code: 8b 44 24 20 b9 40 42 0f 00 f7 f1 48 89 04 24 b8 e8 03 00 00 f7 e2 48 89 44 24 08 48 89 e7 be 00 00 00 00 b8 23 00 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc cc cc cc b8 ba 00
[  122.511081] RSP: 002b:000000c00003ff18 EFLAGS: 00000212 ORIG_RAX: 0000000000000023
[  122.511092] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000465f2d
[  122.511099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00003ff18
[  122.511106] RBP: 000000c00003ff28 R08: 000000000000290f R09: 00007f5e18178000
[  122.511113] R10: 00007f5e18178010 R11: 0000000000000212 R12: 0000000000438880
[  122.511120] R13: 0000000000000000 R14: 0000000000e5de2c R15: 0000000000000000
[  122.511131]  </TASK>
[  122.511134] Modules linked in:
[  122.511141] ---[ end trace 0000000000000000 ]---
[  122.511145] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.511160] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.511170] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.511179] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.511186] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.511194] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.511201] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.511208] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.511217] FS:  000000c000030090(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.511227] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.511235] CR2: 00007f19c8860ee0 CR3: 000000000ecf0000 CR4: 0000000000350ef0
[  122.511243] note: syz-fuzzer[252] exited with irqs disabled
[  122.511270] note: syz-fuzzer[252] exited with preempt_count 2
[  122.511344] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#4] SMP KASAN NOPTI
[  122.511355] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.511366] CPU: 1 UID: 0 PID: 245 Comm: sshd Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.511383] Tainted: [D]=DIE, [W]=WARN
[  122.511387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.511393] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.511408] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.511419] RSP: 0018:ffff88801880f080 EFLAGS: 00010013
[  122.511428] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.511435] RDX: ffff88801b911b80 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.511442] RBP: ffff88801880f2f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.511450] R10: 0000000000000000 R11: 1ffff1100d9e6f7b R12: dffffc0000000000
[  122.511457] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.511466] FS:  00007f384016e900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.511477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.511484] CR2: 00007f19c8860ee0 CR3: 00000000200fe000 CR4: 0000000000350ef0
[  122.511492] Call Trace:
[  122.511495]  <TASK>
[  122.511502]  ? __pfx_perf_tp_event+0x10/0x10
[  122.511520]  ? __lock_acquire+0x694/0x1b70
[  122.511536]  ? __lock_acquire+0x694/0x1b70
[  122.511549]  ? __lock_acquire+0x694/0x1b70
[  122.511563]  ? css_rstat_updated+0x1b8/0x4d0
[  122.511579]  ? __pfx_css_rstat_updated+0x10/0x10
[  122.511595]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.511610]  perf_trace_run_bpf_submit+0xef/0x180
[  122.511626]  perf_trace_preemptirq_template+0x259/0x430
[  122.511645]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.511664]  ? update_load_avg+0x17d/0x1ef0
[  122.511675]  ? lock_is_held_type+0x9e/0x120
[  122.511690]  ? lock_acquire+0x18c/0x2f0
[  122.511703]  ? finish_task_switch.isra.0+0x206/0x840
[  122.511720]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.511731]  trace_hardirqs_on+0x26/0x40
[  122.511741]  finish_task_switch.isra.0+0x206/0x840
[  122.511759]  __schedule+0xe86/0x3590
[  122.511774]  ? __pfx___schedule+0x10/0x10
[  122.511788]  ? lock_acquire+0x15e/0x2f0
[  122.511801]  ? find_held_lock+0x2b/0x80
[  122.511816]  ? schedule+0x2c7/0x390
[  122.511830]  ? lock_release+0xc8/0x290
[  122.511842]  schedule+0xdb/0x390
[  122.511860]  schedule_hrtimeout_range_clock+0x2d0/0x310
[  122.511874]  ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[  122.511888]  ? lock_release+0xc8/0x290
[  122.511900]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.511911]  ? _raw_spin_unlock_irqrestore+0x2c/0x50
[  122.511925]  ? __pollwait+0x27b/0x4a0
[  122.511941]  ? do_select+0x110/0x17a0
[  122.511959]  poll_schedule_timeout.constprop.0+0xc4/0x1c0
[  122.511978]  do_select+0x1353/0x17a0
[  122.512000]  ? __pfx_do_select+0x10/0x10
[  122.512016]  ? find_held_lock+0x2b/0x80
[  122.512032]  ? __virt_addr_valid+0x2e8/0x5d0
[  122.512050]  ? __pfx_pollwake+0x10/0x10
[  122.512067]  ? __pfx_pollwake+0x10/0x10
[  122.512084]  ? __pfx_pollwake+0x10/0x10
[  122.512101]  ? __pfx_pollwake+0x10/0x10
[  122.512118]  ? __pfx_pollwake+0x10/0x10
[  122.512135]  ? __pfx_pollwake+0x10/0x10
