last executing test programs: 3m53.333700973s ago: executing program 0 (id=354): r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'}) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x24040084) readv(r0, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000040)={0xfff, 0x4d4a, 0x5, 0x4, 0xd, "2ab76ecca931142653228cba5c0e5c3fe430f1"}) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) msgsnd(0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT], 0x2000, 0x0) msgrcv(0x0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_script(r5, &(0x7f0000019380)={'#! ', './file0', [{0x20, '\x15\xe6\x8e\\\xfe\x15^\xca\xbb\x88B\xeb\x90FAv\xdc\xbc\x1eiU\b\xc2D\xdb\xca\x9d\xb4oL\xe92\x7f+\f\x0e\xfd\xceTC\x1f;u\x84E\x04\xe3B19xO\xc2\xd4.Mp\xf4\x80{e\x87\xc4V\xe0\x99\x99\x8b\x93I\x8a\xb3\xce*\x9b\xd0X\aA0S\x02k\xdb\x12\v\x9c\x10nY\x85\x92\xf6\x93\xc4%\x0f\x80.\x8d\x9b\x15\x8e\xf4LWr\x14\x9eKh\x97L\xb4\x03\xe9=\x8e\xff\xf0\xb1al\xb6\xc9\xa1/L\x8c7\xa0\x8eD\x1f,\x93`\xc0h\xacjGx\xb8\x9cv\x99bA\xc5]\b\xf8\xa5\x9b\x1c\xeeKB\xdd\xe8\xbboT\x90\x84k\xae\xb5\xfa\xd9\x0f\xd4T<\x0f\xdb\xec\x05HcN\xae;\x87\x00\x00\x00\x00\b\x92\xa7\xdf\x1dS\x00\x8b\x81\xf4\x84X*\xa6e\x922|FO\v\xa6\x17jG\xe3]'}]}, 0xe4) close(r5) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 3m51.925244183s ago: executing program 0 (id=358): syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x1, 0x1f3, &(0x7f0000000500)="$eJzsmb/L00AYx7+XtHl/IIqLg4uDL6jgmyapyrt0qOAoiFXUwaHYWKppK22EtiC0uLj4BwiuLo4ODk4O/gWuOqggONjRTTi5yyW9pmlppWjhfT7Qu28ud8/z3FPyHCQgCOLQ8u3rry/PLx/cOA/gCPawpcZ/mFHPj03P//zi8Q5KV16++fTqQ+vok3dpe0ys4cv7twC8L5sIwXLK49TqHU3vqf4mDJxT+hYY7Ej+5pzzvJRD+GC4o+Y80HQ7Nhj49r12ULvfCHxHNK5oPNEUdf8iqPGIoQZgW0bHOdPud/uDh9Ug8Dtpkeexn5lbq4pF+ZPxlQ2UEGePcwPA7WdPR+Ja5QYOjCR/Lgy4ShfBUFH6AFuwbXuSEm3/J3MT++Yy+/+/4rUUx/f/lVORYMEm7F0Iho0IY90ivxY7LD0iHuhk5MQ4roH6nO8r+rrLsDF/gSxcyIjn424QXP1LyyJjVkaiEjGpT4IzWn3KJaNAIWw+KnT7g/1Gs1r3637L84qXnAuOc9EryEIUtQvq37asT7vJSHwGzGIxCz3xoLo9IOy48roahh0varWKW3nb/inXGNfr0eLTUcfUmZUclCmY+hmyF+qsmT1zOHdPBEEQBEEQBEEQBEEQBEEQ2ZwCk29Z1YcqPgfvmnxD+ScAAP//+tFdLw==") prlimit64(0x0, 0xe, 0x0, 0x0) unshare(0x26000400) getsockopt(0xffffffffffffffff, 0xff, 0x1, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0) fadvise64(r0, 0xffffffffffffffd8, 0x4, 0x1) 3m51.525520434s ago: executing program 0 (id=361): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x8e40, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000800)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x1, 0xffffffff, 0x400}}}}]}, 0x4c}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20048040) sendto$packet(r4, &(0x7f0000000380)="fad33075218151db00316f3a277f", 0xe, 0x6008092, &(0x7f0000000080)={0x11, 0x88a8, r3, 0x1, 0xda, 0x6, @remote}, 0x14) 3m48.363268027s ago: executing program 0 (id=369): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@noload}, {@stripe={'stripe', 0x3d, 0x30c}}, {@jqfmt_vfsv1}, {@nojournal_checksum}, {@jqfmt_vfsv1}, {@usrjquota}]}, 0xff, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v") creat(&(0x7f00000004c0)='./bus\x00', 0x20) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x80) write$bt_hci(r1, &(0x7f0000000bc0)=ANY=[], 0xa) sendfile(r1, r0, 0x0, 0x40001) r2 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112) getdents(r2, 0x0, 0x0) 3m44.725224952s ago: executing program 0 (id=373): memfd_create(&(0x7f0000000380)='\x103q}2\x9a\xce\xaf\x03\xdfyR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7R\x94\xaf\xbb\xdcM\x90k\xd6\x05\r\x84\x87\x1e?\x10\x95SWFO{\x1f\x1b!\xd5\x991D\x1c\b\x8c`\xeaSA\x90m\xb6&\xd0\xf1\xb3\xed:\x82\xbd\xe3i|BL\x1f\x9d\x00\x00\xc5\xb8$\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\r\xd6h\x80\x8fQ|\xf5d\x10\x10\xd7\t\x00\x00\x00\x00\x00\x00\x00<\xfeeS\xb2l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfaa\xd3\xf1\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7~x\xb8vo\xe6\x15@\xc9\"CY\x11\xb9u\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D4E^7%8\x94y\x90\xf0l\xa0\'L%\xd4\xda\xee\x81\x98\xcc\xfd\xa2\x89$\x9by\xf1\xbb\x01\xb7\xcd\xbf\x99\x1f\x90@b\x03\xb3\xe0CfU\x16{\xbey\xa1cs\x96U\x11\xdb*\xdf\xcdG\xc7z\x85\x8aE\xf7\xd5\x9dAj\xe3\xfb\xc4\xa0\x14\x87\x19\x17\xed\xd1\x185%Q%\x81\xfaK\x82\xec=\xa3\xb8~\xb6O\xbd\x19*\xdb\x1c\x10\xa4\x8dIl\xc1\xceG\xd0h\xa1\xab:dP\xb6\xa0BR\xbe\x03\xac\xd9\x87\x00@\x80\x94\xd88\xc9\x03\x97\x17r\x85#\x7f\x8cu\x8f\xcc\x7fF\xb5\xea\xa6\xc1\x9d\xac\x89\xc9\xa1tuJw\xee\x1a\xe73\xa8\xadS\xd1\x11#d\xc2\xcfdj\x9ec\x93\xd5K\x90*_3\x89\v\xab\x04ih\x12\x93\xc5m\x8f~{\xe5\x85\xa5g\x00\x00\x00\xe45Q\xab%\xa8[\xf3\x17\x94\xf8\xdfq\xff\xd2?\xafW\xde\x1bW]\x1f\aaV\xc5\xc82*\xc7\xc5\"C}L\x10e\xc6\x90\xc0\xf9z\xb6+/d\x86\xf2\xbe\xc9:u\t\\e\x05)\xe4\xd2\xc4\x1a\xc9\xac\xdb\x925\x02\x94@\xa2\xe1\xee\x16\xb4\x98\xff\x0f\xbb\xb2\x81\xcf\x13g6l\xcc\xc8\x02\v\xa2\xb2\xf6\xbf@d\xcecC\x9fVz\xf4\x14\xa5\x8b|\xe1\xc0\xfa3X\xf4\xd9L\xe6\x8f\x9dy\x0fX.\xc5EQ\xd1/\xa1\xd0\x03>\xf0\x90\x13B\xe2\x97\x8b!\xf7\"\xecX\x92\xab\xbc^\xb2\x80@\xcc+\xbbp\xdc|N\xd3[=G\xb2\xe1\x9c\xc5\x81y\x84\xef\xacQ\x01\xdd\xe7<\xb8\xf1Hn\x86\xa6\xe3\x18N\x19\"[-\xdb\xef\xc3\xe0\xa8}', 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000800009040002010300010009210000000122f80409058103"], 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="20000000140003052dbd7000ffdb", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x4004011}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) 3m43.613012214s ago: executing program 0 (id=378): socket$inet6_udp(0xa, 0x2, 0x0) modify_ldt$write2(0x11, 0x0, 0x0) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_getparam(0x0, &(0x7f0000000540)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)=""/70, 0x46}], 0x1}, 0x3000) sendmsg$unix(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="b9f2", 0x2}], 0x1, 0x0, 0x0, 0x40000}, 0x20004011) close(0x4) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000000c0)={0xbd2f, 0x3, 0xc, 0x7ffffffe, 0x2, "48b4299abf3991c75ba90fb7ee13ed2ee2f419"}) bpf$MAP_CREATE(0x0, 0x0, 0x50) 3m43.191244871s ago: executing program 32 (id=378): socket$inet6_udp(0xa, 0x2, 0x0) modify_ldt$write2(0x11, 0x0, 0x0) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_getparam(0x0, &(0x7f0000000540)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)=""/70, 0x46}], 0x1}, 0x3000) sendmsg$unix(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="b9f2", 0x2}], 0x1, 0x0, 0x0, 0x40000}, 0x20004011) close(0x4) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000000c0)={0xbd2f, 0x3, 0xc, 0x7ffffffe, 0x2, "48b4299abf3991c75ba90fb7ee13ed2ee2f419"}) bpf$MAP_CREATE(0x0, 0x0, 0x50) 2m43.565080942s ago: executing program 3 (id=572): r0 = socket$kcm(0x11, 0x200000000000002, 0x300) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000140)=r2, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4080) 2m43.451313456s ago: executing program 3 (id=574): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000070601080000000000000000000000000500010006"], 0x1c}}, 0x0) recvmmsg(r0, &(0x7f0000003840)=[{{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f00000002c0)=""/127, 0x7f}, {0x0}, {&(0x7f00000016c0)=""/4096, 0x1000}], 0x3}, 0x1}], 0x1, 0x20, 0x0) 2m43.285203502s ago: executing program 3 (id=576): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x1c, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x2f0f440f, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000500)={0x5, 0x5, 0x1, 0x1}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000540)=[0xffffffffffffffff, 0x1, 0x1], &(0x7f0000000580)=[{0x0, 0x1, 0x7, 0x5}, {0x3, 0x2, 0x9, 0x2}, {0x1, 0x3, 0x7}], 0x10, 0x6}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x100, 0x50, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x20e6}}, 0x40) 2m43.04979326s ago: executing program 3 (id=577): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x79c, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSSdJu17yYMH7/WtAg80UDoxNbYKLuJKBAsFXduGyTTUTDIlMylNyKJFBDeCigtBN137oy4Et/5YuNH/woW0VE2LFRcSufOjmSYz6SRNZir5fODOnHPPvXPOd879cWbmcieAA2s0fchEHIuId5KI4fr8JCIGqqn+iKnacvfWVvPplMT6+iu/JNVl7q6t5qNpndSReua/EfHNmxHHM1vrLS+vzE0Xi4XFen68Mn9pvLy8cuLi/PRsYbawcGpicvLk6WdOn9q7WH/7YeXorXdffPKzqT/e+M+Nt79N0sCu1sqa49grozFaf08G0po2DO91Tb2X9LoB7Eq6a/bV9vI4FsPRV021MdjNlgEA+2UdADiAEmMAADhgGt8D3F1bzTem3n4j0V23X4iIw7X4G79v1kr6YyqyaWFfmhu6mzzwy0gSESN7UP9oRHz05WufpFPU+8FvaUA3XL0WEedHRrce/5MHr1nYhae2K1zPVp9GN80+aOcf6KWv0vHPs63Gf5n6/n+4+rh5/JNtse/uxsP3/8zNzet89+oeVFyXjv+eb7q27V5T/HUjffXcP6pjvoHkwsViIT22/TMixmIgm+Ynqou2HrmN3fnzTrv6m8d/v773+sdp/enzxhKZm/3ZB9eZma5MP2rcDbevRfyvv1X8yf3+T9qMf892WMdLz731YbuyNP403sa0Nf7Wvuiw7odZvx7xRMv+3+jLZNvrE8erm8N4Y6No4fMfPxhqV39z/6dTWn/js0A3pP0/tH38I0nz9Zrlndfx/fXhr9uVPTz+1tv/oaR2EDhUn3dlulJZnIg4lLy8df7JjXUb+cbyafxj/2+9/9eqbb39D6TDpg7j77/186e7j39/pfHP7Kj/d564cW+ur139beJv6vG0/yerqbH6nE6Of5028FHeOwAAAAAAAAAAAAAAAAAAAAAAAADoVCYijkaSyd1PZzK5XO0/vP8dQ5liqVw5fqG0tDCTllXvf5pp3OpyuOl+qBP1++E38ic35Z+OiH9FxPvZwWo+ly8VZ3odPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWnz//+pn7K9bh0AsG8O97oBAEDXOf8DwMGzs/P/YFN6as/bAgB0h8//AHDwdHz+P7+/7QAAusfnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbZ2TNn0mn997XVfJqfuby8NFe6fGKmUJ7LzS/lc/nS4qXcbKk0Wyzk8qX5ti90tfZULJUuTcbC0pXxSqFcGS8vr5ybLy0tVM5dnJ+eLZwrDHQtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZW66WCwsSmybGNzTF8z+7d/5/ngsmiGxb4nmo8Rg7w5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+5vwIAAP//BeYuJQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x5452, &(0x7f0000006980)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) renameat2(r0, 0x0, 0xffffffffffffffff, 0x0, 0x5) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) socket$nl_generic(0x10, 0x3, 0x10) 2m41.6039615s ago: executing program 3 (id=582): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc941948"], &(0x7f00000003c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f086dd47e08906200060000021000aac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 2m39.149478345s ago: executing program 3 (id=583): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3", 0x5) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x6}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_sctp(0x2, 0x6, 0x84) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f000000b280)={&(0x7f000000b180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f000000b240)={&(0x7f000000b2c0)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x200000c0}, 0x20) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000300)={0x0, 0x7}, 0x8) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 2m38.944786866s ago: executing program 33 (id=583): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3", 0x5) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x6}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_sctp(0x2, 0x6, 0x84) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f000000b280)={&(0x7f000000b180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f000000b240)={&(0x7f000000b2c0)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x200000c0}, 0x20) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000300)={0x0, 0x7}, 0x8) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 5.746016019s ago: executing program 2 (id=1201): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x2000) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000780)=""/234, 0xea}, {&(0x7f0000000a00)=""/256, 0x100}, {&(0x7f0000003a40)=""/4048, 0xfd0}, {&(0x7f0000000940)=""/190, 0xbe}, {&(0x7f0000000300)=""/179, 0xb3}, {&(0x7f0000001700)=""/261, 0x105}, {&(0x7f0000000040)=""/54, 0x36}, {&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000880)=""/158, 0x9e}, {&(0x7f0000000d00)=""/256, 0x100}, {&(0x7f0000001980)=""/161, 0xa1}, {&(0x7f0000000600)=""/105, 0x69}, {&(0x7f0000000e00)=""/196, 0xc4}, {&(0x7f0000000240)=""/130, 0x82}], 0xe}, 0x0) 5.42027328s ago: executing program 4 (id=1205): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00'], 0x4c}}, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005200010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 