Warning: Permanently added '[localhost]:5827' (ECDSA) to the list of known hosts.
2025/09/01 08:08:52 fuzzer started
2025/09/01 08:08:52 dialing manager at localhost:35473
syzkaller login: [ 50.527719] cgroup: Unknown subsys name 'net'
[ 50.573731] cgroup: Unknown subsys name 'cpuset'
[ 50.587243] cgroup: Unknown subsys name 'rlimit'
2025/09/01 08:09:02 syscalls: 2214
2025/09/01 08:09:02 code coverage: enabled
2025/09/01 08:09:02 comparison tracing: enabled
2025/09/01 08:09:02 extra coverage: enabled
2025/09/01 08:09:02 setuid sandbox: enabled
2025/09/01 08:09:02 namespace sandbox: enabled
2025/09/01 08:09:02 Android sandbox: enabled
2025/09/01 08:09:02 fault injection: enabled
2025/09/01 08:09:02 leak checking: enabled
2025/09/01 08:09:02 net packet injection: enabled
2025/09/01 08:09:02 net device setup: enabled
2025/09/01 08:09:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/09/01 08:09:02 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/09/01 08:09:02 USB emulation: enabled
2025/09/01 08:09:02 hci packet injection: enabled
2025/09/01 08:09:02 wifi device emulation: enabled
2025/09/01 08:09:02 802.15.4 emulation: enabled
2025/09/01 08:09:03 fetching corpus: 0, signal 0/2000 (executing program)
2025/09/01 08:09:03 fetching corpus: 50, signal 31484/33281 (executing program)
2025/09/01 08:09:03 fetching corpus: 100, signal 44603/45945 (executing program)
2025/09/01 08:09:03 fetching corpus: 150, signal 50764/51720 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56305 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56366 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56429 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56483 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56538 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56602 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56661 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56724 (executing program)
2025/09/01 08:09:03 fetching corpus: 192, signal 56029/56787 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/56842 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/56894 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/56950 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57003 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57052 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57118 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57172 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57217 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57268 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57313 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57373 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57425 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57476 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57521 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57581 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57613 (executing program)
2025/09/01 08:09:04 fetching corpus: 192, signal 56029/57613 (executing program)
2025/09/01 08:09:06 starting 8 fuzzer processes
08:09:06 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0)
08:09:06 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
08:09:06 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
08:09:06 executing program 2:
socket$inet6(0xa, 0x0, 0x0)
08:09:06 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_netdev_private(r0, 0x89f6, &(0x7f0000000380)="a809f43a")
08:09:06 executing program 3:
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000440)={0x98, 0x79}, 0x20)
08:09:06 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
[ 64.465904] audit: type=1400 audit(1756714146.661:7): avc: denied { execmem } for pid=272 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
08:09:06 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0xa, 0x0, &(0x7f0000000140))
[ 65.642925] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 65.645513] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 65.647639] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 65.657739] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 65.663835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 65.667121] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 65.674570] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 65.674628] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 65.680426] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 65.683280] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 65.848376] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 65.850843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 65.858848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 65.860776] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 65.864795] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 65.865897] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 65.867801] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 65.868935] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 65.873416] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 65.877739] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 65.882546] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 65.886966] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 65.888997] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 65.895946] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 65.897195] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 65.904960] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 65.906945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 65.908116] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 65.912941] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 65.914859] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 65.923338] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 65.944850] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 65.952657] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 65.953970] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 65.958246] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 65.973291] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 65.982273] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 65.989674] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 65.996861] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 66.023963] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 67.733729] Bluetooth: hci1: command tx timeout