[  122.512152]  ? __pfx_pollwake+0x10/0x10
[  122.512169]  ? lock_acquire+0x15e/0x2f0
[  122.512181]  ? __might_fault+0xe0/0x190
[  122.512194]  ? find_held_lock+0x2b/0x80
[  122.512210]  ? __might_fault+0x138/0x190
[  122.512222]  ? lock_release+0xc8/0x290
[  122.512234]  ? __might_fault+0xe0/0x190
[  122.512248]  ? __asan_memset+0x24/0x50
[  122.512260]  core_sys_select+0x599/0x900
[  122.512271]  ? __pfx_core_sys_select+0x10/0x10
[  122.512281]  ? lock_is_held_type+0x9e/0x120
[  122.512298]  ? security_file_permission+0x22/0x90
[  122.512317]  ? vfs_write+0x169/0x1150
[  122.512329]  ? __pfx_sock_write_iter+0x10/0x10
[  122.512342]  ? __pfx_vfs_write+0x10/0x10
[  122.512354]  ? _raw_spin_unlock_irq+0x23/0x40
[  122.512367]  ? sigprocmask+0xf0/0x340
[  122.512382]  kern_select+0x13c/0x1c0
[  122.512392]  ? __pfx_kern_select+0x10/0x10
[  122.512402]  ? ksys_write+0x1a3/0x240
[  122.512413]  ? __pfx_ksys_write+0x10/0x10
[  122.512424]  ? lock_release+0xc8/0x290
[  122.512436]  __x64_sys_select+0xbe/0x160
[  122.512447]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.512458]  do_syscall_64+0xbf/0x360
[  122.512468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.512479] RIP: 0033:0x7f3840657866
[  122.512487] Code: 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 17 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 62 c3 90 48 83 ec 38 4c 89 44 24 28 48 89 54
[  122.512497] RSP: 002b:00007ffd24a55078 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  122.512507] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3840657866
[  122.512514] RDX: 0000561c6d6b0490 RSI: 0000561c6d6afa10 RDI: 000000000000000f
[  122.512522] RBP: 0000561c6d6b4f00 R08: 0000000000000000 R09: 0000000000002500
[  122.512529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000561c59a76768
[  122.512535] R13: 0000000000000000 R14: 0000000000000004 R15: 0000561c59a2ba80
[  122.512546]  </TASK>
[  122.512549] Modules linked in:
[  122.512556] ---[ end trace 0000000000000000 ]---
[  122.512560] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.512575] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.512585] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.512594] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.512601] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.512609] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.512616] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.512623] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.512632] FS:  00007f384016e900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.512642] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.512650] CR2: 00007f19c8860ee0 CR3: 00000000200fe000 CR4: 0000000000350ef0
[  122.512658] note: sshd[245] exited with irqs disabled
[  122.512682] note: sshd[245] exited with preempt_count 2
[  122.512700] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#5] SMP KASAN NOPTI
[  122.512711] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.512721] CPU: 1 UID: 0 PID: 114 Comm: systemd-udevd Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.512738] Tainted: [D]=DIE, [W]=WARN
[  122.512742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.512748] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.512764] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.512775] RSP: 0018:ffff888016b97940 EFLAGS: 00010013
[  122.512783] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.512791] RDX: ffff888015710000 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.512798] RBP: ffff888016b97bb0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.512805] R10: 0000000000000000 R11: ffff88801b912038 R12: dffffc0000000000
[  122.512813] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.512821] FS:  00007f8a47bf98c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.512832] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.512839] CR2: 00007f19c8860ee0 CR3: 000000000e40f000 CR4: 0000000000350ef0
[  122.512847] Call Trace:
[  122.512850]  <TASK>
[  122.512858]  ? kernel_text_address+0x5b/0xc0
[  122.512873]  ? __pfx_perf_tp_event+0x10/0x10
[  122.512889]  ? stack_trace_save+0x8e/0xc0
[  122.512902]  ? stack_depot_save_flags+0x2c/0xa20
[  122.512914]  ? kasan_save_stack+0x34/0x50
[  122.512927]  ? kasan_save_stack+0x24/0x50
[  122.512940]  ? kasan_save_track+0x14/0x30
[  122.512952]  ? __kasan_save_free_info+0x3a/0x60
[  122.512966]  ? __kasan_slab_free+0x3f/0x50
[  122.512979]  ? kmem_cache_free+0x2a1/0x540
[  122.512989]  ? putname.part.0+0x11b/0x160
[  122.513002]  ? putname+0x3c/0x50
[  122.513015]  ? do_sys_openat2+0x13c/0x1b0
[  122.513030]  ? __x64_sys_openat+0x142/0x200
[  122.513046]  ? do_syscall_64+0xbf/0x360
[  122.513055]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.513067]  ? __lock_acquire+0x694/0x1b70
[  122.513079]  ? __lock_acquire+0x622/0x1b70