5.387971022s ago: executing program 4 (id=1206): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) unshare(0x2c060000) unshare(0x2a060400) r1 = socket(0x15, 0x5, 0x0) getsockopt(r1, 0x200000000114, 0xf5, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)) 5.249366208s ago: executing program 4 (id=1207): r0 = socket$kcm(0xf, 0x3, 0x2) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="02", 0x1}], 0x1}, 0x0) 5.238662087s ago: executing program 4 (id=1208): pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) socket$packet(0x11, 0x3, 0x300) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000) sendmmsg$inet(r2, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800) setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r1, &(0x7f00000001c0)={0x2, 0x200, @local}, 0x10) sendto$inet(r1, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0xfea8, 0xa) 5.051220215s ago: executing program 4 (id=1209): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0xd2}, 0x9c) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x1, 0x8001, 0x6}, 0x10) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="2800000010000108feffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="080000002f1c060008001b00"], 0x28}}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x300, 0x0, 0x54, 0x6}, 0x9c) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00'}) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="20000000041401000000000000000000080003000000000008", @ANYRES64=r3], 0x20}, 0x1, 0x0, 0x0, 0x4008055}, 0x814) socket$nl_route(0x10, 0x3, 0x0) 4.741017613s ago: executing program 2 (id=1211): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x58}}, 0x20000084) 4.645312098s ago: executing program 2 (id=1213): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x20000000) 4.553434147s ago: executing program 2 (id=1214): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x800000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x830}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_USER_PORT_KEY={0x6, 0x19, 0x7}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}, @IFLA_BOND_AD_ACTOR_SYSTEM={0x8, 0x1a, @multicast2}]}}}]}, 0x4c}, 0x1, 0xba01}, 0x0) 4.538221113s ago: executing program 6 (id=1215): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)={0x14, 0x15, 0x301, 0x20000002, 0x400, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4004000) 4.324715862s ago: executing program 6 (id=1216): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x4, @empty, 0xfffffffe}, 0x1c, 0x0}}], 0x1, 0x20080058) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r0, 0x0) r1 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r1, &(0x7f0000001600)={0x0, 0x0, 0x0}, 0x4000040) 4.200925931s ago: executing program 6 (id=1217): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x38, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x5, @dev={0xfe, 0x80, '\x00', 0xa}, 0x8}, @in6={0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x9}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) unshare(0x2c060000) unshare(0x2a060400) r2 = socket(0x15, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0xf5, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)) 3.026724322s ago: executing program 6 (id=1219): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(0x0, r0) recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x3}], 0x1, 0x2, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$sock(r1, &(0x7f00000044c0), 0x4000000000001c0, 0x0) recvfrom(r2, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0) sendmsg$NFC_CMD_START_POLL(r0, &(0x7f00000035c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004}, 0x802) 2.825407107s ago: executing program 6 (id=1220): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), r0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4) setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f00000002c0)=0xffff, 0x4) bind$inet6(r3, &(0x7f0000000040)={0xa, 0xe22, 0x8000}, 0x1c) r4 = socket$netlink(0x10, 0x3, 0x8000000004) r5 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r5, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24) sendmmsg(r5, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r5, 0xc0709411, &(0x7f00000cee00)={{0x0, 0x305, 0xfffffffffffffffc, 0x401, 0x6, 0x7fffffff, 0x9, 0x3ff, 0x1, 0x1000, 0x3, 0x7, 0x0, 0x8, 0x1}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, 0x0) recvmmsg(r5, &(0x7f0000000d00), 0xf000, 0x10002, 0x0) writev(r4, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x15, 0x4, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b501000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc40806d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03b1d1ca4cb3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc391a65c674a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b450ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bcab12fcc661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc0284c5a5d51f0e115ab159e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb775505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6dde4ab67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b418528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03e0d36c62785f32ecc294a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac00000000000080014573789425c4c22da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767c0700783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c4d885723734a3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac809c227aa25842f75981bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fcd097728955cf04fec692b01fadfc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab61a19"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r8) sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newqdisc={0x70, 0x24, 0xe0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, {0xb}, {0xffff, 0x8}, {0x1}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x6, '\x00', 0xb, 0x5a7, 0x5, 0x4}}}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x1, 0x1, 0x40, 0x2, 0xffffffff, 0x0, 0x1}}, {0x6, 0x2, [0x2]}}]}]}, 0x70}}, 0x4000080) accept$inet(r7, 0x0, &(0x7f0000000100)) 2.5045068s ago: executing program 5 (id=1222): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$kcm(0x1e, 0x1, 0x0) sendmsg$kcm(r1, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f00000004c0)=[{0x0}], 0x1}, 0x44) recvmmsg(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000180)=""/123, 0x7b}], 0x1, &(0x7f0000000b40)=""/4096, 0x1000}, 0x101}], 0x1, 0x120, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) 1.814565362s ago: executing program 1 (id=1223): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, 0x0, 0x0) 1.737560688s ago: executing program 1 (id=1224): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40880}, 0x20000000) 1.728808792s ago: executing program 1 (id=1225): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000700000000040014001a80100005"], 0x34}, 0x1, 0x0, 0x0, 0x60}, 0x0) 1.561634773s ago: executing program 5 (id=1226): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601fcff00000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00000500070088000000060005"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90) 1.466211903s ago: executing program 5 (id=1227): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x360, 0xf0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x290, 0xffffffff, 0xffffffff, 0x290, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x60030000, {0x0, 0xff000000}}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00', {0x80000000000008}}}}, {{@uncond, 0x0, 0x138, 0x1a0, 0x0, {}, [@common=@srh1={{0x90}, {0x2c, 0xf, 0xe5, 0x0, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00', @local, [0xff, 0xffffffff, 0x0, 0xff], [0x0, 0xffffffff, 0x0, 0xffffff00], [0x0, 0xffffffff, 0xff], 0x1301, 0x100}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0xff, 0xb9c, 0x0, 'snmp_trap\x00', 'syz1\x00', {0x1000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xff) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x1}}, 0x40) ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, &(0x7f0000000200)={{0xffffffffffffffff, 0x0, 0x200000, 0x0, 0x5, 0x0, 0x0}, {[0x7, 0x9, 0x6, 0xfffffffd]}, 0x5, 0x0, 0x0}) close(0x3) r3 = socket(0x2, 0x80805, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0x10) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r5, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "5bebd250addb1b29", "0fe52ccf5ae523f0d36375dedff0d425", "5cccf758", "0002000000f3ff00"}, 0x28) sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000"], 0x30}], 0x1, 0x8801) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93, 0xfc}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0xfffffffc}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {0x0, 0x0, 0x40, 0x0, 0x20000}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x10}, {0x0, 0x404, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x42, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20, 0xfffffffc}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x2000}, {}, {0x0, 0x7, 0x0, 0x1, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0xffffffff, 0x0, 0x0, 0x5, 0xfffffffd}, {0xffffffff, 0x10000000}, {}, {0x0, 0x0, 0xc, 0x7, 0x0, 0x6}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x29, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1ffe0, 0x0, 0x1, 0x3}, {0x80}, {0x0, 0x28e, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x6, 0x0, 0x9}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x6}, {0x0, 0x15, 0x0, 0x48510}, {}, {0x0, 0x0, 0x0, 0x0, 0x10000, 0x4000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x2, 0x0, 0x88}, {0x5}, {}, {0x0, 0xfffffffc, 0x0, 0x3ff, 0x40000000}, {0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x400000}, {0x4, 0x0, 0x200, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x1000}, {0x5}, {}, {0x0, 0x0, 0x0, 0x4000, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x4, 0x0, 0xffffffff}, {}, {0xfffffffd, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {0x0, 0x0, 0xfffffffd, 0x80000, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x800000, 0x0, 0xfffffffd, 0xa, 0x0, 0x56}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffefffff}, {0x0, 0xfffffffe}, {0x0, 0x0, 0x6, 0x0, 0x4}, {0x0, 0x80}, {}, {0x0, 0xfffffffd}, {0x6, 0x0, 0x0, 0x0, 0x8}, {0x7f, 0x0, 0xfffffffe, 0xfffffffe}, {}, {}, {0xffffffff, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x2, 0x0, 0x20000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x2000000}, {0x0, 0x80000000, 0x0, 0x0, 0x0, 0x101}, {0x5, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x2e9c, 0x0, 0x0, 0x7, 0x7f53}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x40000}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x1}, {0x0, 0xfffffffe}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000, 0x0, 0xfffffffc, 0x2}, {0x0, 0x80000000, 0x0, 0x7dff800}, {0x3, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}], [{}, {}, {}, {}, {}, {0x3}, {}, {0x1, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x4}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x1, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {0x1}, {}, {}, {}, {0x1}, {0x0, 0x1}, {}, {0x8, 0x1}, {}, {0x1}, {0x3}, {}, {}, {}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {0x7}, {}, {0x3, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x1}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {0x3}, {0x2}, {}, {}, {}, {0x6}, {0x2, 0x1}, {}, {}, {}, {0x3, 0x1}, {0x0, 0x1}, {}, {}, {0x4}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x2}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000680)={r2, 0x58, &(0x7f0000000600)}, 0x10) 1.260943845s ago: executing program 5 (id=1228): bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x50) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$nci(r0, 0x0, 0x4) mmap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x1800003, 