[ 67.735104] Bluetooth: hci0: command tx timeout
[ 67.989422] Bluetooth: hci3: command tx timeout
[ 67.989466] Bluetooth: hci4: command tx timeout
[ 67.990273] Bluetooth: hci2: command tx timeout
[ 67.991141] Bluetooth: hci5: command tx timeout
[ 68.054880] Bluetooth: hci6: command tx timeout
[ 68.118392] Bluetooth: hci7: command tx timeout
[ 69.781762] Bluetooth: hci0: command tx timeout
[ 69.782087] Bluetooth: hci1: command tx timeout
[ 70.037441] Bluetooth: hci5: command tx timeout
[ 70.037528] Bluetooth: hci4: command tx timeout
[ 70.037954] Bluetooth: hci2: command tx timeout
[ 70.038484] Bluetooth: hci3: command tx timeout
[ 70.102417] Bluetooth: hci6: command tx timeout
[ 70.166466] Bluetooth: hci7: command tx timeout
[ 71.829427] Bluetooth: hci1: command tx timeout
[ 71.831044] Bluetooth: hci0: command tx timeout
[ 72.086174] Bluetooth: hci4: command tx timeout
[ 72.086207] Bluetooth: hci3: command tx timeout
[ 72.086668] Bluetooth: hci5: command tx timeout
[ 72.087078] Bluetooth: hci2: command tx timeout
[ 72.152208] Bluetooth: hci6: command tx timeout
[ 72.214846] Bluetooth: hci7: command tx timeout
[ 73.877537] Bluetooth: hci0: command tx timeout
[ 73.877758] Bluetooth: hci1: command tx timeout
[ 74.133568] Bluetooth: hci3: command tx timeout
[ 74.134020] Bluetooth: hci5: command tx timeout
[ 74.134884] Bluetooth: hci2: command tx timeout
[ 74.135267] Bluetooth: hci4: command tx timeout
[ 74.197521] Bluetooth: hci6: command tx timeout
[ 74.261438] Bluetooth: hci7: command tx timeout
[ 104.084691] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.085459] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.227042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.227682] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.403428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.404049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.564698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.565361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.731716] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.732645] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.908357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.908975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.922548] audit: type=1400 audit(1756714187.117:8): avc: denied { open } for pid=3787 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 104.924872] audit: type=1400 audit(1756714187.118:9): avc: denied { kernel } for pid=3787 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 105.123563] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.124182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.206558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.207167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.337220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.337916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.406277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.406938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.782896] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.783818] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.854913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.855950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.141281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.141936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.193882] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.195386] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.585019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.586202] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.628079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.628881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
08:09:48 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
08:09:48 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0)
08:09:48 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
08:09:48 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
08:09:48 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0xa, 0x0, &(0x7f0000000140))
08:09:48 executing program 3:
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000440)={0x98, 0x79}, 0x20)
08:09:48 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_netdev_private(r0, 0x89f6, &(0x7f0000000380)="a809f43a")
08:09:48 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
08:09:48 executing program 3:
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000440)={0x98, 0x79}, 0x20)
08:09:48 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0)
08:09:49 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
08:09:49 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0xa, 0x0, &(0x7f0000000140))
08:09:49 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
08:09:49 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
08:09:49 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
08:09:49 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x20, 0x0, 0x2, 0x101, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x20}}, 0x0)
08:09:49 executing program 6:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_linger(r0, 0x1, 0xa, 0x0, &(0x7f0000000140))
08:09:49 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
[ 106.923671] kmemleak: Found object by alias at 0x607f1a63de54
[ 106.923693] CPU: 0 UID: 0 PID: 3928 Comm: syz-executor.5 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 106.923712] Tainted: [W]=WARN
[ 106.923716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 106.923724] Call Trace:
[ 106.923728]
[ 106.923733] dump_stack_lvl+0xca/0x120
[ 106.923767] __lookup_object+0x94/0xb0
[ 106.923785] delete_object_full+0x27/0x70
[ 106.923803] free_percpu+0x30/0x1160
[ 106.923821] ? arch_uprobe_clear_state+0x16/0x140
[ 106.923843] futex_hash_free+0x38/0xc0
[ 106.923859] mmput+0x2d3/0x390
[ 106.923878] do_exit+0x79d/0x2970
[ 106.923893] ? signal_wake_up_state+0x85/0x120
[ 106.923909] ? zap_other_threads+0x2b9/0x3a0
[ 106.923926] ? __pfx_do_exit+0x10/0x10
[ 106.923940] ? do_group_exit+0x1c3/0x2a0
[ 106.923954] ? lock_release+0xc8/0x290
[ 106.923972] do_group_exit+0xd3/0x2a0
[ 106.923988] __x64_sys_exit_group+0x3e/0x50
[ 106.924003] x64_sys_call+0x18c5/0x18d0
[ 106.924019] do_syscall_64+0xbf/0x360
[ 106.924033] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 106.924045] RIP: 0033:0x7f146612cb19
[ 106.924055] Code: Unable to access opcode bytes at 0x7f146612caef.