[  122.513092]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.513107]  ? lock_is_held_type+0x9e/0x120
[  122.513122]  perf_trace_run_bpf_submit+0xef/0x180
[  122.513138]  perf_trace_preemptirq_template+0x259/0x430
[  122.513157]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.513175]  ? update_load_avg+0x17d/0x1ef0
[  122.513187]  ? lock_is_held_type+0x9e/0x120
[  122.513202]  ? lock_acquire+0x18c/0x2f0
[  122.513215]  ? finish_task_switch.isra.0+0x206/0x840
[  122.513231]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.513243]  trace_hardirqs_on+0x26/0x40
[  122.513252]  finish_task_switch.isra.0+0x206/0x840
[  122.513270]  __schedule+0xe86/0x3590
[  122.513286]  ? __pfx___schedule+0x10/0x10
[  122.513299]  ? __pfx___seccomp_filter+0x10/0x10
[  122.513314]  ? __x64_sys_openat+0x142/0x200
[  122.513330]  ? __pfx___x64_sys_openat+0x10/0x10
[  122.513345]  ? __pfx_fput_close_sync+0x10/0x10
[  122.513362]  schedule+0xdb/0x390
[  122.513375]  exit_to_user_mode_loop+0x69/0x110
[  122.513387]  do_syscall_64+0x2f7/0x360
[  122.513397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.513408] RIP: 0033:0x7f8a480a8d62
[  122.513416] Code: c0 f6 c2 40 75 52 89 d0 45 31 d2 25 00 00 41 00 3d 00 00 41 00 74 41 64 8b 04 25 18 00 00 00 85 c0 75 65 b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 a2 00 00 00 48 8b 4c 24 38 64 48 2b 0c 25
[  122.513427] RSP: 002b:00007ffe8bbc60d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  122.513437] RAX: 0000000000000011 RBX: 0000000000000001 RCX: 00007f8a480a8d62
[  122.513444] RDX: 00000000002a0000 RSI: 0000557670836881 RDI: 0000000000000010
[  122.513451] RBP: 0000557670836880 R08: 0000557647cd58f0 R09: 0000000000000011
[  122.513458] R10: 0000000000000000 R11: 0000000000000246 R12: 000055767084f3e0
[  122.513465] R13: 0000000000000010 R14: 0000000000000006 R15: 0000557670836881
[  122.513476]  </TASK>
[  122.513479] Modules linked in:
[  122.513486] ---[ end trace 0000000000000000 ]---
[  122.513490] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.513505] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.513515] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.513524] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.513531] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.513538] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.513546] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.513553] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.513561] FS:  00007f8a47bf98c0(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.513572] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.513579] CR2: 00007f19c8860ee0 CR3: 000000000e40f000 CR4: 0000000000350ef0
[  122.513587] note: systemd-udevd[114] exited with irqs disabled
[  122.513613] note: systemd-udevd[114] exited with preempt_count 2
[  122.513632] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#6] SMP KASAN NOPTI
[  122.513643] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.513653] CPU: 1 UID: 0 PID: 97 Comm: systemd-journal Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.513671] Tainted: [D]=DIE, [W]=WARN
[  122.513675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.513680] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.513697] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.513707] RSP: 0018:ffff88801576f3c0 EFLAGS: 00010013
[  122.513716] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.513723] RDX: ffff88801605d280 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.513731] RBP: ffff88801576f630 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.513738] R10: 0000000000000000 R11: ffff8880157104b8 R12: dffffc0000000000
[  122.513745] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.513754] FS:  00007f19c9396900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.513765] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.513772] CR2: 00007f19c8860ee0 CR3: 000000000e473000 CR4: 0000000000350ef0
[  122.513779] Call Trace:
[  122.513783]  <TASK>
[  122.513789]  ? __pfx_perf_tp_event+0x10/0x10
[  122.513805]  ? lock_acquire+0x15e/0x2f0
[  122.513817]  ? __is_insn_slot_addr+0x2e/0x290
[  122.513833]  ? find_held_lock+0x2b/0x80
[  122.513849]  ? __is_insn_slot_addr+0x136/0x290
[  122.513869]  ? lock_release+0xc8/0x290
[  122.513882]  ? __is_insn_slot_addr+0x140/0x290
[  122.513899]  ? kernel_text_address+0x5b/0xc0
[  122.513912]  ? __kernel_text_address+0xd/0x40
[  122.513925]  ? unwind_get_return_address+0x59/0xa0
[  122.513942]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  122.513956]  ? arch_stack_walk+0x9c/0xf0
[  122.513968]  ? __lock_acquire+0x694/0x1b70
[  122.513980]  ? trace_pelt_se_tp+0xdf/0x130
[  122.513992]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.514008]  perf_trace_run_bpf_submit+0xef/0x180