0x1010, r0, 0x96c67000) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$kcm(0x21, 0x2, 0x2) socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0xa8442, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000057ac0000000000"], 0x50) socket$inet_udp(0x2, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r3, r5, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x1a, &(0x7f0000000500)=ANY=[], 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36"], 0x10b8}, 0xff00) 504.228224ms ago: executing program 4 (id=1229): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x38, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x5, @dev={0xfe, 0x80, '\x00', 0xa}, 0x8}, @in6={0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x9}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) unshare(0x2c060000) unshare(0x2a060400) r2 = socket(0x15, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0xf5, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)) 484.568561ms ago: executing program 6 (id=1230): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40054}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) unshare(0x66000080) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0) r4 = socket(0x2, 0x80805, 0x800000) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r5, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$l2tp6(0xa, 0x2, 0x73) accept4$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0xffffffff, @local}, 0x10, 0x80800) ppoll(&(0x7f0000000180)=[{r6, 0x8480}, {r7, 0x80}, {r0, 0x8000}, {r4, 0x260}, {r5, 0x1}, {r1, 0x100}], 0x6, &(0x7f0000000240), &(0x7f0000000280)={[0xfffffffffffffffb]}, 0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x3}, &(0x7f00000000c0)=0x8) write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4) sendfile(r2, r3, 0x0, 0xffffffff004) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f00000000c0)={0xe440, 0x7fffffff, 0xffffffff, 0xfffffffb, 0xfffffffc}, 0x14) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8a00fe00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRESDEC=0x0, @ANYBLOB="0093a4a16bb4d3dc613e05ca00000002000000b70000000000"], &(0x7f00000002c0)='syzkaller\x00', 0xa, 0x1009, &(0x7f0000002500)=""/4105, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) socket$inet6_mptcp(0xa, 0x1, 0x106) r8 = socket$netlink(0x10, 0x3, 0x15) writev(r8, &(0x7f0000000100)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) 457.073954ms ago: executing program 2 (id=1231): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x99e86f6a6737948, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10) 386.579696ms ago: executing program 1 (id=1232): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00}, 0x94) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r0}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14) writev(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000480)="57c761f654db5f3098ae64ce385ffcfed0ef110d93cbe7fa1f4f2327602a291192f5fe9863d527e303153f68b04c18db5a48756a583789e9895746c12b9d4e1224c9e17563edff39dd0b7d73fbb4b5a64e7b6db65b84b82f6c938205b2d8560f0da2f775e85175f74ed70033681e96d30fe8a7c2866c59e8f2e2d253ee55115be95aef4a8688989faa6f27db0ea71914ea8150aa35afc828c97af0ec5cc718ca2a58b3", 0xa3}], 0x1) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="020114004f0018000e3580009f0001140000002f0604ac14141de0000003808a8972bd0b72e41082b9a3d206"], 0xdd12}], 0x1}, 0x20040851) 311.362924ms ago: executing program 2 (id=1233): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x2000) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d00", 0x28}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000780)=""/234, 0xea}, {&(0x7f0000000a00)=""/256, 0x100}, {&(0x7f0000003a40)=""/4048, 0xfd0}, {&(0x7f0000000940)=""/190, 0xbe}, {&(0x7f0000000300)=""/179, 0xb3}, {&(0x7f0000001700)=""/261, 0x105}, {&(0x7f0000000040)=""/54, 0x36}, {&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000880)=""/158, 0x9e}, {&(0x7f0000000d00)=""/256, 0x100}, {&(0x7f0000001980)=""/161, 0xa1}, {&(0x7f0000000600)=""/105, 0x69}, {&(0x7f0000000e00)=""/196, 0xc4}, {&(0x7f0000000240)=""/130, 0x82}], 0xe}, 0x0) 201.932099ms ago: executing program 5 (id=1234): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, 0x0, 0x0) 84.95311ms ago: executing program 1 (id=1235): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40880}, 0x20000000) 3.82785ms ago: executing program 1 (id=1236): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$kcm(0x1e, 0x1, 0x0) sendmsg$kcm(r1, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f00000004c0)=[{0x0}], 0x1}, 0x44) recvmmsg(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000180)=""/123, 0x7b}], 0x1, &(0x7f0000000b40)=""/4096, 0x1000}, 0x101}], 0x1, 0x120, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) 0s ago: executing program 5 (id=1237): r0 = socket$kcm(0xa, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x4e22, 0x3, 'lblcr\x00', 0x1, 0x80005, 0x6f}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44) sendmsg$sock(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@in6={0x2, 0x4e21, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) kernel console output (not intermixed with test programs): 356.876507][ T5628] ? __rcu_read_unlock+0x83/0xe0 [ 356.876540][ T5628] ? rt_spin_unlock+0x160/0x200 [ 356.876568][ T5628] f2fs_sync_dirty_inodes+0x30e/0x830 [ 356.876607][ T5628] f2fs_write_checkpoint+0x9df/0x26a0 [ 356.876630][ T5628] ? __lock_acquire+0x6b5/0x2d10 [ 356.876688][ T5628] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 356.876766][ T5628] kill_f2fs_super+0x314/0x730 [ 356.876797][ T5628] ? __pfx_kill_f2fs_super+0x10/0x10 [ 356.876835][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.876869][ T5628] deactivate_locked_super+0xbc/0x130 [ 356.876891][ T5628] cleanup_mnt+0x437/0x4d0 [ 356.876914][ T5628] ? _raw_spin_unlock_irq+0x23/0x50 [ 356.876938][ T5628] task_work_run+0x1d9/0x270 [ 356.876960][ T5628] ? __pfx_task_work_run+0x10/0x10 [ 356.876983][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.877003][ T5628] exit_to_user_mode_loop+0xed/0x480 [ 356.877027][ T5628] ? rcu_is_watching+0x15/0xb0 [ 356.877047][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.877066][ T5628] do_syscall_64+0x33e/0xf80 [ 356.877084][ T5628] ? trace_irq_disable+0x3b/0x140 [ 356.877107][ T5628] ? clear_bhb_loop+0x40/0x90 [ 356.877129][ T5628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.877147][ T5628] RIP: 0033:0x7feba394e017 [ 356.877165][ T5628] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 356.877181][ T5628] RSP: 002b:00007ffcda0f2558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 356.877200][ T5628] RAX: 0000000000000000 RBX: 00007feba39e2120 RCX: 00007feba394e017 [ 356.877212][ T5628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcda0f2610 [ 356.877224][ T5628] RBP: 00007ffcda0f2610 R08: 00007ffcda0f3610 R09: 00000000ffffffff [ 356.877237][ T5628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcda0f36a0 [ 356.877247][ T5628] R13: 00007feba39e2120 R14: 0000000000057046 R15: 00007ffcda0f36e0 [ 356.877279][ T5628] [ 356.891604][ T5628] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 356.891931][ T5628] CPU: 0 UID: 0 PID: 5628 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 356.891958][ T5628] Tainted: [L]=SOFTLOCKUP [ 356.891964][ T5628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 356.891974][ T5628] Call Trace: [ 356.891982][ T5628] [ 356.891989][ T5628] dump_stack_lvl+0xe8/0x150 [ 356.892019][ T5628] f2fs_stop_checkpoint+0x383/0x540 [ 356.892046][ T5628] f2fs_write_end_io+0x1274/0x1740 [ 356.892093][ T5628] __submit_merged_bio+0x256/0x6a0 [ 356.892122][ T5628] __submit_merged_write_cond+0x3c9/0x4e0 [ 356.892152][ T5628] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 356.892197][ T5628] f2fs_write_data_pages+0x287e/0x34f0 [ 356.892260][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 356.892295][ T5628] ? ktime_get+0x45/0x220 [ 356.892357][ T5628] ? do_raw_spin_lock+0x12b/0x2f0 [ 356.892393][ T5628] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 356.892415][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.892437][ T5628] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 356.892454][ T5628] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 356.892477][ T5628] ? reacquire_held_locks+0x104/0x190 [ 356.892495][ T5628] ? rt_spin_lock+0x1e0/0x400 [ 356.892533][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 356.892562][ T5628] ? rt_spin_unlock+0x160/0x200 [ 356.892585][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 356.892610][ T5628] do_writepages+0x32e/0x550 [ 356.892631][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 356.892659][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 356.892695][ T5628] filemap_fdatawrite+0x1ec/0x2f0 [ 356.892721][ T5628] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 356.892784][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 356.892813][ T5628] ? __rcu_read_unlock+0x83/0xe0 [ 356.892840][ T5628] ? rt_spin_unlock+0x160/0x200 [ 356.892868][ T5628] f2fs_sync_dirty_inodes+0x30e/0x830 [ 356.892911][ T5628] f2fs_write_checkpoint+0x9df/0x26a0 [ 356.892932][ T5628] ? __lock_acquire+0x6b5/0x2d10 [ 356.892993][ T5628] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 356.893079][ T5628] kill_f2fs_super+0x314/0x730 [ 356.893110][ T5628] ? __pfx_kill_f2fs_super+0x10/0x10 [ 356.893148][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.893184][ T5628] deactivate_locked_super+0xbc/0x130 [ 356.893209][ T5628] cleanup_mnt+0x437/0x4d0 [ 356.893233][ T5628] ? _raw_spin_unlock_irq+0x23/0x50 [ 356.893257][ T5628] task_work_run+0x1d9/0x270 [ 356.893280][ T5628] ? __pfx_task_work_run+0x10/0x10 [ 356.893307][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.893327][ T5628] exit_to_user_mode_loop+0xed/0x480 [ 356.893351][ T5628] ? rcu_is_watching+0x15/0xb0 [ 356.893371][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.893391][ T5628] do_syscall_64+0x33e/0xf80 [ 356.893410][ T5628] ? trace_irq_disable+0x3b/0x140 [ 356.893434][ T5628] ? clear_bhb_loop+0x40/0x90 [ 356.893458][ T5628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.893476][ T5628] RIP: 0033:0x7feba394e017 [ 356.893495][ T5628] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 356.893514][ T5628] RSP: 002b:00007ffcda0f2558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 356.893535][ T5628] RAX: 0000000000000000 RBX: 00007feba39e2120 RCX: 00007feba394e017 [ 356.893547][ T5628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcda0f2610 [ 356.893559][ T5628] RBP: 00007ffcda0f2610 R08: 00007ffcda0f3610 R09: 00000000ffffffff [ 356.893571][ T5628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcda0f36a0 [ 356.893583][ T5628] R13: 00007feba39e2120 R14: 0000000000057046 R15: 00007ffcda0f36e0 [ 356.893618][ T5628] [ 356.918934][ T5628] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 360.177563][ T8684] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 360.560082][ T8725] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 361.412290][ T8684] veth0_vlan: entered promiscuous mode [ 361.656379][ T8684] veth1_vlan: entered promiscuous mode [ 362.077487][ T8725] veth0_vlan: entered promiscuous mode [ 362.233091][ T8684] veth0_macvtap: entered promiscuous mode [ 362.253422][ T8725] veth1_vlan: entered promiscuous mode [ 362.407027][ T8684] veth1_macvtap: entered promiscuous mode [ 363.015847][ T8684] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 363.100198][ T8725] veth0_macvtap: entered promiscuous mode [ 363.275252][ T8684] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.280806][ T8725] veth1_macvtap: entered promiscuous mode [ 363.506254][ T152] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.507569][ T152] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.507811][ T152] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.508380][ T152] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.768445][ T8725] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 364.195023][ T8725] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 364.772709][ T3040] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.776049][ T3040] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.831798][ T3040] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.897056][ T3040] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.003790][ T1325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 365.003809][ T1325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 365.022803][ T9396] netlink: 12 bytes leftover after parsing attributes in process `syz.4.948'. [ 367.005361][ T9417] batadv0: entered promiscuous mode [ 367.090034][ T9417] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 367.097703][ T9417] batadv0: left promiscuous mode [ 367.447577][ T3040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.447596][ T3040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.721518][ T9439] netlink: 12 bytes leftover after parsing attributes in process `syz.1.960'. [ 368.940284][ T152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 368.940304][ T152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 369.457104][ T3040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 369.457132][ T3040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 369.723362][ T9482] netlink: 48 bytes leftover after parsing attributes in process `syz.4.969'. [ 369.851025][ T9486] netlink: 12 bytes leftover after parsing attributes in process `syz.2.971'. [ 369.952595][ T9491] netlink: 68 bytes leftover after parsing attributes in process `syz.1.973'. [ 370.345377][ C1] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 370.817650][ T9477] loop5: detected capacity change from 0 to 40427 [ 370.820448][ T9477] F2FS-fs: heap/no_heap options were deprecated [ 371.023539][ T9522] netlink: 48 bytes leftover after parsing attributes in process `syz.6.981'. [ 371.059205][ T9477] F2FS-fs (loop5): build fault injection rate: 19 [ 371.059230][ T9477] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 371.098756][ T9477] F2FS-fs (loop5): invalid crc value [ 371.120098][ T9477] f2fs_printk: 5 callbacks suppressed [ 371.120118][ T9477] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 371.307897][ T9532] netlink: 68 bytes leftover after parsing attributes in process `syz.2.983'. [ 371.622578][ T9540] netlink: 12 bytes leftover after parsing attributes in process `syz.6.989'. [ 371.675079][ T9477] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 371.800667][ T9477] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 372.042150][ T9477] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 372.061326][ T9477] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 372.069185][ T9477] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 372.079267][ T9477] F2FS-fs (loop5): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 372.080628][ T9477] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 372.097171][ T9477] F2FS-fs (loop5): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 372.147225][ T9477] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 372.391252][ T8684] syz-executor: attempt to access beyond end of device [ 372.391252][ T8684] loop5: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 372.402059][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 372.402089][ T8684] Tainted: [L]=SOFTLOCKUP [ 372.402095][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 372.402109][ T8684] Call Trace: [ 372.402117][ T8684] [ 372.402124][ T8684] dump_stack_lvl+0xe8/0x150 [ 372.402155][ T8684] f2fs_stop_checkpoint+0x383/0x540 [ 372.402181][ T8684] f2fs_write_end_io+0x1274/0x1740 [ 372.402224][ T8684] __submit_merged_bio+0x256/0x6a0 [ 372.402251][ T8684] __submit_merged_write_cond+0x3c9/0x4e0 [ 372.402280][ T8684] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 372.402322][ T8684] f2fs_write_data_pages+0x287e/0x34f0 [ 372.402379][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 372.402449][ T8684] ? do_raw_spin_lock+0x12b/0x2f0 [ 372.402482][ T8684] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 372.402501][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 372.402520][ T8684] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 372.402537][ T8684] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 372.402560][ T8684] ? reacquire_held_locks+0x104/0x190 [ 372.402577][ T8684] ? rt_spin_lock+0x1e0/0x400 [ 372.402606][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 372.402633][ T8684] ? rt_spin_unlock+0x160/0x200 [ 372.402653][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 372.402676][ T8684] do_writepages+0x32e/0x550 [ 372.402696][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.402721][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 372.402755][ T8684] filemap_fdatawrite+0x1ec/0x2f0 [ 372.402777][ T8684] ? irqentry_exit+0x218/0x730 [ 372.402795][ T8684] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 372.402849][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.402877][ T8684] ? __rcu_read_unlock+0x83/0xe0 [ 372.402902][ T8684] ? rt_spin_unlock+0x160/0x200 [ 372.402929][ T8684] f2fs_sync_dirty_inodes+0x30e/0x830 [ 372.402967][ T8684] f2fs_write_checkpoint+0x9df/0x26a0 [ 372.402989][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 372.403043][ T8684] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 372.403124][ T8684] kill_f2fs_super+0x314/0x730 [ 372.403154][ T8684] ? __pfx_kill_f2fs_super+0x10/0x10 [ 372.403189][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 372.403220][ T8684] deactivate_locked_super+0xbc/0x130 [ 372.403245][ T8684] cleanup_mnt+0x437/0x4d0 [ 372.403268][ T8684] ? _raw_spin_unlock_irq+0x23/0x50 [ 372.403290][ T8684] task_work_run+0x1d9/0x270 [ 372.403311][ T8684] ? __pfx_task_work_run+0x10/0x10 [ 372.403335][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.403355][ T8684] exit_to_user_mode_loop+0xed/0x480 [ 372.403378][ T8684] ? rcu_is_watching+0x15/0xb0 [ 372.403397][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.403416][ T8684] do_syscall_64+0x33e/0xf80 [ 372.403433][ T8684] ? trace_irq_disable+0x3b/0x140 [ 372.403456][ T8684] ? clear_bhb_loop+0x40/0x90 [ 372.403478][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.403495][ T8684] RIP: 0033:0x7f9020c3e017 [ 372.403514][ T8684] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 372.403529][ T8684] RSP: 002b:00007ffebbecec48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 372.403549][ T8684] RAX: 0000000000000000 RBX: 00007f9020cd2120 RCX: 00007f9020c3e017 [ 372.403561][ T8684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebbeced00 [ 372.403573][ T8684] RBP: 00007ffebbeced00 R08: 00007ffebbecfd00 R09: 00000000ffffffff [ 372.403585][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffebbecfd90 [ 372.403596][ T8684] R13: 00007f9020cd2120 R14: 000000000005ad10 R15: 00007ffebbecfdd0 [ 372.403627][ T8684] [ 372.445531][ T8684] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 372.445723][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 372.445748][ T8684] Tainted: [L]=SOFTLOCKUP [ 372.445753][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 372.445764][ T8684] Call Trace: [ 372.445771][ T8684] [ 372.445779][ T8684] dump_stack_lvl+0xe8/0x150 [ 372.445809][ T8684] f2fs_stop_checkpoint+0x383/0x540 [ 372.445834][ T8684] f2fs_write_end_io+0x1274/0x1740 [ 372.445878][ T8684] __submit_merged_bio+0x256/0x6a0 [ 372.445905][ T8684] __submit_merged_write_cond+0x3c9/0x4e0 [ 372.445933][ T8684] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 372.445976][ T8684] f2fs_write_data_pages+0x287e/0x34f0 [ 372.446032][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 372.446111][ T8684] ? do_raw_spin_lock+0x12b/0x2f0 [ 372.446145][ T8684] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 372.446166][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 372.446185][ T8684] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 372.446204][ T8684] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 372.446229][ T8684] ? reacquire_held_locks+0x104/0x190 [ 372.446246][ T8684] ? rt_spin_lock+0x1e0/0x400 [ 372.446277][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 372.446304][ T8684] ? rt_spin_unlock+0x160/0x200 [ 372.446327][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 372.446350][ T8684] do_writepages+0x32e/0x550 [ 372.446370][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.446396][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 372.446431][ T8684] filemap_fdatawrite+0x1ec/0x2f0 [ 372.446450][ T8684] ? irqentry_exit+0x218/0x730 [ 372.446470][ T8684] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 372.446525][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.446552][ T8684] ? __rcu_read_unlock+0x83/0xe0 [ 372.446576][ T8684] ? rt_spin_unlock+0x160/0x200 [ 372.446602][ T8684] f2fs_sync_dirty_inodes+0x30e/0x830 [ 372.446640][ T8684] f2fs_write_checkpoint+0x9df/0x26a0 [ 372.446662][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 372.446716][ T8684] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 372.446790][ T8684] kill_f2fs_super+0x314/0x730 [ 372.446824][ T8684] ? __pfx_kill_f2fs_super+0x10/0x10 [ 372.446866][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 372.446898][ T8684] deactivate_locked_super+0xbc/0x130 [ 372.446925][ T8684] cleanup_mnt+0x437/0x4d0 [ 372.446949][ T8684] ? _raw_spin_unlock_irq+0x23/0x50 [ 372.446971][ T8684] task_work_run+0x1d9/0x270 [ 372.446996][ T8684] ? __pfx_task_work_run+0x10/0x10 [ 372.447021][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.447046][ T8684] exit_to_user_mode_loop+0xed/0x480 [ 372.447070][ T8684] ? rcu_is_watching+0x15/0xb0 [ 372.447088][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.447106][ T8684] do_syscall_64+0x33e/0xf80 [ 372.447139][ T8684] ? trace_irq_disable+0x3b/0x140 [ 372.447163][ T8684] ? clear_bhb_loop+0x40/0x90 [ 372.447185][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.447202][ T8684] RIP: 0033:0x7f9020c3e017 [ 372.447221][ T8684] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 372.447236][ T8684] RSP: 002b:00007ffebbecec48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 372.447255][ T8684] RAX: 0000000000000000 RBX: 00007f9020cd2120 RCX: 00007f9020c3e017 [ 372.447267][ T8684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebbeced00 [ 372.447278][ T8684] RBP: 00007ffebbeced00 R08: 00007ffebbecfd00 R09: 00000000ffffffff [ 372.447291][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffebbecfd90 [ 372.447301][ T8684] R13: 00007f9020cd2120 R14: 000000000005ad10 R15: 00007ffebbecfdd0 [ 372.447331][ T8684] [ 372.457892][ T8684] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 372.457962][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 372.457987][ T8684] Tainted: [L]=SOFTLOCKUP [ 372.457993][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 372.458003][ T8684] Call Trace: [ 372.458010][ T8684] [ 372.458018][ T8684] dump_stack_lvl+0xe8/0x150 [ 372.458046][ T8684] f2fs_stop_checkpoint+0x383/0x540 [ 372.458072][ T8684] f2fs_write_end_io+0x1274/0x1740 [ 372.458115][ T8684] __submit_merged_bio+0x256/0x6a0 [ 372.458142][ T8684] __submit_merged_write_cond+0x3c9/0x4e0 [ 372.458170][ T8684] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 372.458212][ T8684] f2fs_write_data_pages+0x287e/0x34f0 [ 372.458269][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 372.458338][ T8684] ? do_raw_spin_lock+0x12b/0x2f0 [ 372.458373][ T8684] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 372.458394][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 372.458413][ T8684] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 372.458432][ T8684] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 372.458457][ T8684] ? reacquire_held_locks+0x104/0x190 [ 372.458475][ T8684] ? rt_spin_lock+0x1e0/0x400 [ 372.458506][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 