[ 106.924060] RSP: 002b:00007ffce46c56c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 106.924072] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f146612cb19
[ 106.924080] RDX: 00007f14660df72b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 106.924087] RBP: 0000000000000000 R08: 0000001b2d121f0c R09: 0000000000000000
[ 106.924095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 106.924102] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffce46c57b0
[ 106.924120]
[ 106.924124] kmemleak: Object (percpu) 0x607f1a63de50 (size 8):
[ 106.924131] kmemleak: comm "syz-executor.4", pid 3933, jiffies 4294773841
[ 106.924138] kmemleak: min_count = 1
[ 106.924142] kmemleak: count = 0
[ 106.924146] kmemleak: flags = 0x21
[ 106.924150] kmemleak: checksum = 0
[ 106.924153] kmemleak: backtrace:
[ 106.924157] pcpu_alloc_noprof+0x87a/0x1170
[ 106.924173] perf_trace_event_init+0x366/0xa10
[ 106.924188] perf_trace_init+0x1a4/0x2f0
[ 106.924200] perf_tp_event_init+0xa6/0x120
[ 106.924216] perf_try_init_event+0x140/0x9f0
[ 106.924230] perf_event_alloc.part.0+0x118e/0x45f0
[ 106.924247] __do_sys_perf_event_open+0x719/0x2c20
[ 106.924261] do_syscall_64+0xbf/0x360
[ 106.924271] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:09:49 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_netdev_private(r0, 0x89f6, &(0x7f0000000380)="a809f43a")
08:09:49 executing program 3:
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000440)={0x98, 0x79}, 0x20)
08:09:49 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f0000001200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
08:09:49 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
08:09:49 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
08:09:49 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
08:09:49 executing program 2:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
08:09:49 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
accept(r0, 0x0, 0x0)
08:09:49 executing program 3:
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
write$P9_RLINK(r1, &(0x7f00000000c0)={0x7}, 0x7)
fcntl$setpipe(r1, 0x407, 0x0)
ppoll(&(0x7f0000000040)=[{r0}, {r1}], 0x2, 0x0, 0x0, 0x0)
08:09:49 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
[ 107.144134] kmemleak: Found object by alias at 0x607f1a63de58
[ 107.144154] CPU: 1 UID: 0 PID: 3950 Comm: syz-executor.4 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 107.144172] Tainted: [W]=WARN
[ 107.144176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 107.144184] Call Trace:
[ 107.144188]
[ 107.144193] dump_stack_lvl+0xca/0x120
[ 107.144224] __lookup_object+0x94/0xb0
[ 107.144243] delete_object_full+0x27/0x70
[ 107.144259] free_percpu+0x30/0x1160
[ 107.144276] ? arch_uprobe_clear_state+0x16/0x140
[ 107.144297] futex_hash_free+0x38/0xc0
[ 107.144316] mmput+0x2d3/0x390
[ 107.144336] do_exit+0x79d/0x2970
[ 107.144349] ? lock_release+0xc8/0x290
[ 107.144367] ? __pfx_do_exit+0x10/0x10
[ 107.144381] ? find_held_lock+0x2b/0x80
[ 107.144399] ? get_signal+0x835/0x2340
[ 107.144419] do_group_exit+0xd3/0x2a0
[ 107.144434] get_signal+0x2315/0x2340
[ 107.144452] ? fd_install+0x1d8/0x660
[ 107.144463] ? putname.part.0+0x11b/0x160
[ 107.144483] ? __pfx_get_signal+0x10/0x10
[ 107.144500] ? do_futex+0x135/0x370
[ 107.144514] ? __pfx_do_futex+0x10/0x10
[ 107.144529] arch_do_signal_or_restart+0x80/0x790
[ 107.144548] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 107.144564] ? __x64_sys_futex+0x1c9/0x4d0
[ 107.144577] ? __x64_sys_futex+0x1d2/0x4d0
[ 107.144591] ? __x64_sys_openat+0x142/0x200
[ 107.144609] ? __pfx___x64_sys_futex+0x10/0x10
[ 107.144623] ? xfd_validate_state+0x55/0x180
[ 107.144644] exit_to_user_mode_loop+0x8b/0x110
[ 107.144658] do_syscall_64+0x2f7/0x360
[ 107.144671] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.144683] RIP: 0033:0x7f95b6605b19
[ 107.144693] Code: Unable to access opcode bytes at 0x7f95b6605aef.