[  122.514024]  perf_trace_preemptirq_template+0x259/0x430
[  122.514043]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.514069]  ? update_load_avg+0x17d/0x1ef0
[  122.514080]  ? lock_is_held_type+0x9e/0x120
[  122.514095]  ? lock_acquire+0x18c/0x2f0
[  122.514108]  ? finish_task_switch.isra.0+0x206/0x840
[  122.514125]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.514136]  trace_hardirqs_on+0x26/0x40
[  122.514146]  finish_task_switch.isra.0+0x206/0x840
[  122.514164]  __schedule+0xe86/0x3590
[  122.514179]  ? __pfx___schedule+0x10/0x10
[  122.514194]  ? find_held_lock+0x2b/0x80
[  122.514209]  ? lockref_get_not_dead+0x6a/0x80
[  122.514225]  __cond_resched+0x4c/0x80
[  122.514239]  down_read+0x79/0x470
[  122.514249]  ? try_to_unlazy+0x2ab/0x660
[  122.514265]  ? __pfx_down_read+0x10/0x10
[  122.514275]  ? lookup_fast+0x14f/0x5e0
[  122.514293]  walk_component+0x33b/0x5b0
[  122.514310]  link_path_walk+0x62b/0xe20
[  122.514329]  path_openat+0x22e/0x2880
[  122.514342]  ? __lock_acquire+0x694/0x1b70
[  122.514354]  ? __pfx_path_openat+0x10/0x10
[  122.514367]  do_filp_open+0x1e8/0x450
[  122.514378]  ? __pfx_do_filp_open+0x10/0x10
[  122.514392]  ? find_held_lock+0x2b/0x80
[  122.514407]  ? alloc_fd+0x2c1/0x560
[  122.514416]  ? lock_release+0xc8/0x290
[  122.514429]  ? _raw_spin_unlock+0x1e/0x40
[  122.514442]  ? alloc_fd+0x2c1/0x560
[  122.514453]  do_sys_openat2+0x104/0x1b0
[  122.514468]  ? __pfx_do_sys_openat2+0x10/0x10
[  122.514485]  ? __pfx___seccomp_filter+0x10/0x10
[  122.514500]  __x64_sys_openat+0x142/0x200
[  122.514516]  ? __pfx___x64_sys_openat+0x10/0x10
[  122.514531]  ? ksys_read+0x1a3/0x240
[  122.514543]  ? __secure_computing+0x18d/0x290
[  122.514558]  do_syscall_64+0xbf/0x360
[  122.514568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.514579] RIP: 0033:0x7f19c9c4fc64
[  122.514587] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 36 61 f9 ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 68 61 f9 ff 8b 44
[  122.514597] RSP: 002b:00007ffd0ae35460 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  122.514608] RAX: ffffffffffffffda RBX: 000055c569f8ed60 RCX: 00007f19c9c4fc64
[  122.514615] RDX: 0000000000080802 RSI: 000055c569fc3f50 RDI: 00000000ffffff9c
[  122.514622] RBP: 000055c569fc3f50 R08: 0000000000000000 R09: ffffffffffffff01
[  122.514630] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000080802
[  122.514636] R13: 00000000fffffffa R14: 000055c569f955b0 R15: 0000000000000002
[  122.514647]  </TASK>
[  122.514650] Modules linked in:
[  122.514657] ---[ end trace 0000000000000000 ]---
[  122.514661] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.514676] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.514686] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.514695] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.514702] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.514709] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.514717] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.514724] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.514732] FS:  00007f19c9396900(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.514743] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.514750] CR2: 00007f19c8860ee0 CR3: 000000000e473000 CR4: 0000000000350ef0
[  122.514758] note: systemd-journal[97] exited with irqs disabled
[  122.514777] note: systemd-journal[97] exited with preempt_count 2
[  122.516882] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#7] SMP KASAN NOPTI
[  122.516894] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.516905] CPU: 1 UID: 0 PID: 3987 Comm: syz-executor.7 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.516922] Tainted: [D]=DIE, [W]=WARN
[  122.516926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.516933] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.516949] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.516959] RSP: 0018:ffff88801676f540 EFLAGS: 00010013
[  122.516969] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.516976] RDX: ffff888017a9d280 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.516983] RBP: ffff88801676f7b0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.516991] R10: 0000000000000000 R11: ffff88801b912038 R12: dffffc0000000000
[  122.516998] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.517007] FS:  000055556886d400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.517017] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.517025] CR2: 00007f19c8860ee0 CR3: 000000001e2a5000 CR4: 0000000000350ef0
[  122.517032] Call Trace:
[  122.517036]  <TASK>
[  122.517042]  ? __pfx_perf_tp_event+0x10/0x10
[  122.517059]  ? lock_acquire+0x15e/0x2f0
[  122.517071]  ? __is_insn_slot_addr+0x2e/0x290
[  122.517087]  ? find_held_lock+0x2b/0x80
[  122.517103]  ? __is_insn_slot_addr+0x136/0x290
