last executing test programs: 17.025595137s ago: executing program 2 (id=1078): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) close(0x4) socket$packet(0x11, 0x2, 0x300) r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r1, 0x47ba, 0x3e80, 0x0, 0x0, 0x0) 13.293816223s ago: executing program 2 (id=1080): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6gretap0\x00'}) socket$netlink(0x10, 0x3, 0x0) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000000)={0x1, 0x1}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f00000000c0), 0x2) write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000100)={0x2, 0x3}, 0x2) creat(&(0x7f0000000080)='./bus\x00', 0x181) socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) write$binfmt_register(r3, &(0x7f0000000100)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x7, 0x3a, '*.-*', 0x3a, '', 0x3a, './file0', 0x3a, [0x46]}, 0x2c) open$dir(&(0x7f0000000200)='./file0\x00', 0x1e9240, 0x180) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, 0x0, 0x0) r6 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r6, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31) sendmmsg$inet6(r6, &(0x7f0000002940), 0x40000000000017d, 0x811) 11.40121356s ago: executing program 4 (id=1087): r0 = syz_open_dev$swradio(&(0x7f00000001c0), 0x0, 0x2) mknod$loop(0x0, 0x10, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000001001"], 0x10}, 0x8000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x844}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x1f) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000) kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000) r6 = socket$inet6(0xa, 0x80002, 0x0) socket$inet_udp(0x2, 0x2, 0x0) connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c) sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0585611, &(0x7f00000000c0)={0x0, 0xb, 0x0, "3e58f67896b2f2098200902177392faff604cb7ef87e7610bc39ef64257f5d33"}) 8.34239307s ago: executing program 3 (id=1088): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000fbdbdf251900005f338895357ecaa9e789240008000300ef0654e7f137d09422e834120ed68b6f74eadad4f724b7839fa1e25f8ee1c5f69f50af6c1b8805df795d2ebdf81309a30a12fbd8cbe53eafc2e6d0c27618944dc0ee417305516d763981a2bbc66c4455499781191ebc73a4edff5999c1de2d108e244415c991c28ebe00fde884ed9af790ee97b5cb8b", @ANYRES32=r2, @ANYBLOB="06006d0004000000"], 0x24}, 0x1, 0x0, 0x0, 0x60000}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8abb29e09f442f35, 0xffffffffffffffff, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0) ioctl$SNDCTL_DSP_SYNC(r8, 0x5001, 0x0) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@mask_fadd={0x58, 0x114, 0x8, {{0xf, 0x1}, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x7, 0x3, 0x28, 0x5}}], 0x58}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x3, 0x62}) r10 = socket$netlink(0x10, 0x3, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8b34, &(0x7f0000000000)={'wlan0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000340)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r11 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_ifreq(r11, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) r12 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r12, &(0x7f00000002c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40) connect$rose(r12, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40) sendmsg$kcm(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x5}, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x80003}, 0x94) 8.34179286s ago: executing program 0 (id=1098): openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000040)=[{&(0x7f00000002c0)="94", 0x1}, {0x0}], 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 8.195512624s ago: executing program 4 (id=1089): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) read$FUSE(r0, &(0x7f0000009780)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001900010028b67000fddbdf651d010200970005000304fd0015000100000000000402000092b13bd2c85bb9b348002d14c9040000001caf03000000"], 0x34}}, 0x20000) syz_emit_ethernet(0x13, &(0x7f00000003c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @void, {@ipv4={0x88fb, @gre={{0x5, 0x4, 0x2, 0x1, 0x58, 0x66, 0x0, 0x8, 0x2f, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x81, 0x0}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x1}, {0x8, 0x88be, 0x3, {{0x5, 0x1, 0x6, 0x2, 0x1, 0x1, 0x6, 0x4}, 0x1, {0x500c}}}, {0x8, 0x22eb, 0x4, {{0xe, 0x2, 0xf8, 0x3, 0x1, 0x2, 0x4, 0xf9}, 0x2, {0x1, 0x9, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @remote}}]}}}]}, 0x48}, 0x9}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00"], 0x48}}, 0x0) sendmmsg$alg(r2, &(0x7f00000000c0), 0x492492492492627, 0x0) 5.786438011s ago: executing program 1 (id=1090): socket$nl_route(0x10, 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) creat(&(0x7f0000000040)='./file0\x00', 0x30) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002007369"], 0x44}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.545150255s ago: executing program 3 (id=1091): syz_open_dev$vcsn(&(0x7f00000001c0), 0x1, 0x800) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x6, 'wlan1\x00', {}, 0x108}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"]) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x2, 0x4002004c4, 0xffe, 0x0, 0x0, 0xfffffffffffffffd, 0x9012, 0x0, 0xd57b, 0x0, 0x80], 0xeeee8000, 0x2113c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.379947231s ago: executing program 3 (id=1092): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0xb0b}, 0x14}}, 0x0) 5.300729849s ago: executing program 1 (id=1093): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000280)='./file0\x00') rename(&(0x7f0000000500)='./file0\x00', &(0x7f00000002c0)='./file0\x00') 5.227360486s ago: executing program 3 (id=1094): userfaultfd(0x80801) r0 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, 0x0, 0x4000800) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_io_uring_setup(0xd38, &(0x7f0000000280)={0x0, 0x7732, 0x80, 0x1, 0x350}, &(0x7f00000000c0)=0x0, &(0x7f0000000440)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x36, 0x0, 0x0, 0x4, 0x0, 0x1, 0x20}) io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0) 5.173102141s ago: executing program 4 (id=1095): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x56, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x2, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ct={0x2c, 0x800, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0x5, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x201, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x804}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, 0x13, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x40) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r5 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r5, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r5, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x110, 0x1}], 0x10, 0x7000000}, 0xf401}], 0x1, 0x0) sendmmsg(r5, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, 0xf401}], 0x1, 0x0) syz_open_procfs(0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB="000000000000000408000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) recvmmsg(r3, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x4) 4.119945175s ago: executing program 1 (id=1096): bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4}, 0x50) 4.119736245s ago: executing program 0 (id=1097): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x15, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x26) 4.011514166s ago: executing program 1 (id=1099): socket$nl_route(0x10, 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.009953116s ago: executing program 0 (id=1100): socket$nl_route(0x10, 0x3, 0x0) eventfd2(0x3, 0x100800) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, 0x0, &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x100}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000100)="07000000010000", 0x7) 3.942981162s ago: executing program 2 (id=1101): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049dd) write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070003070000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000010000000000000300000008000000f30000007f00000004"], 0x58) close(r0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) 3.895849167s ago: executing program 3 (id=1102): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) r4 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil) r6 = dup(r5) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c) r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(r7, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}}) get_robust_list(r1, &(0x7f00000004c0)=0x0, &(0x7f0000000500)) sendmsg$inet6(r5, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) dup(r5) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'comedi_bond\x00', [0x2f, 0x80, 0x10006, 0x4, 0x1, 0xcc7, 0x8, 0x17, 0xa, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x4, 0x105, 0x8, 0x2, 0x2009, 0x1, 0x89, 0x6, 0x0, 0x20001e5a, 0x1000b, 0x7, 0x9, 0x8, 0x6, 0x401, 0xfffffffd]}) 3.731285183s ago: executing program 2 (id=1103): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000fbdbdf251900005f338895357ecaa9e789240008000300ef0654e7f137d09422e834120ed68b6f74eadad4f724b7839fa1e25f8ee1c5f69f50af6c1b8805df795d2ebdf81309a30a12fbd8cbe53eafc2e6d0c27618944dc0ee417305516d763981a2bbc66c4455499781191ebc73a4edff5999c1de2d108e244415c991c28ebe00fde884ed9af790ee97b5cb8b", @ANYRES32=r2, @ANYBLOB="06006d0004000000"], 0x24}, 0x1, 0x0, 0x0, 0x60000}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8abb29e09f442f35, 0xffffffffffffffff, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0) ioctl$SNDCTL_DSP_SYNC(r8, 0x5001, 0x0) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@mask_fadd={0x58, 0x114, 0x8, {{0xf, 0x1}, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x7, 0x3, 0x28, 0x5}}], 0x58}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x3, 0x62}) r10 = socket$netlink(0x10, 0x3, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8b34, &(0x7f0000000000)={'wlan0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000340)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r11 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_ifreq(r11, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) r12 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r12, &(0x7f00000002c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40) connect$rose(r12, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40) sendmsg$kcm(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x5}, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x80003}, 0x94) 2.060111797s ago: executing program 3 (id=1104): r0 = syz_open_procfs(0xffffffffffffffff, 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) r1 = socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {r6, 0xffffffef}}, 0x10) close(r5) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0) r7 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r1, 0x29, 0xd3, &(0x7f0000000180)="f964d59b408171b3", 0x8) connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4003}, 0xf1) sendmmsg$inet6(r7, &(0x7f0000002940), 0x40000000000017d, 0x811) r8 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r8, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, {}, {}, {}, {0x0, 0x0, 0xfffffffe}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc}) sendto$inet6(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x40d4, &(0x7f0000000140)={0xa, 0x4e23, 0x4, @loopback, 0xffffffff}, 0x1c) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 1.975960646s ago: executing program 0 (id=1105): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) recvfrom(r1, 0x0, 0x0, 0x2, 0x0, 0x60) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) pselect6(0x40, &(0x7f0000000300)={0x6, 0x100000001, 0x3, 0x7f, 0x2627bc42, 0xba4, 0x3, 0xfffffffffffffff8}, 0x0, &(0x7f00000000c0)={0xd8, 0x800000007, 0x0, 0x8, 0x1, 0x6, 0x5, 0x20000000000007f}, 0x0, 0x0) 1.658490657s ago: executing program 1 (id=1106): r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r1 = dup(r0) r2 = syz_io_uring_setup(0x4e1, &(0x7f0000000380)={0x0, 0x33f8, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x100a}, 0x1}) io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0) clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000850}, 0x40) 1.070063795s ago: executing program 0 (id=1107): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x300000, 0x800, 0x0, 0x3}, 0x1c) ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000}) 928.040658ms ago: executing program 4 (id=1108): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x14, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x20000844) 757.602345ms ago: executing program 4 (id=1109): bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4}, 0x50) 618.989139ms ago: executing program 2 (id=1110): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x15, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x26) 540.049147ms ago: executing program 0 (id=1111): socket$inet_mptcp(0x2, 0x1, 0x106) memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000d600000000000000000000008500000041000000850000000f00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) landlock_create_ruleset(&(0x7f00000001c0)={0x1407, 0x3, 0x1}, 0x14, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-ni\x00'}, 0xffffffffffffffbd) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200000}, 0x1c) listen(r2, 0x9) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r3, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r5, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x27}, 0x74) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) r6 = getpid() sched_setaffinity(r6, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 508.08383ms ago: executing program 4 (id=1112): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x300) sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 345.149766ms ago: executing program 2 (id=1113): r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) r2 = open_tree(0xffffffffffffffff, 0x0, 0x89901) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000400)) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x3c63, @rand_addr=' \x01\x00', 0x8}, 0x1c) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r5) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r6, 0xc0505350, &(0x7f0000000700)={{0x0, 0x1}, {0xf, 0x27}, 0xfffffffd}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000340)={0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000580)={0x0, 0xfffffef4, r7}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe5b}) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000080)) add_key$keyring(&(0x7f0000000280), &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) 0s ago: executing program 1 (id=1114): syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x8000) r0 = syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000)) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0) mount$9p_virtio(&(0x7f00000001c0), 0x0, &(0x7f00000004c0), 0x8c, 0x0) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil) r4 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, 0x0, 0x20000000) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_create_resource$binfmt(0x0) rseq(0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_DQEVENT(r0, 0x80785659, &(0x7f0000000380)={0x0, @frame_sync}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) kernel console output (not intermixed with test programs): 5][ T4182] device veth1_macvtap entered promiscuous mode [ 68.559279][ T4267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.562207][ T4188] device veth1_macvtap entered promiscuous mode [ 68.570172][ T4267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.595628][ T4267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.610659][ T4267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.617308][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.631868][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.642293][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.653841][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.666650][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.677470][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.689557][ T4182] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.703318][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 68.712249][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 68.721466][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 68.729730][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 68.738659][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 68.747781][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 68.756519][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 68.765539][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.796219][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.807331][ T4267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.809362][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.827169][ T4267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.828398][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.845761][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.856633][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.867398][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.877567][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.888337][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.900175][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.918367][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 68.929158][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.939438][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 68.950321][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.961122][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 68.971888][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.984304][ T4182] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.003224][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.011202][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 69.021737][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 69.031119][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 69.040411][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 69.052429][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.063506][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.075560][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.086131][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.096249][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.107094][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.117290][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.128055][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.145719][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.157101][ T4182] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.167144][ T4182] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.176547][ T4182] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.186063][ T4182] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.204809][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 69.221307][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 69.246518][ T4188] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.255785][ T4188] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.264911][ T4188] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.274003][ T4188] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.309926][ T4267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.331182][ T4267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.372402][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.430410][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.438733][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.455812][ T4292] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 69.460928][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.580612][ T1163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.640418][ T1163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.681246][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.695749][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 69.736385][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.763053][ T1163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.771424][ T1163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.836033][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.851037][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.863425][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.871421][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 69.916835][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 70.354399][ T4257] Bluetooth: hci0: command 0x0419 tx timeout [ 70.425618][ T4316] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 70.430462][ T4221] Bluetooth: hci1: command 0x0419 tx timeout [ 70.450444][ T4316] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 70.482860][ T4221] Bluetooth: hci2: command 0x0419 tx timeout [ 70.513113][ T4221] Bluetooth: hci4: command 0x0419 tx timeout [ 70.541011][ T4221] Bluetooth: hci3: command 0x0419 tx timeout [ 70.703463][ T26] audit: type=1326 audit(1761255973.103:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 70.833953][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 70.896565][ T26] audit: type=1326 audit(1761255973.153:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 70.945493][ T4336] loop4: detected capacity change from 0 to 64 [ 70.963195][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #100!!! [ 70.972293][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #110!!! [ 70.981394][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #192!!! [ 70.990531][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #192!!! [ 70.999530][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #192!!! [ 71.008525][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #192!!! [ 71.017518][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #192!!! [ 71.026647][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #192!!! [ 71.046384][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #10!!! [ 71.514247][ T1429] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.521152][ T1429] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.003026][ T26] audit: type=1326 audit(1761255973.173:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 72.129884][ T26] audit: type=1326 audit(1761255973.173:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 72.216940][ T26] audit: type=1326 audit(1761255973.173:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 72.241166][ T26] audit: type=1326 audit(1761255973.173:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 72.272810][ T26] audit: type=1326 audit(1761255973.173:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 72.420233][ T4353] loop1: detected capacity change from 0 to 64 [ 72.662097][ T26] audit: type=1326 audit(1761255973.173:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 73.222081][ T4361] loop0: detected capacity change from 0 to 64 [ 73.256348][ T26] audit: type=1326 audit(1761255973.173:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 73.615018][ T26] audit: type=1326 audit(1761255973.173:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4328 comm="syz.4.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 74.832190][ T4407] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 74.849782][ T4407] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 74.868088][ T4408] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 74.902441][ T4408] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 75.477675][ T4428] loop0: detected capacity change from 0 to 64 [ 76.356403][ T4445] loop1: detected capacity change from 0 to 64 [ 77.781768][ T4452] loop3: detected capacity change from 0 to 64 [ 78.922202][ T4463] loop1: detected capacity change from 0 to 64 [ 79.819831][ T4466] loop0: detected capacity change from 0 to 64 [ 81.867720][ T4482] loop0: detected capacity change from 0 to 1024 [ 82.004345][ T4482] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 82.353662][ T26] kauditd_printk_skb: 53 callbacks suppressed [ 82.353677][ T26] audit: type=1326 audit(1761255984.763:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 82.573137][ T26] audit: type=1326 audit(1761255984.793:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 82.596197][ T4490] loop2: detected capacity change from 0 to 64 [ 82.967009][ T26] audit: type=1326 audit(1761255984.813:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.316117][ T26] audit: type=1326 audit(1761255984.813:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.508638][ T26] audit: type=1326 audit(1761255984.813:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.562251][ T26] audit: type=1326 audit(1761255984.813:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.585935][ T26] audit: type=1326 audit(1761255984.813:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.733469][ T26] audit: type=1326 audit(1761255984.813:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.823042][ T26] audit: type=1326 audit(1761255984.813:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 83.942758][ T26] audit: type=1326 audit(1761255984.813:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4488 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 84.133777][ T4510] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 84.150359][ T4510] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 84.359894][ T4518] loop2: detected capacity change from 0 to 64 [ 85.525390][ T4522] loop4: detected capacity change from 0 to 64 [ 86.690245][ T4529] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 86.843504][ T4544] loop4: detected capacity change from 0 to 64 [ 86.855607][ T4529] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 87.739158][ T1325] cfg80211: failed to load regulatory.db [ 88.898595][ T4566] netlink: 12 bytes leftover after parsing attributes in process `syz.2.70'. [ 89.044690][ T4569] loop1: detected capacity change from 0 to 64 [ 89.987043][ T4556] loop4: detected capacity change from 0 to 64 [ 90.615264][ T4589] loop0: detected capacity change from 0 to 64 [ 91.580062][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 91.580077][ T26] audit: type=1326 audit(1761255993.983:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 91.915331][ T26] audit: type=1326 audit(1761255994.023:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.335137][ T26] audit: type=1326 audit(1761255994.023:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.360423][ T26] audit: type=1326 audit(1761255994.023:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.383652][ T26] audit: type=1326 audit(1761255994.023:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.405911][ T26] audit: type=1326 audit(1761255994.023:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.428623][ T26] audit: type=1326 audit(1761255994.023:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.451752][ T26] audit: type=1326 audit(1761255994.023:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.474671][ T26] audit: type=1326 audit(1761255994.033:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.507014][ T26] audit: type=1326 audit(1761255994.033:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.3.