[ 107.144698] RSP: 002b:00007f95b3b7b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 107.144710] RAX: fffffffffffffe00 RBX: 00007f95b6718f68 RCX: 00007f95b6605b19
[ 107.144718] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f95b6718f68
[ 107.144725] RBP: 00007f95b6718f60 R08: 0000000000000000 R09: 0000000000000000
[ 107.144732] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b6718f6c
[ 107.144740] R13: 00007ffe7f0ca31f R14: 00007f95b3b7b300 R15: 0000000000022000
[ 107.144756]
[ 107.144759] kmemleak: Object (percpu) 0x607f1a63de50 (size 16):
[ 107.144766] kmemleak: comm "syz-executor.3", pid 283, jiffies 4294774057
[ 107.144773] kmemleak: min_count = 1
[ 107.144777] kmemleak: count = 0
[ 107.144781] kmemleak: flags = 0x21
[ 107.144785] kmemleak: checksum = 0
[ 107.144789] kmemleak: backtrace:
[ 107.144792] pcpu_alloc_noprof+0x87a/0x1170
[ 107.144808] mm_init+0x99b/0x1170
[ 107.144816] copy_process+0x3ab7/0x73c0
[ 107.144826] kernel_clone+0xea/0x7f0
[ 107.144836] __do_sys_clone+0xce/0x120
[ 107.144846] do_syscall_64+0xbf/0x360
[ 107.144856] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.178161] kmemleak: Cannot insert 0x607f1a63de58 into the object search tree (overlaps existing)
[ 107.178174] CPU: 1 UID: 0 PID: 287 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 107.178191] Tainted: [W]=WARN
[ 107.178195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 107.178201] Call Trace:
[ 107.178205]
[ 107.178209] dump_stack_lvl+0xca/0x120
[ 107.178229] __link_object+0x190/0x210
[ 107.178246] __create_object+0x48/0x80
[ 107.178263] pcpu_alloc_noprof+0x87a/0x1170
[ 107.178286] mm_init+0x99b/0x1170
[ 107.178299] copy_process+0x3ab7/0x73c0
[ 107.178324] ? __pfx_copy_process+0x10/0x10
[ 107.178340] ? do_raw_spin_lock+0x123/0x260
[ 107.178359] kernel_clone+0xea/0x7f0
[ 107.178373] ? __pfx_kernel_clone+0x10/0x10
[ 107.178387] ? __lock_acquire+0x694/0x1b70
[ 107.178401] ? css_rstat_updated+0x1b8/0x4d0
[ 107.178419] ? __pfx_css_rstat_updated+0x10/0x10
[ 107.178438] __do_sys_clone+0xce/0x120
[ 107.178450] ? __pfx___do_sys_clone+0x10/0x10
[ 107.178462] ? find_held_lock+0x2b/0x80
[ 107.178489] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 107.178506] do_syscall_64+0xbf/0x360
[ 107.178518] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.178530] RIP: 0033:0x7f587889210b
[ 107.178538] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 107.178549] RSP: 002b:00007ffddd60ca10 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 107.178561] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f587889210b