372.458533][ T8684] ? rt_spin_unlock+0x160/0x200 [ 372.458555][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 372.458579][ T8684] do_writepages+0x32e/0x550 [ 372.458600][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.458625][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 372.458657][ T8684] filemap_fdatawrite+0x1ec/0x2f0 [ 372.458678][ T8684] ? irqentry_exit+0x218/0x730 [ 372.458701][ T8684] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 372.458753][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.458780][ T8684] ? __rcu_read_unlock+0x83/0xe0 [ 372.458812][ T8684] ? rt_spin_unlock+0x160/0x200 [ 372.458838][ T8684] f2fs_sync_dirty_inodes+0x30e/0x830 [ 372.458876][ T8684] f2fs_write_checkpoint+0x9df/0x26a0 [ 372.458898][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 372.458952][ T8684] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 372.459026][ T8684] kill_f2fs_super+0x314/0x730 [ 372.459054][ T8684] ? __pfx_kill_f2fs_super+0x10/0x10 [ 372.459094][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 372.459126][ T8684] deactivate_locked_super+0xbc/0x130 [ 372.459150][ T8684] cleanup_mnt+0x437/0x4d0 [ 372.459172][ T8684] ? _raw_spin_unlock_irq+0x23/0x50 [ 372.459194][ T8684] task_work_run+0x1d9/0x270 [ 372.459215][ T8684] ? __pfx_task_work_run+0x10/0x10 [ 372.459240][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.459259][ T8684] exit_to_user_mode_loop+0xed/0x480 [ 372.459282][ T8684] ? rcu_is_watching+0x15/0xb0 [ 372.459300][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.459319][ T8684] do_syscall_64+0x33e/0xf80 [ 372.459337][ T8684] ? trace_irq_disable+0x3b/0x140 [ 372.459360][ T8684] ? clear_bhb_loop+0x40/0x90 [ 372.459382][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.459399][ T8684] RIP: 0033:0x7f9020c3e017 [ 372.459416][ T8684] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 372.459431][ T8684] RSP: 002b:00007ffebbecec48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 372.459450][ T8684] RAX: 0000000000000000 RBX: 00007f9020cd2120 RCX: 00007f9020c3e017 [ 372.459463][ T8684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebbeced00 [ 372.459474][ T8684] RBP: 00007ffebbeced00 R08: 00007ffebbecfd00 R09: 00000000ffffffff [ 372.459485][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffebbecfd90 [ 372.459496][ T8684] R13: 00007f9020cd2120 R14: 000000000005ad10 R15: 00007ffebbecfdd0 [ 372.459526][ T8684] [ 372.462764][ T8684] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 373.464779][ T9567] syzkaller0: entered promiscuous mode [ 373.464802][ T9567] syzkaller0: entered allmulticast mode [ 373.873782][ T9578] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1001'. [ 374.573827][ T3030] tipc: Subscription rejected, illegal request [ 375.164018][ T9580] loop2: detected capacity change from 0 to 40427 [ 375.167576][ T9580] F2FS-fs: heap/no_heap options were deprecated [ 375.248151][ T9580] F2FS-fs (loop2): build fault injection rate: 19 [ 375.248166][ T9580] F2FS-fs (loop2): build fault injection type: 0x3bfe8c [ 375.265402][ T9580] F2FS-fs (loop2): invalid crc value [ 375.416934][ T9580] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 375.846535][ T9580] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 375.888852][ T9623] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1013'. [ 375.918443][ T9580] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 376.235928][ T9630] syzkaller0: entered promiscuous mode [ 376.235953][ T9630] syzkaller0: entered allmulticast mode [ 376.269775][ T9580] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 376.310606][ T9580] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 376.312234][ T9580] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 376.458772][ T9580] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 376.459737][ T9639] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 376.482305][ T9580] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 376.491820][ T9580] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 376.765190][ T9598] loop5: detected capacity change from 0 to 40427 [ 376.766778][ T9598] F2FS-fs: heap/no_heap options were deprecated [ 376.770565][ T9598] F2FS-fs (loop5): build fault injection rate: 19 [ 376.770585][ T9598] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 376.771637][ T9598] F2FS-fs (loop5): invalid crc value [ 376.802273][ T9598] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 376.863878][ T8360] syz-executor: attempt to access beyond end of device [ 376.863878][ T8360] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 376.893028][ T6070] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 376.899857][ T8360] CPU: 0 UID: 0 PID: 8360 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 376.899889][ T8360] Tainted: [L]=SOFTLOCKUP [ 376.899895][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 376.899906][ T8360] Call Trace: [ 376.899913][ T8360] [ 376.899921][ T8360] dump_stack_lvl+0xe8/0x150 [ 376.899952][ T8360] f2fs_stop_checkpoint+0x383/0x540 [ 376.899978][ T8360] f2fs_write_end_io+0x1274/0x1740 [ 376.900022][ T8360] __submit_merged_bio+0x256/0x6a0 [ 376.900051][ T8360] __submit_merged_write_cond+0x3c9/0x4e0 [ 376.900082][ T8360] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 376.900130][ T8360] f2fs_write_data_pages+0x287e/0x34f0 [ 376.900188][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 376.900257][ T8360] ? do_raw_spin_lock+0x12b/0x2f0 [ 376.900294][ T8360] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 376.900314][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.900334][ T8360] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 376.900354][ T8360] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 376.900379][ T8360] ? reacquire_held_locks+0x104/0x190 [ 376.900396][ T8360] ? rt_spin_lock+0x1e0/0x400 [ 376.900427][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 376.900455][ T8360] ? rt_spin_unlock+0x160/0x200 [ 376.900478][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 376.900502][ T8360] do_writepages+0x32e/0x550 [ 376.900522][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.900548][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 376.900582][ T8360] filemap_fdatawrite+0x1ec/0x2f0 [ 376.900607][ T8360] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 376.900632][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 376.900692][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.900726][ T8360] ? rt_spin_unlock+0x160/0x200 [ 376.900753][ T8360] f2fs_sync_dirty_inodes+0x30e/0x830 [ 376.900792][ T8360] f2fs_write_checkpoint+0x9df/0x26a0 [ 376.900816][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 376.900873][ T8360] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 376.900951][ T8360] kill_f2fs_super+0x314/0x730 [ 376.900982][ T8360] ? __pfx_kill_f2fs_super+0x10/0x10 [ 376.901018][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.901052][ T8360] deactivate_locked_super+0xbc/0x130 [ 376.901077][ T8360] cleanup_mnt+0x437/0x4d0 [ 376.901101][ T8360] ? _raw_spin_unlock_irq+0x23/0x50 [ 376.901125][ T8360] task_work_run+0x1d9/0x270 [ 376.901147][ T8360] ? __pfx_task_work_run+0x10/0x10 [ 376.901173][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.901193][ T8360] exit_to_user_mode_loop+0xed/0x480 [ 376.901217][ T8360] ? rcu_is_watching+0x15/0xb0 [ 376.901238][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.901257][ T8360] do_syscall_64+0x33e/0xf80 [ 376.901276][ T8360] ? trace_irq_disable+0x3b/0x140 [ 376.901300][ T8360] ? clear_bhb_loop+0x40/0x90 [ 376.901323][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.901341][ T8360] RIP: 0033:0x7f4023e6e017 [ 376.901359][ T8360] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 376.901374][ T8360] RSP: 002b:00007fff4173db18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 376.901395][ T8360] RAX: 0000000000000000 RBX: 00007f4023f02120 RCX: 00007f4023e6e017 [ 376.901408][ T8360] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff4173dbd0 [ 376.901420][ T8360] RBP: 00007fff4173dbd0 R08: 00007fff4173ebd0 R09: 00000000ffffffff [ 376.901433][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff4173ec60 [ 376.901444][ T8360] R13: 00007f4023f02120 R14: 000000000005be3a R15: 00007fff4173eca0 [ 376.901475][ T8360] [ 376.919181][ T8360] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 376.919468][ T8360] CPU: 0 UID: 0 PID: 8360 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 376.919496][ T8360] Tainted: [L]=SOFTLOCKUP [ 376.919502][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 376.919512][ T8360] Call Trace: [ 376.919520][ T8360] [ 376.919528][ T8360] dump_stack_lvl+0xe8/0x150 [ 376.919558][ T8360] f2fs_stop_checkpoint+0x383/0x540 [ 376.919583][ T8360] f2fs_write_end_io+0x1274/0x1740 [ 376.919637][ T8360] __submit_merged_bio+0x256/0x6a0 [ 376.919665][ T8360] __submit_merged_write_cond+0x3c9/0x4e0 [ 376.919695][ T8360] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 376.919740][ T8360] f2fs_write_data_pages+0x287e/0x34f0 [ 376.919804][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 376.919880][ T8360] ? do_raw_spin_lock+0x12b/0x2f0 [ 376.919917][ T8360] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 376.919938][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.919958][ T8360] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 376.919977][ T8360] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 376.920002][ T8360] ? reacquire_held_locks+0x104/0x190 [ 376.920020][ T8360] ? rt_spin_lock+0x1e0/0x400 [ 376.920052][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 376.920080][ T8360] ? rt_spin_unlock+0x160/0x200 [ 376.920103][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 376.920127][ T8360] do_writepages+0x32e/0x550 [ 376.920149][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.920174][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 376.920209][ T8360] filemap_fdatawrite+0x1ec/0x2f0 [ 376.920234][ T8360] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 376.920252][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 376.920314][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.920347][ T8360] ? rt_spin_unlock+0x160/0x200 [ 376.920374][ T8360] f2fs_sync_dirty_inodes+0x30e/0x830 [ 376.920414][ T8360] f2fs_write_checkpoint+0x9df/0x26a0 [ 376.920435][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 376.920493][ T8360] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 376.920573][ T8360] kill_f2fs_super+0x314/0x730 [ 376.920602][ T8360] ? __pfx_kill_f2fs_super+0x10/0x10 [ 376.920653][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.920686][ T8360] deactivate_locked_super+0xbc/0x130 [ 376.920712][ T8360] cleanup_mnt+0x437/0x4d0 [ 376.920734][ T8360] ? _raw_spin_unlock_irq+0x23/0x50 [ 376.920758][ T8360] task_work_run+0x1d9/0x270 [ 376.920780][ T8360] ? __pfx_task_work_run+0x10/0x10 [ 376.920805][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.920825][ T8360] exit_to_user_mode_loop+0xed/0x480 [ 376.920849][ T8360] ? rcu_is_watching+0x15/0xb0 [ 376.920869][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.920888][ T8360] do_syscall_64+0x33e/0xf80 [ 376.920906][ T8360] ? trace_irq_disable+0x3b/0x140 [ 376.920930][ T8360] ? clear_bhb_loop+0x40/0x90 [ 376.920954][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.920971][ T8360] RIP: 0033:0x7f4023e6e017 [ 376.920989][ T8360] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 376.921003][ T8360] RSP: 002b:00007fff4173db18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 376.921023][ T8360] RAX: 0000000000000000 RBX: 00007f4023f02120 RCX: 00007f4023e6e017 [ 376.921035][ T8360] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff4173dbd0 [ 376.921046][ T8360] RBP: 00007fff4173dbd0 R08: 00007fff4173ebd0 R09: 00000000ffffffff [ 376.921058][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff4173ec60 [ 376.921070][ T8360] R13: 00007f4023f02120 R14: 000000000005be3a R15: 00007fff4173eca0 [ 376.921102][ T8360] [ 376.953859][ T8360] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 376.953925][ T8360] CPU: 0 UID: 0 PID: 8360 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 376.953950][ T8360] Tainted: [L]=SOFTLOCKUP [ 376.953956][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 376.953966][ T8360] Call Trace: [ 376.953973][ T8360] [ 376.953981][ T8360] dump_stack_lvl+0xe8/0x150 [ 376.954010][ T8360] f2fs_stop_checkpoint+0x383/0x540 [ 376.954047][ T8360] f2fs_write_end_io+0x1274/0x1740 [ 376.954091][ T8360] __submit_merged_bio+0x256/0x6a0 [ 376.954118][ T8360] __submit_merged_write_cond+0x3c9/0x4e0 [ 376.954146][ T8360] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 376.954188][ T8360] f2fs_write_data_pages+0x287e/0x34f0 [ 376.954243][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 376.954312][ T8360] ? do_raw_spin_lock+0x12b/0x2f0 [ 376.954346][ T8360] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 376.954366][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.954385][ T8360] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 376.954404][ T8360] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 376.954429][ T8360] ? reacquire_held_locks+0x104/0x190 [ 376.954447][ T8360] ? rt_spin_lock+0x1e0/0x400 [ 376.954477][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 376.954504][ T8360] ? rt_spin_unlock+0x160/0x200 [ 376.954527][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 376.954551][ T8360] do_writepages+0x32e/0x550 [ 376.954571][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.954600][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 376.954633][ T8360] filemap_fdatawrite+0x1ec/0x2f0 [ 376.954662][ T8360] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 376.954679][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 376.954736][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.954768][ T8360] ? rt_spin_unlock+0x160/0x200 [ 376.954793][ T8360] f2fs_sync_dirty_inodes+0x30e/0x830 [ 376.954832][ T8360] f2fs_write_checkpoint+0x9df/0x26a0 [ 376.954854][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 376.954906][ T8360] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 376.954980][ T8360] kill_f2fs_super+0x314/0x730 [ 376.955007][ T8360] ? __pfx_kill_f2fs_super+0x10/0x10 [ 376.955042][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.955074][ T8360] deactivate_locked_super+0xbc/0x130 [ 376.955097][ T8360] cleanup_mnt+0x437/0x4d0 [ 376.955119][ T8360] ? _raw_spin_unlock_irq+0x23/0x50 [ 376.955142][ T8360] task_work_run+0x1d9/0x270 [ 376.955163][ T8360] ? __pfx_task_work_run+0x10/0x10 [ 376.955188][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.955206][ T8360] exit_to_user_mode_loop+0xed/0x480 [ 376.955230][ T8360] ? rcu_is_watching+0x15/0xb0 [ 376.955250][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.955269][ T8360] do_syscall_64+0x33e/0xf80 [ 376.955288][ T8360] ? trace_irq_disable+0x3b/0x140 [ 376.955311][ T8360] ? clear_bhb_loop+0x40/0x90 [ 376.955332][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.955349][ T8360] RIP: 0033:0x7f4023e6e017 [ 376.955367][ T8360] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 376.955382][ T8360] RSP: 002b:00007fff4173db18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 376.955401][ T8360] RAX: 0000000000000000 RBX: 00007f4023f02120 RCX: 00007f4023e6e017 [ 376.955412][ T8360] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff4173dbd0 [ 376.955423][ T8360] RBP: 00007fff4173dbd0 R08: 00007fff4173ebd0 R09: 00000000ffffffff [ 376.955436][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff4173ec60 [ 376.955447][ T8360] R13: 00007f4023f02120 R14: 000000000005be3a R15: 00007fff4173eca0 [ 376.955477][ T8360] [ 376.966660][ T8360] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 377.680577][ T9598] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 377.764051][ T9598] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 378.068430][ T5734] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 378.207280][ T9598] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 378.433815][ T9658] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1021'. [ 378.683901][ T1334] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.683997][ T1334] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.014321][ T9695] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1022'. [ 381.014344][ T9695] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1022'. [ 381.102566][ T6070] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 381.234138][ T6070] usb 3-1: device descriptor read/64, error -71 [ 381.340107][ T9703] syzkaller0: entered promiscuous mode [ 381.340132][ T9703] syzkaller0: entered allmulticast mode [ 381.512956][ T6070] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 381.652598][ T6070] usb 3-1: device descriptor read/64, error -71 [ 381.794474][ T6070] usb usb3-port1: attempt power cycle [ 382.155494][ T9688] loop1: detected capacity change from 0 to 40427 [ 382.160405][ T9688] F2FS-fs: heap/no_heap options were deprecated [ 382.161534][ T9688] F2FS-fs (loop1): build fault injection rate: 19 [ 382.161553][ T9688] F2FS-fs (loop1): build fault injection type: 0x3bfe8c [ 382.163528][ T9688] F2FS-fs (loop1): invalid crc value [ 382.186564][ T9688] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 382.292604][ T6070] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 382.318172][ T6070] usb 3-1: device descriptor read/8, error -71 [ 382.626895][ T9688] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 382.629526][ T6070] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 382.655207][ T6070] usb 3-1: device descriptor read/8, error -71 [ 382.728397][ T9688] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 382.773608][ T6070] usb usb3-port1: unable to enumerate USB device [ 382.968588][ T9688] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 383.075931][ T9688] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 383.080466][ T9688] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 383.093553][ T9688] F2FS-fs (loop1): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 383.134385][ T9688] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 383.164047][ T9688] F2FS-fs (loop1): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 383.219600][ T9740] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 383.580265][ T9753] Bluetooth: MGMT ver 1.23 [ 383.661089][ T5628] syz-executor: attempt to access beyond end of device [ 383.661089][ T5628] loop1: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 383.703135][ T5628] CPU: 0 UID: 0 PID: 5628 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 383.703167][ T5628] Tainted: [L]=SOFTLOCKUP [ 383.703174][ T5628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 383.703184][ T5628] Call Trace: [ 383.703192][ T5628] [ 383.703200][ T5628] dump_stack_lvl+0xe8/0x150 [ 383.703230][ T5628] f2fs_stop_checkpoint+0x383/0x540 [ 383.703257][ T5628] f2fs_write_end_io+0x1274/0x1740 [ 383.703303][ T5628] __submit_merged_bio+0x256/0x6a0 [ 383.703331][ T5628] __submit_merged_write_cond+0x3c9/0x4e0 [ 383.703361][ T5628] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 383.703406][ T5628] f2fs_write_data_pages+0x287e/0x34f0 [ 383.703466][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 383.703536][ T5628] ? do_raw_spin_lock+0x12b/0x2f0 [ 383.703569][ T5628] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 383.703589][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 383.703608][ T5628] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 383.703628][ T5628] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 383.703653][ T5628] ? reacquire_held_locks+0x104/0x190 [ 383.703671][ T5628] ? rt_spin_lock+0x1e0/0x400 [ 383.703703][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 383.703733][ T5628] ? rt_spin_unlock+0x160/0x200 [ 383.703756][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 383.703780][ T5628] do_writepages+0x32e/0x550 [ 383.703801][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 383.703827][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 383.703869][ T5628] filemap_fdatawrite+0x1ec/0x2f0 [ 383.703894][ T5628] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 383.703951][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 383.703980][ T5628] ? __rcu_read_unlock+0x83/0xe0 [ 383.704009][ T5628] ? rt_spin_unlock+0x160/0x200 [ 383.704037][ T5628] f2fs_sync_dirty_inodes+0x30e/0x830 [ 383.704074][ T5628] f2fs_write_checkpoint+0x9df/0x26a0 [ 383.704096][ T5628] ? __lock_acquire+0x6b5/0x2d10 [ 383.704128][ T5628] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 383.704169][ T5628] kill_f2fs_super+0x314/0x730 [ 383.704186][ T5628] ? __pfx_kill_f2fs_super+0x10/0x10 [ 383.704206][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 383.704223][ T5628] deactivate_locked_super+0xbc/0x130 [ 383.704242][ T5628] cleanup_mnt+0x437/0x4d0 [ 383.704265][ T5628] ? _raw_spin_unlock_irq+0x23/0x50 [ 383.704284][ T5628] task_work_run+0x1d9/0x270 [ 383.704296][ T5628] ? __pfx_task_work_run+0x10/0x10 [ 383.704309][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.704321][ T5628] exit_to_user_mode_loop+0xed/0x480 [ 383.704335][ T5628] ? rcu_is_watching+0x15/0xb0 [ 383.704346][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.704356][ T5628] do_syscall_64+0x33e/0xf80 [ 383.704367][ T5628] ? trace_irq_disable+0x3b/0x140 [ 383.704381][ T5628] ? clear_bhb_loop+0x40/0x90 [ 383.704394][ T5628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.704404][ T5628] RIP: 0033:0x7feba394e017 [ 383.704415][ T5628] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 383.704424][ T5628] RSP: 002b:00007ffcda0f2558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 383.704435][ T5628] RAX: 0000000000000000 RBX: 00007feba39e2120 RCX: 00007feba394e017 [ 383.704442][ T5628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcda0f2610 [ 383.704449][ T5628] RBP: 00007ffcda0f2610 R08: 00007ffcda0f3610 R09: 00000000ffffffff [ 383.704455][ T5628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcda0f36a0 [ 383.704461][ T5628] R13: 00007feba39e2120 R14: 000000000005d858 R15: 00007ffcda0f36e0 [ 383.704478][ T5628] [ 383.712618][ T5628] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 383.714033][ T5628] CPU: 0 UID: 0 PID: 5628 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 383.714061][ T5628] Tainted: [L]=SOFTLOCKUP [ 383.714067][ T5628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 383.714077][ T5628] Call Trace: [ 383.714085][ T5628] [ 383.714092][ T5628] dump_stack_lvl+0xe8/0x150 [ 383.714124][ T5628] f2fs_stop_checkpoint+0x383/0x540 [ 383.714149][ T5628] f2fs_write_end_io+0x1274/0x1740 [ 383.714196][ T5628] __submit_merged_bio+0x256/0x6a0 [ 383.714225][ T5628] __submit_merged_write_cond+0x3c9/0x4e0 [ 383.714253][ T5628] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 383.714299][ T5628] f2fs_write_data_pages+0x287e/0x34f0 [ 383.714360][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 383.714437][ T5628] ? do_raw_spin_lock+0x12b/0x2f0 [ 383.714472][ T5628] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 383.714493][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 383.714513][ T5628] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 383.714532][ T5628] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 383.714557][ T5628] ? reacquire_held_locks+0x104/0x190 [ 383.714574][ T5628] ? rt_spin_lock+0x1e0/0x400 [ 383.714606][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 383.714635][ T5628] ? rt_spin_unlock+0x160/0x200 [ 383.714658][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 383.714681][ T5628] do_writepages+0x32e/0x550 [ 383.714702][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 383.714728][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 383.714763][ T5628] filemap_fdatawrite+0x1ec/0x2f0 [ 383.714787][ T5628] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 