last executing test programs: 13m50.142332578s ago: executing program 0 (id=349): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0) mount$binderfs(0x0, &(0x7f00000023c0)='./binderfs\x00', &(0x7f0000002400), 0x4000, 0x0) sendmmsg$unix(r3, &(0x7f0000001a40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {{&(0x7f0000000a80)=@abs={0x1, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f0000001940), 0x0, 0x90}}], 0x2, 0x40) ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0xc0) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) 13m48.251952825s ago: executing program 0 (id=354): socket$kcm(0x21, 0x2, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) socket(0x2000000000000021, 0x2, 0x10000000000002) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb"], 0x2c}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r4, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0) sendfile(r3, r1, 0x0, 0x100000000) 13m47.786591264s ago: executing program 0 (id=358): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0) mount$binderfs(0x0, &(0x7f00000023c0)='./binderfs\x00', &(0x7f0000002400), 0x4000, 0x0) sendmmsg$unix(r3, &(0x7f0000001a40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {{&(0x7f0000000a80)=@abs={0x1, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f0000001940), 0x0, 0x90}}], 0x2, 0x40) ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0xc0) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) 13m44.827885382s ago: executing program 0 (id=364): r0 = socket(0x40000000015, 0x5, 0x0) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4) prlimit64(0x0, 0xe, 0x0, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x840}, 0x2400c010) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r5 = socket(0x8000000010, 0x2, 0x0) write(r5, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e07", 0xdd) r6 = socket(0x840000000002, 0x3, 0x100) connect$inet(r6, 0x0, 0x0) sendmmsg$inet(r6, &(0x7f0000005240), 0x0, 0x0) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev}, 0x4, {0x2, 0x0, @multicast1=0xe000cc02}}) getsockname$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000080)=0x10) getsockopt(r0, 0x200000000114, 0x2713, 0x0, &(0x7f0000000040)) connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, 'bond_slave_0\x00'}}, 0x1e) 13m43.581179816s ago: executing program 0 (id=366): syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file1\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f00000020c0)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==") r0 = syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000)) r1 = syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00') syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$SG_SET_FORCE_PACK_ID(0xffffffffffffffff, 0x227b, &(0x7f0000000040)) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000480)={{r1}, 0x9, &(0x7f0000000400)=[0x7, 0x6, 0x40, 0xdf38, 0x3, 0xe199, 0x2, 0x5, 0xdec], 0x7, 0xc, 0x1}) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f0000000240)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x0, 0x1, 0xced3, 0x8, 0x0, 0x0, 0xfc}) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000500)=0x4) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f0000000080)={0x800100, 0xffffffff, 0x1e, 0xffffffff, 0xa, 0x101}) readv(r2, &(0x7f0000000180)=[{&(0x7f0000000340)=""/171, 0x1c}], 0x1) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x10840, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) pwritev(r3, &(0x7f00000003c0)=[{&(0x7f0000000100)="5fd1", 0x2}, {&(0x7f0000000240)="235f2fc822db", 0x6}, {&(0x7f0000000280)="3ca275152519f2e3", 0x8}, {0x0}], 0x4, 0x68ab, 0xfffffff0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x84, &(0x7f0000000000)={r6, @in={{0x2, 0x0, @empty}}}, 0x90) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000540)=@assoc_value={r6, 0xffff3a07}, &(0x7f0000000580)=0x8) 13m40.946589908s ago: executing program 0 (id=376): socket$inet_udp(0x2, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x88, &(0x7f00000001c0)={[], [{@fsuuid={'fsuuid', 0x3d, {[0x64, 0xb, 0x36, 0x66, 0x65, 0x66, 0x34b61ac358e0f40a, 0x63], 0x2d, [0x31, 0x35, 0x33, 0x62], 0x2d, [0x39, 0x55, 0x39, 0x61], 0x2d, [0x65, 0x63, 0xc, 0x69], 0x2d, [0x35, 0x30, 0x65, 0x33, 0x66, 0x35, 0x33, 0x38]}}}]}, 0x3, 0x448, &(0x7f0000000580)="$eJzs28tvG1UXAPAzdpx+fSZfVR59AIGCqHgkTVpKF2xAILEACQkWZWmStCp1G9QEiVYVBITKElVij1gi8Rewgg0CVpXYwh4hVSibFlZGY88ktmPn6cRt/ftJ0947c617j2eOfWduHEDfGkn/SSL2RMTvETFUrzY3GKn/d2fh2uQ/C9cmk6hW3/47qbW7vXBtMm+av253XhmIKHyexOE2/c5euXqhXKlMX87qY3MXPxibvXL1+fMXy+emz01fmjh9+uSJ8RdPTbzQlTjTuG4f+njmyMHX373x5uSZG+/98l2Sx98SR5eMrHTwqWq1y9311t6GcjLQw4GwLsV6mkaplv9DUYylkzcUr33W08EBW6parVYf7Hx4vgrcx5Lo9QiA3si/6NP733zbpqnHXeHWy/UboDTuO9lWPzIQhaxNqeX+tptGIuLM/L9fp1tszXMIAIAmP6Tzn+fazf8K0fhcaF+2hjIcEf+PiP0RcSoiDkTEAxG1tg9FxMPr7L91kWT5/GffhuJaq3T+91K2ttU8/8tnfzFczGp7a/GXkrPnK9PHs5Edi9KOtD6+Qh8/vvrbl20PZF3k8790S/vP54JZo78GdjS/bKo8V95MzI1ufRpxaKBd/MniSkASEQcj4tAG+zj/zLdHOh0bWTX+FXRhnan6TcTT9fM/Hy3x55KV1yfH/heV6eNj+VWx3K83r7/Vqf9Nxd8F6fnf1fb6X4x/OGlcr51dfx/X//ii4z3N6vG3v/4Hk3ea9n1Unpu7PB4xmLxRH3Tj/omWdhNL7dP4jx1tn//7Y+mdOBwR6UX8SEQ8GhGPZWN/PCKeiIijy0O7OZgVfn7lyfdrhdJG4t9aafxT6zr/S4XBaN1z9UI5D7rhUPHCT983dTq8VFzb+T9ZKx3L9qzl82/ZuDoUNvPeAQAAwL2iEBF7IimMLpYLhdHR+t/wH4hdhcrM7NyzZ2c+vDRV/43AcJQK+ZOuoYbnoePZbX1en2ipn8ieG39V3Fmrj07OVKZ6HTz0ud0d8j/1Z7HXowO2nN9rQf+S/9C/5D/0L/kP/atN/u/sxTiA7dfu+/+Tti2tCMD9pin/90ly6Cfu/6F/yX/oX/If+tLszlj9R/IK90gh/yDfjr6icFeErLBFhR5/MAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTJfwEAAP//aJTf6A==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6a) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) close(r3) openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000001, 0x0, 'queue0\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @time={0x1, 0x4}, {}, {}, @raw32}], 0x1c) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x100) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r5, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2c}, 0x78, r6}) r7 = socket(0xa, 0x1, 0x0) ioctl(r7, 0x8916, 0x0) ioctl(r7, 0x8936, &(0x7f0000000000)) close_range(r4, 0xffffffffffffffff, 0x0) 13m25.350954964s ago: executing program 32 (id=376): socket$inet_udp(0x2, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x88, &(0x7f00000001c0)={[], [{@fsuuid={'fsuuid', 0x3d, {[0x64, 0xb, 0x36, 0x66, 0x65, 0x66, 0x34b61ac358e0f40a, 0x63], 0x2d, [0x31, 0x35, 0x33, 0x62], 0x2d, [0x39, 0x55, 0x39, 0x61], 0x2d, [0x65, 0x63, 0xc, 0x69], 0x2d, [0x35, 0x30, 0x65, 0x33, 0x66, 0x35, 0x33, 0x38]}}}]}, 0x3, 0x448, &(0x7f0000000580)="$eJzs28tvG1UXAPAzdpx+fSZfVR59AIGCqHgkTVpKF2xAILEACQkWZWmStCp1G9QEiVYVBITKElVij1gi8Rewgg0CVpXYwh4hVSibFlZGY88ktmPn6cRt/ftJ0947c617j2eOfWduHEDfGkn/SSL2RMTvETFUrzY3GKn/d2fh2uQ/C9cmk6hW3/47qbW7vXBtMm+av253XhmIKHyexOE2/c5euXqhXKlMX87qY3MXPxibvXL1+fMXy+emz01fmjh9+uSJ8RdPTbzQlTjTuG4f+njmyMHX373x5uSZG+/98l2Sx98SR5eMrHTwqWq1y9311t6GcjLQw4GwLsV6mkaplv9DUYylkzcUr33W08EBW6parVYf7Hx4vgrcx5Lo9QiA3si/6NP733zbpqnHXeHWy/UboDTuO9lWPzIQhaxNqeX+tptGIuLM/L9fp1tszXMIAIAmP6Tzn+fazf8K0fhcaF+2hjIcEf+PiP0RcSoiDkTEAxG1tg9FxMPr7L91kWT5/GffhuJaq3T+91K2ttU8/8tnfzFczGp7a/GXkrPnK9PHs5Edi9KOtD6+Qh8/vvrbl20PZF3k8790S/vP54JZo78GdjS/bKo8V95MzI1ufRpxaKBd/MniSkASEQcj4tAG+zj/zLdHOh0bWTX+FXRhnan6TcTT9fM/Hy3x55KV1yfH/heV6eNj+VWx3K83r7/Vqf9Nxd8F6fnf1fb6X4x/OGlcr51dfx/X//ii4z3N6vG3v/4Hk3ea9n1Unpu7PB4xmLxRH3Tj/omWdhNL7dP4jx1tn//7Y+mdOBwR6UX8SEQ8GhGPZWN/PCKeiIijy0O7OZgVfn7lyfdrhdJG4t9aafxT6zr/S4XBaN1z9UI5D7rhUPHCT983dTq8VFzb+T9ZKx3L9qzl82/ZuDoUNvPeAQAAwL2iEBF7IimMLpYLhdHR+t/wH4hdhcrM7NyzZ2c+vDRV/43AcJQK+ZOuoYbnoePZbX1en2ipn8ieG39V3Fmrj07OVKZ6HTz0ud0d8j/1Z7HXowO2nN9rQf+S/9C/5D/0L/kP/atN/u/sxTiA7dfu+/+Tti2tCMD9pin/90ly6Cfu/6F/yX/oX/If+tLszlj9R/IK90gh/yDfjr6icFeErLBFhR5/MAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTJfwEAAP//aJTf6A==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6a) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) close(r3) openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000001, 0x0, 'queue0\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @time={0x1, 0x4}, {}, {}, @raw32}], 0x1c) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x100) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r5, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2c}, 0x78, r6}) r7 = socket(0xa, 0x1, 0x0) ioctl(r7, 0x8916, 0x0) ioctl(r7, 0x8936, &(0x7f0000000000)) close_range(r4, 0xffffffffffffffff, 0x0) 2.791144576s ago: executing program 4 (id=2758): r0 = socket$netlink(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f0000000080)=@ethtool_perm_addr={0x4b, 0x29, "43488172070000000000476fb2940acfbe4c3f9725f0f2bf568d62c050880594c23d36147b586c9a7a"}}) 2.530870361s ago: executing program 4 (id=2761): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_sock_diag(0x10, 0x3, 0x4) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="1c0000001e005f0214fffffffffffff8070000001700000000000000", 0x1c) 2.135305009s ago: executing program 4 (id=2765): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000002020000000900020073797a32000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14}}, 0x58}}, 0x4000000) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9885, 0x10008}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_RESEND_IGMP={0x8, 0xf, 0x4}, @IFLA_BOND_NUM_PEER_NOTIF={0x5, 0x10, 0x88}]}}}]}, 0x44}}, 0x0) 1.833790615s ago: executing program 4 (id=2770): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @any, 0x7ff}, 0xe) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000200)) 1.667868978s ago: executing program 1 (id=2772): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan1\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r1}, 0x10, &(0x7f00000003c0)={&(0x7f0000000400)=@canfd={{0x4, 0x1, 0x1, 0x1}, 0xf, 0x0, 0x0, 0x0, "cca6f1e10194fd9304e8689818861d84be21875faed70061c5322a4ca48de2c8afc31232034c834cdc4586231d4cd7fcc6c6ad00"}, 0x48}, 0x2, 0x0, 0x0, 0x8801}, 0x30048009) 1.53397345s ago: executing program 1 (id=2775): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000040)=0x1938, 0x4) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) recvmsg(r2, &(0x7f0000000300)={&(0x7f0000000440)=@phonet, 0x80, &(0x7f0000001a80)=[{&(0x7f00000004c0)=""/102, 0x66}, {&(0x7f0000000540)=""/113, 0x71}, {&(0x7f0000000680)=""/222, 0xde}, {&(0x7f0000000780)=""/190, 0xbe}, {&(0x7f0000000840)=""/67, 0x43}, {&(0x7f00000008c0)=""/221, 0xdd}, {&(0x7f00000009c0)=""/4096, 0x1000}], 0x7, &(0x7f0000001b00)=""/215, 0xd7}, 0x10120) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10) setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f00000001c0)=@gcm_128={{0x303}, "d428d493b54539b9", "62714b65e42465c5518ccb9d7c403972", "2cbdb9e9"}, 0x28) sendto$inet(r1, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0) recvfrom$inet(r1, &(0x7f0000000600)=""/102, 0x66, 0x10150, &(0x7f00000000c0)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x850) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r4, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 1.441537462s ago: executing program 2 (id=2776): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[], 0x10}, 0x1f, 0x7}, 0x44) 1.334016224s ago: executing program 2 (id=2778): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x74, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x48, 0x3, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xf8}}, 0x0) 1.257425276s ago: executing program 2 (id=2780): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0xa, &(0x7f0000005ac0)=0x2, 0x4) 1.187981167s ago: executing program 3 (id=2781): r0 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x97, 0xfdff, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) 1.136231478s ago: executing program 2 (id=2782): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x0, 0x0, {{@in=@broadcast, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x2, 0x20, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0x2, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) bind$phonet(r0, &(0x7f0000000040)={0x23, 0x4}, 0x10) close(r0) 1.135496348s ago: executing program 1 (id=2783): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000100)=0xfffffff7, 0x4) sendmmsg$inet6(r0, &(0x7f0000001700)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @local, 0x1}, 0x1c, 0x0, 0x0, &(0x7f0000000140)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast1={0xff, 0x11}}}}], 0x28, 0x7ffffff7}}], 0x1, 0x0) 1.006476911s ago: executing program 2 (id=2784): unshare(0x20000400) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2e8}, 0x94) 1.006222821s ago: executing program 3 (id=2785): r0 = socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r0, 0x852ac000) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x11, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x41da}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffc}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x80000000}}, [@map_fd={0x18, 0x8, 0x1, 0x0, r1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0xae}}}, &(0x7f0000000080)='GPL\x00', 0xa, 0xffe, &(0x7f0000000cc0)=""/4094, 0x41100, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) 1.006007421s ago: executing program 5 (id=2786): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x1003, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x20000000}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8, 0x1, 0x9}}}}]}, 0x38}}, 0x0) 1.005777321s ago: executing program 1 (id=2787): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18) socket$igmp(0x2, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) unshare(0x6020400) socket(0x10, 0x3, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x1f00) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000001040)={'ip_vti0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @broadcast, @loopback}}}}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000780)={'syztnl2\x00', &(0x7f0000000200)={'tunl0\x00', r3, 0x40, 0x1, 0x2, 0x9, {{0x7, 0x4, 0x1, 0x3b, 0x1c, 0x66, 0x0, 0xea, 0x2f, 0x0, @local, @multicast2, {[@cipso={0x86, 0x6, 0xfffffffffffffffd}]}}}}}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) 890.954553ms ago: executing program 4 (id=2788): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) 879.233563ms ago: executing program 5 (id=2789): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) openat$tun(0xffffffffffffff9c, 0x0, 0x701203, 0x0) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000008600)=0x1, 0x4) socket(0x2000000000000021, 0x2, 0x10000000000002) recvmmsg(r0, &(0x7f0000007580)=[{{0x0, 0x0, 0x0}, 0x7fffffff}], 0x1, 0x8020, 0x0) sendmsg$802154_dgram(r0, &(0x7f000000b8c0)={&(0x7f000000b800)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0102}}}, 0x14, &(0x7f000000b880)={0x0}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) writev(r1, &(0x7f0000003500)=[{0x0}], 0x1) 833.160254ms ago: executing program 3 (id=2790): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$ax25(0x3, 0x5, 0xc4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r1, 0x0, 0xfffffffffffffffe}, 0x10) socket(0x2, 0x80805, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x40044) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r4, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r5], 0x3c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r4, {0xfff2}, {}, {0xa, 0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) 674.477477ms ago: executing program 5 (id=2791): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000080), 0x4) 674.142457ms ago: executing program 4 (id=2792): socket$nl_generic(0x10, 0x3, 0x10) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) accept(r1, 0x0, &(0x7f0000000200)) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) connect(r1, &(0x7f0000000280)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x4, 0x0}, 0x1}, 0x80) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000004c0)={'syz_tun\x00'}) 576.850579ms ago: executing program 5 (id=2793): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1e, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d1000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b400000095"], &(0x7f0000000300)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000ff}, 0x94) socket$netlink(0x10, 0x3, 0x0) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, 0xffffffffffffffff}, 0x0, &(0x7f0000000300)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000a17000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r2, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000740)=[0x0, 0x0], 0x0, 0xf7, &(0x7f0000000080)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000007c0), &(0x7f0000000800), 0x8, 0x8d, 0x8, 0x8, &(0x7f0000000840)}}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@mcast2, @rand_addr=' \x01\x00', @private2, 0x0, 0x0, 0x0, 0x100, 0x0, 0xa0023}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'macvlan1\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r4, @ANYBLOB="800202000a0002"], 0x48}}, 0x0) 388.124833ms ago: executing program 5 (id=2794): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_sock_diag(0x10, 0x3, 0x4) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f00000000c0)="1c0000001e005f0214fffffffffffff8070000001700000000000000", 0x1c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='btrfs_space_reservation\x00', r0, 0x0, 0x5}, 0x18) r2 = socket(0x15, 0x5, 0x0) socket$rds(0x15, 0x5, 0x0) r3 = socket(0x40000000015, 0x5, 0x0) connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendmsg$inet(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40) getsockopt(r3, 0x200000000114, 0x2715, 0x0, &(0x7f0000000400)) getsockopt(r2, 0x200000000114, 0x271b, 0x0, &(0x7f0000000100)) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r5, 0x0, 0x4, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r7, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c) r8 