[ 107.178568] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 107.178575] RBP: 0000000000000001 R08: 0000000000000000 R09: 00005555556eb400
[ 107.178582] R10: 00005555556eb6d0 R11: 0000000000000246 R12: 0000000000000001
[ 107.178589] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffddd60caf0
[ 107.178604]
[ 107.179387] kmemleak: Kernel memory leak detector disabled
[ 107.179391] kmemleak: Object (percpu) 0x607f1a63de50 (size 16):
[ 107.179399] kmemleak: comm "syz-executor.3", pid 283, jiffies 4294774057
[ 107.179406] kmemleak: min_count = 1
[ 107.179410] kmemleak: count = 0
[ 107.179413] kmemleak: flags = 0x21
[ 107.179417] kmemleak: checksum = 0
[ 107.179421] kmemleak: backtrace:
[ 107.179424] pcpu_alloc_noprof+0x87a/0x1170
[ 107.179440] mm_init+0x99b/0x1170
[ 107.179448] copy_process+0x3ab7/0x73c0
[ 107.179458] kernel_clone+0xea/0x7f0
[ 107.179468] __do_sys_clone+0xce/0x120
[ 107.179478] do_syscall_64+0xbf/0x360
[ 107.179488] entry_SYSCALL_64_after_hwframe+0x77/0x7f
08:09:49 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
accept(r0, 0x0, 0x0)
[ 107.213957] kmemleak: Found object by alias at 0x607f1a63de5c
[ 107.213979] CPU: 0 UID: 0 PID: 3944 Comm: syz-executor.7 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 107.213998] Tainted: [W]=WARN
[ 107.214002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 107.214010] Call Trace:
[ 107.214014]
[ 107.214019] dump_stack_lvl+0xca/0x120
[ 107.214054] __lookup_object+0x94/0xb0
[ 107.214076] delete_object_full+0x27/0x70
[ 107.214094] free_percpu+0x30/0x1160
[ 107.214112] ? arch_uprobe_clear_state+0x16/0x140
[ 107.214133] futex_hash_free+0x38/0xc0
[ 107.214148] mmput+0x2d3/0x390
[ 107.214168] do_exit+0x79d/0x2970
[ 107.214182] ? lock_release+0xc8/0x290
[ 107.214200] ? __pfx_do_exit+0x10/0x10
[ 107.214215] ? find_held_lock+0x2b/0x80
[ 107.214233] ? get_signal+0x835/0x2340
[ 107.214254] do_group_exit+0xd3/0x2a0
[ 107.214270] get_signal+0x2315/0x2340
[ 107.214293] ? __pfx_get_signal+0x10/0x10
[ 107.214314] ? do_futex+0x135/0x370
[ 107.214328] ? __pfx_do_futex+0x10/0x10
[ 107.214343] arch_do_signal_or_restart+0x80/0x790
[ 107.214362] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 107.214379] ? __x64_sys_futex+0x1c9/0x4d0
[ 107.214392] ? __x64_sys_futex+0x1d2/0x4d0
[ 107.214407] ? __pfx___x64_sys_futex+0x10/0x10
[ 107.214421] ? selinux_file_ioctl+0xb9/0x280
[ 107.214437] ? xfd_validate_state+0x55/0x180
[ 107.214459] exit_to_user_mode_loop+0x8b/0x110
[ 107.214473] do_syscall_64+0x2f7/0x360
[ 107.214487] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.214500] RIP: 0033:0x7f7dff542b19
[ 107.214509] Code: Unable to access opcode bytes at 0x7f7dff542aef.