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 92.649332][ T4606] loop0: detected capacity change from 0 to 64 [ 94.439298][ T4612] loop1: detected capacity change from 0 to 1024 [ 94.557924][ T4616] loop4: detected capacity change from 0 to 1024 [ 94.633137][ T4612] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 94.801121][ T4616] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 95.568418][ T4638] loop2: detected capacity change from 0 to 64 [ 97.107391][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 97.107406][ T26] audit: type=1326 audit(1761255999.513:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 97.349069][ T26] audit: type=1326 audit(1761255999.513:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 97.707620][ T26] audit: type=1326 audit(1761255999.553:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.007703][ T26] audit: type=1326 audit(1761255999.553:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.030548][ T26] audit: type=1326 audit(1761255999.553:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.053207][ T26] audit: type=1326 audit(1761255999.553:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.076026][ T26] audit: type=1326 audit(1761255999.553:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.098642][ T26] audit: type=1326 audit(1761255999.553:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.130065][ T26] audit: type=1326 audit(1761255999.553:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.156424][ T26] audit: type=1326 audit(1761255999.553:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 98.586962][ T4664] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 98.603719][ T4664] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 98.616755][ T4667] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 98.638678][ T4667] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 98.645058][ T4674] netlink: 12 bytes leftover after parsing attributes in process `syz.2.99'. [ 99.002389][ T4677] loop0: detected capacity change from 0 to 1024 [ 99.539886][ T4677] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 101.972277][ T4717] loop1: detected capacity change from 0 to 1024 [ 102.078947][ T4717] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 102.272338][ T4720] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 102.343022][ T4720] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 103.178588][ T4731] loop3: detected capacity change from 0 to 64 [ 104.112351][ T4749] loop4: detected capacity change from 0 to 1024 [ 104.289565][ T4749] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 104.554734][ T4764] netlink: 12 bytes leftover after parsing attributes in process `syz.1.120'. [ 105.056189][ T4766] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 105.113062][ T4766] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 105.209665][ T4768] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 105.236022][ T4768] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 105.452123][ T4775] loop0: detected capacity change from 0 to 64 [ 107.270295][ T4789] loop1: detected capacity change from 0 to 1024 [ 107.380228][ T4786] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 107.404004][ T4789] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 107.429068][ T4786] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 108.309358][ T4806] loop0: detected capacity change from 0 to 64 [ 111.058011][ T4823] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 111.096504][ T4823] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 111.115233][ T4829] netlink: 12 bytes leftover after parsing attributes in process `syz.4.139'. [ 111.367411][ T4835] loop4: detected capacity change from 0 to 64 [ 112.445952][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 112.445967][ T26] audit: type=1326 audit(1761256014.853:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 112.483849][ T26] audit: type=1326 audit(1761256014.893:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 112.571459][ T26] audit: type=1326 audit(1761256014.973:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 112.716038][ T4848] loop0: detected capacity change from 0 to 32768 [ 112.795982][ T4848] ======================================================= [ 112.795982][ T4848] WARNING: The mand mount option has been deprecated and [ 112.795982][ T4848] and is ignored by this kernel. Remove the mand [ 112.795982][ T4848] option from the mount to silence this warning. [ 112.795982][ T4848] ======================================================= [ 112.863310][ T4848] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 112.872011][ T4848] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 112.925734][ T4853] loop3: detected capacity change from 0 to 64 [ 112.973314][ T4848] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 4ms [ 112.993533][ T13] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 113.057673][ T13] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 113.210893][ T26] audit: type=1326 audit(1761256015.013:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.631351][ T26] audit: type=1326 audit(1761256015.013:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.653945][ T26] audit: type=1326 audit(1761256015.013:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.677086][ T26] audit: type=1326 audit(1761256015.013:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.699363][ T26] audit: type=1326 audit(1761256015.013:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.721755][ T26] audit: type=1326 audit(1761256015.013:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.746078][ T26] audit: type=1326 audit(1761256015.013:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 113.878055][ T4855] loop4: detected capacity change from 0 to 32768 [ 113.918088][ T4855] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 113.925625][ T4855] CPU: 0 PID: 4855 Comm: syz.4.144 Not tainted syzkaller #0 [ 113.932944][ T4855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 113.943054][ T4855] Call Trace: [ 113.946366][ T4855] [ 113.949327][ T4855] dump_stack_lvl+0x168/0x230 [ 113.954060][ T4855] ? show_regs_print_info+0x20/0x20 [ 113.959301][ T4855] ? load_image+0x3b0/0x3b0 [ 113.963885][ T4855] sysfs_create_dir_ns+0x252/0x280 [ 113.969151][ T4855] ? __lock_acquire+0x7c60/0x7c60 [ 113.974222][ T4855] ? sysfs_warn_dup+0xa0/0xa0 [ 113.979097][ T4855] ? do_raw_spin_unlock+0x11d/0x230 [ 113.984337][ T4855] kobject_add_internal+0x662/0xd00 [ 113.989733][ T4855] kobject_init_and_add+0x122/0x190 [ 113.994972][ T4855] ? lockdep_softirqs_off+0x420/0x420 [ 114.000653][ T4855] ? kobject_add+0x210/0x210 [ 114.005287][ T4855] ? __init_swait_queue_head+0xa5/0x150 [ 114.010882][ T4855] gfs2_sys_fs_add+0x234/0x480 [ 114.015689][ T4855] ? gfs2_recover_set+0x240/0x240 [ 114.020762][ T4855] ? snprintf+0xd7/0x120 [ 114.025049][ T4855] ? __free_pages+0x95/0x1a0 [ 114.029687][ T4855] ? vscnprintf+0x80/0x80 [ 114.034074][ T4855] gfs2_fill_super+0x128d/0x1f50 [ 114.039058][ T4855] ? gfs2_reconfigure+0xcd0/0xcd0 [ 114.044120][ T4855] ? preempt_count_add+0x8d/0x190 [ 114.049187][ T4855] ? sb_set_blocksize+0xa5/0xe0 [ 114.054054][ T4855] get_tree_bdev+0x3f1/0x610 [ 114.058657][ T4855] ? gfs2_reconfigure+0xcd0/0xcd0 [ 114.063690][ T4855] gfs2_get_tree+0x4d/0x1e0 [ 114.068205][ T4855] vfs_get_tree+0x88/0x270 [ 114.072633][ T4855] do_new_mount+0x24a/0xa40 [ 114.077193][ T4855] __se_sys_mount+0x2d6/0x3c0 [ 114.081884][ T4855] ? __x64_sys_mount+0xc0/0xc0 [ 114.086669][ T4855] ? lockdep_hardirqs_on+0x94/0x140 [ 114.091892][ T4855] ? __x64_sys_mount+0x1c/0xc0 [ 114.096792][ T4855] do_syscall_64+0x4c/0xa0 [ 114.101215][ T4855] ? clear_bhb_loop+0x30/0x80 [ 114.105922][ T4855] ? clear_bhb_loop+0x30/0x80 [ 114.110612][ T4855] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 114.116536][ T4855] RIP: 0033:0x7f2ed53a976a [ 114.120953][ T4855] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.140567][ T4855] RSP: 002b:00007f2ed360ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 114.149000][ T4855] RAX: ffffffffffffffda RBX: 00007f2ed360eef0 RCX: 00007f2ed53a976a [ 114.156978][ T4855] RDX: 0000200000037f40 RSI: 0000200000000000 RDI: 00007f2ed360eeb0 [ 114.164956][ T4855] RBP: 0000200000037f40 R08: 00007f2ed360eef0 R09: 0000000000800040 [ 114.172932][ T4855] R10: 0000000000800040 R11: 0000000000000246 R12: 0000200000000000 [ 114.180911][ T4855] R13: 00007f2ed360eeb0 R14: 0000000000037fb8 R15: 00002000000000c0 [ 114.188902][ T4855] [ 114.192653][ T4855] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 114.206433][ T4855] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 114.234793][ T13] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1177ms [ 114.246936][ T13] gfs2: fsid=syz:syz.0: jid=0: Done [ 114.253244][ T4848] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 114.413618][ T4862] loop2: detected capacity change from 0 to 64 [ 115.252045][ T4867] netlink: 12 bytes leftover after parsing attributes in process `syz.1.151'. [ 115.839474][ T4879] loop1: detected capacity change from 0 to 1024 [ 115.973809][ T4879] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 116.152023][ T4876] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 116.192821][ T4876] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 117.212375][ T4894] loop4: detected capacity change from 0 to 1024 [ 117.427528][ T4894] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 117.578548][ T4905] netlink: 12 bytes leftover after parsing attributes in process `syz.0.162'. [ 118.318992][ T4918] loop0: detected capacity change from 0 to 32768 [ 118.367109][ T4918] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 118.376236][ T4918] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 118.466337][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 118.466352][ T26] audit: type=1326 audit(1761256020.873:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 118.505835][ T4918] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 118.549222][ T13] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 118.585374][ T13] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 118.701748][ T4924] loop1: detected capacity change from 0 to 64 [ 118.789687][ T26] audit: type=1326 audit(1761256020.873:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 118.840677][ T4923] loop4: detected capacity change from 0 to 32768 [ 118.850801][ T26] audit: type=1326 audit(1761256020.913:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 118.873733][ T26] audit: type=1326 audit(1761256020.913:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 118.896803][ T26] audit: type=1326 audit(1761256020.913:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 118.919684][ T26] audit: type=1326 audit(1761256020.933:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 118.947874][ T4923] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 118.955436][ T4923] CPU: 1 PID: 4923 Comm: syz.4.165 Not tainted syzkaller #0 [ 118.962773][ T4923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 118.972835][ T4923] Call Trace: [ 118.976120][ T4923] [ 118.979050][ T4923] dump_stack_lvl+0x168/0x230 [ 118.983735][ T4923] ? show_regs_print_info+0x20/0x20 [ 118.988953][ T4923] ? load_image+0x3b0/0x3b0 [ 118.993473][ T4923] sysfs_create_dir_ns+0x252/0x280 [ 118.998588][ T4923] ? __lock_acquire+0x7c60/0x7c60 [ 119.003638][ T4923] ? sysfs_warn_dup+0xa0/0xa0 [ 119.008325][ T4923] ? do_raw_spin_unlock+0x11d/0x230 [ 119.013532][ T4923] kobject_add_internal+0x662/0xd00 [ 119.018743][ T4923] kobject_init_and_add+0x122/0x190 [ 119.023953][ T4923] ? lockdep_softirqs_off+0x420/0x420 [ 119.029329][ T4923] ? kobject_add+0x210/0x210 [ 119.034008][ T4923] ? __init_swait_queue_head+0xa5/0x150 [ 119.039561][ T4923] gfs2_sys_fs_add+0x234/0x480 [ 119.044325][ T4923] ? gfs2_recover_set+0x240/0x240 [ 119.049359][ T4923] ? snprintf+0xd7/0x120 [ 119.053626][ T4923] ? __free_pages+0x95/0x1a0 [ 119.058215][ T4923] ? vscnprintf+0x80/0x80 [ 119.062552][ T4923] gfs2_fill_super+0x128d/0x1f50 [ 119.067524][ T4923] ? gfs2_reconfigure+0xcd0/0xcd0 [ 119.072551][ T4923] ? preempt_count_add+0x8d/0x190 [ 119.077595][ T4923] ? sb_set_blocksize+0xa5/0xe0 [ 119.082453][ T4923] get_tree_bdev+0x3f1/0x610 [ 119.087049][ T4923] ? gfs2_reconfigure+0xcd0/0xcd0 [ 119.092078][ T4923] gfs2_get_tree+0x4d/0x1e0 [ 119.096583][ T4923] vfs_get_tree+0x88/0x270 [ 119.101001][ T4923] do_new_mount+0x24a/0xa40 [ 119.105508][ T4923] __se_sys_mount+0x2d6/0x3c0 [ 119.110191][ T4923] ? __x64_sys_mount+0xc0/0xc0 [ 119.114978][ T4923] ? lockdep_hardirqs_on+0x94/0x140 [ 119.120191][ T4923] ? __x64_sys_mount+0x1c/0xc0 [ 119.124961][ T4923] do_syscall_64+0x4c/0xa0 [ 119.129399][ T4923] ? clear_bhb_loop+0x30/0x80 [ 119.134100][ T4923] ? clear_bhb_loop+0x30/0x80 [ 119.138780][ T4923] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 119.144676][ T4923] RIP: 0033:0x7f2ed53a976a [ 119.149107][ T4923] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.168716][ T4923] RSP: 002b:00007f2ed360ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 119.177130][ T4923] RAX: ffffffffffffffda RBX: 00007f2ed360eef0 RCX: 00007f2ed53a976a [ 119.185103][ T4923] RDX: 0000200000037f40 RSI: 0000200000000000 RDI: 00007f2ed360eeb0 [ 119.193073][ T4923] RBP: 0000200000037f40 R08: 00007f2ed360eef0 R09: 0000000000800040 [ 119.201061][ T4923] R10: 0000000000800040 R11: 0000000000000246 R12: 0000200000000000 [ 119.209038][ T4923] R13: 00007f2ed360eeb0 R14: 0000000000037fb8 R15: 00002000000000c0 [ 119.217024][ T4923] [ 119.220980][ T4923] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 119.234348][ T4923] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 119.259798][ T26] audit: type=1326 audit(1761256020.933:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 119.336422][ T13] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 751ms [ 119.379132][ T13] gfs2: fsid=syz:syz.0: jid=0: Done [ 119.399423][ T26] audit: type=1326 audit(1761256020.933:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 119.458663][ T4918] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 119.586572][ T26] audit: type=1326 audit(1761256020.933:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 119.640808][ T26] audit: type=1326 audit(1761256020.933:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4920 comm="syz.1.