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r8, &(0x7f0000000100)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100280000000000000002000000200001800d0001"], 0x34}}, 0x0) 332.385104ms ago: executing program 3 (id=2795): pipe(&(0x7f0000000000)) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f0000005300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a41, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000000c0)='lp', 0x2) write$tun(r1, 0x0, 0x24e2) r2 = socket$kcm(0x10, 0x3, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={0xffffffffffffffff, 0x27, 0xe, 0x0, &(0x7f0000000140)="004157038084806279f29973f223", 0x0, 0x10000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="1400000016000b63d25a80648c25940121", 0x11}, {&(0x7f0000000280)="e26248", 0x3}], 0x2}, 0x40050) 185.009357ms ago: executing program 3 (id=2796): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f0000007380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x28, r1, 0xe096044a3fc9e6f1, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x200000d0}, 0x8050) 149.175337ms ago: executing program 5 (id=2797): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='tlb_flush\x00', r1}, 0x18) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000006, 0xc3072, r2, 0x0) 78.894229ms ago: executing program 3 (id=2798): socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='rcu_utilization\x00', r0, 0x0, 0x2}, 0x18) socket$alg(0x26, 0x5, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x2, 0x3, 0x0, 0x1}, 0x8) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socket$nl_netfilter(0x10, 0x3, 0xc) close(r2) r3 = socket$l2tp6(0xa, 0x2, 0x73) sendto$inet6(0xffffffffffffffff, 0x0, 0xfffffd15, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x40}}, 0x1c) recvmmsg(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002003, 0x0) splice(0xffffffffffffffff, &(0x7f0000000140)=0xf, r3, &(0x7f0000000180)=0x6, 0x1, 0x7) r4 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4) accept$netrom(r1, &(0x7f0000000080)={{0x3, @null}, [@null, @netrom, @remote, @null, @null, @null, @bcast, @default]}, &(0x7f0000000100)=0x48) shutdown(r2, 0x0) recvmmsg(r2, &(0x7f00000055c0), 0x400023c, 0x300, 0x0) 34.44368ms ago: executing program 1 (id=2799): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d00000000802", @ANYRES8=r0], 0x3c}}, 0x10) 27.34289ms ago: executing program 2 (id=2800): setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f00000000c0)={{0xa, 0x4e24, 0xfdffffb1, @private0, 0x5}, {0xa, 0x4e23, 0x7, @mcast2, 0x56504}, 0xfffe, {[0x5447, 0x3, 0x7, 0xc4, 0x2, 0xffffffff, 0x9, 0xfffffffa]}}, 0x5c) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ed5696c5820fae0000000000000080beef911d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$unix(r1, &(0x7f00000020c0)=[{{&(0x7f00000050c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x80}}, {{&(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="24000000000000001701"], 0x28, 0x2000c000}}], 0x2, 0x88) 0s ago: executing program 1 (id=2801): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="38010000100001"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) kernel console output (not intermixed with test programs): T1110] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 925.580506][T13050] ? shmem_match+0x160/0x160 [ 925.580538][T13050] ? shmem_alloc_inode+0x16/0x30 [ 925.602961][ T1110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 925.607318][T13050] kmem_cache_alloc+0x3d/0x290 [ 925.607349][T13050] ? shmem_match+0x160/0x160 [ 925.607373][T13050] shmem_alloc_inode+0x16/0x30 [ 925.607395][T13050] new_inode_pseudo+0x5f/0x210 [ 925.653157][T13050] new_inode+0x25/0x1c0 [ 925.657354][T13050] shmem_get_inode+0x334/0xa90 [ 925.662131][T13050] ? _raw_spin_unlock+0x24/0x40 [ 925.667000][T13050] __shmem_file_setup+0x10b/0x290 [ 925.672039][T13050] ? shmem_file_setup+0x13/0x30 [ 925.676897][T13050] __se_sys_memfd_create+0x290/0x430 [ 925.682192][T13050] ? __x64_sys_memfd_create+0x60/0x60 [ 925.687580][T13050] ? lockdep_hardirqs_on+0x94/0x140 [ 925.692798][T13050] do_syscall_64+0x4c/0xa0 [ 925.697414][T13050] ? clear_bhb_loop+0x30/0x80 [ 925.702113][T13050] ? clear_bhb_loop+0x30/0x80 [ 925.706814][T13050] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 925.712728][T13050] RIP: 0033:0x7fca49fafec9 [ 925.717156][T13050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 925.736778][T13050] RSP: 002b:00007fca48216e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 925.745212][T13050] RAX: ffffffffffffffda RBX: 00000000000015ce RCX: 00007fca49fafec9 [ 925.753187][T13050] RDX: 00007fca48216ef0 RSI: 0000000000000000 RDI: 00007fca4a033960 [ 925.761165][T13050] RBP: 00002000000016c0 R08: 00007fca48216bb7 R09: 00007fca48216e40 [ 925.769142][T13050] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000001640 [ 925.777118][T13050] R13: 00007fca48216ef0 R14: 00007fca48216eb0 R15: 0000200000001680 [ 925.785108][T13050] [ 925.921233][T13056] loop3: detected capacity change from 0 to 512 [ 926.012774][ T1110] usb 3-1: GET_CAPABILITIES returned 0 [ 926.018335][ T1110] usbtmc 3-1:16.0: can't read capabilities [ 926.067986][T13056] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.2180: casefold flag without casefold feature [ 926.230005][T13056] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.2180: couldn't read orphan inode 15 (err -117) [ 926.270000][T13056] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 926.345097][T12319] usb 3-1: USB disconnect, device number 7 [ 926.423353][T13071] loop1: detected capacity change from 0 to 512 [ 926.529107][T13067] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 926.537605][T13067] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 926.721931][T13071] EXT4-fs (loop1): Ignoring removed oldalloc option [ 926.776657][T13071] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.2186: corrupted in-inode xattr [ 926.839509][T13078] loop3: detected capacity change from 0 to 4096 [ 926.846633][T13071] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.2186: couldn't read orphan inode 15 (err -117) [ 926.881019][T13071] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrjquota=,abort,nombcache,noload,noblock_validity,grpjquota=,oldalloc,nouid32,bsdgroups,barrier=0x0000000000000053,,errors=continue. Quota mode: none. [ 926.913715][T13078] ntfs: (device loop3): parse_options(): Unrecognized mount option smackfsfloor. [ 926.923681][T13078] ntfs: (device loop3): parse_options(): Unrecognized mount option euid>00000000000000008624. [ 926.934027][T13078] ntfs: (device loop3): parse_options(): Unrecognized mount option . [ 927.237826][T13061] loop5: detected capacity change from 0 to 40427 [ 927.253651][T13070] x_tables: duplicate underflow at hook 2 [ 927.260054][T13070] x_tables: duplicate underflow at hook 2 [ 927.349603][T13061] F2FS-fs (loop5): Fix alignment : internally, start(4096) end(16896) block(12288) [ 927.399996][T13061] F2FS-fs (loop5): invalid crc value [ 927.447179][T13061] F2FS-fs (loop5): Found nat_bits in checkpoint [ 927.464040][T13089] loop4: detected capacity change from 0 to 1024 [ 927.615518][T13091] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 927.626436][T13089] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 927.668534][T13091] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 927.720635][T13061] F2FS-fs (loop5): recover fsync data on readonly fs [ 927.732162][T13061] F2FS-fs (loop5): Cannot turn on quotas: -2 on 1 [ 927.740332][T13061] F2FS-fs (loop5): Cannot turn on quotas: -2 on 2 [ 927.748467][T13061] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 927.819227][T13058] F2FS-fs (loop5): Try to recover all the superblocks, ret: 0 [ 927.844708][T13058] F2FS-fs (loop5): Unrecognized mount option "_unit=block" or missing value [ 928.644867][T13118] loop1: detected capacity change from 0 to 128 [ 928.701766][T13111] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 928.713447][T13111] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 928.716371][ T26] audit: type=1800 audit(1759272286.669:102): pid=13118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2197" name="file1" dev="loop1" ino=1050129 res=0 errno=0 [ 928.880189][T13114] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 928.918336][T13114] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 928.977422][T13124] FAULT_INJECTION: forcing a failure. [ 928.977422][T13124] name failslab, interval 1, probability 0, space 0, times 0 [ 929.103272][T13124] CPU: 1 PID: 13124 Comm: syz.4.2200 Not tainted syzkaller #0 [ 929.110887][T13124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 929.120966][T13124] Call Trace: [ 929.124272][T13124] [ 929.127221][T13124] dump_stack_lvl+0x168/0x230 [ 929.132285][T13124] ? show_regs_print_info+0x20/0x20 [ 929.137509][T13124] ? load_image+0x3b0/0x3b0 [ 929.142121][T13124] ? __might_sleep+0xf0/0xf0 [ 929.146734][T13124] ? __lock_acquire+0x7c60/0x7c60 [ 929.151794][T13124] should_fail+0x38c/0x4c0 [ 929.156324][T13124] should_failslab+0x5/0x20 [ 929.160843][T13124] slab_pre_alloc_hook+0x51/0xc0 [ 929.165797][T13124] ? shmem_match+0x160/0x160 [ 929.170417][T13124] ? shmem_alloc_inode+0x16/0x30 [ 929.175386][T13124] kmem_cache_alloc+0x3d/0x290 [ 929.180176][T13124] ? shmem_match+0x160/0x160 [ 929.184785][T13124] shmem_alloc_inode+0x16/0x30 [ 929.189572][T13124] new_inode_pseudo+0x5f/0x210 [ 929.194359][T13124] new_inode+0x25/0x1c0 [ 929.198576][T13124] shmem_get_inode+0x334/0xa90 [ 929.203371][T13124] ? _raw_spin_unlock+0x24/0x40 [ 929.208248][T13124] __shmem_file_setup+0x10b/0x290 [ 929.213291][T13124] ? shmem_file_setup+0x13/0x30 [ 929.218162][T13124] __se_sys_memfd_create+0x290/0x430 [ 929.223482][T13124] ? __x64_sys_memfd_create+0x60/0x60 [ 929.228879][T13124] ? lockdep_hardirqs_on+0x94/0x140 [ 929.234113][T13124] do_syscall_64+0x4c/0xa0 [ 929.238550][T13124] ? clear_bhb_loop+0x30/0x80 [ 929.243244][T13124] ? clear_bhb_loop+0x30/0x80 [ 929.247937][T13124] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 929.253979][T13124] RIP: 0033:0x7fca49fafec9 [ 929.258411][T13124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 929.278044][T13124] RSP: 002b:00007fca48216e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 929.286502][T13124] RAX: ffffffffffffffda RBX: 0000000000004426 RCX: 00007fca49fafec9 [ 929.294504][T13124] RDX: 00007fca48216ef0 RSI: 0000000000000000 RDI: 00007fca4a033960 [ 929.302596][T13124] RBP: 0000200000004500 R08: 00007fca48216bb7 R09: 00007fca48216e40 [ 929.310600][T13124] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000004480 [ 929.318599][T13124] R13: 00007fca48216ef0 R14: 00007fca48216eb0 R15: 00002000000044c0 [ 929.326623][T13124] [ 929.559276][T13123] loop2: detected capacity change from 0 to 1024 [ 929.788404][T13123] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 929.807544][T13134] FAULT_INJECTION: forcing a failure. [ 929.807544][T13134] name failslab, interval 1, probability 0, space 0, times 0 [ 929.832226][T13138] loop3: detected capacity change from 0 to 1024 [ 929.918365][T13134] CPU: 1 PID: 13134 Comm: syz.1.2201 Not tainted syzkaller #0 [ 929.925898][T13134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 929.936069][T13134] Call Trace: [ 929.939377][T13134] [ 929.942354][T13134] dump_stack_lvl+0x168/0x230 [ 929.947074][T13134] ? show_regs_print_info+0x20/0x20 [ 929.952302][T13134] ? load_image+0x3b0/0x3b0 [ 929.956836][T13134] ? __might_sleep+0xf0/0xf0 [ 929.961465][T13134] ? __lock_acquire+0x7c60/0x7c60 [ 929.966524][T13134] should_fail+0x38c/0x4c0 [ 929.970977][T13134] should_failslab+0x5/0x20 [ 929.975693][T13134] slab_pre_alloc_hook+0x51/0xc0 [ 929.980656][T13134] ? shmem_match+0x160/0x160 [ 929.985278][T13134] ? shmem_alloc_inode+0x16/0x30 [ 929.990246][T13134] kmem_cache_alloc+0x3d/0x290 [ 929.995038][T13134] ? shmem_match+0x160/0x160 [ 929.999670][T13134] shmem_alloc_inode+0x16/0x30 [ 930.004459][T13134] new_inode_pseudo+0x5f/0x210 [ 930.009254][T13134] new_inode+0x25/0x1c0 [ 930.013436][T13134] shmem_get_inode+0x334/0xa90 [ 930.018232][T13134] ? _raw_spin_unlock+0x24/0x40 [ 930.023118][T13134] __shmem_file_setup+0x10b/0x290 [ 930.028165][T13134] ? shmem_file_setup+0x13/0x30 [ 930.033042][T13134] __se_sys_memfd_create+0x290/0x430 [ 930.038358][T13134] ? __x64_sys_memfd_create+0x60/0x60 [ 930.043776][T13134] ? lockdep_hardirqs_on+0x94/0x140 [ 930.049002][T13134] do_syscall_64+0x4c/0xa0 [ 930.053481][T13134] ? clear_bhb_loop+0x30/0x80 [ 930.058182][T13134] ? clear_bhb_loop+0x30/0x80 [ 930.062883][T13134] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 930.068804][T13134] RIP: 0033:0x7fc594508ec9 [ 930.073346][T13134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 930.092985][T13134] RSP: 002b:00007fc59276fe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 930.101436][T13134] RAX: ffffffffffffffda RBX: 000000000001ec48 RCX: 00007fc594508ec9 [ 930.109436][T13134] RDX: 00007fc59276fef0 RSI: 0000000000000000 RDI: 00007fc59458c960 [ 930.117530][T13134] RBP: 000020000001ed40 R08: 00007fc59276fbb7 R09: 00007fc59276fe40 [ 930.125804][T13134] R10: 000000000000000a R11: 0000000000000202 R12: 000020000001ecc0 [ 930.133821][T13134] R13: 00007fc59276fef0 R14: 00007fc59276feb0 R15: 000020000001ed00 [ 930.141843][T13134] [ 930.203563][T13138] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 930.256054][T13138] UDF-fs: error (device loop3): udf_read_inode: (ino 832) failed !bh [ 930.286401][T13143] EXT4-fs warning (device loop2): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 930.349786][T13138] UDF-fs: error (device loop3): udf_fill_super: Error in udf_iget, block=48, partition=0 [ 931.090001][T13159] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 931.103002][T13159] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 931.694031][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.700981][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.996326][T13171] loop3: detected capacity change from 0 to 128 [ 932.105034][T13177] FAULT_INJECTION: forcing a failure. [ 932.105034][T13177] name failslab, interval 1, probability 0, space 0, times 0 [ 932.128148][ T26] audit: type=1800 audit(1759272290.079:103): pid=13171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2211" name="file1" dev="loop3" ino=1050130 res=0 errno=0 [ 932.214541][T13172] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 932.236758][T13172] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 932.246014][T13177] CPU: 0 PID: 13177 Comm: syz.4.2215 Not tainted syzkaller #0 [ 932.253693][T13177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 932.263954][T13177] Call Trace: [ 932.267374][T13177] [ 932.270340][T13177] dump_stack_lvl+0x168/0x230 [ 932.275061][T13177] ? show_regs_print_info+0x20/0x20 [ 932.280430][T13177] ? load_image+0x3b0/0x3b0 [ 932.284978][T13177] ? __might_sleep+0xf0/0xf0 [ 932.289607][T13177] ? __lock_acquire+0x7c60/0x7c60 [ 932.294682][T13177] should_fail+0x38c/0x4c0 [ 932.299135][T13177] should_failslab+0x5/0x20 [ 932.303663][T13177] slab_pre_alloc_hook+0x51/0xc0 [ 932.308624][T13177] ? __alloc_file+0x25/0x240 [ 932.313239][T13177] kmem_cache_alloc+0x3d/0x290 [ 932.318024][T13177] ? __lock_acquire+0x12d9/0x7c60 [ 932.323081][T13177] __alloc_file+0x25/0x240 [ 932.327522][T13177] alloc_empty_file+0x90/0x180 [ 932.332314][T13177] path_openat+0xfc/0x2f30 [ 932.336766][T13177] ? verify_lock_unused+0x140/0x140 [ 932.342169][T13177] ? __kasan_slab_alloc+0xb3/0xd0 [ 932.347217][T13177] ? __kasan_slab_alloc+0x9c/0xd0 [ 932.352256][T13177] ? slab_post_alloc_hook+0x4c/0x380 [ 932.357561][T13177] ? verify_lock_unused+0x140/0x140 [ 932.362813][T13177] ? __x64_sys_openat+0x135/0x160 [ 932.367877][T13177] ? do_syscall_64+0x4c/0xa0 [ 932.372487][T13177] ? do_filp_open+0x3e0/0x3e0 [ 932.377182][T13177] do_filp_open+0x1b3/0x3e0 [ 932.381697][T13177] ? vfs_tmpfile+0x300/0x300 [ 932.386306][T13177] ? _raw_spin_unlock+0x24/0x40 [ 932.391167][T13177] ? alloc_fd+0x598/0x630 [ 932.395509][T13177] do_sys_openat2+0x142/0x4a0 [ 932.400197][T13177] ? __lock_acquire+0x7c60/0x7c60 [ 932.405233][T13177] ? do_sys_open+0xe0/0xe0 [ 932.409655][T13177] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 932.415744][T13177] ? lock_chain_count+0x20/0x20 [ 932.420840][T13177] ? vtime_user_exit+0x2dc/0x400 [ 932.425858][T13177] __x64_sys_openat+0x135/0x160 [ 932.430826][T13177] do_syscall_64+0x4c/0xa0 [ 932.435248][T13177] ? clear_bhb_loop+0x30/0x80 [ 932.439936][T13177] ? clear_bhb_loop+0x30/0x80 [ 932.444918][T13177] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 932.450826][T13177] RIP: 0033:0x7fca49fae710 [ 932.455551][T13177] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 932.475720][T13177] RSP: 002b:00007fca48216f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 932.484159][T13177] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fca49fae710 [ 932.492529][T13177] RDX: 0000000000000000 RSI: 00007fca4a03307e RDI: 00000000ffffff9c [ 932.500512][T13177] RBP: 00007fca4a03307e R08: 0000000000000000 R09: 0000000000000000 [ 932.508570][T13177] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 932.516563][T13177] R13: 00007fca4a207038 R14: 00007fca4a206fa0 R15: 00007ffc7947df38 [ 932.524667][T13177] [ 932.569197][T13182] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.2216'. [ 932.748636][T13182] loop5: detected capacity change from 0 to 512 [ 933.199399][T13186] loop1: detected capacity change from 0 to 4096 [ 933.213213][T12319] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 933.261508][T13182] EXT4-fs (loop5): Test dummy encryption mode enabled [ 933.270945][T13182] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 933.342358][T13182] EXT4-fs (loop5): 1 truncate cleaned up [ 933.353378][T13182] EXT4-fs (loop5): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,test_dummy_encryption=v1,init_itable=0x000000000000005c,dax=never,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none. [ 