[ 107.214514] RSP: 002b:00007f7dfcab8218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 107.214526] RAX: fffffffffffffe00 RBX: 00007f7dff655f68 RCX: 00007f7dff542b19
[ 107.214535] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7dff655f68
[ 107.214542] RBP: 00007f7dff655f60 R08: 0000000000000000 R09: 0000000000000000
[ 107.214549] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7dff655f6c
[ 107.214557] R13: 00007ffd80cd40af R14: 00007f7dfcab8300 R15: 0000000000022000
[ 107.214573]
[ 107.214577] kmemleak: Object (percpu) 0x607f1a63de50 (size 16):
[ 107.214584] kmemleak: comm "syz-executor.3", pid 283, jiffies 4294774057
[ 107.214591] kmemleak: min_count = 1
[ 107.214596] kmemleak: count = 0
[ 107.214599] kmemleak: flags = 0x21
[ 107.214603] kmemleak: checksum = 0
[ 107.214607] kmemleak: backtrace:
[ 107.214611] pcpu_alloc_noprof+0x87a/0x1170
[ 107.214627] mm_init+0x99b/0x1170
[ 107.214635] copy_process+0x3ab7/0x73c0
[ 107.214645] kernel_clone+0xea/0x7f0
[ 107.214656] __do_sys_clone+0xce/0x120
[ 107.214666] do_syscall_64+0xbf/0x360
[ 107.214676] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.215660] kmemleak: Found object by alias at 0x607f1a63de58
[ 107.215673] CPU: 1 UID: 0 PID: 3964 Comm: syz-executor.6 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 107.215691] Tainted: [W]=WARN
[ 107.215695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 107.215702] Call Trace:
[ 107.215705]
[ 107.215710] dump_stack_lvl+0xca/0x120
[ 107.215729] __lookup_object+0x94/0xb0
[ 107.215745] delete_object_full+0x27/0x70
[ 107.215761] free_percpu+0x30/0x1160
[ 107.215777] ? __percpu_counter_sum+0x1b9/0x250
[ 107.215795] __mmdrop+0x29c/0x4a0
[ 107.215816] mmput+0x305/0x390
[ 107.215835] do_exit+0x79d/0x2970
[ 107.215852] ? __pfx_do_exit+0x10/0x10
[ 107.215866] ? find_held_lock+0x2b/0x80
[ 107.215888] ? get_signal+0x835/0x2340
[ 107.215908] do_group_exit+0xd3/0x2a0
[ 107.215924] get_signal+0x2315/0x2340
[ 107.215941] ? put_task_stack+0xd2/0x240
[ 107.215956] ? __pfx_get_signal+0x10/0x10
[ 107.215973] ? __schedule+0xe91/0x3590
[ 107.215994] arch_do_signal_or_restart+0x80/0x790
[ 107.216012] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 107.216029] ? __x64_sys_futex+0x1c9/0x4d0
[ 107.216043] ? __x64_sys_futex+0x1d2/0x4d0
[ 107.216060] ? __pfx___x64_sys_futex+0x10/0x10
[ 107.216081] exit_to_user_mode_loop+0x8b/0x110
[ 107.216095] do_syscall_64+0x2f7/0x360
[ 107.216107] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.216119] RIP: 0033:0x7f5878893b19
[ 107.216127] Code: Unable to access opcode bytes at 0x7f5878893aef.
[ 107.216133] RSP: 002b:00007f5875e09218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 107.216144] RAX: 0000000000000001 RBX: 00007f58789a6f68 RCX: 00007f5878893b19
[ 107.216151] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f58789a6f6c
[ 107.216158] RBP: 00007f58789a6f60 R08: 000000000000000e R09: 0000000000000000
[ 107.216165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f58789a6f6c
[ 107.216173] R13: 00007ffddd60c7df R14: 00007f5875e09300 R15: 0000000000022000
[ 107.216188]
[ 107.216192] kmemleak: Object (percpu) 0x607f1a63de50 (size 16):
[ 107.216199] kmemleak: comm "syz-executor.3", pid 283, jiffies 4294774057
[ 107.216206] kmemleak: min_count = 1
[ 107.216210] kmemleak: count = 0
[ 107.216213] kmemleak: flags = 0x21
[ 107.216217] kmemleak: checksum = 0
[ 107.216221] kmemleak: backtrace:
[ 107.216224] pcpu_alloc_noprof+0x87a/0x1170