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 121.309187][ T4970] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 121.353007][ T4970] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 121.381893][ T4969] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 121.444713][ T4969] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 121.952529][ T4993] loop1: detected capacity change from 0 to 64 [ 122.787752][ T4997] loop0: detected capacity change from 0 to 1024 [ 123.011759][ T4997] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 123.294619][ T5016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.187'. [ 125.037814][ T5023] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 125.085220][ T5023] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 126.182948][ T26] kauditd_printk_skb: 44 callbacks suppressed [ 126.182964][ T26] audit: type=1326 audit(1761256028.583:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 126.308198][ T26] audit: type=1326 audit(1761256028.583:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 126.342723][ T26] audit: type=1326 audit(1761256028.583:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 126.459561][ T5059] loop1: detected capacity change from 0 to 64 [ 128.995967][ T26] audit: type=1326 audit(1761256028.623:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.022073][ T26] audit: type=1326 audit(1761256028.623:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.046201][ T26] audit: type=1326 audit(1761256028.623:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.069223][ T26] audit: type=1326 audit(1761256028.623:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.091554][ T26] audit: type=1326 audit(1761256028.623:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.113856][ T26] audit: type=1326 audit(1761256028.623:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.136498][ T26] audit: type=1326 audit(1761256028.623:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5051 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 129.309836][ T5068] loop3: detected capacity change from 0 to 32768 [ 129.358119][ T5068] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 129.366339][ T5068] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 129.390494][ T5068] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 129.399449][ T1107] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 129.415271][ T1107] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 129.632410][ T1107] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 217ms [ 129.648995][ T1107] gfs2: fsid=syz:syz.0: jid=0: Done [ 129.660646][ T5068] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 130.244148][ T5091] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 130.304792][ T5091] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 131.046315][ T5108] netlink: 12 bytes leftover after parsing attributes in process `syz.0.214'. [ 131.547353][ T5127] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 131.570652][ T5127] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 132.001323][ T5138] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 132.057283][ T5138] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 132.134208][ T5136] loop0: detected capacity change from 0 to 32768 [ 132.205924][ T5136] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 132.214278][ T5136] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 132.236279][ T5136] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 132.245859][ T7] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 132.253009][ T7] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 132.363001][ T7] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 109ms [ 132.378545][ T7] gfs2: fsid=syz:syz.0: jid=0: Done [ 132.396142][ T5136] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 132.908344][ T1429] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.914772][ T1429] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.861314][ T5177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.234'. [ 134.603889][ T5190] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 134.611959][ T5190] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 135.526689][ T5212] loop0: detected capacity change from 0 to 32768 [ 135.644110][ T5212] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 135.652374][ T5212] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 135.681084][ T5212] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms [ 135.689986][ T21] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 135.697244][ T21] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 135.895810][ T21] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 198ms [ 135.922922][ T21] gfs2: fsid=syz:syz.0: jid=0: Done [ 135.936352][ T5212] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 136.323389][ T5235] netlink: 12 bytes leftover after parsing attributes in process `syz.3.249'. [ 137.321153][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 137.321169][ T26] audit: type=1326 audit(1761256039.723:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 137.511303][ T5265] loop3: detected capacity change from 0 to 64 [ 137.788987][ T26] audit: type=1326 audit(1761256039.783:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.133920][ T26] audit: type=1326 audit(1761256039.783:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.158505][ T26] audit: type=1326 audit(1761256039.783:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.181473][ T26] audit: type=1326 audit(1761256039.783:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.204402][ T26] audit: type=1326 audit(1761256039.783:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.227394][ T26] audit: type=1326 audit(1761256039.783:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.251735][ T26] audit: type=1326 audit(1761256039.783:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.274385][ T26] audit: type=1326 audit(1761256039.783:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.284007][ T5257] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 138.297077][ T26] audit: type=1326 audit(1761256039.783:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5259 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 138.374034][ T5257] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 138.902240][ T5278] netlink: 12 bytes leftover after parsing attributes in process `syz.1.260'. [ 139.987423][ T5293] netlink: 12 bytes leftover after parsing attributes in process `syz.1.265'. [ 140.257008][ T5301] loop3: detected capacity change from 0 to 256 [ 140.446532][ T5301] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 141.302570][ C1] sched: RT throttling activated [ 142.940198][ T5340] netlink: 12 bytes leftover after parsing attributes in process `syz.0.277'. [ 144.351414][ T5363] loop2: detected capacity change from 0 to 256 [ 144.529660][ T5363] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 146.743865][ T5400] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 146.765099][ T5400] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 148.772819][ T5454] loop2: detected capacity change from 0 to 256 [ 150.191362][ T5454] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 150.933466][ T5458] loop4: detected capacity change from 0 to 2048 [ 151.698633][ T5469] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.318'. [ 152.536496][ T5458] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.547829][ T5458] UDF-fs: error (device loop4): udf_read_inode: (ino 1376) failed !bh [ 152.556521][ T5458] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 153.577671][ T5494] loop0: detected capacity change from 0 to 4096 [ 153.958444][ T5494] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 154.678296][ T5513] loop4: detected capacity change from 0 to 256 [ 155.274829][ T5515] loop3: detected capacity change from 0 to 256 [ 159.030715][ T5526] loop1: detected capacity change from 0 to 256 [ 159.271249][ T5526] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 161.141153][ T5533] netlink: 12 bytes leftover after parsing attributes in process `syz.3.334'. [ 162.486797][ T5557] loop1: detected capacity change from 0 to 2048 [ 162.596523][ T5557] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 162.705049][ T5557] UDF-fs: error (device loop1): udf_read_inode: (ino 1376) failed !bh [ 162.714391][ T5557] UDF-fs: error (device loop1): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 163.084063][ T5569] loop0: detected capacity change from 0 to 256 [ 163.129290][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 163.129325][ T26] audit: type=1326 audit(1761256065.533:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 163.313222][ T26] audit: type=1326 audit(1761256065.633:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 163.390985][ T26] audit: type=1326 audit(1761256065.653:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 163.879952][ T26] audit: type=1326 audit(1761256065.663:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 164.245588][ T26] audit: type=1326 audit(1761256065.673:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 164.409538][ T5570] loop1: detected capacity change from 0 to 64 [ 164.424492][ T26] audit: type=1326 audit(1761256065.683:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 164.489732][ T5569] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 165.215427][ T5571] loop4: detected capacity change from 0 to 4096 [ 165.276834][ T5578] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.347'. [ 165.377228][ T26] audit: type=1326 audit(1761256065.683:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 165.435767][ T5571] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 165.711379][ T26] audit: type=1326 audit(1761256065.683:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 165.734618][ T26] audit: type=1326 audit(1761256065.683:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 165.756947][ T26] audit: type=1326 audit(1761256065.683:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz.1.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 166.122221][ T5591] loop2: detected capacity change from 0 to 256 [ 166.228290][ T5591] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 168.264379][ T5620] netlink: 12 bytes leftover after parsing attributes in process `syz.1.352'. [ 169.743125][ T5630] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.359'. [ 170.530828][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 170.530865][ T26] audit: type=1326 audit(1761256072.933:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 170.734612][ T26] audit: type=1326 audit(1761256073.143:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 170.857062][ T26] audit: type=1326 audit(1761256073.143:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 170.902803][ T26] audit: type=1326 audit(1761256073.143:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 170.948019][ T26] audit: type=1326 audit(1761256073.173:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 171.063934][ T26] audit: type=1326 audit(1761256073.183:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 171.097029][ T26] audit: type=1326 audit(1761256073.183:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 171.122741][ T5652] loop1: detected capacity change from 0 to 64 [ 171.264805][ T26] audit: type=1326 audit(1761256073.183:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 171.408306][ T26] audit: type=1326 audit(1761256073.183:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 171.552939][ T26] audit: type=1326 audit(1761256073.183:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.1.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 172.173927][ T5681] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 173.134909][ T5688] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.374'. [ 173.228102][ T5685] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 173.263660][ T5685] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 174.507808][ T5721] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 174.563994][ T5721] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 175.132636][ T5730] netlink: 12 bytes leftover after parsing attributes in process `syz.4.385'. [ 175.838582][ T5700] loop0: detected capacity change from 0 to 32768 [ 175.999465][ T26] kauditd_printk_skb: 62 callbacks suppressed [ 175.999481][ T26] audit: type=1326 audit(1761256078.403:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.066990][ T26] audit: type=1326 audit(1761256078.443:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.098250][ T26] audit: type=1326 audit(1761256078.443:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.101565][ T5737] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.389'. [ 176.151413][ T5748] loop2: detected capacity change from 0 to 64 [ 176.172020][ T26] audit: type=1326 audit(1761256078.443:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.195346][ T5700] XFS (loop0): Mounting V5 Filesystem [ 176.228739][ T26] audit: type=1326 audit(1761256078.443:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.261211][ T5700] XFS (loop0): log mount failed [ 176.383332][ T26] audit: type=1326 audit(1761256078.443:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.431576][ T5752] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 176.481493][ T26] audit: type=1326 audit(1761256078.443:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.503781][ T5752] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 176.531314][ T26] audit: type=1326 audit(1761256078.443:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.565738][ T26] audit: type=1326 audit(1761256078.443:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 176.595316][ T26] audit: type=1326 audit(1761256078.443:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5745 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 177.086957][ T5770] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 177.160199][ T5770] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 177.222165][ T5776] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 177.249355][ T5776] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 177.915193][ T5802] loop2: detected capacity change from 0 to 64 [ 178.227848][ T5809] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 178.267289][ T5809] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 178.610786][ T5819] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 178.625432][ T5818] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 178.635383][ T5819] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 178.644679][ T5818] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 179.068189][ T5829] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 179.112830][ T5829] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 180.446287][ T5846] loop2: detected capacity change from 0 to 32768 [ 182.312791][ T26] kauditd_printk_skb: 94 callbacks suppressed [ 182.312811][ T26] audit: type=1326 audit(1761256084.683:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.1.