[  122.517119]  ? lock_release+0xc8/0x290
[  122.517132]  ? __is_insn_slot_addr+0x140/0x290
[  122.517149]  ? kernel_text_address+0x5b/0xc0
[  122.517163]  ? css_rstat_updated+0x1b8/0x4d0
[  122.517180]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.517195]  perf_trace_run_bpf_submit+0xef/0x180
[  122.517211]  perf_trace_preemptirq_template+0x259/0x430
[  122.517230]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.517249]  ? update_load_avg+0x17d/0x1ef0
[  122.517260]  ? lock_is_held_type+0x9e/0x120
[  122.517275]  ? lock_acquire+0x18c/0x2f0
[  122.517288]  ? finish_task_switch.isra.0+0x206/0x840
[  122.517305]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.517316]  trace_hardirqs_on+0x26/0x40
[  122.517326]  finish_task_switch.isra.0+0x206/0x840
[  122.517345]  __schedule+0xe86/0x3590
[  122.517360]  ? __pfx___schedule+0x10/0x10
[  122.517374]  ? lock_acquire+0x15e/0x2f0
[  122.517387]  ? find_held_lock+0x2b/0x80
[  122.517402]  ? schedule+0x2c7/0x390
[  122.517415]  ? lock_release+0xc8/0x290
[  122.517428]  schedule+0xdb/0x390
[  122.517442]  futex_do_wait+0x88/0x180
[  122.517456]  __futex_wait+0x176/0x300
[  122.517471]  ? __pfx___futex_wait+0x10/0x10
[  122.517487]  ? __pfx_futex_wake_mark+0x10/0x10
[  122.517503]  ? __hrtimer_setup+0x1a4/0x2c0
[  122.517520]  ? ktime_add_safe+0x5f/0x70
[  122.517536]  futex_wait+0xde/0x380
[  122.517550]  ? __pfx_futex_wait+0x10/0x10
[  122.517566]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  122.517582]  ? lock_release+0xc8/0x290
[  122.517595]  do_futex+0x2ee/0x370
[  122.517608]  ? __pfx_do_futex+0x10/0x10
[  122.517620]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.517631]  ? read_tsc+0x9/0x20
[  122.517645]  __x64_sys_futex+0x1c9/0x4d0
[  122.517659]  ? __pfx___x64_sys_futex+0x10/0x10
[  122.517673]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.517685]  do_syscall_64+0xbf/0x360
[  122.517695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.517706] RIP: 0033:0x7f7e8badbb19
[  122.517715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.517725] RSP: 002b:00007ffd362bc648 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.517735] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f7e8badbb19
[  122.517743] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e8bbeef6c
[  122.517750] RBP: 00007f7e8bbeef6c R08: 00007f7e8bbcb000 R09: 0000000000000000
[  122.517757] R10: 00007ffd362bc720 R11: 0000000000000246 R12: 000000000001ddf1
[  122.517764] R13: 00000000000003e8 R14: 00007f7e8bbeef60 R15: 000000000001ddf0
[  122.517774]  </TASK>
[  122.517778] Modules linked in:
[  122.517784] ---[ end trace 0000000000000000 ]---
[  122.517789] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.517803] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.517814] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.517822] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.517829] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.517837] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.517844] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.517851] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.517864] FS:  000055556886d400(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.517875] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.517882] CR2: 00007f19c8860ee0 CR3: 000000001e2a5000 CR4: 0000000000350ef0
[  122.517891] note: syz-executor.7[3987] exited with irqs disabled
[  122.517911] note: syz-executor.7[3987] exited with preempt_count 2
[  122.518902] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#8] SMP KASAN NOPTI
[  122.518915] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.518926] CPU: 1 UID: 0 PID: 58 Comm: kworker/1:2 Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.518943] Tainted: [D]=DIE, [W]=WARN
[  122.518947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.518954] Workqueue:  0x0 (events_freezable_pwr_efficient)
[  122.518969] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.518985] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.518995] RSP: 0018:ffff88800f29f800 EFLAGS: 00010013
[  122.519004] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.519011] RDX: ffff88800f1f3700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.519019] RBP: ffff88800f29fa70 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.519026] R10: 0000000000000000 R11: ffff88801605d738 R12: dffffc0000000000
[  122.519034] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.519042] FS:  0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.519053] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.519060] CR2: 00007f19c8860ee0 CR3: 0000000005a88000 CR4: 0000000000350ef0
[  122.519068] Call Trace:
[  122.519071]  <TASK>
[  122.519077]  ? __pfx_perf_tp_event+0x10/0x10
[  122.519092]  ? percpu_ref_put_many.constprop.0+0x23/0x2a0