[ 107.216239] mm_init+0x99b/0x1170
[ 107.216248] copy_process+0x3ab7/0x73c0
[ 107.216258] kernel_clone+0xea/0x7f0
[ 107.216268] __do_sys_clone+0xce/0x120
[ 107.216278] do_syscall_64+0xbf/0x360
[ 107.216288] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.351531] Oops: general protection fault, probably for non-canonical address 0xdffffc031fd4a902: 0000 [#1] SMP KASAN NOPTI
[ 107.352504] KASAN: probably user-memory-access in range [0x00000018fea54810-0x00000018fea54817]
[ 107.353207] CPU: 0 UID: 0 PID: 3962 Comm: syz-executor.3 Tainted: G W 6.17.0-rc4-next-20250901 #1 PREEMPT(voluntary)
[ 107.356863] Tainted: [W]=WARN
[ 107.358757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 107.360870] RIP: 0010:perf_trace_add+0x21b/0x340
[ 107.361263] Code: 00 0f 85 3a 01 00 00 4c 89 75 00 4d 85 ed 74 2a e8 da b2 f5 ff 49 8d 7d 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 df 00 00 00 4d 89 75 08 eb 03 45 31 e4 e8 ad b2
[ 107.362689] RSP: 0018:ffff8880416175b8 EFLAGS: 00010012
[ 107.363146] RAX: dffffc0000000000 RBX: ffff888009649f40 RCX: ffffffff817e42fe
[ 107.363708] RDX: 000000031fd4a902 RSI: ffffffff817e43d6 RDI: 00000018fea54812
[ 107.364274] RBP: ffffe8ffffc15e50 R08: ffffffff85ca4140 R09: ffffed10082c2efe
[ 107.364834] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 107.365393] R13: 00000018fea5480a R14: ffff888009649fa0 R15: ffff888009649fd8
[ 107.365951] FS: 00007f389e290700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 107.366587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 107.367051] CR2: 00007f389e26f718 CR3: 000000000c880000 CR4: 0000000000350ef0
[ 107.367611] Call Trace:
[ 107.367816]
[ 107.368000] event_sched_in+0x446/0xb60
[ 107.368333] merge_sched_in+0xb4d/0x1810
[ 107.368662] visit_groups_merge.constprop.0.isra.0+0x8d1/0x1150
[ 107.369137] ? __pfx_visit_groups_merge.constprop.0.isra.0+0x10/0x10
[ 107.369644] ? lock_is_held_type+0x9e/0x120
[ 107.369995] ctx_sched_in+0x579/0x9b0
[ 107.370301] ? __pfx_ctx_sched_in+0x10/0x10
[ 107.370642] perf_event_sched_in+0x5d/0x90
[ 107.370985] __perf_event_task_sched_in+0x2ec/0x5e0
[ 107.371380] ? __pfx___perf_event_task_sched_in+0x10/0x10
[ 107.371811] ? lock_is_held_type+0x9e/0x120
[ 107.372160] ? xfd_validate_state+0x55/0x180
[ 107.372530] finish_task_switch.isra.0+0x410/0x840
[ 107.372933] __schedule+0xe86/0x3590
[ 107.373236] ? __pfx___schedule+0x10/0x10
[ 107.373570] ? lock_acquire+0x15e/0x2f0
[ 107.373892] ? find_held_lock+0x2b/0x80
[ 107.374216] ? schedule+0x2c7/0x390
[ 107.374511] ? lock_release+0xc8/0x290
[ 107.374834] schedule+0xdb/0x390
[ 107.375110] futex_do_wait+0x88/0x180
[ 107.375423] __futex_wait+0x176/0x300
[ 107.375731] ? __pfx___futex_wait+0x10/0x10
[ 107.376079] ? __pfx_futex_wake_mark+0x10/0x10
[ 107.376446] ? lock_release+0xc8/0x290
[ 107.376762] ? futex_private_hash_put+0x127/0x2d0
[ 107.377145] futex_wait+0xde/0x380
[ 107.377437] ? __pfx_futex_wait+0x10/0x10
[ 107.377770] ? __pfx_futex_wake+0x10/0x10
[ 107.378105] ? __do_sys_perf_event_open+0x44d/0x2c20
[ 107.378511] ? lock_release+0xc8/0x290
[ 107.378833] do_futex+0x2ee/0x370
[ 107.379116] ? __pfx_do_futex+0x10/0x10
[ 107.379435] ? __pfx___do_sys_perf_event_open+0x10/0x10
[ 107.379856] ? __pfx_set_user_sigmask+0x10/0x10
[ 107.380237] __x64_sys_futex+0x1c9/0x4d0
[ 107.380562] ? __pfx___x64_sys_futex+0x10/0x10
[ 107.380928] ? selinux_file_fcntl+0x92/0x170
[ 107.381282] ? xfd_validate_state+0x55/0x180
[ 107.381643] do_syscall_64+0xbf/0x360