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 182.365905][ T26] audit: type=1326 audit(1761256084.683:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.1.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 182.622261][ T5864] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 182.630497][ T5864] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 182.940878][ T5878] loop4: detected capacity change from 0 to 256 [ 183.192044][ T5878] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 184.644495][ T5886] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 184.696205][ T5886] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 185.989728][ T26] audit: type=1326 audit(1761256088.393:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 186.095665][ T26] audit: type=1326 audit(1761256088.403:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 186.149596][ T5906] loop2: detected capacity change from 0 to 64 [ 186.182761][ T5460] Bluetooth: hci1: command 0x0406 tx timeout [ 186.458082][ T5460] Bluetooth: hci0: command 0x0406 tx timeout [ 186.464306][ T5460] Bluetooth: hci2: command 0x0406 tx timeout [ 186.470735][ T5460] Bluetooth: hci4: command 0x0406 tx timeout [ 186.476931][ T5460] Bluetooth: hci3: command 0x0406 tx timeout [ 186.493078][ T26] audit: type=1326 audit(1761256088.443:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 187.189624][ T26] audit: type=1326 audit(1761256088.443:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 187.217801][ T26] audit: type=1326 audit(1761256088.443:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 187.246376][ T26] audit: type=1326 audit(1761256088.453:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 187.333009][ T26] audit: type=1326 audit(1761256088.453:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 188.873711][ T26] audit: type=1326 audit(1761256088.453:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 189.049762][ T26] audit: type=1326 audit(1761256088.453:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 189.200952][ T26] audit: type=1326 audit(1761256088.453:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 189.370616][ T26] audit: type=1326 audit(1761256088.453:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 189.429555][ T26] audit: type=1326 audit(1761256088.453:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 190.111697][ T5949] loop2: detected capacity change from 0 to 256 [ 190.120788][ T26] audit: type=1326 audit(1761256088.463:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 190.243598][ T26] audit: type=1326 audit(1761256088.473:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 190.406101][ T26] audit: type=1326 audit(1761256088.473:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 190.507094][ T26] audit: type=1326 audit(1761256088.473:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5904 comm="syz.2.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a19e60fc9 code=0x7ffc0000 [ 190.644446][ T5949] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 191.414634][ T5950] loop3: detected capacity change from 0 to 4096 [ 191.516126][ T5950] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 191.544977][ T5952] loop0: detected capacity change from 0 to 4096 [ 191.573016][ T5956] loop4: detected capacity change from 0 to 2048 [ 191.648064][ T5956] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 191.702809][ T5952] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 191.749186][ T5956] UDF-fs: error (device loop4): udf_read_inode: (ino 1376) failed !bh [ 191.827260][ T5956] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 193.871840][ T5980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.456'. [ 194.372821][ T1429] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.379194][ T1429] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.519301][ T6007] loop4: detected capacity change from 0 to 256 [ 194.698316][ T6007] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 196.446384][ T6032] loop2: detected capacity change from 0 to 4096 [ 196.568969][ T6032] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 196.625614][ T6035] loop0: detected capacity change from 0 to 4096 [ 196.708161][ T6035] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 197.367386][ T6055] netlink: 12 bytes leftover after parsing attributes in process `syz.3.476'. [ 198.378981][ T6068] netlink: 1500 bytes leftover after parsing attributes in process `syz.3.479'. [ 199.053692][ T6076] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 199.061652][ T6076] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 199.965624][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 199.965640][ T26] audit: type=1326 audit(1761256102.373:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 200.077316][ T6111] netlink: 12 bytes leftover after parsing attributes in process `syz.1.489'. [ 200.129092][ T26] audit: type=1326 audit(1761256102.373:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 200.810422][ T6100] loop3: detected capacity change from 0 to 64 [ 200.827546][ T26] audit: type=1326 audit(1761256102.413:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 200.925737][ T6115] netlink: 1500 bytes leftover after parsing attributes in process `syz.1.494'. [ 201.023504][ T26] audit: type=1326 audit(1761256102.413:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 201.093179][ T26] audit: type=1326 audit(1761256102.413:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 201.308752][ T26] audit: type=1326 audit(1761256102.413:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 201.368668][ T26] audit: type=1326 audit(1761256102.413:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 201.409945][ T26] audit: type=1326 audit(1761256102.413:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 202.436972][ T26] audit: type=1326 audit(1761256102.413:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 202.484959][ T26] audit: type=1326 audit(1761256102.413:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.3.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc78aec6fc9 code=0x7ffc0000 [ 203.287836][ T6157] netlink: 1500 bytes leftover after parsing attributes in process `syz.2.507'. [ 204.559974][ T6177] loop3: detected capacity change from 0 to 64 [ 205.525612][ T6182] loop4: detected capacity change from 0 to 32768 [ 205.584114][ T6199] loop2: detected capacity change from 0 to 4096 [ 205.647357][ T6199] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 205.702318][ T6203] netlink: 1500 bytes leftover after parsing attributes in process `syz.3.520'. [ 205.792962][ T6182] XFS (loop4): Mounting V5 Filesystem [ 207.082048][ T6182] XFS (loop4): Ending clean mount [ 207.932282][ T26] kauditd_printk_skb: 74 callbacks suppressed [ 207.932300][ T26] audit: type=1326 audit(1761256109.883:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 207.967220][ T4188] XFS (loop4): Unmounting Filesystem [ 208.098495][ T6245] loop0: detected capacity change from 0 to 64 [ 208.232662][ T26] audit: type=1326 audit(1761256109.903:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.316384][ T6246] netlink: 1500 bytes leftover after parsing attributes in process `syz.2.532'. [ 208.378592][ T26] audit: type=1326 audit(1761256109.973:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.400928][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.407522][ T26] audit: type=1326 audit(1761256109.983:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.430208][ T26] audit: type=1326 audit(1761256109.993:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.452439][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.460518][ T26] audit: type=1326 audit(1761256110.013:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.483137][ T26] audit: type=1326 audit(1761256110.023:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.505338][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.511912][ T26] audit: type=1326 audit(1761256110.033:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.534098][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.545839][ T26] audit: type=1326 audit(1761256110.043:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.568033][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.596475][ T26] audit: type=1326 audit(1761256110.043:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.0.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35bcf3ffc9 code=0x7ffc0000 [ 208.618675][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.892630][ T6261] netlink: 1500 bytes leftover after parsing attributes in process `syz.3.537'. [ 210.097643][ T6276] loop4: detected capacity change from 0 to 2048 [ 210.137744][ T6269] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 210.170578][ T6269] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 210.325804][ T6284] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 210.528033][ T6289] netlink: 1500 bytes leftover after parsing attributes in process `syz.3.544'. [ 211.027915][ T6276] syz.4.540 (6276) used greatest stack depth: 19792 bytes left [ 211.442094][ T6303] netlink: 1500 bytes leftover after parsing attributes in process `syz.1.548'. [ 211.490077][ T6305] loop2: detected capacity change from 0 to 64 [ 213.284505][ T6301] loop0: detected capacity change from 0 to 32768 [ 213.572172][ T6301] XFS (loop0): Mounting V5 Filesystem [ 213.837401][ T6301] XFS (loop0): Ending clean mount [ 214.083660][ T6353] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 214.091695][ T6353] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 214.359969][ T6357] netlink: 1500 bytes leftover after parsing attributes in process `syz.1.561'. [ 214.754893][ T4182] XFS (loop0): Unmounting Filesystem [ 215.471652][ T6339] loop3: detected capacity change from 0 to 32768 [ 215.530057][ T6365] netlink: 1624 bytes leftover after parsing attributes in process `syz.1.564'. [ 215.643604][ T26] kauditd_printk_skb: 28 callbacks suppressed [ 215.643620][ T26] audit: type=1326 audit(1761256118.053:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 215.705866][ T6339] XFS (loop3): Mounting V5 Filesystem [ 215.806931][ T26] audit: type=1326 audit(1761256118.103:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 215.829527][ T26] audit: type=1326 audit(1761256118.103:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 215.876407][ T26] audit: type=1326 audit(1761256118.103:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 215.918066][ T6378] loop1: detected capacity change from 0 to 2048 [ 215.925779][ T26] audit: type=1326 audit(1761256118.103:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 216.026083][ T26] audit: type=1326 audit(1761256118.103:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 216.048604][ T26] audit: type=1326 audit(1761256118.103:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 216.071720][ T26] audit: type=1326 audit(1761256118.113:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 216.095997][ T26] audit: type=1326 audit(1761256118.113:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 216.118327][ T26] audit: type=1326 audit(1761256118.113:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6369 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 216.140491][ C1] vkms_vblank_simulate: vblank timer overrun [ 216.147574][ T6385] loop4: detected capacity change from 0 to 64 [ 216.248849][ T6339] XFS (loop3): Ending clean mount [ 216.254101][ T6388] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 216.344190][ T4184] XFS (loop3): Unmounting Filesystem [ 217.167531][ T6384] loop0: detected capacity change from 0 to 32768 [ 217.366839][ T6384] XFS (loop0): Mounting V5 Filesystem [ 217.647790][ T6384] XFS (loop0): Ending clean mount [ 217.696806][ T6405] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 217.726105][ T6405] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 217.782269][ T6413] netlink: 1500 bytes leftover after parsing attributes in process `syz.4.574'. [ 217.853737][ T6390] loop2: detected capacity change from 0 to 32768 [ 218.363100][ T6394] loop1: detected capacity change from 0 to 32768 [ 218.628370][ T4182] XFS (loop0): Unmounting Filesystem [ 218.648401][ T6390] XFS (loop2): Mounting V5 Filesystem [ 218.797311][ T6394] XFS (loop1): Mounting V5 Filesystem [ 219.639001][ T6390] XFS (loop2): Ending clean mount [ 219.730265][ T6394] XFS (loop1): Ending clean mount [ 219.831569][ T4183] XFS (loop2): Unmounting Filesystem [ 220.202982][ T6442] loop4: detected capacity change from 0 to 4096 [ 220.332346][ T6442] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 220.751932][ T4181] XFS (loop1): Unmounting Filesystem [ 221.001706][ T6440] loop3: detected capacity change from 0 to 32768 [ 221.119939][ T6440] (syz.3.578,6440,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 221.141071][ T6453] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 221.194776][ T6453] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 221.201616][ T6440] (syz.3.578,6440,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 221.320304][ T6440] (syz.3.578,6440,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 221.360712][ T6440] JBD2: Ignoring recovery information on journal [ 221.520564][ T6440] (syz.3.578,6440,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 221.591760][ T6471] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 221.619304][ T6471] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 221.635867][ T6440] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 223.182427][ T6483] loop0: detected capacity change from 0 to 2048 [ 223.243269][ T6466] loop2: detected capacity change from 0 to 32768 [ 