933.442619][T13186] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 935.351055][T13223] loop4: detected capacity change from 0 to 256 [ 935.472981][T12319] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 935.487769][ T26] audit: type=1800 audit(1759272293.439:104): pid=13223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2225" name="file1" dev="loop4" ino=1050131 res=0 errno=0 [ 935.539531][T12319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 935.604046][T12319] usb 3-1: config 0 descriptor?? [ 935.633028][T12319] usb 3-1: can't set config #0, error -71 [ 935.646100][T12319] usb 3-1: USB disconnect, device number 8 [ 935.667886][T13234] loop3: detected capacity change from 0 to 128 [ 935.678345][ T26] audit: type=1804 audit(1759272293.459:105): pid=13223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2225" name="/newroot/437/file0/file1" dev="loop4" ino=1050131 res=1 errno=0 [ 935.738196][T13238] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0 [ 935.784141][T13234] FAT-fs (loop3): Unrecognized mount option "icharset=defaulo885šK9-15" or missing value [ 935.871007][ T26] audit: type=1800 audit(1759272293.459:106): pid=13223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2225" name="file1" dev="loop4" ino=1050131 res=0 errno=0 [ 935.898314][T13225] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 935.909667][T13225] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 936.377187][T13256] FAULT_INJECTION: forcing a failure. [ 936.377187][T13256] name failslab, interval 1, probability 0, space 0, times 0 [ 936.402810][T13256] CPU: 1 PID: 13256 Comm: syz.1.2234 Not tainted syzkaller #0 [ 936.410333][T13256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 936.420428][T13256] Call Trace: [ 936.423734][T13256] [ 936.426724][T13256] dump_stack_lvl+0x168/0x230 [ 936.431445][T13256] ? show_regs_print_info+0x20/0x20 [ 936.436681][T13256] ? load_image+0x3b0/0x3b0 [ 936.441286][T13256] ? __might_sleep+0xf0/0xf0 [ 936.445922][T13256] ? __lock_acquire+0x7c60/0x7c60 [ 936.450997][T13256] should_fail+0x38c/0x4c0 [ 936.455463][T13256] should_failslab+0x5/0x20 [ 936.459997][T13256] slab_pre_alloc_hook+0x51/0xc0 [ 936.464964][T13256] ? __alloc_file+0x25/0x240 [ 936.469728][T13256] kmem_cache_alloc+0x3d/0x290 [ 936.474536][T13256] ? __lock_acquire+0x12d9/0x7c60 [ 936.479607][T13256] __alloc_file+0x25/0x240 [ 936.484075][T13256] alloc_empty_file+0x90/0x180 [ 936.488896][T13256] path_openat+0xfc/0x2f30 [ 936.493365][T13256] ? verify_lock_unused+0x140/0x140 [ 936.498601][T13256] ? __kasan_slab_alloc+0xb3/0xd0 [ 936.503781][T13256] ? __kasan_slab_alloc+0x9c/0xd0 [ 936.508842][T13256] ? slab_post_alloc_hook+0x4c/0x380 [ 936.514174][T13256] ? verify_lock_unused+0x140/0x140 [ 936.519435][T13256] ? __x64_sys_openat+0x135/0x160 [ 936.524502][T13256] ? do_syscall_64+0x4c/0xa0 [ 936.529142][T13256] ? do_filp_open+0x3e0/0x3e0 [ 936.533919][T13256] do_filp_open+0x1b3/0x3e0 [ 936.538542][T13256] ? vfs_tmpfile+0x300/0x300 [ 936.543285][T13256] ? _raw_spin_unlock+0x24/0x40 [ 936.548278][T13256] ? alloc_fd+0x598/0x630 [ 936.552664][T13256] do_sys_openat2+0x142/0x4a0 [ 936.557382][T13256] ? __lock_acquire+0x7c60/0x7c60 [ 936.562461][T13256] ? do_sys_open+0xe0/0xe0 [ 936.567027][T13256] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 936.573441][T13256] ? lock_chain_count+0x20/0x20 [ 936.578350][T13256] ? vtime_user_exit+0x2dc/0x400 [ 936.583340][T13256] __x64_sys_openat+0x135/0x160 [ 936.588274][T13256] do_syscall_64+0x4c/0xa0 [ 936.592727][T13256] ? clear_bhb_loop+0x30/0x80 [ 936.597460][T13256] ? clear_bhb_loop+0x30/0x80 [ 936.602171][T13256] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 936.608100][T13256] RIP: 0033:0x7fc594507710 [ 936.612553][T13256] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 936.632362][T13256] RSP: 002b:00007fc59276fb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 936.640816][T13256] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc594507710 [ 936.648823][T13256] RDX: 0000000000000002 RSI: 00007fc59276fc10 RDI: 00000000ffffff9c [ 936.656925][T13256] RBP: 00007fc59276fc10 R08: 0000000000000000 R09: 00236964696d6d64 [ 936.665171][T13256] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 936.673232][T13256] R13: 00007fc594760038 R14: 00007fc59475ffa0 R15: 00007ffd19179148 [ 936.681345][T13256] [ 936.809197][T13234] loop3: detected capacity change from 0 to 32768 [ 936.848095][T13260] loop5: detected capacity change from 0 to 256 [ 936.877276][T13234] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop3 scanned by syz.3.2229 (13234) [ 937.042674][T13260] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 937.118013][T13260] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 937.196934][T13234] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 937.266153][T13260] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 937.290867][T13234] BTRFS info (device loop3): using free space tree [ 937.334534][T13234] BTRFS info (device loop3): has skinny extents [ 938.532961][T13293] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0 [ 938.562836][T13234] BTRFS info (device loop3): enabling ssd optimizations [ 938.672742][ T4296] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 938.682262][T13299] FAULT_INJECTION: forcing a failure. [ 938.682262][T13299] name failslab, interval 1, probability 0, space 0, times 0 [ 938.710442][T13299] CPU: 0 PID: 13299 Comm: syz.4.2241 Not tainted syzkaller #0 [ 938.717987][T13299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 938.728072][T13299] Call Trace: [ 938.731375][T13299] [ 938.734362][T13299] dump_stack_lvl+0x168/0x230 [ 938.739058][T13299] ? show_regs_print_info+0x20/0x20 [ 938.744264][T13299] ? load_image+0x3b0/0x3b0 [ 938.748779][T13299] ? __might_sleep+0xf0/0xf0 [ 938.753401][T13299] ? __lock_acquire+0x7c60/0x7c60 [ 938.758430][T13299] ? netlink_insert+0xe7c/0x11d0 [ 938.763378][T13299] should_fail+0x38c/0x4c0 [ 938.767827][T13299] should_failslab+0x5/0x20 [ 938.772332][T13299] slab_pre_alloc_hook+0x51/0xc0 [ 938.777276][T13299] kmem_cache_alloc_node+0x47/0x2d0 [ 938.782497][T13299] ? __alloc_skb+0xf4/0x750 [ 938.787014][T13299] __alloc_skb+0xf4/0x750 [ 938.791355][T13299] netlink_sendmsg+0x645/0xbc0 [ 938.796137][T13299] ? netlink_getsockopt+0x560/0x560 [ 938.801348][T13299] ? aa_sock_msg_perm+0x94/0x150 [ 938.806412][T13299] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 938.811728][T13299] ? security_socket_sendmsg+0x7c/0xa0 [ 938.817197][T13299] ? netlink_getsockopt+0x560/0x560 [ 938.822425][T13299] ____sys_sendmsg+0x5a2/0x8c0 [ 938.827230][T13299] ? memset+0x1e/0x40 [ 938.831227][T13299] ? __sys_sendmsg_sock+0x30/0x30 [ 938.836272][T13299] ? import_iovec+0x6f/0xa0 [ 938.840783][T13299] ___sys_sendmsg+0x1f0/0x260 [ 938.845481][T13299] ? __sys_sendmsg+0x250/0x250 [ 938.850264][T13299] ? vfs_write+0x84d/0xd00 [ 938.854698][T13299] ? __fdget+0x18b/0x210 [ 938.859033][T13299] __se_sys_sendmsg+0x190/0x250 [ 938.863905][T13299] ? __x64_sys_sendmsg+0x80/0x80 [ 938.868868][T13299] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 938.875006][T13299] ? lockdep_hardirqs_on+0x94/0x140 [ 938.880247][T13299] do_syscall_64+0x4c/0xa0 [ 938.884686][T13299] ? clear_bhb_loop+0x30/0x80 [ 938.889381][T13299] ? clear_bhb_loop+0x30/0x80 [ 938.894070][T13299] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 938.899973][T13299] RIP: 0033:0x7fca49fafec9 [ 938.904405][T13299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 938.924030][T13299] RSP: 002b:00007fca48217038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 938.932583][T13299] RAX: ffffffffffffffda RBX: 00007fca4a206fa0 RCX: 00007fca49fafec9 [ 938.940576][T13299] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000005 [ 938.948570][T13299] RBP: 00007fca48217090 R08: 0000000000000000 R09: 0000000000000000 [ 938.956555][T13299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 938.964544][T13299] R13: 00007fca4a207038 R14: 00007fca4a206fa0 R15: 00007ffc7947df38 [ 938.972542][T13299] [ 939.212868][ T4296] usb 2-1: Using ep0 maxpacket: 32 [ 939.362878][ T4296] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 939.375203][ T4296] usb 2-1: config 0 has no interface number 0 [ 939.563009][ T4296] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 939.572181][ T4296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 939.586575][ T4296] usb 2-1: Product: syz [ 939.590804][ T4296] usb 2-1: Manufacturer: syz [ 939.597834][ T4296] usb 2-1: SerialNumber: syz [ 939.609286][ T4296] usb 2-1: config 0 descriptor?? [ 939.663856][ T4296] smsc95xx v2.0.0 [ 939.792360][T13312] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 939.829801][T13312] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 940.034867][T13322] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 940.044094][T13322] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 940.055164][T13327] loop2: detected capacity change from 0 to 64 [ 940.157090][T13327] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop2 [ 940.165891][T12206] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 940.773487][T12206] usb 5-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96 [ 940.782962][T12206] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 940.791762][T12206] usb 5-1: Product: syz [ 940.796141][T12206] usb 5-1: Manufacturer: syz [ 940.801523][T12206] usb 5-1: SerialNumber: syz [ 940.831475][T12206] usb 5-1: config 0 descriptor?? [ 940.847705][T13335] loop5: detected capacity change from 0 to 256 [ 940.870021][T13335] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 940.889857][T13335] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 940.951470][T13335] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 940.985560][T13279] netlink: 'syz.1.2238': attribute type 1 has an invalid length. [ 941.102930][T12206] peak_usb 5-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels) [ 941.213178][ T4296] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 941.228626][ T4296] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 941.252798][ T4296] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 941.282919][ T4296] smsc95xx: probe of 2-1:0.67 failed with error -71 [ 941.616737][ T4296] usb 2-1: USB disconnect, device number 7 [ 942.082626][T12206] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 942.089502][T12206] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 942.096493][T12206] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 942.193308][T12206] peak_usb: probe of 5-1:0.0 failed with error -22 [ 942.228248][T12206] usb 5-1: USB disconnect, device number 5 [ 942.390617][T13355] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 942.410931][T13355] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 942.653691][T13358] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 942.678489][T13358] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 942.748706][T13362] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 942.772882][T13362] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 942.945073][T13365] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 942.948968][T13371] loop4: detected capacity change from 0 to 256 [ 942.977224][T13371] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 943.011546][T13365] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 943.028872][T13371] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 943.087531][T13371] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 943.429849][T13382] loop3: detected capacity change from 0 to 512 [ 943.579887][T13382] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,errors=continue,noblock_validity,,errors=continue. Quota mode: none. [ 943.738578][T13382] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.2264: Unimplemented hash flags: 0x0001 [ 943.812348][T13382] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2264: Corrupt directory, running e2fsck is recommended [ 943.886973][T13387] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.2264: Unimplemented hash flags: 0x0001 [ 944.032827][T13386] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 944.065819][T13386] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 944.092797][T13387] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2264: Corrupt directory, running e2fsck is recommended [ 944.157146][T13392] netem: change failed [ 944.215307][T13392] netlink: 'syz.2.2266': attribute type 21 has an invalid length. [ 944.260427][T13389] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.2264: Unimplemented hash flags: 0x0001 [ 944.316984][T13389] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2264: Corrupt directory, running e2fsck is recommended [ 944.476150][T13398] loop5: detected capacity change from 0 to 1024 [ 944.555188][ T263] block nbd1: Attempted send on invalid socket [ 944.563740][ T263] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 944.629029][T13400] efs: cannot read volume header [ 944.767607][T13398] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 945.174625][T13380] loop4: detected capacity change from 0 to 262144 [ 945.256131][T13412] EXT4-fs warning (device loop5): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 945.420292][T13380] F2FS-fs (loop4): invalid crc value [ 945.503596][T13380] F2FS-fs (loop4): Found nat_bits in checkpoint [ 945.576852][T13380] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 945.776393][T13424] loop3: detected capacity change from 0 to 256 [ 945.795292][T13422] loop1: detected capacity change from 0 to 1024 [ 945.856609][T13424] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 945.930309][T13419] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 946.032663][T12206] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 946.046094][T13424] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 946.057984][T13424] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 946.072992][T13419] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 946.333456][T13433] loop3: detected capacity change from 0 to 256 [ 946.397952][T13433] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 946.413065][T12206] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 946.418690][T13433] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 946.437442][T12206] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 946.462807][T12206] usb 5-1: config 220 has an invalid descriptor of length 149, skipping remainder of the config [ 946.464342][T13433] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 946.486577][T12206] usb 5-1: config 220 has no interface number 2 [ 946.500462][T12206] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 946.610372][T12206] usb 5-1: config 220 interface 0 has no altsetting 0 [ 946.621913][T12206] usb 5-1: config 220 interface 76 has no altsetting 0 [ 946.629546][T12206] usb 5-1: config 220 interface 1 has no altsetting 0 [ 946.845977][T12206] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 946.873991][T12206] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 946.903178][T12206] usb 5-1: Product: syz [ 946.962772][T12206] usb 5-1: can't set config #220, error -71 [ 946.981144][T12206] usb 5-1: USB disconnect, device number 6 [ 947.034608][T13427] loop5: detected capacity change from 0 to 32768 [ 947.082241][T13442] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 947.097051][T13427] jfs: Unrecognized mount option "uid=0x000000000000ee01." or missing value [ 947.118758][T13442] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 947.718870][T13453] trusted_key: encrypted_key: insufficient parameters specified [ 947.977886][T13459] loop2: detected capacity change from 0 to 256 [ 948.149893][T13459] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 948.212622][T13459] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 948.262939][T13459] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 948.432646][ T1110] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 948.534458][T13469] FAULT_INJECTION: forcing a failure. [ 948.534458][T13469] name failslab, interval 1, probability 0, space 0, times 0 [ 948.597442][T13469] CPU: 1 PID: 13469 Comm: syz.2.2287 Not tainted syzkaller #0 [ 948.604973][T13469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 948.615172][T13469] Call Trace: [ 948.618492][T13469] [ 948.621449][T13469] dump_stack_lvl+0x168/0x230 [ 948.626173][T13469] ? fib_rules_unregister+0x340/0x340 [ 948.631683][T13469] ? show_regs_print_info+0x20/0x20 [ 948.637023][T13469] ? load_image+0x3b0/0x3b0 [ 948.641672][T13469] ? mroute_clean_tables+0xb30/0xb30 [ 948.647008][T13469] should_fail+0x38c/0x4c0 [ 948.651462][T13469] should_failslab+0x5/0x20 [ 948.655993][T13469] slab_pre_alloc_hook+0x51/0xc0 [ 948.661134][T13469] ? skb_clone+0x1bd/0x350 [ 948.665584][T13469] kmem_cache_alloc+0x3d/0x290 [ 948.670392][T13469] skb_clone+0x1bd/0x350 [ 948.674674][T13469] ? ip6_finish_output2+0x41d/0x1500 [ 948.680002][T13469] ip6_finish_output2+0x431/0x1500 [ 948.685154][T13469] ? nf_hook+0x350/0x350 [ 948.689430][T13469] ? ip6_finish_output+0x64c/0x7d0 [ 948.694585][T13469] ip6_send_skb+0x1b9/0x360 [ 948.699130][T13469] rawv6_push_pending_frames+0x64f/0x800 [ 948.704806][T13469] ? ip6_append_data+0x1d4/0x310 [ 948.709780][T13469] ? raw6_getfrag+0x2d0/0x2d0 [ 948.714499][T13469] ? rawv6_send_hdrinc+0x16c0/0x16c0 [ 948.719829][T13469] rawv6_sendmsg+0x1230/0x1710 [ 948.724640][T13469] ? compat_rawv6_ioctl+0x60/0x60 [ 948.729723][T13469] ? __lock_acquire+0x7c60/0x7c60 [ 948.734796][T13469] ? aa_af_perm+0x2b0/0x2b0 [ 948.739327][T13469] ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0 [ 948.745782][T13469] ? sock_rps_record_flow+0x17/0x3b0 [ 948.751119][T13469] ? inet_sendmsg+0x78/0x2f0 [ 948.755743][T13469] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 948.761076][T13469] ? security_socket_sendmsg+0x7c/0xa0 [ 948.766616][T13469] __sys_sendto+0x423/0x580 [ 948.771159][T13469] ? __ia32_sys_getpeername+0x80/0x80 [ 948.776673][T13469] ? __lock_acquire+0x7c60/0x7c60 [ 948.781749][T13469] ? lock_chain_count+0x20/0x20 [ 948.786718][T13469] ? vtime_user_exit+0x2dc/0x400 [ 948.791687][T13469] __x64_sys_sendto+0xda/0xf0 [ 948.796405][T13469] do_syscall_64+0x4c/0xa0 [ 948.801050][T13469] ? clear_bhb_loop+0x30/0x80 [ 948.805765][T13469] ? clear_bhb_loop+0x30/0x80 [ 948.810477][T13469] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 948.816395][T13469] RIP: 0033:0x7fd63a020ec9 [ 948.820852][T13469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 948.840488][T13469] RSP: 002b:00007fd638288038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 948.849014][T13469] RAX: ffffffffffffffda RBX: 00007fd63a277fa0 RCX: 00007fd63a020ec9 [ 948.857037][T13469] RDX: 000000000000001a RSI: 0000200000000180 RDI: 0000000000000003 [ 948.865041][T13469] RBP: 00007fd638288090 R08: 0000000000000000 R09: 0000000000000000 [ 948.873037][T13469] R10: 0000000000003b00 R11: 0000000000000246 R12: 0000000000000001 [ 948.881041][T13469] R13: 00007fd63a278038 R14: 00007fd63a277fa0 R15: 00007ffec301b178 [ 948.889061][T13469] [ 949.044828][T13471] loop4: detected capacity change from 0 to 64 [ 949.102920][ T1110] usb 4-1: unable to get BOS descriptor or descriptor too short [ 949.114016][T13473] loop1: detected capacity change from 0 to 256 [ 949.173865][T13477] loop2: detected capacity change from 0 to 64 [ 949.231217][T13473] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 949.286973][T13473] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 949.300828][T13478] MINIX-fs: deleted inode referenced: 6 [ 949.318632][T13477] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop2 [ 949.322856][ T1110] usb 4-1: config 7 has an invalid interface number: 181 but max is 0 [ 949.334900][T13478] MINIX-fs: deleted inode referenced: 6 [ 949.368582][ T1110] usb 4-1: config 7 has no interface number 0 [ 949.494092][ T1110] usb 4-1: config 7 interface 181 altsetting 3 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 949.539095][T13473] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 949.785765][ T1110] usb 4-1: config 7 interface 181 altsetting 3 bulk endpoint 0x1 has invalid maxpacket 32 [ 950.097782][ T1110] usb 4-1: config 7 interface 181 has no altsetting 0 [ 950.332875][ T1110] usb 4-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=2a.3d [ 950.361117][ T1110] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 950.379690][ T1110] usb 4-1: Product: syz [ 950.388874][ T1110] usb 4-1: Manufacturer: syz [ 950.442700][ T1110] usb 4-1: SerialNumber: syz [ 950.464469][T13485] trusted_key: encrypted_key: insufficient parameters specified [ 950.573806][T13466] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 951.002640][T13311] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 951.018269][T13506] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 951.053983][T13506] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 951.069869][T13466] loop3: detected capacity change from 0 to 2048 [ 951.175893][T13466] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 951.262666][T13311] usb 5-1: Using ep0 maxpacket: 16 [ 951.344513][T13514] loop2: detected capacity change from 0 to 1024 [ 951.385038][T13311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 951.402911][T13311] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 951.428320][T13514] EXT4-fs (loop2): Test dummy encryption mode enabled [ 951.436317][T13514] EXT4-fs (loop2): Ignoring removed orlov option [ 951.444222][T13311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 951.483205][T13311] usb 5-1: config 0 descriptor?? [ 951.491349][T13514] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 951.648761][T13519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2300'. [ 951.809643][T13525] loop5: detected capacity change from 0 to 256 [ 951.867824][T13525] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 951.901875][T13525] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 951.919329][T13525] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 952.754016][ T1110] port100 4-1:7.181: NFC: Could not find bulk-in or bulk-out endpoint [ 952.782933][T13311] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 952.809599][ T1110] usb 4-1: USB disconnect, device number 7 [ 952.917485][T13311] usb 5-1: USB disconnect, device number 7 [ 953.018785][T13538] loop3: detected capacity change from 0 to 1024 [ 953.109068][T13538] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 953.205039][T13536] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 953.250469][T13536] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 953.661247][T13554] EXT4-fs warning (device loop3): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 954.254236][T13569] loop1: detected capacity change from 0 to 512 [ 954.273628][T13570] FAULT_INJECTION: forcing a failure. [ 954.273628][T13570] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 954.309176][T13569] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 954.331999][T13557] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 954.372866][T13557] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 954.416213][T13570] CPU: 0 PID: 13570 Comm: syz.3.2313 Not tainted syzkaller #0 [ 954.423762][T13570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 954.429934][T13561] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 954.434070][T13570] Call Trace: [ 954.434102][T13570] [ 954.434112][T13570] dump_stack_lvl+0x168/0x230 [ 954.434155][T13570] ? show_regs_print_info+0x20/0x20 [ 954.434177][T13570] ? load_image+0x3b0/0x3b0 [ 954.434202][T13570] ? __lock_acquire+0x7c60/0x7c60 [ 954.434233][T13570] should_fail+0x38c/0x4c0 [ 954.434260][T13570] _copy_from_user+0x2e/0x170 [ 954.434284][T13570] proc_ioctl_default+0x8b/0xf0 [ 954.463096][T13561] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 954.468064][T13570] ? proc_releaseinterface+0x1a0/0x1a0 [ 954.468107][T13570] usbdev_ioctl+0x158f/0x1e50 [ 954.468132][T13570] ? usbdev_poll+0x1e0/0x1e0 [ 954.468158][T13570] ? bpf_lsm_file_ioctl+0x5/0x10 [ 954.468184][T13570] ? security_file_ioctl+0x7c/0xa0 [ 954.468206][T13570] ? usbdev_poll+0x1e0/0x1e0 [ 954.468225][T13570] __se_sys_ioctl+0xfa/0x170 [ 954.468259][T13570] do_syscall_64+0x4c/0xa0 [ 954.468278][T13570] ? clear_bhb_loop+0x30/0x80 [ 954.468298][T13570] ? clear_bhb_loop+0x30/0x80 [ 954.468319][T13570] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 954.468341][T13570] RIP: 0033:0x7f10378d1ec9 [ 954.468362][T13570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 954.468379][T13570] RSP: 002b:00007f1035b39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 954.468403][T13570] RAX: ffffffffffffffda RBX: 00007f1037b28fa0 RCX: 00007f10378d1ec9 [ 954.468419][T13570] RDX: 0000200000000200 RSI: 00000000c0105512 RDI: 0000000000000003 [ 954.468433][T13570] RBP: 00007f1035b39090 R08: 0000000000000000 R09: 0000000000000000 [ 954.468447][T13570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 954.468459][T13570] R13: 00007f1037b29038 R14: 00007f1037b28fa0 R15: 00007ffdc2899588 [ 954.468490][T13570] [ 954.654954][T13578] fuse: Unknown parameter '0x00000000000000000x0000000000000007' [ 954.697716][T13578] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.2316' sets config #1 [ 954.908411][T13582] loop1: detected capacity change from 0 to 512 [ 954.971014][T13585] loop5: detected capacity change from 0 to 1024 [ 955.006043][T13582] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 955.185650][T13585] EXT4-fs (loop5): Test dummy encryption mode enabled [ 955.441004][T13585] EXT4-fs (loop5): Ignoring removed orlov option [ 955.520151][T13582] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #17: comm syz.1.2315: iget: bad i_size value: -6917529027641081756 [ 955.738034][T13585] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 955.786753][T13582] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.2315: couldn't read orphan inode 17 (err -117) [ 955.809419][T13582] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 955.943241][T13311] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 955.951513][T13582] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2315: bg 0: block 65: padding at end of block bitmap is not set [ 956.004370][T13582] Quota error (device loop1): write_blk: dquota write failed [ 956.017931][T13582] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 956.057431][T13582] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.2315: Failed to acquire dquot type 0 [ 956.129754][T13594] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 956.151205][T13594] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 956.219836][T13311] usb 5-1: Using ep0 maxpacket: 32 [ 956.367015][T13610] loop3: detected capacity change from 0 to 512 [ 956.373737][T13311] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 956.382035][T13311] usb 5-1: config 0 has no interface number 0 [ 956.398954][T13311] usb 5-1: config 0 interface 184 has no altsetting 0 [ 956.494339][T13610] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback. [ 956.612255][T13618] loop1: detected capacity change from 0 to 256 [ 956.642355][T13610] ext4 filesystem being mounted at /476/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 956.662965][T13311] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 956.674434][T13311] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 956.682725][T13311] usb 5-1: Product: syz [ 956.687010][T13311] usb 5-1: Manufacturer: syz [ 956.691813][T13311] usb 5-1: SerialNumber: syz [ 956.699031][T13311] usb 5-1: config 0 descriptor?? [ 956.716899][T13618] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 956.750603][T13618] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 956.773734][T13311] smsc75xx v1.0.0 [ 956.790060][T13618] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 957.501822][T13629] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 957.600624][T13629] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 958.522900][T13641] input: syz1 as /devices/virtual/input/input8 [ 958.928574][T13311] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 958.933853][T13640] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 958.939620][T13311] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 959.058838][T13657] FAULT_INJECTION: forcing a failure. [ 959.058838][T13657] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 959.072613][T13657] CPU: 1 PID: 13657 Comm: syz.2.2335 Not tainted syzkaller #0 [ 959.080104][T13657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 959.090199][T13657] Call Trace: [ 959.093493][T13657] [ 959.096445][T13657] dump_stack_lvl+0x168/0x230 [ 959.101167][T13657] ? show_regs_print_info+0x20/0x20 [ 959.106399][T13657] ? load_image+0x3b0/0x3b0 [ 959.110938][T13657] ? __lock_acquire+0x7c60/0x7c60 [ 959.115990][T13657] should_fail+0x38c/0x4c0 [ 959.120434][T13657] _copy_from_user+0x2e/0x170 [ 959.125178][T13657] iovec_from_user+0x142/0x370 [ 959.130195][T13657] __import_iovec+0x70/0x490 [ 959.134840][T13657] import_iovec+0x6f/0xa0 [ 959.139202][T13657] ___sys_sendmsg+0x1b9/0x260 [ 959.143931][T13657] ? __sys_sendmsg+0x250/0x250 [ 959.148756][T13657] ? vfs_write+0x84d/0xd00 [ 959.153208][T13657] ? __fdget+0x18b/0x210 [ 959.157471][T13657] __se_sys_sendmsg+0x190/0x250 [ 959.162352][T13657] ? __x64_sys_sendmsg+0x80/0x80 [ 959.167306][T13657] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 959.173321][T13657] ? lockdep_hardirqs_on+0x94/0x140 [ 959.178549][T13657] do_syscall_64+0x4c/0xa0 [ 959.182990][T13657] ? clear_bhb_loop+0x30/0x80 [ 959.187685][T13657] ? clear_bhb_loop+0x30/0x80 [ 959.192388][T13657] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 959.198317][T13657] RIP: 0033:0x7fd63a020ec9 [ 959.202770][T13657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 959.222399][T13657] RSP: 002b:00007fd638246038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 959.230838][T13657] RAX: ffffffffffffffda RBX: 00007fd63a278180 RCX: 00007fd63a020ec9 [ 959.238830][T13657] RDX: 0000000004004804 RSI: 00002000000000c0 RDI: 0000000000000006 [ 959.246833][T13657] RBP: 00007fd638246090 R08: 0000000000000000 R09: 0000000000000000 [ 959.254832][T13657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 959.262879][T13657] R13: 00007fd63a278218 R14: 00007fd63a278180 R15: 00007ffec301b178 [ 959.270898][T13657] [ 959.712263][T13640] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 959.742468][T13311] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 959.829231][T13311] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 959.865898][T13663] loop1: detected capacity change from 0 to 256 [ 959.878692][T13311] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 959.913255][T13311] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 959.951091][T13663] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 959.987856][T13663] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 960.067744][T13311] smsc75xx: probe of 5-1:0.184 failed with error -71 [ 960.080432][T13663] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 960.086277][T13311] usb 5-1: USB disconnect, device number 8 [ 961.068534][T13680] loop5: detected capacity change from 0 to 64 [ 961.345851][T13680] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop5 [ 962.306323][T13690] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 962.322091][T13690] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 962.343556][T13702] loop4: detected capacity change from 0 to 64 [ 962.407058][T13693] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 962.446109][T13693] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 962.472380][T13704] loop3: detected capacity change from 0 to 256 [ 962.674687][T13704] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 962.711265][T13704] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 962.740801][T13704] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 962.761272][T13708] FAULT_INJECTION: forcing a failure. [ 962.761272][T13708] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 962.774496][T13708] CPU: 0 PID: 13708 Comm: syz.2.2349 Not tainted syzkaller #0 [ 962.781990][T13708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 962.792073][T13708] Call Trace: [ 962.795383][T13708] [ 962.798342][T13708] dump_stack_lvl+0x168/0x230 [ 962.803176][T13708] ? show_regs_print_info+0x20/0x20 [ 962.808418][T13708] ? load_image+0x3b0/0x3b0 [ 962.813061][T13708] ? __lock_acquire+0x7c60/0x7c60 [ 962.818139][T13708] should_fail+0x38c/0x4c0 [ 962.822707][T13708] _copy_from_user+0x2e/0x170 [ 962.827429][T13708] iovec_from_user+0x142/0x370 [ 962.832243][T13708] __import_iovec+0x70/0x490 [ 962.836881][T13708] import_iovec+0x6f/0xa0 [ 962.841256][T13708] ___sys_sendmsg+0x1b9/0x260 [ 962.845985][T13708] ? __sys_sendmsg+0x250/0x250 [ 962.850823][T13708] ? __fdget+0x18b/0x210 [ 962.855106][T13708] __sys_sendmmsg+0x27c/0x4a0 [ 962.859837][T13708] ? __ia32_sys_sendmsg+0x80/0x80 [ 962.865272][T13708] ? __context_tracking_exit+0x4c/0x80 [ 962.870790][T13708] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 962.876823][T13708] ? lock_chain_count+0x20/0x20 [ 962.881716][T13708] ? vtime_user_exit+0x2dc/0x400 [ 962.886706][T13708] __x64_sys_sendmmsg+0x9c/0xb0 [ 962.891599][T13708] do_syscall_64+0x4c/0xa0 [ 962.896064][T13708] ? clear_bhb_loop+0x30/0x80 [ 962.900784][T13708] ? clear_bhb_loop+0x30/0x80 [ 962.905500][T13708] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 962.911433][T13708] RIP: 0033:0x7fd63a020ec9 [ 962.915891][T13708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 962.935689][T13708] RSP: 002b:00007fd638267038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 962.944143][T13708] RAX: ffffffffffffffda RBX: 00007fd63a278090 RCX: 00007fd63a020ec9 [ 962.952257][T13708] RDX: 0000000000000001 RSI: 000020000000dd80 RDI: 0000000000000004 [ 962.960264][T13708] RBP: 00007fd638267090 R08: 0000000000000000 R09: 0000000000000000 [ 962.968270][T13708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 962.976280][T13708] R13: 00007fd63a278128 R14: 00007fd63a278090 R15: 00007ffec301b178 [ 962.984305][T13708] [ 963.559778][T13720] loop2: detected capacity change from 0 to 256 [ 963.647240][T13720] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 963.715742][T13720] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 963.753725][T13720] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 964.125092][T13722] loop2: detected capacity change from 0 to 1024 [ 964.152947][T13717] trusted_key: encrypted_key: insufficient parameters specified [ 964.222317][T13722] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 964.566525][T13714] loop4: detected capacity change from 0 to 32768 [ 964.720164][T13727] EXT4-fs warning (device loop2): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 964.857376][T13714] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 964.932611][T13714] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 965.251444][T13714] attempt to access beyond end of device [ 965.251444][T13714] loop4: rw=12288, want=67109024, limit=32768 [ 965.303146][T13714] gfs2: fsid=syz:syz.s: Error -5 locking journal for spectator mount. [ 965.477197][T13737] loop2: detected capacity change from 0 to 64 [ 965.491989][T13731] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 965.532752][T13731] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 965.639597][T13738] loop3: detected capacity change from 0 to 1024 [ 966.200896][T13738] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 966.208461][T13738] EXT4-fs (loop3): Unrecognized mount option "seclabel" or missing value [ 966.276532][T13740] loop1: detected capacity change from 0 to 256 [ 966.298318][T13737] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop2 [ 