[  122.519111]  ? find_held_lock+0x2b/0x80
[  122.519127]  ? __lock_acquire+0xc65/0x1b70
[  122.519141]  ? blk_mq_free_request+0x28f/0x490
[  122.519157]  ? do_raw_spin_lock+0x123/0x260
[  122.519171]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  122.519186]  ? __kasan_slab_free+0x3f/0x50
[  122.519201]  ? find_held_lock+0x2b/0x80
[  122.519216]  ? __mod_timer+0x86f/0xcc0
[  122.519231]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.519245]  ? sched_clock+0x37/0x60
[  122.519260]  ? sched_clock_cpu+0x6c/0x4e0
[  122.519273]  ? lock_is_held_type+0x9e/0x120
[  122.519288]  perf_trace_run_bpf_submit+0xef/0x180
[  122.519304]  perf_trace_preemptirq_template+0x259/0x430
[  122.519323]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.519342]  ? update_load_avg+0x17d/0x1ef0
[  122.519353]  ? lock_is_held_type+0x9e/0x120
[  122.519368]  ? lock_acquire+0x18c/0x2f0
[  122.519381]  ? finish_task_switch.isra.0+0x206/0x840
[  122.519398]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.519409]  trace_hardirqs_on+0x26/0x40
[  122.519418]  finish_task_switch.isra.0+0x206/0x840
[  122.519437]  __schedule+0xe86/0x3590
[  122.519452]  ? __pfx___schedule+0x10/0x10
[  122.519466]  ? lock_acquire+0x15e/0x2f0
[  122.519479]  ? find_held_lock+0x2b/0x80
[  122.519494]  ? schedule+0x2c7/0x390
[  122.519507]  ? lock_release+0xc8/0x290
[  122.519520]  schedule+0xdb/0x390
[  122.519533]  ? worker_thread+0xfd/0xe90
[  122.519546]  worker_thread+0x156/0xe90
[  122.519559]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.519572]  ? __pfx_worker_thread+0x10/0x10
[  122.519585]  kthread+0x3c8/0x740
[  122.519596]  ? __pfx_kthread+0x10/0x10
[  122.519607]  ? ret_from_fork+0x23/0x430
[  122.519624]  ? lock_release+0xc8/0x290
[  122.519636]  ? __pfx_kthread+0x10/0x10
[  122.519647]  ret_from_fork+0x34b/0x430
[  122.519664]  ? __pfx_kthread+0x10/0x10
[  122.519675]  ret_from_fork_asm+0x1a/0x30
[  122.519692]  </TASK>
[  122.519696] Modules linked in:
[  122.519702] ---[ end trace 0000000000000000 ]---
[  122.519707] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.519721] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.519732] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.519740] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.519748] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.519755] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.519763] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.519770] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.519779] FS:  0000000000000000(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.519789] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.519796] CR2: 00007f19c8860ee0 CR3: 0000000005a88000 CR4: 0000000000350ef0
[  122.519804] note: kworker/1:2[58] exited with irqs disabled
[  122.519810] note: kworker/1:2[58] exited with preempt_count 2
[  122.519934] Oops: general protection fault, probably for non-canonical address 0xdffffc0020000031: 0000 [#9] SMP KASAN NOPTI
[  122.519946] KASAN: probably user-memory-access in range [0x0000000100000188-0x000000010000018f]
[  122.519957] CPU: 1 UID: 0 PID: 254 Comm: syz-fuzzer Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.519974] Tainted: [D]=DIE, [W]=WARN
[  122.519978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.519984] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.520000] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.520011] RSP: 0018:ffff88800e627600 EFLAGS: 00010013
[  122.520020] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.520027] RDX: ffff8880161f0000 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.520034] RBP: ffff88800e627870 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.520042] R10: 0000000000000000 R11: 1ffff1100d9e6f7b R12: dffffc0000000000
[  122.520049] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.520058] FS:  000000c000030790(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.520068] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.520075] CR2: 00007f19c8860ee0 CR3: 000000000ecf0000 CR4: 0000000000350ef0
[  122.520083] Call Trace:
[  122.520086]  <TASK>
[  122.520090]  ? __lock_acquire+0x694/0x1b70
[  122.520104]  ? __pfx_perf_tp_event+0x10/0x10
[  122.520120]  ? lock_acquire+0x15e/0x2f0
[  122.520132]  ? __is_insn_slot_addr+0x2e/0x290
[  122.520150]  ? __lock_acquire+0x694/0x1b70
[  122.520163]  ? __lock_acquire+0x694/0x1b70
[  122.520176]  ? __lock_acquire+0x694/0x1b70
[  122.520188]  ? css_rstat_updated+0x1b8/0x4d0
[  122.520205]  ? perf_trace_run_bpf_submit+0xef/0x180
[  122.520220]  perf_trace_run_bpf_submit+0xef/0x180
[  122.520237]  perf_trace_preemptirq_template+0x259/0x430
[  122.520255]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  122.520274]  ? update_load_avg+0x17d/0x1ef0
[  122.520285]  ? lock_is_held_type+0x9e/0x120