223.271466][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 223.308747][ T6487] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 223.621009][ T6466] XFS (loop2): Mounting V5 Filesystem [ 223.877337][ T6466] XFS (loop2): Ending clean mount [ 224.540237][ T6507] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 224.585652][ T6507] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 224.796452][ T4183] XFS (loop2): Unmounting Filesystem [ 226.269836][ T6539] loop4: detected capacity change from 0 to 2048 [ 226.354400][ T6536] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 226.390258][ T6536] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 226.399174][ T6541] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 226.832075][ T6548] hub 1-0:1.0: USB hub found [ 226.839384][ T6548] hub 1-0:1.0: 1 port detected [ 227.651125][ T6534] loop3: detected capacity change from 0 to 32768 [ 227.875585][ T6534] XFS (loop3): Mounting V5 Filesystem [ 228.128312][ T6534] XFS (loop3): Ending clean mount [ 229.134976][ T4184] XFS (loop3): Unmounting Filesystem [ 229.451184][ T6597] loop0: detected capacity change from 0 to 2048 [ 229.562703][ T6599] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 229.656159][ T6594] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 229.742318][ T6594] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 229.927621][ T6610] hub 1-0:1.0: USB hub found [ 229.933766][ T6610] hub 1-0:1.0: 1 port detected [ 230.881429][ T6621] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 230.952846][ T6621] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 232.109858][ T6617] loop3: detected capacity change from 0 to 32768 [ 232.360255][ T6632] loop0: detected capacity change from 0 to 32768 [ 232.416831][ T6662] loop1: detected capacity change from 0 to 2048 [ 232.447448][ T6617] XFS (loop3): Mounting V5 Filesystem [ 232.502022][ T6669] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 232.627519][ T6632] XFS (loop0): Mounting V5 Filesystem [ 232.991603][ T6632] XFS (loop0): Ending clean mount [ 233.119438][ T6617] XFS (loop3): Ending clean mount [ 234.253408][ T4182] XFS (loop0): Unmounting Filesystem [ 234.464325][ T4184] XFS (loop3): Unmounting Filesystem [ 234.693988][ T6695] loop1: detected capacity change from 0 to 2048 [ 234.860897][ T6699] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 235.202942][ T6707] hub 1-0:1.0: USB hub found [ 235.208799][ T6707] hub 1-0:1.0: 1 port detected [ 235.684572][ T6686] loop4: detected capacity change from 0 to 32768 [ 235.947654][ T6686] (syz.4.634,6686,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 236.128591][ T6686] (syz.4.634,6686,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 236.739940][ T6686] (syz.4.634,6686,1):ocfs2_initialize_super:2313 ERROR: status = -12 [ 236.808402][ T6686] (syz.4.634,6686,1):ocfs2_fill_super:1177 ERROR: status = -12 [ 237.156067][ T6724] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 237.192722][ T6724] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 237.200525][ T6733] loop3: detected capacity change from 0 to 2048 [ 237.310018][ T6736] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.709162][ T6749] hub 1-0:1.0: USB hub found [ 237.714961][ T6749] hub 1-0:1.0: 1 port detected [ 238.371216][ T6727] loop2: detected capacity change from 0 to 32768 [ 238.465734][ T6755] loop3: detected capacity change from 0 to 2048 [ 238.514240][ T6758] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 238.539757][ T6727] (syz.2.645,6727,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 238.679294][ T6727] (syz.2.645,6727,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 238.773494][ T6743] loop4: detected capacity change from 0 to 32768 [ 238.829585][ T6727] (syz.2.645,6727,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 238.916620][ T6767] hub 1-0:1.0: USB hub found [ 238.922125][ T6767] hub 1-0:1.0: 1 port detected [ 239.391983][ T6727] JBD2: Ignoring recovery information on journal [ 240.572683][ T6743] XFS (loop4): Mounting V5 Filesystem [ 240.657219][ T6743] XFS (loop4): log mount failed [ 240.690286][ T6727] JBD2: recovery failed [ 240.694848][ T6727] (syz.2.645,6727,0):ocfs2_journal_load:1105 ERROR: Failed to load journal! [ 240.732637][ T6727] (syz.2.645,6727,0):ocfs2_check_volume:2437 ERROR: ocfs2 journal load failed! -5 [ 240.773041][ T6727] (syz.2.645,6727,0):ocfs2_check_volume:2493 ERROR: status = -5 [ 240.822845][ T6727] (syz.2.645,6727,0):ocfs2_mount_volume:1824 ERROR: status = -5 [ 240.908877][ T6727] (syz.2.645,6727,0):ocfs2_fill_super:1177 ERROR: status = -5 [ 240.931840][ T6781] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 240.942138][ T6781] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 241.539156][ T6803] hub 1-0:1.0: USB hub found [ 241.573985][ T6803] hub 1-0:1.0: 1 port detected [ 241.709369][ T6809] loop0: detected capacity change from 0 to 2048 [ 241.788187][ T6785] loop1: detected capacity change from 0 to 32768 [ 241.809441][ T6813] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 242.060964][ T6785] (syz.1.658,6785,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.087864][ T6785] (syz.1.658,6785,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.173823][ T6819] hub 1-0:1.0: USB hub found [ 242.181093][ T6819] hub 1-0:1.0: 1 port detected [ 242.604888][ T6785] (syz.1.658,6785,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 242.753041][ T6785] JBD2: Ignoring recovery information on journal [ 242.776025][ T6807] loop4: detected capacity change from 0 to 32768 [ 242.905861][ T6807] (syz.4.668,6807,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.956123][ T6807] (syz.4.668,6807,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.982956][ T6807] debugfs: Directory '9357E9D751824C228242B9B0D0FB6750' with parent 'ocfs2' already present! [ 242.997299][ T6785] (syz.1.658,6785,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 243.017693][ T6824] hub 1-0:1.0: USB hub found [ 243.027159][ T6824] hub 1-0:1.0: 1 port detected [ 243.124996][ T6807] (syz.4.668,6807,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 243.168422][ T6785] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 243.831920][ T6807] JBD2: Ignoring recovery information on journal [ 243.979809][ T6807] (syz.4.668,6807,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 244.023889][ T4181] ocfs2: Unmounting device (7,1) on (node local) [ 244.070669][ T6807] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 244.114237][ T6834] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 244.198263][ T6834] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 245.004542][ T6832] loop3: detected capacity change from 0 to 32768 [ 245.026640][ T4188] ocfs2: Unmounting device (7,4) on (node local) [ 245.079149][ T6829] loop2: detected capacity change from 0 to 32768 [ 245.184689][ T6832] (syz.3.674,6832,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 245.282798][ T6829] XFS (loop2): Mounting V5 Filesystem [ 245.290779][ T6832] (syz.3.674,6832,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 245.387292][ T6832] (syz.3.674,6832,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 245.458531][ T6832] JBD2: Ignoring recovery information on journal [ 245.575647][ T6829] XFS (loop2): Ending clean mount [ 245.578452][ T6832] (syz.3.674,6832,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 245.674665][ T6832] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 246.753828][ T4183] XFS (loop2): Unmounting Filesystem [ 246.915094][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 246.922815][ T6887] hub 1-0:1.0: USB hub found [ 246.959588][ T6885] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 246.964333][ T6887] hub 1-0:1.0: 1 port detected [ 246.976923][ T6885] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 247.385276][ T6891] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 247.432640][ T6891] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 247.451270][ T6897] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 247.498159][ T6897] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 247.567515][ T6902] loop3: detected capacity change from 0 to 4096 [ 247.668373][ T26] kauditd_printk_skb: 31 callbacks suppressed [ 247.668389][ T26] audit: type=1326 audit(1761256150.073:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 247.767758][ T26] audit: type=1326 audit(1761256150.123:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 247.801272][ T26] audit: type=1326 audit(1761256150.123:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 247.944019][ T6916] loop1: detected capacity change from 0 to 64 [ 248.137951][ T6902] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 248.753397][ T26] audit: type=1326 audit(1761256150.123:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.013579][ T26] audit: type=1326 audit(1761256150.123:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.035792][ C0] vkms_vblank_simulate: vblank timer overrun [ 249.042411][ T26] audit: type=1326 audit(1761256150.123:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.068749][ T26] audit: type=1326 audit(1761256150.123:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.091106][ T26] audit: type=1326 audit(1761256150.123:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.114212][ T26] audit: type=1326 audit(1761256150.133:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.136560][ C0] vkms_vblank_simulate: vblank timer overrun [ 249.144500][ T26] audit: type=1326 audit(1761256150.153:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.1.693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80ec22dfc9 code=0x7ffc0000 [ 249.296576][ T6911] loop4: detected capacity change from 0 to 4096 [ 249.812796][ T4184] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 249.825157][ T6911] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 250.168966][ T6927] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 250.177349][ T6927] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 250.524019][ T6942] loop1: detected capacity change from 0 to 2048 [ 250.623431][ T6946] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 250.704442][ T4188] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22. [ 250.997434][ T6953] hub 1-0:1.0: USB hub found [ 251.003233][ T6953] hub 1-0:1.0: 1 port detected [ 251.294308][ T6944] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 251.313566][ T6944] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 251.632750][ T6963] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.708'. [ 251.792248][ T6966] loop1: detected capacity change from 0 to 2048 [ 253.383265][ T6972] loop2: detected capacity change from 0 to 64 [ 253.627150][ T6973] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 253.765870][ T6975] loop0: detected capacity change from 0 to 4096 [ 253.982974][ T6975] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 254.060619][ T6981] hub 1-0:1.0: USB hub found [ 254.066372][ T6981] hub 1-0:1.0: 1 port detected [ 255.237352][ T4182] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 255.823294][ T1429] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.829932][ T1429] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.318857][ T7020] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.721'. [ 256.405569][ T7025] loop2: detected capacity change from 0 to 4096 [ 256.523379][ T7025] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 257.342314][ T4183] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 257.512071][ T7029] loop3: detected capacity change from 0 to 32768 [ 257.560468][ T7029] (syz.3.726,7029,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 257.615748][ T7029] (syz.3.726,7029,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 257.629155][ T7046] loop2: detected capacity change from 0 to 2048 [ 257.656398][ T7028] loop0: detected capacity change from 0 to 32768 [ 257.713688][ T7044] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 257.721844][ T7053] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 257.759943][ T7029] (syz.3.726,7029,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 257.768642][ T7028] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.725 (7028) [ 257.776446][ T7048] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 257.794571][ T7048] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 257.803750][ T7029] JBD2: Ignoring recovery information on journal [ 257.810164][ T7044] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 258.028607][ T7029] (syz.3.726,7029,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 258.096331][ T7028] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 258.107446][ T7029] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 258.143064][ T7028] BTRFS info (device loop0): using free space tree [ 258.198948][ T7065] hub 1-0:1.0: USB hub found [ 258.204695][ T7065] hub 1-0:1.0: 1 port detected [ 258.289010][ T7028] BTRFS info (device loop0): has skinny extents [ 258.991702][ T7088] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.735'. [ 259.395741][ T7028] BTRFS info (device loop0): enabling ssd optimizations [ 259.559670][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 259.637189][ T7098] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.737'. [ 260.240839][ T7115] loop3: detected capacity change from 0 to 4096 [ 260.360531][ T7115] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 261.327339][ T4184] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 261.389331][ T7123] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 261.442721][ T7123] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 261.515784][ T7127] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 261.553731][ T7127] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 261.741116][ T7142] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.747'. [ 262.866548][ T26] kauditd_printk_skb: 26 callbacks suppressed [ 262.866565][ T26] audit: type=1326 audit(1761256165.273:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.061412][ T7155] loop4: detected capacity change from 0 to 64 [ 263.362081][ T26] audit: type=1326 audit(1761256165.323:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.394580][ T26] audit: type=1326 audit(1761256165.323:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.395782][ T26] audit: type=1326 audit(1761256165.323:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.397113][ T26] audit: type=1326 audit(1761256165.323:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.398372][ T26] audit: type=1326 audit(1761256165.323:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.399668][ T26] audit: type=1326 audit(1761256165.323:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.400816][ T26] audit: type=1326 audit(1761256165.323:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.401936][ T26] audit: type=1326 audit(1761256165.333:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.408246][ T26] audit: type=1326 audit(1761256165.333:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.4.