383.714851][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 383.714879][ T5628] ? __rcu_read_unlock+0x83/0xe0 [ 383.714903][ T5628] ? rt_spin_unlock+0x160/0x200 [ 383.714931][ T5628] f2fs_sync_dirty_inodes+0x30e/0x830 [ 383.714972][ T5628] f2fs_write_checkpoint+0x9df/0x26a0 [ 383.714994][ T5628] ? __lock_acquire+0x6b5/0x2d10 [ 383.715053][ T5628] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 383.715133][ T5628] kill_f2fs_super+0x314/0x730 [ 383.715164][ T5628] ? __pfx_kill_f2fs_super+0x10/0x10 [ 383.715202][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 383.715234][ T5628] deactivate_locked_super+0xbc/0x130 [ 383.715258][ T5628] cleanup_mnt+0x437/0x4d0 [ 383.715281][ T5628] ? _raw_spin_unlock_irq+0x23/0x50 [ 383.715304][ T5628] task_work_run+0x1d9/0x270 [ 383.715325][ T5628] ? __pfx_task_work_run+0x10/0x10 [ 383.715351][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.715371][ T5628] exit_to_user_mode_loop+0xed/0x480 [ 383.715394][ T5628] ? rcu_is_watching+0x15/0xb0 [ 383.715414][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.715433][ T5628] do_syscall_64+0x33e/0xf80 [ 383.715450][ T5628] ? trace_irq_disable+0x3b/0x140 [ 383.715474][ T5628] ? clear_bhb_loop+0x40/0x90 [ 383.715497][ T5628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.715514][ T5628] RIP: 0033:0x7feba394e017 [ 383.715531][ T5628] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 383.715546][ T5628] RSP: 002b:00007ffcda0f2558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 383.715565][ T5628] RAX: 0000000000000000 RBX: 00007feba39e2120 RCX: 00007feba394e017 [ 383.715577][ T5628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcda0f2610 [ 383.715589][ T5628] RBP: 00007ffcda0f2610 R08: 00007ffcda0f3610 R09: 00000000ffffffff [ 383.715601][ T5628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcda0f36a0 [ 383.715612][ T5628] R13: 00007feba39e2120 R14: 000000000005d858 R15: 00007ffcda0f36e0 [ 383.715644][ T5628] [ 383.735260][ T5628] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 383.735329][ T5628] CPU: 0 UID: 0 PID: 5628 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 383.735354][ T5628] Tainted: [L]=SOFTLOCKUP [ 383.735361][ T5628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 383.735370][ T5628] Call Trace: [ 383.735378][ T5628] [ 383.735386][ T5628] dump_stack_lvl+0xe8/0x150 [ 383.735416][ T5628] f2fs_stop_checkpoint+0x383/0x540 [ 383.735441][ T5628] f2fs_write_end_io+0x1274/0x1740 [ 383.735485][ T5628] __submit_merged_bio+0x256/0x6a0 [ 383.735512][ T5628] __submit_merged_write_cond+0x3c9/0x4e0 [ 383.735540][ T5628] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 383.735582][ T5628] f2fs_write_data_pages+0x287e/0x34f0 [ 383.735638][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 383.735708][ T5628] ? do_raw_spin_lock+0x12b/0x2f0 [ 383.735742][ T5628] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 383.735762][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 383.735782][ T5628] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 383.735801][ T5628] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 383.735826][ T5628] ? reacquire_held_locks+0x104/0x190 [ 383.735850][ T5628] ? rt_spin_lock+0x1e0/0x400 [ 383.735881][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 383.735909][ T5628] ? rt_spin_unlock+0x160/0x200 [ 383.735932][ T5628] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 383.735955][ T5628] do_writepages+0x32e/0x550 [ 383.735975][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 383.736001][ T5628] ? rt_spin_unlock+0x14f/0x200 [ 383.736034][ T5628] filemap_fdatawrite+0x1ec/0x2f0 [ 383.736058][ T5628] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 383.736112][ T5628] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 383.736140][ T5628] ? __rcu_read_unlock+0x83/0xe0 [ 383.736164][ T5628] ? rt_spin_unlock+0x160/0x200 [ 383.736190][ T5628] f2fs_sync_dirty_inodes+0x30e/0x830 [ 383.736232][ T5628] f2fs_write_checkpoint+0x9df/0x26a0 [ 383.736254][ T5628] ? __lock_acquire+0x6b5/0x2d10 [ 383.736308][ T5628] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 383.736382][ T5628] kill_f2fs_super+0x314/0x730 [ 383.736411][ T5628] ? __pfx_kill_f2fs_super+0x10/0x10 [ 383.736447][ T5628] ? lockdep_hardirqs_on+0x7a/0x110 [ 383.736478][ T5628] deactivate_locked_super+0xbc/0x130 [ 383.736502][ T5628] cleanup_mnt+0x437/0x4d0 [ 383.736524][ T5628] ? _raw_spin_unlock_irq+0x23/0x50 [ 383.736546][ T5628] task_work_run+0x1d9/0x270 [ 383.736567][ T5628] ? __pfx_task_work_run+0x10/0x10 [ 383.736591][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.736610][ T5628] exit_to_user_mode_loop+0xed/0x480 [ 383.736635][ T5628] ? rcu_is_watching+0x15/0xb0 [ 383.736654][ T5628] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.736672][ T5628] do_syscall_64+0x33e/0xf80 [ 383.736689][ T5628] ? trace_irq_disable+0x3b/0x140 [ 383.736726][ T5628] ? clear_bhb_loop+0x40/0x90 [ 383.736752][ T5628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.736769][ T5628] RIP: 0033:0x7feba394e017 [ 383.736786][ T5628] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 383.736801][ T5628] RSP: 002b:00007ffcda0f2558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 383.736820][ T5628] RAX: 0000000000000000 RBX: 00007feba39e2120 RCX: 00007feba394e017 [ 383.736838][ T5628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcda0f2610 [ 383.736849][ T5628] RBP: 00007ffcda0f2610 R08: 00007ffcda0f3610 R09: 00000000ffffffff [ 383.736861][ T5628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcda0f36a0 [ 383.736873][ T5628] R13: 00007feba39e2120 R14: 000000000005d858 R15: 00007ffcda0f36e0 [ 383.736904][ T5628] [ 383.745612][ T5628] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 383.848083][ T9760] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1043'. [ 383.848104][ T9760] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1043'. [ 385.665378][ T9758] loop5: detected capacity change from 0 to 32768 [ 385.677503][ T9758] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1042 (9758) [ 385.992029][ T9758] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 385.992062][ T9758] BTRFS info (device loop5): using blake2b checksum algorithm [ 386.512994][ T9758] BTRFS info (device loop5): enabling ssd optimizations [ 386.513019][ T9758] BTRFS info (device loop5): turning on async discard [ 386.513035][ T9758] BTRFS info (device loop5): enabling free space tree [ 387.126909][ T9788] loop6: detected capacity change from 0 to 40427 [ 387.140281][ T9788] F2FS-fs: heap/no_heap options were deprecated [ 387.255366][ T9788] F2FS-fs (loop6): build fault injection rate: 19 [ 387.255390][ T9788] F2FS-fs (loop6): build fault injection type: 0x3bfe8c [ 387.256535][ T9788] F2FS-fs (loop6): invalid crc value [ 387.406892][ T9788] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 387.434528][ T9838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1054'. [ 387.434551][ T9838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1054'. [ 387.781910][ T9788] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 387.835815][ T9843] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1057'. [ 387.925902][ T9788] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 388.065461][ T9848] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1059'. [ 388.091300][ T9845] syzkaller0: entered promiscuous mode [ 388.091338][ T9845] syzkaller0: entered allmulticast mode [ 388.268787][ T9788] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 388.325556][ T9788] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 388.327388][ T9788] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 388.329426][ T9788] F2FS-fs (loop6): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 388.333987][ T9788] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 388.339639][ T9788] F2FS-fs (loop6): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 388.341742][ T9788] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 388.816710][ T8725] syz-executor: attempt to access beyond end of device [ 388.816710][ T8725] loop6: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 388.845482][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 388.845512][ T8725] Tainted: [L]=SOFTLOCKUP [ 388.845517][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 388.845527][ T8725] Call Trace: [ 388.845534][ T8725] [ 388.845542][ T8725] dump_stack_lvl+0xe8/0x150 [ 388.845569][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 388.845589][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 388.845623][ T8725] __submit_merged_bio+0x256/0x6a0 [ 388.845642][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 388.845665][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 388.845697][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 388.845741][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 388.845796][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 388.845829][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 388.845846][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.845862][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 388.845877][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 388.845898][ T8725] ? reacquire_held_locks+0x104/0x190 [ 388.845913][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 388.845937][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 388.845958][ T8725] ? rt_spin_unlock+0x160/0x200 [ 388.845976][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 388.845997][ T8725] do_writepages+0x32e/0x550 [ 388.846015][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 388.846036][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 388.846063][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 388.846083][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 388.846097][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 388.846146][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 388.846172][ T8725] ? rt_spin_unlock+0x160/0x200 [ 388.846194][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 388.846236][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 388.846257][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 388.846302][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 388.846359][ T8725] kill_f2fs_super+0x314/0x730 [ 388.846383][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 388.846410][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.846437][ T8725] deactivate_locked_super+0xbc/0x130 [ 388.846458][ T8725] cleanup_mnt+0x437/0x4d0 [ 388.846478][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 388.846500][ T8725] task_work_run+0x1d9/0x270 [ 388.846519][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 388.846540][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.846556][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 388.846576][ T8725] ? rcu_is_watching+0x15/0xb0 [ 388.846593][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.846612][ T8725] do_syscall_64+0x33e/0xf80 [ 388.846628][ T8725] ? trace_irq_disable+0x3b/0x140 [ 388.846648][ T8725] ? clear_bhb_loop+0x40/0x90 [ 388.846665][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.846678][ T8725] RIP: 0033:0x7f632c8be017 [ 388.846692][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 388.846704][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 388.846719][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 388.846729][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 388.846736][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 388.846745][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 388.846754][ T8725] R13: 00007f632c952120 R14: 000000000005ecf8 R15: 00007ffd21c46e00 [ 388.846777][ T8725] [ 388.848384][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 388.848714][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 388.848741][ T8725] Tainted: [L]=SOFTLOCKUP [ 388.848747][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 