[ 107.381949] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.382364] RIP: 0033:0x7f38a0d1ab19
[ 107.382660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 107.384080] RSP: 002b:00007f389e290218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 107.384675] RAX: ffffffffffffffda RBX: 00007f38a0e2df68 RCX: 00007f38a0d1ab19
[ 107.385230] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f38a0e2df68
[ 107.385798] RBP: 00007f38a0e2df60 R08: 0000000000000000 R09: 0000000000000000
[ 107.386350] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38a0e2df6c
[ 107.386915] R13: 00007ffffd93f5bf R14: 00007f389e290300 R15: 0000000000022000
[ 107.387475]
[ 107.387662] Modules linked in:
[ 107.387922] ---[ end trace 0000000000000000 ]---
[ 107.388293] RIP: 0010:perf_trace_add+0x21b/0x340
[ 107.388681] Code: 00 0f 85 3a 01 00 00 4c 89 75 00 4d 85 ed 74 2a e8 da b2 f5 ff 49 8d 7d 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 df 00 00 00 4d 89 75 08 eb 03 45 31 e4 e8 ad b2
[ 107.390097] RSP: 0018:ffff8880416175b8 EFLAGS: 00010012
[ 107.390515] RAX: dffffc0000000000 RBX: ffff888009649f40 RCX: ffffffff817e42fe
[ 107.391086] RDX: 000000031fd4a902 RSI: ffffffff817e43d6 RDI: 00000018fea54812
[ 107.391644] RBP: ffffe8ffffc15e50 R08: ffffffff85ca4140 R09: ffffed10082c2efe
[ 107.392199] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 107.392757] R13: 00000018fea5480a R14: ffff888009649fa0 R15: ffff888009649fd8
[ 107.393317] FS: 00007f389e290700(0000) GS:ffff8880e55d8000(0000) knlGS:0000000000000000
[ 107.393945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 107.394405] CR2: 00007f389e26f718 CR3: 000000000c880000 CR4: 0000000000350ef0
[ 107.394975] note: syz-executor.3[3962] exited with irqs disabled
VM DIAGNOSIS:
08:09:49 Registers:
info registers vcpu 0
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e5105 RDI=ffffffff88729280 RBP=ffffffff88729240 RSP=ffff888041616f48
R8 =0000000000000000 R9 =ffffed1001460046 R10=0000000000000035 R11=3a6465746e696154
R12=0000000000000035 R13=0000000000000010 R14=ffffffff88729240 R15=ffffffff828e50f0
RIP=ffffffff828e515d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f389e290700 00000000 00000000
GS =0000 ffff8880e55d8000 00000000 00000000
LDT=0000 fffffe4f00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f389e26f718 CR3=000000000c880000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f38a0e017c000007f38a0e017c8
XMM02=00007f38a0e017e000007f38a0e017c0 XMM03=00007f38a0e017c800007f38a0e017c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff867e3960 RDX=1ffff11002cf6f47
RSI=0000000000000001 RDI=0000000000000001 RBP=ffff8880167b7a48 RSP=ffff8880167b7930
R8 =ffffffff867e3964 R9 =0000000000000000 R10=000000000003bea3 R11=0000000000006cee
R12=ffff8880167b7a50 R13=ffff8880167b7a38 R14=0000000000000005 R15=ffff8880167b79f0
RIP=ffffffff8135886e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f72b0a738c0 00000000 00000000
GS =0000 ffff8880e56d8000 00000000 00000000
LDT=0000 fffffe2500000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f87b1440d90 CR3=000000000e605000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffff00ffffffffffffffff
XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=37706f6f6c2f6b636f6c622f6c617574
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=000055647727986000005564772a52a0
XMM06=0000000000000000ffffffff00000004 XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000