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed53a7fc9 code=0x7ffc0000 [ 263.845743][ T7146] loop0: detected capacity change from 0 to 32768 [ 263.973564][ T7146] (syz.0.749,7146,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 263.973809][ T7146] (syz.0.749,7146,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 264.155067][ T7146] (syz.0.749,7146,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 264.329893][ T7181] loop3: detected capacity change from 0 to 256 [ 265.488137][ T7181] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 265.645892][ T7146] JBD2: Ignoring recovery information on journal [ 266.369539][ T7187] netlink: 1624 bytes leftover after parsing attributes in process `syz.1.761'. [ 266.382965][ T7146] JBD2: recovery failed [ 266.387387][ T7146] (syz.0.749,7146,1):ocfs2_journal_load:1105 ERROR: Failed to load journal! [ 266.540633][ T7146] (syz.0.749,7146,1):ocfs2_check_volume:2437 ERROR: ocfs2 journal load failed! -5 [ 266.665436][ T7146] (syz.0.749,7146,1):ocfs2_check_volume:2493 ERROR: status = -5 [ 266.752555][ T7146] (syz.0.749,7146,1):ocfs2_mount_volume:1824 ERROR: status = -5 [ 266.842099][ T7146] (syz.0.749,7146,1):ocfs2_fill_super:1177 ERROR: status = -5 [ 267.713302][ T7198] loop4: detected capacity change from 0 to 32768 [ 267.802988][ T7198] (syz.4.765,7198,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 267.833293][ T7198] (syz.4.765,7198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 267.929988][ T7198] (syz.4.765,7198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 268.000091][ T7217] loop1: detected capacity change from 0 to 4096 [ 268.010846][ T7198] JBD2: Ignoring recovery information on journal [ 268.098265][ T7217] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 268.106247][ T7221] netlink: 'syz.2.771': attribute type 72 has an invalid length. [ 268.146113][ T7198] (syz.4.765,7198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 268.272993][ T7198] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 269.138411][ T4181] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 269.407532][ T4188] ocfs2: Unmounting device (7,4) on (node local) [ 269.452355][ T7232] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 269.461316][ T7232] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 269.500458][ T7239] loop1: detected capacity change from 0 to 2048 [ 269.712383][ T7245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.777'. [ 269.722272][ T7245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.777'. [ 269.731834][ T7245] netlink: 20 bytes leftover after parsing attributes in process `syz.3.777'. [ 269.740807][ T7245] netlink: 20 bytes leftover after parsing attributes in process `syz.3.777'. [ 270.468879][ T7244] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 270.488410][ T7248] loop0: detected capacity change from 0 to 2048 [ 270.662750][ T7255] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 270.774262][ T7253] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 270.782365][ T7253] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 270.929260][ T7260] hub 1-0:1.0: USB hub found [ 270.935294][ T7260] hub 1-0:1.0: 1 port detected [ 271.224628][ T7239] syz.1.774 (7239) used greatest stack depth: 19656 bytes left [ 271.490687][ T7265] netlink: 'syz.4.783': attribute type 72 has an invalid length. [ 272.029409][ T7282] loop4: detected capacity change from 0 to 4096 [ 272.059542][ T7288] loop1: detected capacity change from 0 to 2048 [ 272.134618][ T7289] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 272.188092][ T7282] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 272.857059][ T7292] hub 1-0:1.0: USB hub found [ 272.863430][ T7292] hub 1-0:1.0: 1 port detected [ 273.089522][ T4188] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22. [ 273.342239][ T7297] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 273.383806][ T7297] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 273.493914][ T7310] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.796'. [ 273.725442][ T7314] loop4: detected capacity change from 0 to 2048 [ 273.768077][ T7284] loop0: detected capacity change from 0 to 32768 [ 273.833902][ T7284] (syz.0.789,7284,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 273.861367][ T7320] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 273.949750][ T7284] (syz.0.789,7284,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 274.013409][ T7284] (syz.0.789,7284,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 274.068547][ T7284] JBD2: Ignoring recovery information on journal [ 274.233647][ T7324] hub 1-0:1.0: USB hub found [ 274.239787][ T7324] hub 1-0:1.0: 1 port detected [ 274.574618][ T7284] (syz.0.789,7284,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 274.632270][ T7284] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 274.807169][ T7331] loop1: detected capacity change from 0 to 4096 [ 274.897842][ T7331] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 274.918239][ T7333] loop3: detected capacity change from 0 to 4096 [ 274.927448][ T4182] ocfs2: Unmounting device (7,0) on (node local) [ 275.183933][ T7333] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 275.720117][ T4181] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 276.270620][ T7351] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.807'. [ 276.328486][ T4184] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 276.384170][ T7354] loop0: detected capacity change from 0 to 2048 [ 276.499907][ T7365] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 276.849911][ T7370] loop4: detected capacity change from 0 to 256 [ 277.474941][ T7363] loop3: detected capacity change from 0 to 2048 [ 277.557160][ T7370] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 278.491337][ T7374] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 279.414625][ T7379] loop0: detected capacity change from 0 to 2048 [ 279.528118][ T7384] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 280.607128][ T7391] loop3: detected capacity change from 0 to 256 [ 280.838551][ T7391] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 281.940663][ T7401] loop1: detected capacity change from 0 to 2048 [ 282.058565][ T7405] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 282.338841][ T7402] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 282.358861][ T7402] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 282.809284][ T7410] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.823'. [ 283.074831][ T7417] loop2: detected capacity change from 0 to 2048 [ 283.124443][ T7422] loop1: detected capacity change from 0 to 2048 [ 283.170930][ T7427] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 283.288948][ T7428] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 283.550618][ T7430] hub 1-0:1.0: USB hub found [ 283.556359][ T7430] hub 1-0:1.0: 1 port detected [ 284.219531][ T7435] loop2: detected capacity change from 0 to 2048 [ 284.354231][ T7444] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 284.431465][ T7439] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 284.500213][ T7439] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 284.739430][ T7448] hub 1-0:1.0: USB hub found [ 284.745234][ T7448] hub 1-0:1.0: 1 port detected [ 284.961661][ T7434] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 256 [ 284.970110][ T7434] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=15) [ 284.994136][ T7434] Remounting filesystem read-only [ 284.999256][ T7434] NILFS (loop2): error -5 truncating bmap (ino=15) [ 285.245900][ T4183] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 285.275801][ T7426] loop3: detected capacity change from 0 to 32768 [ 285.339677][ T7426] (syz.3.827,7426,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 285.400392][ T7426] (syz.3.827,7426,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 285.466638][ T7426] (syz.3.827,7426,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 285.488187][ T7426] JBD2: Ignoring recovery information on journal [ 285.530985][ T7426] (syz.3.827,7426,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xecaf217e, computed 0x51d812ae. Applying ECC. [ 285.562594][ T7426] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 285.572243][ T7437] loop1: detected capacity change from 0 to 32768 [ 285.608732][ T7437] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.829 (7437) [ 285.743127][ T7460] loop4: detected capacity change from 0 to 2048 [ 285.869087][ T7437] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 285.901127][ T7437] BTRFS info (device loop1): using free space tree [ 285.933003][ T7465] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 285.948689][ T7437] BTRFS info (device loop1): has skinny extents [ 286.221259][ T4184] ocfs2: Unmounting device (7,3) on (node local) [ 286.348356][ T7474] hub 1-0:1.0: USB hub found [ 286.354604][ T7474] hub 1-0:1.0: 1 port detected [ 286.540523][ T7459] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 256 [ 286.548540][ T7459] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=15) [ 286.568818][ T7459] Remounting filesystem read-only [ 286.574008][ T7459] NILFS (loop4): error -5 truncating bmap (ino=15) [ 286.830038][ T4188] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 286.958539][ T7489] loop2: detected capacity change from 0 to 2048 [ 287.092638][ T7496] loop4: detected capacity change from 0 to 2048 [ 287.214603][ T7502] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 287.247067][ T7503] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 287.261161][ T7499] loop3: detected capacity change from 0 to 2048 [ 287.567107][ T7506] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.839' sets config #0 [ 287.578752][ T7506] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.839' sets config #1 [ 288.082611][ T7510] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 288.297707][ T7437] BTRFS error (device loop1): open_ctree failed: -22 [ 288.440826][ T7518] hub 1-0:1.0: USB hub found [ 288.446466][ T7518] hub 1-0:1.0: 1 port detected [ 288.731617][ T4288] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by udevd (4288) [ 289.103400][ T7525] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 289.135953][ T7536] loop3: detected capacity change from 0 to 2048 [ 289.145924][ T7525] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 289.246410][ T7538] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 290.139029][ T7549] loop1: detected capacity change from 0 to 2048 [ 290.562649][ T7556] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 291.046577][ T7564] hub 1-0:1.0: USB hub found [ 291.052785][ T7564] hub 1-0:1.0: 1 port detected [ 291.143061][ T7560] loop4: detected capacity change from 0 to 2048 [ 291.160062][ T7563] loop3: detected capacity change from 0 to 2048 [ 291.180843][ T7548] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 256 [ 291.188908][ T7548] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=15) [ 291.205037][ T7548] Remounting filesystem read-only [ 291.210162][ T7548] NILFS (loop1): error -5 truncating bmap (ino=15) [ 291.332322][ T7571] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 291.411169][ T7573] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 291.476236][ T7566] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 291.751999][ T7575] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.853' sets config #0 [ 291.763524][ T7575] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.853' sets config #1 [ 292.035549][ T7577] hub 1-0:1.0: USB hub found [ 292.042356][ T7577] hub 1-0:1.0: 1 port detected [ 292.472809][ T7566] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 292.707544][ T7584] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 292.725770][ T7584] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 292.982185][ T7590] loop4: detected capacity change from 0 to 2048 [ 293.005135][ T7587] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 293.041580][ T7587] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 293.141248][ T7598] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 293.190876][ T7570] loop2: detected capacity change from 0 to 32768 [ 293.387385][ T7570] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 293.404029][ T7570] BTRFS info (device loop2): using free space tree [ 293.410599][ T7570] BTRFS info (device loop2): has skinny extents [ 293.492564][ T7603] hub 1-0:1.0: USB hub found [ 293.498376][ T7603] hub 1-0:1.0: 1 port detected [ 294.130702][ T7570] BTRFS info (device loop2): enabling ssd optimizations [ 294.462894][ T4181] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 295.452284][ T7654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.869'. [ 295.461661][ T7654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.869'. [ 296.538340][ T7662] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 296.615995][ T7662] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 297.081330][ T7693] loop0: detected capacity change from 0 to 2048 [ 297.173560][ T7696] loop4: detected capacity change from 0 to 256 [ 297.297475][ T7696] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 298.140452][ T7699] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 