[  122.520300]  ? lock_acquire+0x18c/0x2f0
[  122.520313]  ? finish_task_switch.isra.0+0x206/0x840
[  122.520330]  trace_irq_enable.constprop.0+0xa6/0x100
[  122.520341]  trace_hardirqs_on+0x26/0x40
[  122.520351]  finish_task_switch.isra.0+0x206/0x840
[  122.520369]  __schedule+0xe86/0x3590
[  122.520384]  ? __pfx___schedule+0x10/0x10
[  122.520398]  ? lock_acquire+0x15e/0x2f0
[  122.520411]  ? find_held_lock+0x2b/0x80
[  122.520426]  ? schedule+0x2c7/0x390
[  122.520439]  ? lock_release+0xc8/0x290
[  122.520452]  schedule+0xdb/0x390
[  122.520466]  schedule_hrtimeout_range_clock+0x11f/0x310
[  122.520479]  ? __pfx_schedule_hrtimeout_range_clock+0x10/0x10
[  122.520494]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  122.520510]  ? trace_irq_enable.constprop.0+0xc2/0x100
[  122.520521]  ? read_tsc+0x9/0x20
[  122.520534]  ? ktime_get+0x16d/0x270
[  122.520546]  do_epoll_wait+0xc8d/0xee0
[  122.520561]  ? __pfx_security_kernfs_init_security+0x2/0x10
[  122.520580]  ? __pfx_do_epoll_wait+0x10/0x10
[  122.520594]  ? __pfx_ep_autoremove_wake_function+0x10/0x10
[  122.520607]  ? __pfx_timespec64_add_safe+0x10/0x10
[  122.520624]  ? lock_release+0xc8/0x290
[  122.520635]  ? set_user_sigmask+0x213/0x2a0
[  122.520650]  ? __pfx_set_user_sigmask+0x10/0x10
[  122.520666]  do_compat_epoll_pwait.part.0+0x29/0x1d0
[  122.520681]  __x64_sys_epoll_pwait+0x1de/0x320
[  122.520696]  ? __pfx___x64_sys_epoll_pwait+0x10/0x10
[  122.520711]  ? __pfx_ksys_read+0x10/0x10
[  122.520724]  do_syscall_64+0xbf/0x360
[  122.520734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.520745] RIP: 0033:0x4666e0
[  122.520752] Code: 0f 05 89 44 24 20 c3 cc cc cc 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 49 c7 c0 00 00 00 00 b8 19 01 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc cc cc cc cc cc cc cc 8b 7c 24 08 48 c7
[  122.520763] RSP: 002b:000000c00003b7f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000119
[  122.520773] RAX: ffffffffffffffda RBX: 00000000000000b2 RCX: 00000000004666e0
[  122.520780] RDX: 0000000000000080 RSI: 000000c00003b840 RDI: 0000000000000003
[  122.520787] RBP: 000000c00003be40 R08: 0000000000000000 R09: 0000000000000000
[  122.520794] R10: 00000000000000b2 R11: 0000000000000246 R12: 0000000000000003
[  122.520801] R13: 000000c000000f00 R14: 000000c0005acd80 R15: 0000000000000000
[  122.520811]  </TASK>
[  122.520815] Modules linked in:
[  122.520821] ---[ end trace 0000000000000000 ]---
[  122.520826] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.520840] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.520851] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.520864] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.520871] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.520878] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.520886] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.520893] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.520901] FS:  000000c000030790(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.520911] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.520919] CR2: 00007f19c8860ee0 CR3: 000000000ecf0000 CR4: 0000000000350ef0
[  122.520927] note: syz-fuzzer[254] exited with irqs disabled
[  122.520954] Oops: general protection fault, probably for non-canonical address 0xe901008880691bff: 0000 [#10] SMP KASAN NOPTI
[  122.520967] KASAN: maybe wild-memory-access in range [0x480824440348dff8-0x480824440348dfff]
[  122.520978] CPU: 1 UID: 0 PID: 254 Comm: syz-fuzzer Tainted: G      D W           6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) 
[  122.520995] Tainted: [D]=DIE, [W]=WARN
[  122.520999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  122.521004] RIP: 0010:rb_insert_color+0x95/0x7a0
[  122.521022] Code: 89 f8 48 c1 e8 03 42 80 3c 28 00 0f 85 ff 04 00 00 4c 8b 75 08 49 39 de 0f 84 6e 01 00 00 4d 85 f6 74 1c 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 0f 85 14 05 00 00 41 f6 06 01 0f 84 3d 04 00 00 48
[  122.521032] RSP: 0018:ffff88806cf08da8 EFLAGS: 00010017
[  122.521041] RAX: 0901048880691bff RBX: ffff88800e627c00 RCX: ffffffff84b7c643
[  122.521048] RDX: 1ffff1100d9e513b RSI: ffff88806cf28150 RDI: ffffffff81545a2c
[  122.521055] RBP: ffffffff81545a24 R08: 0000000000000000 R09: fffffbfff0c8758a
[  122.521062] R10: 0000000000000000 R11: ffff88806cf37018 R12: ffff88806cf289d8
[  122.521068] R13: dffffc0000000000 R14: 480824440348dfff R15: ffff88800e627c08
[  122.521077] FS:  000000c000030790(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.521087] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.521094] CR2: 00007f19c8860ee0 CR3: 000000000ecf0000 CR4: 0000000000350ef0
[  122.521101] Call Trace:
[  122.521105]  <IRQ>
[  122.521108]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  122.521123]  timerqueue_add+0x1bd/0x330