966.469964][T13740] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 966.535145][T13740] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 966.651305][T13740] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 966.763994][T13742] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 966.772044][T13742] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 966.842918][T12311] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 966.986669][T13756] loop1: detected capacity change from 0 to 256 [ 967.043571][T13756] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 967.157303][T13756] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 967.212905][T13756] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 967.243026][T12311] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 967.305351][T13763] FAULT_INJECTION: forcing a failure. [ 967.305351][T13763] name failslab, interval 1, probability 0, space 0, times 0 [ 967.318268][T13763] CPU: 1 PID: 13763 Comm: syz.5.2363 Not tainted syzkaller #0 [ 967.325754][T13763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 967.336004][T13763] Call Trace: [ 967.339300][T13763] [ 967.342375][T13763] dump_stack_lvl+0x168/0x230 [ 967.347082][T13763] ? show_regs_print_info+0x20/0x20 [ 967.352301][T13763] ? load_image+0x3b0/0x3b0 [ 967.356823][T13763] ? __might_sleep+0xf0/0xf0 [ 967.361432][T13763] ? __lock_acquire+0x7c60/0x7c60 [ 967.366479][T13763] should_fail+0x38c/0x4c0 [ 967.370417][T13764] trusted_key: encrypted_key: insufficient parameters specified [ 967.370921][T13763] should_failslab+0x5/0x20 [ 967.383070][T13763] slab_pre_alloc_hook+0x51/0xc0 [ 967.388040][T13763] kmem_cache_alloc_node_trace+0x4a/0x300 [ 967.393790][T13763] ? __get_vm_area_node+0x119/0x2d0 [ 967.399016][T13763] __get_vm_area_node+0x119/0x2d0 [ 967.404067][T13763] __vmalloc_node_range+0xef/0x8b0 [ 967.409220][T13763] ? bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.414790][T13763] ? end_current_label_crit_section+0x170/0x170 [ 967.421353][T13763] ? lockdep_hardirqs_on+0x94/0x140 [ 967.426582][T13763] ? bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.432149][T13763] __vmalloc+0x76/0x80 [ 967.436853][T13763] ? bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.442426][T13763] bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.447827][T13763] bpf_prog_alloc+0x1a/0x1e0 [ 967.452448][T13763] bpf_prog_load+0x7b3/0x1550 [ 967.457157][T13763] ? map_freeze+0x350/0x350 [ 967.461781][T13763] ? __might_fault+0xb7/0x110 [ 967.466497][T13763] ? __might_fault+0xb3/0x110 [ 967.471200][T13763] ? bpf_lsm_bpf+0x5/0x10 [ 967.475574][T13763] ? security_bpf+0x7a/0xa0 [ 967.480120][T13763] __sys_bpf+0x4c2/0x670 [ 967.484401][T13763] ? bpf_link_show_fdinfo+0x340/0x340 [ 967.489822][T13763] __x64_sys_bpf+0x78/0x90 [ 967.494273][T13763] do_syscall_64+0x4c/0xa0 [ 967.498710][T13763] ? clear_bhb_loop+0x30/0x80 [ 967.503417][T13763] ? clear_bhb_loop+0x30/0x80 [ 967.508222][T13763] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 967.514236][T13763] RIP: 0033:0x7fc7fdfabec9 [ 967.518687][T13763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 967.538317][T13763] RSP: 002b:00007fc7fc1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 967.546765][T13763] RAX: ffffffffffffffda RBX: 00007fc7fe203180 RCX: 00007fc7fdfabec9 [ 967.554896][T13763] RDX: 0000000000000080 RSI: 0000200000001800 RDI: 0000000000000005 [ 967.562986][T13763] RBP: 00007fc7fc1d1090 R08: 0000000000000000 R09: 0000000000000000 [ 967.570982][T13763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 967.579068][T13763] R13: 00007fc7fe203218 R14: 00007fc7fe203180 R15: 00007ffd818f3108 [ 967.587089][T13763] [ 967.592288][T13763] syz.5.2363: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz5,mems_allowed=0-1 [ 967.609307][T13763] CPU: 1 PID: 13763 Comm: syz.5.2363 Not tainted syzkaller #0 [ 967.617193][T13763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 967.627279][T13763] Call Trace: [ 967.630701][T13763] [ 967.633664][T13763] dump_stack_lvl+0x168/0x230 [ 967.638372][T13763] ? rcu_lock_release+0x5/0x20 [ 967.643160][T13763] ? show_regs_print_info+0x20/0x20 [ 967.648393][T13763] ? load_image+0x3b0/0x3b0 [ 967.652936][T13763] ? __rcu_read_unlock+0x78/0xd0 [ 967.657904][T13763] warn_alloc+0x20e/0x2f0 [ 967.662273][T13763] ? zone_watermark_ok_safe+0x240/0x240 [ 967.667869][T13763] ? __get_vm_area_node+0x2b5/0x2d0 [ 967.673112][T13763] __vmalloc_node_range+0x2b1/0x8b0 [ 967.678341][T13763] ? end_current_label_crit_section+0x170/0x170 [ 967.684618][T13763] ? lockdep_hardirqs_on+0x94/0x140 [ 967.689847][T13763] ? bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.695425][T13763] __vmalloc+0x76/0x80 [ 967.699521][T13763] ? bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.705090][T13763] bpf_prog_alloc_no_stats+0x36/0x2c0 [ 967.710495][T13763] bpf_prog_alloc+0x1a/0x1e0 [ 967.715123][T13763] bpf_prog_load+0x7b3/0x1550 [ 967.719848][T13763] ? map_freeze+0x350/0x350 [ 967.723566][T12311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 967.724385][T13763] ? __might_fault+0xb7/0x110 [ 967.737068][T13763] ? __might_fault+0xb3/0x110 [ 967.741792][T13763] ? bpf_lsm_bpf+0x5/0x10 [ 967.746156][T13763] ? security_bpf+0x7a/0xa0 [ 967.750697][T13763] __sys_bpf+0x4c2/0x670 [ 967.754986][T13763] ? bpf_link_show_fdinfo+0x340/0x340 [ 967.760424][T13763] __x64_sys_bpf+0x78/0x90 [ 967.764880][T13763] do_syscall_64+0x4c/0xa0 [ 967.769331][T13763] ? clear_bhb_loop+0x30/0x80 [ 967.774083][T13763] ? clear_bhb_loop+0x30/0x80 [ 967.778790][T13763] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 967.784722][T13763] RIP: 0033:0x7fc7fdfabec9 [ 967.789171][T13763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 967.808811][T13763] RSP: 002b:00007fc7fc1d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 967.817266][T13763] RAX: ffffffffffffffda RBX: 00007fc7fe203180 RCX: 00007fc7fdfabec9 [ 967.818378][T12311] usb 3-1: config 0 descriptor?? [ 967.825271][T13763] RDX: 0000000000000080 RSI: 0000200000001800 RDI: 0000000000000005 [ 967.825289][T13763] RBP: 00007fc7fc1d1090 R08: 0000000000000000 R09: 0000000000000000 [ 967.825303][T13763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 967.825314][T13763] R13: 00007fc7fe203218 R14: 00007fc7fe203180 R15: 00007ffd818f3108 [ 967.825344][T13763] [ 967.825494][T13763] Mem-Info: [ 967.868873][T13763] active_anon:344 inactive_anon:23742 isolated_anon:0 [ 967.868873][T13763] active_file:21218 inactive_file:42828 isolated_file:0 [ 967.868873][T13763] unevictable:768 dirty:1038 writeback:0 [ 967.868873][T13763] slab_reclaimable:22247 slab_unreclaimable:98291 [ 967.868873][T13763] mapped:38847 shmem:7391 pagetables:2478 bounce:0 [ 967.868873][T13763] kernel_misc_reclaimable:0 [ 967.868873][T13763] free:1339018 free_pcp:6133 free_cma:0 [ 967.934705][T12311] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 967.984744][T13763] Node 0 active_anon:1344kB inactive_anon:82960kB active_file:84672kB inactive_file:171312kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:143888kB dirty:4252kB writeback:0kB shmem:16188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:15128kB pagetables:9812kB all_unreclaimable? no [ 968.016284][T13763] Node 1 active_anon:32kB inactive_anon:508kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2076kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no [ 968.045466][T13763] Node 0 DMA free:15360kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 968.071823][T13763] lowmem_reserve[]: 0 2541 2542 2542 2542 [ 968.077660][T13763] Node 0 DMA32 free:1415664kB min:34800kB low:43500kB high:52200kB reserved_highatomic:0KB active_anon:1352kB inactive_anon:82976kB active_file:84656kB inactive_file:171352kB unevictable:1536kB writepending:4368kB present:3129332kB managed:2608992kB mlocked:0kB bounce:0kB free_pcp:33932kB local_pcp:12936kB free_cma:0kB [ 968.107775][T13763] lowmem_reserve[]: 0 0 0 0 0 [ 968.112562][T13763] Node 0 Normal free:12kB min:12kB low:12kB high:12kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:916kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB [ 968.138847][T13763] lowmem_reserve[]: 0 0 0 0 0 [ 968.143645][T13763] Node 1 Normal free:3925036kB min:55088kB low:68860kB high:82632kB reserved_highatomic:0KB active_anon:32kB inactive_anon:508kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:2168kB local_pcp:0kB free_cma:0kB [ 968.173547][T13763] lowmem_reserve[]: 0 0 0 0 0 [ 968.178314][T13763] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 968.191081][T13763] Node 0 DMA32: 370*4kB (UM) 419*8kB (UM) 621*16kB (UME) 564*32kB (UME) 543*64kB (UME) 252*128kB (UME) 118*256kB (UME) 51*512kB (UM) 20*1024kB (M) 5*2048kB (UME) 300*4096kB (UM) = 1415664kB [ 968.209980][T13763] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 968.222375][T13763] Node 1 Normal: 185*4kB (UME) 39*8kB (UME) 29*16kB (UME) 166*32kB (UME) 70*64kB (UME) 20*128kB (UE) 8*256kB (UME) 7*512kB (UE) 0*1024kB 1*2048kB (M) 953*4096kB (UM) = 3925036kB [ 968.240243][T13763] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 968.249879][T13763] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 968.259276][T13763] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 968.268934][T13763] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 968.278294][T13763] 70348 total pagecache pages [ 968.283065][T13763] 0 pages in swap cache [ 968.287239][T13763] Swap cache stats: add 0, delete 0, find 0/0 [ 968.293524][T13763] Free swap = 124996kB [ 968.297706][T13763] Total swap = 124996kB [ 968.301879][T13763] 2097051 pages RAM [ 968.305775][T13763] 0 pages HighMem/MovableOnly [ 968.310470][T13763] 410816 pages reserved [ 968.314712][T13763] 0 pages cma reserved [ 968.465726][T13748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2362'. [ 969.482440][T13748] loop2: detected capacity change from 0 to 4096 [ 969.530677][T13748] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 969.562470][T13748] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 969.571308][T13748] ntfs3: loop2: Failed to load $BadClus. [ 969.625699][T12311] gp8psk: usb out operation failed. [ 969.631514][T12311] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 969.686361][T12311] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 969.733340][T12311] usb 3-1: USB disconnect, device number 9 [ 970.004861][T13782] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 970.018661][T13782] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 970.884241][T13804] loop3: detected capacity change from 0 to 256 [ 970.928960][T13804] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 971.021196][T13813] loop5: detected capacity change from 0 to 64 [ 971.030889][T13815] FAULT_INJECTION: forcing a failure. [ 971.030889][T13815] name failslab, interval 1, probability 0, space 0, times 0 [ 971.054288][T13815] CPU: 0 PID: 13815 Comm: syz.1.2380 Not tainted syzkaller #0 [ 971.061807][T13815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 971.062735][T13804] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 971.071970][T13815] Call Trace: [ 971.071985][T13815] [ 971.071994][T13815] dump_stack_lvl+0x168/0x230 [ 971.072027][T13815] ? show_regs_print_info+0x20/0x20 [ 971.096565][T13815] ? load_image+0x3b0/0x3b0 [ 971.101108][T13815] ? __might_sleep+0xf0/0xf0 [ 971.105730][T13815] ? __lock_acquire+0x7c60/0x7c60 [ 971.110798][T13815] should_fail+0x38c/0x4c0 [ 971.115257][T13815] should_failslab+0x5/0x20 [ 971.119794][T13815] slab_pre_alloc_hook+0x51/0xc0 [ 971.124778][T13815] ? shmem_match+0x160/0x160 [ 971.129395][T13815] ? shmem_alloc_inode+0x16/0x30 [ 971.134365][T13815] kmem_cache_alloc+0x3d/0x290 [ 971.139168][T13815] ? shmem_match+0x160/0x160 [ 971.143903][T13815] shmem_alloc_inode+0x16/0x30 [ 971.148704][T13815] new_inode_pseudo+0x5f/0x210 [ 971.153504][T13815] new_inode+0x25/0x1c0 [ 971.157705][T13815] shmem_get_inode+0x334/0xa90 [ 971.162520][T13815] ? _raw_spin_unlock+0x24/0x40 [ 971.167420][T13815] __shmem_file_setup+0x10b/0x290 [ 971.172486][T13815] ? shmem_file_setup+0x13/0x30 [ 971.177367][T13815] __se_sys_memfd_create+0x290/0x430 [ 971.182686][T13815] ? __x64_sys_memfd_create+0x60/0x60 [ 971.186623][T13804] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 971.188191][T13815] ? lockdep_hardirqs_on+0x94/0x140 [ 971.188226][T13815] do_syscall_64+0x4c/0xa0 [ 971.209975][T13815] ? clear_bhb_loop+0x30/0x80 [ 971.214775][T13815] ? clear_bhb_loop+0x30/0x80 [ 971.219511][T13815] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 971.225443][T13815] RIP: 0033:0x7fc594508ec9 [ 971.229887][T13815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 971.249534][T13815] RSP: 002b:00007fc59276fe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 971.257982][T13815] RAX: ffffffffffffffda RBX: 00000000000005ee RCX: 00007fc594508ec9 [ 971.265995][T13815] RDX: 00007fc59276fef0 RSI: 0000000000000000 RDI: 00007fc59458c960 [ 971.274006][T13815] RBP: 00002000000012c0 R08: 00007fc59276fbb7 R09: 00007fc59276fe40 [ 971.282013][T13815] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000b80 [ 971.290023][T13815] R13: 00007fc59276fef0 R14: 00007fc59276feb0 R15: 0000200000000d00 [ 971.298048][T13815] [ 971.491463][T13813] MINIX-fs: deleted inode referenced: 6 [ 971.507882][T13813] MINIX-fs: deleted inode referenced: 6 [ 972.411907][T13805] loop2: detected capacity change from 0 to 32768 [ 972.427478][T13828] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 972.452785][T13828] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 974.419220][T13854] loop4: detected capacity change from 0 to 256 [ 974.481497][T13854] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 974.556115][T13854] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 974.617034][T13854] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 974.746368][T13862] loop3: detected capacity change from 0 to 256 [ 974.998312][T13862] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 975.536938][T13862] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 975.668687][T13862] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 976.557114][T13872] sch_tbf: burst 274 is lower than device lo mtu (65550) ! [ 976.771087][ T26] audit: type=1326 audit(1759272334.719:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13870 comm="syz.1.2396" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc594508ec9 code=0x0 [ 977.216464][T13884] loop1: detected capacity change from 0 to 32768 [ 977.381705][T13884] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 977.390203][T13884] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 977.549799][T13884] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms [ 977.642583][T13875] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 978.112977][T13875] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 978.309301][T13310] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 978.318070][T13310] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 978.360571][T13310] attempt to access beyond end of device [ 978.360571][T13310] loop1: rw=0, want=402653192, limit=32768 [ 978.414323][T13310] gfs2: fsid=syz:syz.0: jid=0: Failed [ 978.435203][T13884] gfs2: fsid=syz:syz.0: error recovering journal 0: -5 [ 978.790206][T13902] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 978.802449][T13902] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 978.934960][T13910] loop1: detected capacity change from 0 to 128 [ 980.007749][T13920] loop4: detected capacity change from 0 to 256 [ 980.182053][ T26] audit: type=1800 audit(1759272338.129:108): pid=13910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2407" name="file1" dev="loop1" ino=1050191 res=0 errno=0 [ 980.207275][T13920] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 980.232754][T13920] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 980.284161][T13920] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 980.835736][T13922] loop2: detected capacity change from 0 to 32768 [ 981.007344][T13922] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.2411 (13922) [ 981.655817][T13922] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 981.705218][T13922] BTRFS info (device loop2): using free space tree [ 981.711791][T13922] BTRFS info (device loop2): has skinny extents [ 982.683372][T13922] BTRFS info (device loop2): enabling ssd optimizations [ 983.019546][T13978] loop4: detected capacity change from 0 to 128 [ 983.280052][T13980] mmap: syz.1.2418 (13980) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 983.510642][ T26] audit: type=1800 audit(1759272341.459:109): pid=13978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2420" name="file1" dev="loop4" ino=1050197 res=0 errno=0 [ 984.093163][T13991] loop5: detected capacity change from 0 to 256 [ 984.149571][T13991] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 984.188246][T13991] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 984.234781][T13991] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 985.749444][T13982] loop1: detected capacity change from 0 to 32768 [ 985.862059][T14017] loop3: detected capacity change from 0 to 1024 [ 986.033684][T14023] loop2: detected capacity change from 0 to 2048 [ 986.198786][T14017] EXT4-fs (loop3): Unsupported blocksize for fs-verity [ 986.672337][T14023] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 986.769095][T14026] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 987.019687][T14037] FAULT_INJECTION: forcing a failure. [ 987.019687][T14037] name failslab, interval 1, probability 0, space 0, times 0 [ 987.105203][T14037] CPU: 0 PID: 14037 Comm: syz.2.2433 Not tainted syzkaller #0 [ 987.113674][T14037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 987.123764][T14037] Call Trace: [ 987.127071][T14037] [ 987.130110][T14037] dump_stack_lvl+0x168/0x230 [ 987.134819][T14037] ? show_regs_print_info+0x20/0x20 [ 987.140044][T14037] ? load_image+0x3b0/0x3b0 [ 