299.502941][ T7726] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 299.942166][ T7746] can: request_module (can-proto-4) failed. [ 301.887710][ T7840] device syzkaller0 entered promiscuous mode [ 303.465312][ T7938] sock: sock_timestamping_bind_phc: sock not bind to device [ 305.741747][ T8041] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.515659][ T8041] bond0: (slave rose0): Enslaving as an active interface with an up link [ 307.533700][ T8042] netlink: 'syz.0.1040': attribute type 10 has an invalid length. [ 307.637941][ T8042] team0: Device hsr_slave_0 failed to register rx_handler [ 307.737170][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 308.085311][ T8074] Zero length message leads to an empty skb [ 309.491922][ T8111] ptrace attach of "./syz-executor exec"[4183] was attempted by " \x0cH;'Sde/Ȑ|zPиW\x0bPt5QI0kp;t>?7~՞8)>\x0a.Fv\x5c0CP{\x07ԭ4OT)%DkfCkF 籥;m\x0cv\x0cTʪz5m֢vī'c^تg_\x0bƍ8)c,(qeB㑻SPt4o IHwL#@mUpE^agh~d_9\x07r|GJj+&ҽk(\x07rnE4(#ë\x0b YβB\x0aЦ&R`?L1tիw.M=3|Gsmg4`|\x22{б춋 [ 310.135851][ T8130] netlink: 'syz.1.1064': attribute type 25 has an invalid length. [ 310.407183][ T8130] syz.1.1064 (8130) used greatest stack depth: 18560 bytes left [ 310.692702][ T8137] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 310.699646][ T8137] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 310.985437][ T8137] vhci_hcd vhci_hcd.0: Device attached [ 311.582686][ T7511] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 311.612763][ T7512] usb 39-1: new low-speed USB device number 2 using vhci_hcd [ 312.112654][ T7511] usb 5-1: Using ep0 maxpacket: 16 [ 312.242731][ T7511] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 312.251519][ T7511] usb 5-1: config 0 has no interface number 0 [ 312.462811][ T7511] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 312.484834][ T7511] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.512540][ T7511] usb 5-1: Product: syz [ 312.516764][ T7511] usb 5-1: Manufacturer: syz [ 312.521424][ T7511] usb 5-1: SerialNumber: syz [ 312.591485][ T7511] usb 5-1: config 0 descriptor?? [ 312.681213][ T7511] hub 5-1:0.132: bad descriptor, ignoring hub [ 312.734879][ T7511] hub: probe of 5-1:0.132 failed with error -5 [ 312.811677][ T7511] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input25 [ 316.729130][ T8138] vhci_hcd: connection reset by peer [ 316.903303][ T8139] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 317.230212][ T1429] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.236663][ T1429] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.402743][ T7511] usb 5-1: USB disconnect, device number 2 [ 317.425989][ T9] vhci_hcd: stop threads [ 317.431046][ T9] vhci_hcd: release socket [ 317.539034][ T9] vhci_hcd: disconnect device [ 317.677103][ T4288] udevd[4288]: setting owner of /dev/input/mouse1 to uid=0, gid=104 failed: No such file or directory [ 318.677090][ T1325] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 319.722842][ T1325] usb 4-1: too many configurations: 9, using maximum allowed: 8 [ 319.814664][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 319.833503][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 319.854238][ T8217] ubi31: attaching mtd0 [ 319.860226][ T8217] ubi31: scanning is finished [ 319.864976][ T8217] ubi31: empty MTD device detected [ 319.915799][ T8217] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 319.923502][ T8217] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 319.930872][ T8217] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 319.937955][ T8217] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 319.945559][ T8217] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 319.952606][ T8217] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 319.960786][ T8217] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2529963534 [ 319.971144][ T8217] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 319.987783][ T8220] ubi31: background thread "ubi_bgt31d" started, PID 8220 [ 320.098601][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 320.245588][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.268677][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.326126][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 320.425799][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.446086][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.492374][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 320.613377][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.654001][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.695635][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 320.805522][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.820984][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.881210][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 320.997164][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 321.011426][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 321.041944][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 321.143786][ T1325] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 321.159930][ T1325] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 321.292045][ T1325] usb 4-1: config 0 interface 0 has no altsetting 0 [ 321.442901][ T1325] usb 4-1: unable to read config index 7 descriptor/start: -71 [ 321.468300][ T1325] usb 4-1: can't read configurations, error -71 [ 321.687980][ T8226] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 324.162512][ T8227] netlink: 'syz.4.1089': attribute type 7 has an invalid length. [ 324.375874][ T8227] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 324.385346][ T8227] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 324.394100][ T8227] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 324.402825][ T8227] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 324.568749][ T8243] 9pnet_virtio: no channels available for device syz [ 325.877411][ T8261] process 'syz.2.1101' launched './file0' with NULL argv: empty string added [ 326.192078][ T8268] capability: warning: `syz.3.1102' uses deprecated v2 capabilities in a way that may be insecure [ 327.979983][ T8269] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 327.994314][ T8269] netlink: 'syz.2.1103': attribute type 10 has an invalid length. [ 328.443491][ T8269] team0: Device hsr_slave_0 failed to register rx_handler [ 328.500048][ T4239] Bluetooth: hci0: command 0x0c1a tx timeout [ 331.916924][ T8306] [ 331.919332][ T8306] ====================================================== [ 331.926359][ T8306] WARNING: possible circular locking dependency detected [ 331.933393][ T8306] syzkaller #0 Not tainted [ 331.937817][ T8306] ------------------------------------------------------ [ 331.944843][ T8306] syz.4.1112/8306 is trying to acquire lock: [ 331.950840][ T8306] ffff88807d1a4b98 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: __flush_work+0xc1/0x1b0 [ 331.961312][ T8306] [ 331.961312][ T8306] but task is already holding lock: [ 331.968679][ T8306] ffff88807d1a4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x5f/0x1030 [ 331.978009][ T8306] [ 331.978009][ T8306] which lock already depends on the new lock. [ 331.978009][ T8306] [ 331.988437][ T8306] [ 331.988437][ T8306] the existing dependency chain (in reverse order) is: [ 331.997584][ T8306] [ 331.997584][ T8306] -> #3 (&hdev->req_lock){+.+.}-{3:3}: [ 332.005260][ T8306] __mutex_lock_common+0x1eb/0x2390 [ 332.011015][ T8306] mutex_lock_nested+0x17/0x20 [ 332.016334][ T8306] hci_dev_do_close+0x5f/0x1030 [ 332.021725][ T8306] hci_rfkill_set_block+0x10a/0x190 [ 332.027467][ T8306] rfkill_set_block+0x1c6/0x420 [ 332.032865][ T8306] rfkill_fop_write+0x458/0x560 [ 332.038253][ T8306] vfs_write+0x300/0xd00 [ 332.043029][ T8306] ksys_write+0x14d/0x250 [ 332.047911][ T8306] do_syscall_64+0x4c/0xa0 [ 332.052862][ T8306] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 332.059338][ T8306] [ 332.059338][ T8306] -> #2 (rfkill_global_mutex){+.+.}-{3:3}: [ 332.067454][ T8306] __mutex_lock_common+0x1eb/0x2390 [ 332.073195][ T8306] mutex_lock_nested+0x17/0x20 [ 332.078499][ T8306] rfkill_register+0x33/0x8a0 [ 332.083720][ T8306] hci_register_dev+0x452/0x970 [ 332.089115][ T8306] vhci_create_device+0x32c/0x5c0 [ 332.094675][ T8306] vhci_write+0x391/0x450 [ 332.099536][ T8306] vfs_write+0x712/0xd00 [ 332.104308][ T8306] ksys_write+0x14d/0x250 [ 332.109172][ T8306] do_syscall_64+0x4c/0xa0 [ 332.114121][ T8306] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 332.120554][ T8306] [ 332.120554][ T8306] -> #1 (&data->open_mutex){+.+.}-{3:3}: [ 332.128399][ T8306] __mutex_lock_common+0x1eb/0x2390 [ 332.134146][ T8306] mutex_lock_nested+0x17/0x20 [ 332.139452][ T8306] vhci_send_frame+0x88/0x100 [ 332.144665][ T8306] hci_send_frame+0x1a9/0x2e0 [ 332.149881][ T8306] hci_tx_work+0x9f9/0x1710 [ 332.154925][ T8306] process_one_work+0x863/0x1000 [ 332.160409][ T8306] worker_thread+0xaa8/0x12a0 [ 332.165624][ T8306] kthread+0x436/0x520 [ 332.170235][ T8306] ret_from_fork+0x1f/0x30 [ 332.175189][ T8306] [ 332.175189][ T8306] -> #0 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 332.184418][ T8306] __lock_acquire+0x2c33/0x7c60 [ 332.189808][ T8306] lock_acquire+0x197/0x3f0 [ 332.194853][ T8306] __flush_work+0xdd/0x1b0 [ 332.199803][ T8306] hci_dev_do_close+0x1e7/0x1030 [ 332.205272][ T8306] hci_rfkill_set_block+0x10a/0x190 [ 332.211010][ T8306] rfkill_set_block+0x1c6/0x420 [ 332.216398][ T8306] rfkill_fop_write+0x458/0x560 [ 332.221787][ T8306] vfs_write+0x300/0xd00 [ 332.226580][ T8306] ksys_write+0x14d/0x250 [ 332.231444][ T8306] do_syscall_64+0x4c/0xa0 [ 332.236397][ T8306] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 332.242825][ T8306] [ 332.242825][ T8306] other info that might help us debug this: [ 332.242825][ T8306] [ 332.253054][ T8306] Chain exists of: [ 332.253054][ T8306] (work_completion)(&hdev->tx_work) --> rfkill_global_mutex --> &hdev->req_lock [ 332.253054][ T8306] [ 332.268021][ T8306] Possible unsafe locking scenario: [ 332.268021][ T8306] [ 332.275490][ T8306] CPU0 CPU1 [ 332.280877][ T8306] ---- ---- [ 332.286256][ T8306] lock(&hdev->req_lock); [ 332.290690][ T8306] lock(rfkill_global_mutex); [ 332.298073][ T8306] lock(&hdev->req_lock); [ 332.305038][ T8306] lock((work_completion)(&hdev->tx_work)); [ 332.311027][ T8306] [ 332.311027][ T8306] *** DEADLOCK *** [ 332.311027][ T8306] [ 332.319174][ T8306] 2 locks held by syz.4.1112/8306: [ 332.324294][ T8306] #0: ffffffff8d4c0c68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x19e/0x560 [ 332.334416][ T8306] #1: ffff88807d1a4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x5f/0x1030 [ 332.344211][ T8306] [ 332.344211][ T8306] stack backtrace: [ 332.350107][ T8306] CPU: 0 PID: 8306 Comm: syz.4.1112 Not tainted syzkaller #0 [ 332.357630][ T8306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 332.367708][ T8306] Call Trace: [ 332.371002][ T8306] [ 332.374034][ T8306] dump_stack_lvl+0x168/0x230 [ 332.378733][ T8306] ? load_image+0x3b0/0x3b0 [ 332.383255][ T8306] ? show_regs_print_info+0x20/0x20 [ 332.388473][ T8306] ? print_circular_bug+0x12b/0x1a0 [ 332.393682][ T8306] check_noncircular+0x274/0x310 [ 332.398632][ T8306] ? add_chain_block+0x940/0x940 [ 332.403575][ T8306] ? lockdep_lock+0xdc/0x1e0 [ 332.408184][ T8306] ? mark_lock+0x94/0x320 [ 332.412524][ T8306] __lock_acquire+0x2c33/0x7c60 [ 332.417404][ T8306] ? lockdep_unlock+0x134/0x2d0 [ 332.422266][ T8306] ? lockdep_lock+0x1e0/0x1e0 [ 332.426960][ T8306] ? mark_lock+0x94/0x320 [ 332.431303][ T8306] ? verify_lock_unused+0x140/0x140 [ 332.436516][ T8306] ? __lock_acquire+0x12d9/0x7c60 [ 332.441569][ T8306] lock_acquire+0x197/0x3f0 [ 332.446091][ T8306] ? __flush_work+0xc1/0x1b0 [ 332.450696][ T8306] ? __mutex_trylock_common+0x14f/0x250 [ 332.456275][ T8306] ? read_lock_is_recursive+0x10/0x10 [ 332.461679][ T8306] ? lock_chain_count+0x20/0x20 [ 332.466545][ T8306] ? mark_lock+0x94/0x320 [ 332.470920][ T8306] __flush_work+0xdd/0x1b0 [ 332.475358][ T8306] ? __flush_work+0xc1/0x1b0 [ 332.479968][ T8306] ? flush_work+0x20/0x20 [ 332.484314][ T8306] ? hci_leds_update_powered+0x148/0x160 [ 332.489963][ T8306] ? rcu_lock_release+0x5/0x20 [ 332.494742][ T8306] ? __lock_acquire+0x7c60/0x7c60 [ 332.499792][ T8306] hci_dev_do_close+0x1e7/0x1030 [ 332.504746][ T8306] ? _raw_spin_unlock+0x40/0x40 [ 332.509627][ T8306] hci_rfkill_set_block+0x10a/0x190 [ 332.514852][ T8306] ? rcu_lock_release+0x20/0x20 [ 332.519723][ T8306] rfkill_set_block+0x1c6/0x420 [ 332.524591][ T8306] rfkill_fop_write+0x458/0x560 [ 332.529457][ T8306] ? rfkill_fop_read+0x4b0/0x4b0 [ 332.534416][ T8306] ? common_file_perm+0x90/0x1c0 [ 332.539366][ T8306] ? fsnotify_perm+0x5d/0x560 [ 332.544056][ T8306] ? security_file_permission+0x75/0xa0 [ 332.549613][ T8306] ? rfkill_fop_read+0x4b0/0x4b0 [ 332.554565][ T8306] vfs_write+0x300/0xd00 [ 332.558837][ T8306] ? file_end_write+0x250/0x250 [ 332.563703][ T8306] ? __fget_files+0x40f/0x480 [ 332.568394][ T8306] ? __fdget_pos+0x1e2/0x370 [ 332.572991][ T8306] ? ksys_write+0x71/0x250 [ 332.577418][ T8306] ksys_write+0x14d/0x250 [ 332.581772][ T8306] ? __ia32_sys_read+0x80/0x80 [ 332.586549][ T8306] ? lockdep_hardirqs_on+0x94/0x140 [ 332.591763][ T8306] do_syscall_64+0x4c/0xa0 [ 332.596195][ T8306] ? clear_bhb_loop+0x30/0x80 [ 332.600989][ T8306] ? clear_bhb_loop+0x30/0x80 [ 332.605680][ T8306] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 332.611586][ T8306] RIP: 0033:0x7f2ed53a7fc9 [ 332.616013][ T8306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.635633][ T8306] RSP: 002b:00007f2ed360f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 332.644080][ T8306] RAX: ffffffffffffffda RBX: 00007f2ed55fefa0 RCX: 00007f2ed53a7fc9 [ 332.652077][ T8306] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003 [ 332.660159][ T8306] RBP: 00007f2ed542af91 R08: 0000000000000000 R09: 0000000000000000 [ 332.668146][ T8306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.676135][ T8306] R13: 00007f2ed55ff038 R14: 00007f2ed55fefa0 R15: 00007fff3f44c088 [ 332.684155][ T8306] [ 333.109179][ T8308] PM: hibernation: Basic memory bitmaps created [ 333.164781][ T8308] PM: hibernation: Basic memory bitmaps freed