[  122.521135]  __hrtimer_run_queues+0x954/0xac0
[  122.521153]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  122.521169]  ? ktime_get_update_offsets_now+0x252/0x3c0
[  122.521184]  hrtimer_interrupt+0x369/0x830
[  122.521196]  __sysvec_apic_timer_interrupt+0xbb/0x330
[  122.521211]  sysvec_apic_timer_interrupt+0x6b/0x80
[  122.521224]  </IRQ>
[  122.521228]  <TASK>
[  122.521231]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  122.521242] RIP: 0010:make_task_dead+0xa2/0x3b0
[  122.521254] Code: 38 00 85 db 0f 84 21 01 00 00 e8 d9 96 38 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 27 92 38 00 48 85 db 0f 84 17 01 00 00 <e8> b9 96 38 00 31 ff 65 8b 1d 60 df 48 06 81 e3 ff ff ff 7f 89 de
[  122.521264] RSP: 0018:ffff88800e627f28 EFLAGS: 00000246
[  122.521273] RAX: 0000000000000001 RBX: ffff8880161f0000 RCX: ffffffff817c2b86
[  122.521279] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff813b5234
[  122.521286] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  122.521292] R10: ffffffff8643ac57 R11: 0000000000000001 R12: ffff8880161f0000
[  122.521299] R13: 0000000000000000 R14: dffffc0020000031 R15: 0000000000000000
[  122.521307]  ? trace_irq_enable.constprop.0+0x26/0x100
[  122.521318]  ? make_task_dead+0x214/0x3b0
[  122.521330]  ? make_task_dead+0x214/0x3b0
[  122.521341]  ? do_syscall_64+0xbf/0x360
[  122.521351]  rewind_stack_and_make_dead+0x16/0x20
[  122.521364] RIP: 0033:0x4666e0
[  122.521371] Code: 0f 05 89 44 24 20 c3 cc cc cc 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 49 c7 c0 00 00 00 00 b8 19 01 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc cc cc cc cc cc cc cc 8b 7c 24 08 48 c7
[  122.521381] RSP: 002b:000000c00003b7f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000119
[  122.521391] RAX: ffffffffffffffda RBX: 00000000000000b2 RCX: 00000000004666e0
[  122.521398] RDX: 0000000000000080 RSI: 000000c00003b840 RDI: 0000000000000003
[  122.521404] RBP: 000000c00003be40 R08: 0000000000000000 R09: 0000000000000000
[  122.521411] R10: 00000000000000b2 R11: 0000000000000246 R12: 0000000000000003
[  122.521417] R13: 000000c000000f00 R14: 000000c0005acd80 R15: 0000000000000000
[  122.521427]  </TASK>
[  122.521430] Modules linked in:
[  122.521437] ---[ end trace 0000000000000000 ]---
[  122.521441] RIP: 0010:perf_tp_event+0x175/0xe70
[  122.521455] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[  122.521465] RSP: 0018:ffff88801552f380 EFLAGS: 00010013
[  122.521473] RAX: 0000000020000031 RBX: 00000000ffffff9f RCX: 0000000000000002
[  122.521479] RDX: ffff88800e793700 RSI: ffffffff818995b7 RDI: 000000010000018f
[  122.521486] RBP: ffff88801552f5f0 R08: ffff88806cf31340 R09: ffffe8ffffd166b8
[  122.521493] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[  122.521499] R13: 0000000000000014 R14: ffff88806cf31340 R15: dffffc0000000000
[  122.521508] FS:  000000c000030790(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[  122.521517] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.521524] CR2: 00007f19c8860ee0 CR3: 000000000ecf0000 CR4: 0000000000350ef0
[  122.521533] Kernel panic - not syncing: Fatal exception in interrupt
[  122.521729] Kernel Offset: disabled
[  122.941434] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

VM DIAGNOSIS:
11:16:19  Registers:
info registers vcpu 0
RAX=00000000000022b2 RBX=000000000000b6b8 RCX=000000000000b6b8 RDX=0000000000005a66
RSI=ffff88806ce37028 RDI=ffff88806ce37028 RBP=ffff88806ce36f80 RSP=ffff88806ce08d00
R8 =0000000000558000 R9 =0000000000072000 R10=ffffffff8643ac57 R11=ffff88806ce37018
R12=0000000000000001 R13=ffff88806ce3701c R14=000000000000018e R15=000000000000000c
RIP=ffffffff814d259d RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8457462900 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe4000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f19c8791688 CR3=000000000c986000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=000055ca1ca21f10000000000000018a
XMM02=ffffffffffffffffffffff0f0e0d0c0b XMM03=00000000000000210000000000000000
XMM04=0000000100000000000055ca1ca45d50 XMM05=00000000000000000000000000000000
XMM06=000055ca1ca54e40ffffffff00000004 XMM07=00000000000000000000000000000000
XMM08=000000000000005000000000000000c0 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff867f95b2 RDX=1ffff1100d9e101d
RSI=1ffff1100d9e101f RDI=1ffff1100d9e101f RBP=ffff88806cf080f8 RSP=ffff88806cf08030
R8 =ffffffff867f95b6 R9 =ffff88806cf080e0 R10=000000000003be53 R11=000000000000a8e5
R12=ffff88806cf08100 R13=ffff88806cf080e8 R14=ffff888016957f10 R15=ffff88806cf080a0
RIP=ffffffff81358f81 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000055555df54400 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055555df5dc58 CR3=0000000034823000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000