987.144709][T14037] ? __might_sleep+0xf0/0xf0 [ 987.149466][T14037] ? __lock_acquire+0x7c60/0x7c60 [ 987.154535][T14037] ? memset+0x1e/0x40 [ 987.158672][T14037] should_fail+0x38c/0x4c0 [ 987.163137][T14037] should_failslab+0x5/0x20 [ 987.167675][T14037] slab_pre_alloc_hook+0x51/0xc0 [ 987.172757][T14037] ? security_inode_alloc+0x30/0x110 [ 987.178199][T14037] kmem_cache_alloc+0x3d/0x290 [ 987.183008][T14037] security_inode_alloc+0x30/0x110 [ 987.188277][T14037] inode_init_always+0x8f4/0xcb0 [ 987.193268][T14037] ? shmem_match+0x160/0x160 [ 987.197902][T14037] new_inode_pseudo+0x8e/0x210 [ 987.202710][T14037] new_inode+0x25/0x1c0 [ 987.206905][T14037] shmem_get_inode+0x334/0xa90 [ 987.211722][T14037] ? _raw_spin_unlock+0x24/0x40 [ 987.216605][T14037] __shmem_file_setup+0x10b/0x290 [ 987.221664][T14037] ? shmem_file_setup+0x13/0x30 [ 987.226546][T14037] __se_sys_memfd_create+0x290/0x430 [ 987.231875][T14037] ? __x64_sys_memfd_create+0x60/0x60 [ 987.237293][T14037] ? lockdep_hardirqs_on+0x94/0x140 [ 987.242572][T14037] do_syscall_64+0x4c/0xa0 [ 987.247031][T14037] ? clear_bhb_loop+0x30/0x80 [ 987.251752][T14037] ? clear_bhb_loop+0x30/0x80 [ 987.256468][T14037] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 987.262498][T14037] RIP: 0033:0x7fd63a020ec9 [ 987.266992][T14037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 987.286634][T14037] RSP: 002b:00007fd638287e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 987.295082][T14037] RAX: ffffffffffffffda RBX: 00000000000015ce RCX: 00007fd63a020ec9 [ 987.303084][T14037] RDX: 00007fd638287ef0 RSI: 0000000000000000 RDI: 00007fd63a0a4960 [ 987.311089][T14037] RBP: 00002000000016c0 R08: 00007fd638287bb7 R09: 00007fd638287e40 [ 987.319080][T14037] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000001640 [ 987.327065][T14037] R13: 00007fd638287ef0 R14: 00007fd638287eb0 R15: 0000200000001680 [ 987.335067][T14037] [ 987.716615][T14047] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 987.823430][T14047] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 987.896901][T14058] trusted_key: encrypted_key: insufficient parameters specified [ 988.425577][T14068] loop1: detected capacity change from 0 to 256 [ 988.553873][T14068] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 988.639494][T14068] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 988.731193][T14068] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 988.851705][T14072] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 988.889326][T14072] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 989.185945][T14080] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 989.204795][T14080] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 992.002478][T14118] loop5: detected capacity change from 0 to 1024 [ 992.201276][T14118] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 992.398985][T14121] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 992.468865][T14121] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 992.654264][T14138] EXT4-fs warning (device loop5): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 993.115903][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.122364][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.748056][T14151] trusted_key: encrypted_key: insufficient parameters specified [ 993.776133][T14154] overlayfs: failed to resolve './file0': -2 [ 994.022760][T14154] loop2: detected capacity change from 0 to 32768 [ 994.112422][T14143] loop4: detected capacity change from 0 to 2048 [ 994.125363][T14154] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2458 (14154) [ 994.126216][T14162] loop3: detected capacity change from 0 to 1024 [ 994.178925][T14143] UDF-fs: bad mount option "0000000000000000000000300000000000000000000" or missing value [ 994.200718][T14154] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 994.209624][T14154] BTRFS info (device loop2): using free space tree [ 994.216284][T14154] BTRFS info (device loop2): has skinny extents [ 994.217402][T14162] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 994.466316][T14143] fuse: Bad value for 'group_id' [ 994.685064][T14154] BTRFS info (device loop2): enabling ssd optimizations [ 994.706439][T14154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2458'. [ 994.716349][T14154] IPv6: NLM_F_REPLACE set, but no existing node found! [ 994.904618][T14195] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0 [ 994.963837][T14189] loop5: detected capacity change from 0 to 4096 [ 995.021884][T14189] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 995.325110][T14189] ntfs3: loop5: failed to convert "c46c" to cp857 [ 995.904886][T14204] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 995.989595][T14204] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 996.328795][T14223] loop5: detected capacity change from 0 to 128 [ 997.220533][T14230] loop2: detected capacity change from 0 to 1024 [ 997.551515][ T26] audit: type=1800 audit(1759272355.499:110): pid=14223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2472" name="file1" dev="loop5" ino=1050206 res=0 errno=0 [ 997.617406][T14230] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 1002.431147][T14300] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1002.451535][T14300] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1002.572667][T12311] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1002.606920][T14310] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1002.623644][T14310] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1002.684792][T14318] loop4: detected capacity change from 0 to 64 [ 1002.739904][T14320] FAULT_INJECTION: forcing a failure. [ 1002.739904][T14320] name failslab, interval 1, probability 0, space 0, times 0 [ 1002.753025][T14320] CPU: 1 PID: 14320 Comm: syz.2.2496 Not tainted syzkaller #0 [ 1002.760550][T14320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1002.770648][T14320] Call Trace: [ 1002.773961][T14320] [ 1002.776921][T14320] dump_stack_lvl+0x168/0x230 [ 1002.781657][T14320] ? show_regs_print_info+0x20/0x20 [ 1002.786890][T14320] ? load_image+0x3b0/0x3b0 [ 1002.791423][T14320] ? __might_sleep+0xf0/0xf0 [ 1002.796045][T14320] ? __lock_acquire+0x7c60/0x7c60 [ 1002.801116][T14320] ? memset+0x1e/0x40 [ 1002.805171][T14320] should_fail+0x38c/0x4c0 [ 1002.809913][T14320] should_failslab+0x5/0x20 [ 1002.814608][T14320] slab_pre_alloc_hook+0x51/0xc0 [ 1002.819590][T14320] ? security_inode_alloc+0x30/0x110 [ 1002.824908][T14320] kmem_cache_alloc+0x3d/0x290 [ 1002.829701][T14320] security_inode_alloc+0x30/0x110 [ 1002.834844][T14320] inode_init_always+0x8f4/0xcb0 [ 1002.839822][T14320] ? shmem_match+0x160/0x160 [ 1002.844588][T14320] new_inode_pseudo+0x8e/0x210 [ 1002.849405][T14320] new_inode+0x25/0x1c0 [ 1002.853620][T14320] shmem_get_inode+0x334/0xa90 [ 1002.858494][T14320] ? _raw_spin_unlock+0x24/0x40 [ 1002.863459][T14320] __shmem_file_setup+0x10b/0x290 [ 1002.868604][T14320] ? shmem_file_setup+0x13/0x30 [ 1002.873491][T14320] __se_sys_memfd_create+0x290/0x430 [ 1002.878837][T14320] ? __x64_sys_memfd_create+0x60/0x60 [ 1002.884262][T14320] ? lockdep_hardirqs_on+0x94/0x140 [ 1002.889676][T14320] do_syscall_64+0x4c/0xa0 [ 1002.894135][T14320] ? clear_bhb_loop+0x30/0x80 [ 1002.898846][T14320] ? clear_bhb_loop+0x30/0x80 [ 1002.903563][T14320] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1002.909508][T14320] RIP: 0033:0x7fd63a020ec9 [ 1002.913964][T14320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1002.933614][T14320] RSP: 002b:00007fd638287e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 1002.942075][T14320] RAX: ffffffffffffffda RBX: 000000000001ec48 RCX: 00007fd63a020ec9 [ 1002.950187][T14320] RDX: 00007fd638287ef0 RSI: 0000000000000000 RDI: 00007fd63a0a4960 [ 1002.958211][T14320] RBP: 000020000001ed40 R08: 00007fd638287bb7 R09: 00007fd638287e40 [ 1002.966220][T14320] R10: 000000000000000a R11: 0000000000000202 R12: 000020000001ecc0 [ 1002.974488][T14320] R13: 00007fd638287ef0 R14: 00007fd638287eb0 R15: 000020000001ed00 [ 1002.982633][T14320] [ 1002.998995][T14318] MINIX-fs: deleted inode referenced: 6 [ 1003.022798][T14318] MINIX-fs: deleted inode referenced: 6 [ 1003.028585][T14318] MINIX-fs: deleted inode referenced: 6 [ 1003.035387][T14318] MINIX-fs: deleted inode referenced: 6 [ 1003.102940][T12311] usb 2-1: config 0 has an invalid interface number: 69 but max is 0 [ 1003.118929][T12311] usb 2-1: config 0 has no interface number 0 [ 1003.135687][T12311] usb 2-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 1003.152623][T12311] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1003.348971][T12311] usb 2-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 1003.384670][T12311] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1003.406024][T12311] usb 2-1: Product: syz [ 1003.457108][T12311] usb 2-1: Manufacturer: syz [ 1003.467702][T12311] usb 2-1: SerialNumber: syz [ 1003.494996][T12311] usb 2-1: config 0 descriptor?? [ 1003.522979][T14305] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 1003.554395][T12311] cyberjack 2-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 1003.839556][T12311] usb 2-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 1004.359796][T12205] usb 2-1: USB disconnect, device number 8 [ 1004.389227][T12205] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 1004.424149][T12205] cyberjack 2-1:0.69: device disconnected [ 1006.741263][T14354] loop1: detected capacity change from 0 to 512 [ 1006.780627][T14348] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1006.815380][T14346] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1006.822445][T14348] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1006.832769][T14346] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1006.855646][T14354] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1006.867399][T14349] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1006.896882][T14349] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1006.938987][T14354] EXT4-fs error (device loop1): __ext4_iget:4894: inode #11: block 1: comm syz.1.2504: invalid block [ 1006.971878][T14354] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.2504: couldn't read orphan inode 11 (err -117) [ 1007.003159][T14354] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_dev=0x0000000000000020,dioread_lock,max_dir_size_kb=0x0000000000000004,bsddf,errors=continue,sysvgroups,jqfmt=vfsold,nobarrier,test_dummy_encryption,,errors=continue. Quota mode: none. [ 1007.184864][T14367] loop5: detected capacity change from 0 to 64 [ 1007.509444][T14386] FAULT_INJECTION: forcing a failure. [ 1007.509444][T14386] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.575281][T14386] CPU: 0 PID: 14386 Comm: syz.3.2514 Not tainted syzkaller #0 [ 1007.582815][T14386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1007.592904][T14386] Call Trace: [ 1007.596208][T14386] [ 1007.599164][T14386] dump_stack_lvl+0x168/0x230 [ 1007.604148][T14386] ? show_regs_print_info+0x20/0x20 [ 1007.609536][T14386] ? load_image+0x3b0/0x3b0 [ 1007.614088][T14386] ? __might_sleep+0xf0/0xf0 [ 1007.619594][T14386] ? __lock_acquire+0x7c60/0x7c60 [ 1007.624810][T14386] should_fail+0x38c/0x4c0 [ 1007.629278][T14386] should_failslab+0x5/0x20 [ 1007.633838][T14386] slab_pre_alloc_hook+0x51/0xc0 [ 1007.638823][T14386] __kmalloc_node_track_caller+0x68/0x3a0 [ 1007.644632][T14386] ? netlink_sendmsg+0x645/0xbc0 [ 1007.649617][T14386] ? kmem_cache_alloc_node+0x162/0x2d0 [ 1007.655115][T14386] ? __alloc_skb+0xf4/0x750 [ 1007.659660][T14386] ? netlink_sendmsg+0x645/0xbc0 [ 1007.664650][T14386] __alloc_skb+0x22c/0x750 [ 1007.669111][T14386] netlink_sendmsg+0x645/0xbc0 [ 1007.673924][T14386] ? netlink_getsockopt+0x560/0x560 [ 1007.679174][T14386] ? aa_sock_msg_perm+0x94/0x150 [ 1007.684162][T14386] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 1007.689472][T14386] ? security_socket_sendmsg+0x7c/0xa0 [ 1007.694954][T14386] ? netlink_getsockopt+0x560/0x560 [ 1007.700195][T14386] ____sys_sendmsg+0x5a2/0x8c0 [ 1007.705010][T14386] ? memset+0x1e/0x40 [ 1007.709022][T14386] ? __sys_sendmsg_sock+0x30/0x30 [ 1007.714062][T14386] ? import_iovec+0x6f/0xa0 [ 1007.718665][T14386] ___sys_sendmsg+0x1f0/0x260 [ 1007.723355][T14386] ? __sys_sendmsg+0x250/0x250 [ 1007.728141][T14386] ? vfs_write+0x84d/0xd00 [ 1007.732572][T14386] ? __fdget+0x18b/0x210 [ 1007.736822][T14386] __se_sys_sendmsg+0x190/0x250 [ 1007.741681][T14386] ? __x64_sys_sendmsg+0x80/0x80 [ 1007.746624][T14386] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1007.752653][T14386] ? lockdep_hardirqs_on+0x94/0x140 [ 1007.757858][T14386] do_syscall_64+0x4c/0xa0 [ 1007.762318][T14386] ? clear_bhb_loop+0x30/0x80 [ 1007.767000][T14386] ? clear_bhb_loop+0x30/0x80 [ 1007.771679][T14386] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1007.777576][T14386] RIP: 0033:0x7f10378d1ec9 [ 1007.781999][T14386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1007.801607][T14386] RSP: 002b:00007f1035b39038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1007.810027][T14386] RAX: ffffffffffffffda RBX: 00007f1037b28fa0 RCX: 00007f10378d1ec9 [ 1007.818004][T14386] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 1007.825982][T14386] RBP: 00007f1035b39090 R08: 0000000000000000 R09: 0000000000000000 [ 1007.833975][T14386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1007.841965][T14386] R13: 00007f1037b29038 R14: 00007f1037b28fa0 R15: 00007ffdc2899588 [ 1007.849957][T14386] [ 1008.067677][T14395] loop3: detected capacity change from 0 to 128 [ 1008.286713][ T26] audit: type=1800 audit(1759272366.239:111): pid=14395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2516" name="file1" dev="loop3" ino=1050207 res=0 errno=0 [ 1008.364867][T14400] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1008.432077][T14400] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1008.459325][T14409] FAULT_INJECTION: forcing a failure. [ 1008.459325][T14409] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.648247][T14409] CPU: 0 PID: 14409 Comm: syz.2.2521 Not tainted syzkaller #0 [ 1008.655792][T14409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1008.665916][T14409] Call Trace: [ 1008.669455][T14409] [ 1008.672445][T14409] dump_stack_lvl+0x168/0x230 [ 1008.677183][T14409] ? show_regs_print_info+0x20/0x20 [ 1008.682442][T14409] ? load_image+0x3b0/0x3b0 [ 1008.687007][T14409] ? __lock_acquire+0x7c60/0x7c60 [ 1008.692091][T14409] ? rcu_lock_acquire+0x30/0x30 [ 1008.697026][T14409] should_fail+0x38c/0x4c0 [ 1008.701516][T14409] should_failslab+0x5/0x20 [ 1008.706170][T14409] slab_pre_alloc_hook+0x51/0xc0 [ 1008.711153][T14409] ? security_file_alloc+0x30/0x110 [ 1008.716409][T14409] kmem_cache_alloc+0x3d/0x290 [ 1008.721212][T14409] ? rcu_is_watching+0x11/0xa0 [ 1008.726006][T14409] security_file_alloc+0x30/0x110 [ 1008.731091][T14409] __alloc_file+0xc2/0x240 [ 1008.735559][T14409] alloc_empty_file+0x90/0x180 [ 1008.740369][T14409] path_openat+0xfc/0x2f30 [ 1008.744848][T14409] ? verify_lock_unused+0x140/0x140 [ 1008.750104][T14409] ? __kasan_slab_alloc+0xb3/0xd0 [ 1008.755271][T14409] ? __kasan_slab_alloc+0x9c/0xd0 [ 1008.760342][T14409] ? slab_post_alloc_hook+0x4c/0x380 [ 1008.765680][T14409] ? verify_lock_unused+0x140/0x140 [ 1008.770923][T14409] ? __x64_sys_openat+0x135/0x160 [ 1008.776026][T14409] ? do_syscall_64+0x4c/0xa0 [ 1008.780679][T14409] ? do_filp_open+0x3e0/0x3e0 [ 1008.786037][T14409] do_filp_open+0x1b3/0x3e0 [ 1008.790593][T14409] ? vfs_tmpfile+0x300/0x300 [ 1008.795255][T14409] ? _raw_spin_unlock+0x24/0x40 [ 1008.800158][T14409] ? alloc_fd+0x598/0x630 [ 1008.804550][T14409] do_sys_openat2+0x142/0x4a0 [ 1008.809268][T14409] ? __lock_acquire+0x7c60/0x7c60 [ 1008.814455][T14409] ? do_sys_open+0xe0/0xe0 [ 1008.818932][T14409] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1008.824971][T14409] ? lock_chain_count+0x20/0x20 [ 1008.829880][T14409] ? vtime_user_exit+0x2dc/0x400 [ 1008.834883][T14409] __x64_sys_openat+0x135/0x160 [ 1008.839912][T14409] do_syscall_64+0x4c/0xa0 [ 1008.844409][T14409] ? clear_bhb_loop+0x30/0x80 [ 1008.849180][T14409] ? clear_bhb_loop+0x30/0x80 [ 1008.854029][T14409] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1008.859977][T14409] RIP: 0033:0x7fd63a01f710 [ 1008.864456][T14409] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 1008.884103][T14409] RSP: 002b:00007fd638287f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1008.892577][T14409] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd63a01f710 [ 1008.900584][T14409] RDX: 0000000000000000 RSI: 00007fd63a0a407e RDI: 00000000ffffff9c [ 1008.908772][T14409] RBP: 00007fd63a0a407e R08: 0000000000000000 R09: 0000000000000000 [ 1008.916782][T14409] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1008.924821][T14409] R13: 00007fd63a278038 R14: 00007fd63a277fa0 R15: 00007ffec301b178 [ 1008.932854][T14409] [ 1009.440127][T14418] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1009.471818][T14418] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1009.770494][T14427] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1009.802634][T14427] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1010.087468][T14445] loop1: detected capacity change from 0 to 64 [ 1011.370648][T14454] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1011.404105][T14454] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1011.464820][T14459] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1011.480965][T14461] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1011.497772][T14459] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1011.508354][T14461] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1012.242340][T14480] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1012.280058][T14480] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1012.525697][T14485] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1012.544429][T14492] loop4: detected capacity change from 0 to 1024 [ 1012.559176][T14485] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1012.612472][T14492] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 1012.885678][T14488] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1012.911028][T14488] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1013.359835][T14500] EXT4-fs warning (device loop4): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 1013.859455][T14513] FAULT_INJECTION: forcing a failure. [ 1013.859455][T14513] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1013.891271][T14501] loop5: detected capacity change from 0 to 32768 [ 1013.901385][T14513] CPU: 1 PID: 14513 Comm: syz.4.2546 Not tainted syzkaller #0 [ 1013.908902][T14513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1013.918988][T14513] Call Trace: [ 1013.922296][T14513] [ 1013.925257][T14513] dump_stack_lvl+0x168/0x230 [ 1013.929963][T14513] ? show_regs_print_info+0x20/0x20 [ 1013.935189][T14513] ? load_image+0x3b0/0x3b0 [ 1013.939731][T14513] ? __lock_acquire+0x7c60/0x7c60 [ 1013.944818][T14513] should_fail+0x38c/0x4c0 [ 1013.949286][T14513] _copy_to_iter+0x22a/0x1160 [ 1013.954013][T14513] ? __lock_acquire+0x7c60/0x7c60 [ 1013.959089][T14513] ? iov_iter_init+0x170/0x170 [ 1013.963886][T14513] ? __virt_addr_valid+0x3c6/0x470 [ 1013.969023][T14513] ? __phys_addr+0xb6/0x170 [ 1013.973548][T14513] ? __phys_addr_symbol+0x2b/0x70 [ 1013.978601][T14513] ? __check_object_size+0x30c/0x410 [ 1013.983959][T14513] __skb_datagram_iter+0xde/0x740 [ 1013.989023][T14513] ? skb_copy_datagram_iter+0x1f0/0x1f0 [ 1013.994618][T14513] skb_copy_datagram_iter+0xad/0x1f0 [ 1013.999953][T14513] netlink_recvmsg+0x2bb/0xdb0 [ 1014.004765][T14513] ? netlink_sendmsg+0xbc0/0xbc0 [ 1014.009743][T14513] ? aa_sk_perm+0x7b4/0x8f0 [ 1014.014294][T14513] ? aa_af_perm+0x2b0/0x2b0 [ 1014.018853][T14513] ? bpf_lsm_socket_recvmsg+0x5/0x10 [ 1014.024407][T14513] ? security_socket_recvmsg+0x85/0xb0 [ 1014.029914][T14513] ? netlink_sendmsg+0xbc0/0xbc0 [ 1014.034890][T14513] ____sys_recvmsg+0x291/0x580 [ 1014.039699][T14513] ? __might_fault+0xb3/0x110 [ 1014.044441][T14513] ? __sys_recvmsg_sock+0x40/0x40 [ 1014.049519][T14513] ? import_iovec+0x6f/0xa0 [ 1014.054057][T14513] ___sys_recvmsg+0x1af/0x4f0 [ 1014.058775][T14513] ? __sys_recvmsg+0x250/0x250 [ 1014.063604][T14513] ? __fdget+0x18b/0x210 [ 1014.067873][T14513] ? do_recvmmsg+0x16b/0x7a0 [ 1014.072489][T14513] do_recvmmsg+0x344/0x7a0 [ 1014.076946][T14513] ? __sys_recvmmsg+0x280/0x280 [ 1014.081846][T14513] ? get_timespec64+0x10e/0x1a0 [ 1014.086728][T14513] ? timespec64_add_safe+0x1d0/0x1d0 [ 1014.092050][T14513] __x64_sys_recvmmsg+0x1ac/0x240 [ 1014.097109][T14513] ? do_recvmmsg+0x7a0/0x7a0 [ 1014.101729][T14513] ? lockdep_hardirqs_on+0x94/0x140 [ 1014.106962][T14513] do_syscall_64+0x4c/0xa0 [ 1014.111403][T14513] ? clear_bhb_loop+0x30/0x80 [ 1014.116102][T14513] ? clear_bhb_loop+0x30/0x80 [ 1014.120814][T14513] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1014.126792][T14513] RIP: 0033:0x7fca49fafec9 [ 1014.131284][T14513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1014.150921][T14513] RSP: 002b:00007fca48217038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1014.159377][T14513] RAX: ffffffffffffffda RBX: 00007fca4a206fa0 RCX: 00007fca49fafec9 [ 1014.167486][T14513] RDX: 00000000000001ca RSI: 00002000000037c0 RDI: 0000000000000003 [ 1014.175496][T14513] RBP: 00007fca48217090 R08: 0000200000003700 R09: 0000000000000000 [ 1014.183586][T14513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1014.191584][T14513] R13: 00007fca4a207038 R14: 00007fca4a206fa0 R15: 00007ffc7947df38 [ 1014.199605][T14513] [ 1014.216003][T14522] FAULT_INJECTION: forcing a failure. [ 1014.216003][T14522] name failslab, interval 1, probability 0, space 0, times 0 [ 1014.229199][T14522] CPU: 1 PID: 14522 Comm: syz.1.2549 Not tainted syzkaller #0 [ 1014.236806][T14522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1014.246899][T14522] Call Trace: [ 1014.250212][T14522] [ 1014.253179][T14522] dump_stack_lvl+0x168/0x230 [ 1014.257996][T14522] ? show_regs_print_info+0x20/0x20 [ 1014.263242][T14522] ? load_image+0x3b0/0x3b0 [ 1014.267915][T14522] ? __lock_acquire+0x7c60/0x7c60 [ 1014.273092][T14522] ? rcu_lock_acquire+0x30/0x30 [ 1014.277985][T14522] should_fail+0x38c/0x4c0 [ 1014.282448][T14522] should_failslab+0x5/0x20 [ 1014.286983][T14522] slab_pre_alloc_hook+0x51/0xc0 [ 1014.291949][T14522] ? security_file_alloc+0x30/0x110 [ 1014.297179][T14522] kmem_cache_alloc+0x3d/0x290 [ 1014.301976][T14522] ? rcu_is_watching+0x11/0xa0 [ 1014.306879][T14522] security_file_alloc+0x30/0x110 [ 1014.311990][T14522] __alloc_file+0xc2/0x240 [ 1014.316455][T14522] alloc_empty_file+0x90/0x180 [ 1014.321257][T14522] path_openat+0xfc/0x2f30 [ 1014.325733][T14522] ? verify_lock_unused+0x140/0x140 [ 1014.331069][T14522] ? __kasan_slab_alloc+0xb3/0xd0 [ 1014.336123][T14522] ? __kasan_slab_alloc+0x9c/0xd0 [ 1014.341245][T14522] ? slab_post_alloc_hook+0x4c/0x380 [ 1014.346557][T14522] ? verify_lock_unused+0x140/0x140 [ 1014.351795][T14522] ? __x64_sys_openat+0x135/0x160 [ 1014.356853][T14522] ? do_syscall_64+0x4c/0xa0 [ 1014.361558][T14522] ? do_filp_open+0x3e0/0x3e0 [ 1014.366278][T14522] do_filp_open+0x1b3/0x3e0 [ 1014.370820][T14522] ? vfs_tmpfile+0x300/0x300 [ 1014.375555][T14522] ? _raw_spin_unlock+0x24/0x40 [ 1014.380435][T14522] ? alloc_fd+0x598/0x630 [ 1014.384799][T14522] do_sys_openat2+0x142/0x4a0 [ 1014.389508][T14522] ? __lock_acquire+0x7c60/0x7c60 [ 1014.394667][T14522] ? do_sys_open+0xe0/0xe0 [ 1014.399139][T14522] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1014.405343][T14522] ? lock_chain_count+0x20/0x20 [ 1014.410231][T14522] ? vtime_user_exit+0x2dc/0x400 [ 1014.415212][T14522] __x64_sys_openat+0x135/0x160 [ 1014.420123][T14522] do_syscall_64+0x4c/0xa0 [ 1014.424568][T14522] ? clear_bhb_loop+0x30/0x80 [ 1014.429409][T14522] ? clear_bhb_loop+0x30/0x80 [ 1014.434124][T14522] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1014.440237][T14522] RIP: 0033:0x7fc594507710 [ 1014.444684][T14522] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 1014.464333][T14522] RSP: 002b:00007fc59276fb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1014.472789][T14522] RAX: ffffffffffffffda RBX: 0000000000022081 RCX: 00007fc594507710 [ 1014.480794][T14522] RDX: 0000000000022081 RSI: 00007fc59276fc10 RDI: 00000000ffffff9c [ 1014.488800][T14522] RBP: 00007fc59276fc10 R08: 0000000000000000 R09: 002367732f766564 [ 1014.496813][T14522] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 1014.504822][T14522] R13: 00007fc594760038 R14: 00007fc59475ffa0 R15: 00007ffd19179148 [ 1014.512847][T14522] [ 1014.552218][T14526] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0 [ 1014.748662][T14528] loop4: detected capacity change from 0 to 128 [ 1014.807387][ T26] audit: type=1800 audit(1759272372.759:112): pid=14528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2551" name="file1" dev="loop4" ino=1050208 res=0 errno=0 [ 1015.038960][T14529] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1015.080796][T14529] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1015.181018][T14538] trusted_key: encrypted_key: insufficient parameters specified [ 1015.934528][T14532] loop1: detected capacity change from 0 to 8192 [ 1017.474294][T14559] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2561'. [ 1017.658290][T14547] loop1: detected capacity change from 0 to 32768 [ 1017.756508][T14550] loop3: detected capacity change from 0 to 32768 [ 1017.829728][T14550] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2558 (14550) [ 1017.928298][T14550] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 1017.964526][T14550] BTRFS info (device loop3): use zlib compression, level 3 [ 1018.002273][T14550] BTRFS info (device loop3): turning on sync discard [ 1018.063934][T14550] BTRFS info (device loop3): enabling disk space caching [ 1018.091092][T14581] loop5: detected capacity change from 0 to 1024 [ 1018.100257][T14571] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1018.106554][T14550] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1018.148461][T14571] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1018.190134][T14585] loop2: detected capacity change from 0 to 256 [ 1018.199653][T14550] BTRFS info (device loop3): trying to use backup root at mount time [ 1018.272681][T14550] BTRFS info (device loop3): force clearing of disk cache [ 1018.316172][T14550] BTRFS error (device loop3): unrecognized mount option 'uid=00000000000000000000' [ 1018.354926][T14585] FAT-fs (loop2): Directory bread(block 64) failed [ 1018.364633][T14581] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1018.610255][ T4424] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by udevd (4424) [ 1018.654541][T14550] BTRFS error (device loop3): open_ctree failed: -22 [ 1018.706525][T14585] FAT-fs (loop2): Directory bread(block 65) failed [ 1018.990332][T14585] FAT-fs (loop2): Directory bread(block 66) failed [ 1019.051348][T14585] FAT-fs (loop2): Directory bread(block 67) failed [ 1019.137396][T14585] FAT-fs (loop2): Directory bread(block 68) failed [ 1019.152869][T14585] FAT-fs (loop2): Directory bread(block 69) failed [ 1019.164317][T14585] FAT-fs (loop2): Directory bread(block 70) failed [ 1019.195098][T14585] FAT-fs (loop2): Directory bread(block 71) failed [ 1019.249917][T14585] FAT-fs (loop2): Directory bread(block 72) failed [ 1019.262293][T14598] loop1: detected capacity change from 0 to 128 [ 1019.293475][T14585] FAT-fs (loop2): Directory bread(block 73) failed [ 1019.423153][ T26] audit: type=1800 audit(1759272377.349:113): pid=14598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2570" name="file1" dev="loop1" ino=1050211 res=0 errno=0 [ 1021.060528][T14613] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1021.085775][T14613] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1022.746774][T14642] trusted_key: encrypted_key: insufficient parameters specified [ 1023.816962][T14645] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1023.863078][T14645] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1024.724846][T14631] loop2: detected capacity change from 0 to 32768 [ 1024.749373][T14659] loop3: detected capacity change from 0 to 128 [ 1024.934512][T14663] loop4: detected capacity change from 0 to 1024 [ 1024.981285][T14667] loop1: detected capacity change from 0 to 1024 [ 1025.021167][T14659] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1025.083215][T14659] ext4 filesystem being mounted at /531/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1025.114707][T14663] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 1025.187238][T14667] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1025.213186][T14659] syz.3.2586 (pid 14659) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 1025.430513][T14676] fscrypt: key with descriptor e8dab99234bb312e is too short (got 16 bytes, need 32+ bytes) [ 1025.570579][T14678] EXT4-fs warning (device loop4): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 1026.301219][T14685] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2592'. [ 1026.610255][T14693] syz.3.2592 (14693) used greatest stack depth: 18592 bytes left [ 1027.407918][T14706] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1027.438742][T14706] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1027.571964][T14713] loop4: detected capacity change from 0 to 1024 [ 1027.662013][T14710] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1027.680611][T14710] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1027.731010][T14713] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 1028.061898][T14721] EXT4-fs warning (device loop4): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 1028.471235][T14716] loop5: detected capacity change from 0 to 32768 [ 1028.853646][T14734] loop5: detected capacity change from 0 to 128 [ 1028.965083][T14734] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1028.990929][T14734] ext4 filesystem being mounted at /415/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1029.134399][T14734] fscrypt: key with descriptor e8dab99234bb312e is too short (got 16 bytes, need 32+ bytes) [ 1029.560818][T14739] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1029.598848][T14739] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1029.765448][T14754] loop3: detected capacity change from 0 to 64 [ 1029.813763][T14748] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1029.842208][T14748] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1029.866667][T14754] MINIX-fs: deleted inode referenced: 6 [ 1029.889026][T14754] MINIX-fs: deleted inode referenced: 6 [ 1029.905307][T14754] MINIX-fs: deleted inode referenced: 6 [ 1029.911939][T14754] MINIX-fs: deleted inode referenced: 6 [ 1030.123493][T14764] loop5: detected capacity change from 0 to 1024 [ 1030.241373][T14764] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 1030.253823][T12206] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1030.632594][T12206] usb 5-1: Using ep0 maxpacket: 32 [ 1030.726824][T14770] EXT4-fs warning (device loop5): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 1031.192921][T12206] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1031.220741][T12206] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1031.248834][T12206] usb 5-1: config 1 has no interface number 1 [ 1031.276244][T14767] loop3: detected capacity change from 0 to 32768 [ 1031.304065][T12206] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1031.348131][T14775] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1031.492631][T14775] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1032.402713][T12206] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1032.422115][T12206] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1032.436199][T12206] usb 5-1: Product: syz [ 1032.440685][T12206] usb 5-1: Manufacturer: syz [ 1032.487077][T12206] usb 5-1: SerialNumber: syz [ 1033.534667][T12206] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 1033.548231][T12206] usb 5-1: 2:1 : format type 6 is not supported yet [ 1033.577829][T14811] loop4: detected capacity change from 0 to 64 [ 1033.589943][T12206] usb 5-1: USB disconnect, device number 9 [ 1033.657275][T14816] loop1: detected capacity change from 0 to 512 [ 1033.709826][T14811] MINIX-fs: deleted inode referenced: 6 [ 1033.721278][T14816] EXT4-fs (loop1): Ignoring removed nobh option [ 1033.732920][T14811] MINIX-fs: deleted inode referenced: 6 [ 1033.743511][T14811] MINIX-fs: deleted inode referenced: 6 [ 1033.749263][T14811] MINIX-fs: deleted inode referenced: 6 [ 1033.794881][T14820] loop2: detected capacity change from 0 to 1024 [ 1033.817982][T14816] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nodioread_nolock,nodelalloc,norecovery,grpquota,nobh,,errors=continue. Quota mode: writeback. [ 1033.853824][T14816] ext4 filesystem being mounted at /525/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1033.905510][ T4397] udevd[4397]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1033.954219][T14820] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 1034.225063][ T26] audit: type=1800 audit(1759272392.149:114): pid=14816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2625" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 1034.248691][ T26] audit: type=1800 audit(1759272392.179:115): pid=14826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2625" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 1034.375020][T14831] EXT4-fs warning (device loop2): empty_inline_dir:1852: bad inline directory (dir #12) - no `..' [ 1035.262002][T14842] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1035.290897][T14842] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1036.079767][T14863] loop5: detected capacity change from 0 to 512 [ 1036.145469][T14840] loop4: detected capacity change from 0 to 32768 [ 1036.200569][T14863] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1036.327389][T14863] EXT4-fs (loop5): 1 truncate cleaned up [ 1036.381990][T14863] EXT4-fs (loop5): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,dioread_lock,data_err=ignore,,errors=continue. Quota mode: none. [ 1036.447772][T14874] loop2: detected capacity change from 0 to 64 [ 1036.562754][T14863] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2636'. [ 1036.575077][T14874] MINIX-fs: deleted inode referenced: 6 [ 1036.587881][T14874] MINIX-fs: deleted inode referenced: 6 [ 1036.619565][T14863] netlink: 'syz.5.2636': attribute type 1 has an invalid length. [ 1037.167898][T14884] loop5: detected capacity change from 0 to 512 [ 1037.547326][ T21] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1037.973743][T14884] EXT4-fs (loop5): mounted filesystem without journal. Opts: resgid=0x0000000000000000,errors=continue,noblock_validity,,errors=continue. Quota mode: none. [ 1038.080441][T14884] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.2642: Unimplemented hash flags: 0x0001 [ 1038.115167][T14884] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.2642: Corrupt directory, running e2fsck is recommended [ 1038.150966][T14884] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.2642: Unimplemented hash flags: 0x0001 [ 1038.152863][ T21] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 1038.167218][T14884] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.2642: Corrupt directory, running e2fsck is recommended [ 1038.228006][ T21] usb 3-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1038.290366][ T21] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1038.306463][ T21] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.317100][T14897] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.2642: Unimplemented hash flags: 0x0001 [ 1038.368304][T14897] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.2642: Corrupt directory, running e2fsck is recommended [ 1038.394292][T14895] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.2642: Unimplemented hash flags: 0x0001 [ 1038.782820][ T21] snd-usb-audio: probe of 3-1:27.0 failed with error -2 [ 1039.009001][ T4424] udevd[4424]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1039.113723][T14895] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.2642: Corrupt directory, running e2fsck is recommended [ 1039.129229][T14884] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.2642: Unimplemented hash flags: 0x0001 [ 1039.182705][T14884] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.2642: Corrupt directory, running e2fsck is recommended [ 1039.358013][T14877] loop2: detected capacity change from 0 to 2048 [ 1039.630847][T14877] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1039.705324][T14877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2640'. [ 1040.305466][T14918] loop5: detected capacity change from 0 to 32768 [ 1040.628621][T14930] syz.3.2652 uses obsolete (PF_INET,SOCK_PACKET) [ 1040.635520][T14923] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 1040.885183][T14934] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2653'. [ 1041.218162][T14939] device syzkaller0 entered promiscuous mode [ 1041.224510][T13995] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 1041.462684][T13995] usb 4-1: Using ep0 maxpacket: 32 [ 1041.534571][T14953] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1041.555543][T14953] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1041.566147][T14953] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1041.581212][T14953] device bridge_slave_0 left promiscuous mode [ 1041.588252][T13995] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 1041.600347][T13995] usb 4-1: config 0 has no interface number 0 [ 1041.610491][T14955] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 1041.639817][T13995] usb 4-1: config 0 interface 184 has no altsetting 0 [ 1041.663847][T14953] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.681921][T14953] device bridge_slave_1 left promiscuous mode [ 1041.699716][T14953] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.748906][T14953] bond0: (slave bond_slave_0): Releasing backup interface [ 1041.812704][T13995] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 1041.827985][T14953] bond0: (slave bond_slave_1): Releasing backup interface [ 1041.835650][T13995] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1041.855065][T13995] usb 4-1: Product: syz [ 1041.862996][T13995] usb 4-1: Manufacturer: syz [ 1041.867661][T13995] usb 4-1: SerialNumber: syz [ 1041.895341][T13995] usb 4-1: config 0 descriptor?? [ 1041.935154][T13995] smsc75xx v1.0.0 [ 1041.975387][T14953] team0: Port device team_slave_0 removed [ 1042.025028][T14953] team0: Port device team_slave_1 removed [ 1042.031686][T14953] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1042.052467][T13310] usb 3-1: USB disconnect, device number 10 [ 1042.053613][T14953] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1042.082778][T14953] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1042.096480][T14953] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1042.175864][T14956] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1042.240925][T14956] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1042.258893][T14956] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1042.681640][T14981] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2669'. [ 1043.053526][T14989] tipc: Started in network mode [ 1043.058972][T14989] tipc: Node identity ac1414aa, cluster identity 4711 [ 1043.072020][T14989] tipc: Enabled bearer , priority 10 [ 1043.201709][T14993] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2675'. [ 1043.464363][T14936] input: syz1 as /devices/virtual/input/input9 [ 1043.502812][T13995] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 1043.540680][T13995] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 1043.584667][T13995] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 1043.609802][T13995] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 1043.653697][T14997] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2677'. [ 1043.656001][T13995] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 1043.672728][T13995] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 1043.709362][T13995] smsc75xx: probe of 4-1:0.184 failed with error -71 [ 1043.735743][T13995] usb 4-1: USB disconnect, device number 8 [ 1043.799521][T15008] sch_tbf: burst 274 is lower than device lo mtu (65550) ! [ 1043.827451][ T26] audit: type=1326 audit(1759272401.779:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15007 comm="syz.5.2681" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7fdfabec9 code=0x0 [ 1043.959018][T15013] netlink: 116 bytes leftover after parsing attributes in process `syz.4.2683'. [ 1044.283920][T15014] loop5: detected capacity change from 0 to 32768 [ 1044.293371][T12206] tipc: Node number set to 2886997162 [ 1044.413126][T15014] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1044.421505][T15014] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1044.439419][T15014] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms [ 1044.450578][T12206] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1044.471887][T12206] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1044.510769][T12206] attempt to access beyond end of device [ 1044.510769][T12206] loop5: rw=0, want=402653192, limit=32768 [ 1044.563577][T12206] gfs2: fsid=syz:syz.0: jid=0: Failed [ 1044.569930][T15014] gfs2: fsid=syz:syz.0: error recovering journal 0: -5 [ 1045.241199][T15058] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2696'. [ 1045.566029][T15072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2704'. [ 1045.619320][T15072] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2704'. [ 1045.924537][T15086] device wg1 entered promiscuous mode [ 1046.476258][T15101] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2716'. [ 1047.544156][T15131] netlink: 'syz.3.2727': attribute type 1 has an invalid length. [ 1047.628489][T15133] tipc: Started in network mode [ 1047.649894][T15133] tipc: Node identity 6af167bf643b, cluster identity 4711 [ 1047.676678][T15133] tipc: Enabled bearer , priority 0 [ 1047.701537][T15138] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2729'. [ 1047.729338][T15133] device syzkaller0 entered promiscuous mode [ 1047.813005][T15133] tipc: Resetting bearer [ 1047.846872][T15142] device wlan1 entered promiscuous mode [ 1047.855042][T15142] device macsec1 entered promiscuous mode [ 1047.867583][T15142] device wlan1 left promiscuous mode [ 1047.912715][T12205] Bluetooth: hci5: command 0x0405 tx timeout [ 1048.007119][T15135] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2728'. [ 1048.035754][T15132] tipc: Resetting bearer [ 1048.082262][T15132] tipc: Disabling bearer [ 1049.865406][T15242] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 1050.208101][T15204] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 1050.248443][T15204] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 1050.628623][T15270] netlink: 84 bytes leftover after parsing attributes in process `syz.5.2768'. [ 1050.926438][T15283] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2774'. [ 1050.938092][T15285] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 1051.726188][T15320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2790'. [ 1051.829028][T15320] device team_slave_0 entered promiscuous mode [ 1051.835896][T15320] device team_slave_1 entered promiscuous mode [ 1051.857316][T15320] device macvtap1 entered promiscuous mode [ 1051.865745][T15320] device team0 entered promiscuous mode [ 1051.918540][T15320] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 1051.938109][T15327] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2790'. [ 1051.958679][T15327] device team0 left promiscuous mode [ 1051.968893][T15327] device team_slave_0 left promiscuous mode [ 1051.975134][T15327] device team_slave_1 left promiscuous mode [ 1052.011774][T15332] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2793'. [ 1052.243496][T15335] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2794'. [ 1052.425571][T15346] netlink: 'syz.3.2798': attribute type 6 has an invalid length. [ 1052.509777][ C0] ------------[ cut here ]------------ [ 1052.515331][ C0] WARNING: CPU: 0 PID: 15350 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0 [ 1052.524819][ C0] Modules linked in: [ 1052.528716][ C0] CPU: 0 PID: 15350 Comm: syz.1.2801 Not tainted syzkaller #0 [ 1052.536178][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1052.546239][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0 [ 1052.552404][ C0] Code: 24 45 31 f6 31 ff 89 de e8 3d f7 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 c0 f3 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe [ 1052.572134][ C0] RSP: 0000:ffffc90000007d30 EFLAGS: 00010006 [ 1052.578292][ C0] RAX: ffffffff819ed760 RBX: 0000000000000000 RCX: ffff8880210bbb80 [ 1052.586617][ C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1052.594682][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: ffffed1004217771 [ 1052.602661][ C0] R10: ffffed1004217771 R11: 1ffff11004217770 R12: ffff8880210bd308 [ 1052.610811][ C0] R13: 00007ffffffff000 R14: ffffc90000007da8 R15: 0000000000000000 [ 1052.618797][ C0] FS: 00007fc5927706c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 1052.627909][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1052.634503][ C0] CR2: 00007fc5944a4cf0 CR3: 0000000023004000 CR4: 00000000003506f0 [ 1052.642504][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1052.650494][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1052.658476][ C0] Call Trace: [ 1052.661761][ C0] [ 1052.664630][ C0] bpf_probe_read_compat+0xdd/0x170 [ 1052.669860][ C0] bpf_prog_f3c4d654356a1293+0x34/0xb2c [ 1052.675522][ C0] bpf_trace_run2+0x15b/0x2d0 [ 1052.680248][ C0] ? bpf_trace_run1+0x2d0/0x2d0 [ 1052.685202][ C0] ? flush_tlb_one_user+0x50/0x50 [ 1052.690242][ C0] trace_tlb_flush+0xe6/0x110 [ 1052.694928][ C0] flush_tlb_func+0x43f/0x510 [ 1052.699604][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 1052.704813][ C0] ? sched_clock_cpu+0x15/0x3c0 [ 1052.709672][ C0] ? native_flush_tlb_multi+0xd0/0xd0 [ 1052.715054][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 1052.720258][ C0] ? native_flush_tlb_multi+0xd0/0xd0 [ 1052.725632][ C0] flush_smp_call_function_queue+0x2a9/0x760 [ 1052.731633][ C0] __sysvec_call_function_single+0x98/0x240 [ 1052.737565][ C0] sysvec_call_function_single+0x98/0xc0 [ 1052.743222][ C0] [ 1052.746161][ C0] [ 1052.749098][ C0] asm_sysvec_call_function_single+0x16/0x20 [ 1052.755088][ C0] RIP: 0010:lock_is_held_type+0x13a/0x190 [ 1052.760935][ C0] Code: 75 40 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 41 f7 c5 00 02 00 00 74 01 fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 3c 89 e8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f [ 1052.780568][ C0] RSP: 0000:ffffc9000434fa58 EFLAGS: 00000206 [ 1052.786651][ C0] RAX: 25c0538fab96f700 RBX: ffff8880210bbb80 RCX: 25c0538fab96f700 [ 1052.794634][ C0] RDX: 0000000000000000 RSI: ffffffff8a0b2ac0 RDI: ffffffff8a59a480 [ 1052.802611][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff940003974e7 [ 1052.810614][ C0] R10: fffff940003974e7 R11: 1ffffd40003974e6 R12: 0000000000000003 [ 1052.818803][ C0] R13: 0000000000000246 R14: ffff8880242f4ab0 R15: ffff8880210bc6e8 [ 1052.826821][ C0] xas_reload+0xf9/0x470 [ 1052.831093][ C0] next_uptodate_page+0x2a5/0x8b0 [ 1052.836155][ C0] filemap_map_pages+0xebd/0x1390 [ 1052.841194][ C0] ? filemap_read_page+0x4c0/0x4c0 [ 1052.846310][ C0] ? count_memcg_event_mm+0x311/0x360 [ 1052.851690][ C0] ? verify_lock_unused+0x140/0x140 [ 1052.856927][ C0] handle_mm_fault+0x2580/0x43c0 [ 1052.862403][ C0] ? get_page+0xe0/0xe0 [ 1052.866606][ C0] ? vmacache_find+0x4f0/0x590 [ 1052.871379][ C0] ? vmacache_update+0xa0/0x100 [ 1052.876328][ C0] ? find_vma+0x1df/0x230 [ 1052.880667][ C0] do_user_addr_fault+0x489/0xc80 [ 1052.885788][ C0] ? rcu_is_watching+0x11/0xa0 [ 1052.890572][ C0] exc_page_fault+0x60/0x100 [ 1052.895197][ C0] ? clear_bhb_loop+0x30/0x80 [ 1052.899900][ C0] asm_exc_page_fault+0x22/0x30 [ 1052.904768][ C0] RIP: 0033:0x7fc5944a4cf0 [ 1052.909208][ C0] Code: Unable to access opcode bytes at RIP 0x7fc5944a4cc6. [ 1052.916705][ C0] RSP: 002b:00007fc592770118 EFLAGS: 00010246 [ 1052.922957][ C0] RAX: 0000000000000000 RBX: 00007fc5927706c0 RCX: 00007fc5944bfaa7 [ 1052.930967][ C0] RDX: ffffffffffffffb0 RSI: 0000000000000018 RDI: 00007fc592770130 [ 1052.939068][ C0] RBP: 0000000000000000 R08: 00007fc5927706c0 R09: 00007ffd19179147 [ 1052.947383][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: ffffffffffffffa8 [ 1052.955491][ C0] R13: 000000000000000b R14: 00007ffd19179060 R15: 00007ffd19179148 [ 1052.963762][ C0] [ 1052.966815][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1052.974286][ C0] CPU: 0 PID: 15350 Comm: syz.1.2801 Not tainted syzkaller #0 [ 1052.981768][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1052.991833][ C0] Call Trace: [ 1052.995125][ C0] [ 1052.997977][ C0] dump_stack_lvl+0x168/0x230 [ 1053.002674][ C0] ? show_regs_print_info+0x20/0x20 [ 1053.008070][ C0] ? load_image+0x3b0/0x3b0 [ 1053.012796][ C0] panic+0x2c9/0x7f0 [ 1053.016710][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 1053.021229][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 1053.026873][ C0] __warn+0x248/0x2b0 [ 1053.030866][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 1053.036420][ C0] report_bug+0x1b7/0x2e0 [ 1053.040763][ C0] handle_bug+0x3a/0x70 [ 1053.044924][ C0] exc_invalid_op+0x16/0x40 [ 1053.049444][ C0] asm_exc_invalid_op+0x16/0x20 [ 1053.054312][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0 [ 1053.060666][ C0] Code: 24 45 31 f6 31 ff 89 de e8 3d f7 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 c0 f3 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe [ 1053.080555][ C0] RSP: 0000:ffffc90000007d30 EFLAGS: 00010006 [ 1053.086638][ C0] RAX: ffffffff819ed760 RBX: 0000000000000000 RCX: ffff8880210bbb80 [ 1053.094615][ C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1053.102682][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: ffffed1004217771 [ 1053.110666][ C0] R10: ffffed1004217771 R11: 1ffff11004217770 R12: ffff8880210bd308 [ 1053.118653][ C0] R13: 00007ffffffff000 R14: ffffc90000007da8 R15: 0000000000000000 [ 1053.126639][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 1053.132214][ C0] bpf_probe_read_compat+0xdd/0x170 [ 1053.137423][ C0] bpf_prog_f3c4d654356a1293+0x34/0xb2c [ 1053.142973][ C0] bpf_trace_run2+0x15b/0x2d0 [ 1053.147752][ C0] ? bpf_trace_run1+0x2d0/0x2d0 [ 1053.152605][ C0] ? flush_tlb_one_user+0x50/0x50 [ 1053.157655][ C0] trace_tlb_flush+0xe6/0x110 [ 1053.162338][ C0] flush_tlb_func+0x43f/0x510 [ 1053.167127][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 1053.172368][ C0] ? sched_clock_cpu+0x15/0x3c0 [ 1053.177253][ C0] ? native_flush_tlb_multi+0xd0/0xd0 [ 1053.182648][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 1053.187946][ C0] ? native_flush_tlb_multi+0xd0/0xd0 [ 1053.193328][ C0] flush_smp_call_function_queue+0x2a9/0x760 [ 1053.199319][ C0] __sysvec_call_function_single+0x98/0x240 [ 1053.205218][ C0] sysvec_call_function_single+0x98/0xc0 [ 1053.210863][ C0] [ 1053.213797][ C0] [ 1053.216729][ C0] asm_sysvec_call_function_single+0x16/0x20 [ 1053.222715][ C0] RIP: 0010:lock_is_held_type+0x13a/0x190 [ 1053.228439][ C0] Code: 75 40 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 41 f7 c5 00 02 00 00 74 01 fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 3c 89 e8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f [ 1053.248047][ C0] RSP: 0000:ffffc9000434fa58 EFLAGS: 00000206 [ 1053.254207][ C0] RAX: 25c0538fab96f700 RBX: ffff8880210bbb80 RCX: 25c0538fab96f700 [ 1053.262278][ C0] RDX: 0000000000000000 RSI: ffffffff8a0b2ac0 RDI: ffffffff8a59a480 [ 1053.270264][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff940003974e7 [ 1053.278243][ C0] R10: fffff940003974e7 R11: 1ffffd40003974e6 R12: 0000000000000003 [ 1053.286216][ C0] R13: 0000000000000246 R14: ffff8880242f4ab0 R15: ffff8880210bc6e8 [ 1053.294213][ C0] xas_reload+0xf9/0x470 [ 1053.298468][ C0] next_uptodate_page+0x2a5/0x8b0 [ 1053.303499][ C0] filemap_map_pages+0xebd/0x1390 [ 1053.308541][ C0] ? filemap_read_page+0x4c0/0x4c0 [ 1053.313660][ C0] ? count_memcg_event_mm+0x311/0x360 [ 1053.319047][ C0] ? verify_lock_unused+0x140/0x140 [ 1053.324260][ C0] handle_mm_fault+0x2580/0x43c0 [ 1053.329215][ C0] ? get_page+0xe0/0xe0 [ 1053.333385][ C0] ? vmacache_find+0x4f0/0x590 [ 1053.338154][ C0] ? vmacache_update+0xa0/0x100 [ 1053.343029][ C0] ? find_vma+0x1df/0x230 [ 1053.347544][ C0] do_user_addr_fault+0x489/0xc80 [ 1053.352848][ C0] ? rcu_is_watching+0x11/0xa0 [ 1053.357643][ C0] exc_page_fault+0x60/0x100 [ 1053.362249][ C0] ? clear_bhb_loop+0x30/0x80 [ 1053.366946][ C0] asm_exc_page_fault+0x22/0x30 [ 1053.371817][ C0] RIP: 0033:0x7fc5944a4cf0 [ 1053.376421][ C0] Code: Unable to access opcode bytes at RIP 0x7fc5944a4cc6. [ 1053.383824][ C0] RSP: 002b:00007fc592770118 EFLAGS: 00010246 [ 1053.389896][ C0] RAX: 0000000000000000 RBX: 00007fc5927706c0 RCX: 00007fc5944bfaa7 [ 1053.397879][ C0] RDX: ffffffffffffffb0 RSI: 0000000000000018 RDI: 00007fc592770130 [ 1053.405858][ C0] RBP: 0000000000000000 R08: 00007fc5927706c0 R09: 00007ffd19179147 [ 1053.413840][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: ffffffffffffffa8 [ 1053.421953][ C0] R13: 000000000000000b R14: 00007ffd19179060 R15: 00007ffd19179148 [ 1053.429984][ C0] [ 1053.433271][ C0] Kernel Offset: disabled [ 1053.437763][ C0] Rebooting in 86400 seconds..