388.848757][ T8725] Call Trace: [ 388.848764][ T8725] [ 388.848771][ T8725] dump_stack_lvl+0xe8/0x150 [ 388.848800][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 388.848825][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 388.848870][ T8725] __submit_merged_bio+0x256/0x6a0 [ 388.848899][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 388.848929][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 388.848973][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 388.849039][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 388.849115][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 388.849151][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 388.849171][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.849191][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 388.849210][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 388.849244][ T8725] ? reacquire_held_locks+0x104/0x190 [ 388.849261][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 388.849293][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 388.849321][ T8725] ? rt_spin_unlock+0x160/0x200 [ 388.849344][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 388.849368][ T8725] do_writepages+0x32e/0x550 [ 388.849388][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 388.849415][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 388.849450][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 388.849474][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 388.849492][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 388.849555][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 388.849588][ T8725] ? rt_spin_unlock+0x160/0x200 [ 388.849614][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 388.849654][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 388.849676][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 388.849732][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 388.849815][ T8725] kill_f2fs_super+0x314/0x730 [ 388.849845][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 388.849881][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.849922][ T8725] deactivate_locked_super+0xbc/0x130 [ 388.849947][ T8725] cleanup_mnt+0x437/0x4d0 [ 388.849971][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 388.849994][ T8725] task_work_run+0x1d9/0x270 [ 388.850016][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 388.850041][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.850061][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 388.850084][ T8725] ? rcu_is_watching+0x15/0xb0 [ 388.850104][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.850123][ T8725] do_syscall_64+0x33e/0xf80 [ 388.850141][ T8725] ? trace_irq_disable+0x3b/0x140 [ 388.850164][ T8725] ? clear_bhb_loop+0x40/0x90 [ 388.850186][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.850203][ T8725] RIP: 0033:0x7f632c8be017 [ 388.850221][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 388.850242][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 388.850261][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 388.850273][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 388.850284][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 388.850296][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 388.850307][ T8725] R13: 00007f632c952120 R14: 000000000005ecf8 R15: 00007ffd21c46e00 [ 388.850339][ T8725] [ 388.853336][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 388.853381][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 388.853405][ T8725] Tainted: [L]=SOFTLOCKUP [ 388.853411][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 388.853421][ T8725] Call Trace: [ 388.853427][ T8725] [ 388.853434][ T8725] dump_stack_lvl+0xe8/0x150 [ 388.853460][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 388.853483][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 388.853524][ T8725] __submit_merged_bio+0x256/0x6a0 [ 388.853550][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 388.853579][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 388.853619][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 388.853674][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 388.853745][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 388.853779][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 388.853799][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.853817][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 388.853836][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 388.853860][ T8725] ? reacquire_held_locks+0x104/0x190 [ 388.853878][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 388.853909][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 388.853937][ T8725] ? rt_spin_unlock+0x160/0x200 [ 388.853958][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 388.853982][ T8725] do_writepages+0x32e/0x550 [ 388.854002][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 388.854027][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 388.854059][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 388.854082][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 388.854100][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 388.854156][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 388.854186][ T8725] ? rt_spin_unlock+0x160/0x200 [ 388.854214][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 388.854258][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 388.854281][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 388.854333][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 388.854405][ T8725] kill_f2fs_super+0x314/0x730 [ 388.854432][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 388.854467][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.854498][ T8725] deactivate_locked_super+0xbc/0x130 [ 388.854520][ T8725] cleanup_mnt+0x437/0x4d0 [ 388.854542][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 388.854564][ T8725] task_work_run+0x1d9/0x270 [ 388.854584][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 388.854608][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.854626][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 388.854649][ T8725] ? rcu_is_watching+0x15/0xb0 [ 388.854668][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.854687][ T8725] do_syscall_64+0x33e/0xf80 [ 388.854704][ T8725] ? trace_irq_disable+0x3b/0x140 [ 388.854726][ T8725] ? clear_bhb_loop+0x40/0x90 [ 388.854747][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.854764][ T8725] RIP: 0033:0x7f632c8be017 [ 388.854780][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 388.854795][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 388.854813][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 388.854825][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 388.854836][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 388.854848][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 388.854859][ T8725] R13: 00007f632c952120 R14: 000000000005ecf8 R15: 00007ffd21c46e00 [ 388.854889][ T8725] [ 388.858454][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 389.808727][ T37] audit: type=1800 audit(1777950651.471:7): pid=9853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1042" name="file1" dev="loop5" ino=260 res=0 errno=0 [ 390.612029][ T9881] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1070'. [ 391.810494][ T9887] loop2: detected capacity change from 0 to 40427 [ 391.831185][ T9887] F2FS-fs: heap/no_heap options were deprecated [ 391.852301][ T9887] F2FS-fs (loop2): build fault injection rate: 19 [ 391.852323][ T9887] F2FS-fs (loop2): build fault injection type: 0x3bfe8c [ 391.860589][ T9892] syzkaller0: entered promiscuous mode [ 391.860610][ T9892] syzkaller0: entered allmulticast mode [ 391.867624][ T9887] F2FS-fs (loop2): invalid crc value [ 391.965276][ T9887] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 391.991459][ T9896] netlink: 200 bytes leftover after parsing attributes in process `syz.6.1075'. [ 392.077622][ T8684] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 392.311844][ T9887] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 392.529128][ T9887] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 392.787881][ T9887] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 392.815594][ T9887] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 392.840102][ T9887] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 392.853832][ T9887] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 392.873820][ T9887] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 392.875864][ T9887] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 392.883559][ T9887] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 393.090444][ T9917] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1081'. [ 393.181654][ T8360] syz-executor: attempt to access beyond end of device [ 393.181654][ T8360] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 393.215222][ T8360] CPU: 0 UID: 0 PID: 8360 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 393.215252][ T8360] Tainted: [L]=SOFTLOCKUP [ 393.215258][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 393.215268][ T8360] Call Trace: [ 393.215274][ T8360] [ 393.215281][ T8360] dump_stack_lvl+0xe8/0x150 [ 393.215309][ T8360] f2fs_stop_checkpoint+0x383/0x540 [ 393.215332][ T8360] f2fs_write_end_io+0x1274/0x1740 [ 393.215374][ T8360] __submit_merged_bio+0x256/0x6a0 [ 393.215399][ T8360] __submit_merged_write_cond+0x3c9/0x4e0 [ 393.215426][ T8360] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 393.215465][ T8360] f2fs_write_data_pages+0x287e/0x34f0 [ 393.215518][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 393.215585][ T8360] ? do_raw_spin_lock+0x12b/0x2f0 [ 393.215617][ T8360] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 393.215636][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 393.215653][ T8360] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 393.215670][ T8360] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 393.215693][ T8360] ? reacquire_held_locks+0x104/0x190 [ 393.215708][ T8360] ? rt_spin_lock+0x1e0/0x400 [ 393.215736][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 393.215762][ T8360] ? rt_spin_unlock+0x160/0x200 [ 393.215782][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 393.215803][ T8360] do_writepages+0x32e/0x550 [ 393.215841][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 393.215864][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 393.215895][ T8360] filemap_fdatawrite+0x1ec/0x2f0 [ 393.215917][ T8360] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 393.215934][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 393.215990][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 393.216019][ T8360] ? rt_spin_unlock+0x160/0x200 [ 393.216042][ T8360] f2fs_sync_dirty_inodes+0x30e/0x830 [ 393.216083][ T8360] f2fs_write_checkpoint+0x9df/0x26a0 [ 393.216104][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 393.216154][ T8360] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 393.216225][ T8360] kill_f2fs_super+0x314/0x730 [ 393.216252][ T8360] ? __pfx_kill_f2fs_super+0x10/0x10 [ 393.216289][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 393.216319][ T8360] deactivate_locked_super+0xbc/0x130 [ 393.216342][ T8360] cleanup_mnt+0x437/0x4d0 [ 393.216363][ T8360] ? _raw_spin_unlock_irq+0x23/0x50 [ 393.216385][ T8360] task_work_run+0x1d9/0x270 [ 393.216404][ T8360] ? __pfx_task_work_run+0x10/0x10 [ 393.216426][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.216444][ T8360] exit_to_user_mode_loop+0xed/0x480 [ 393.216465][ T8360] ? rcu_is_watching+0x15/0xb0 [ 393.216483][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.216500][ T8360] do_syscall_64+0x33e/0xf80 [ 393.216516][ T8360] ? trace_irq_disable+0x3b/0x140 [ 393.216538][ T8360] ? clear_bhb_loop+0x40/0x90 [ 393.216558][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.216573][ T8360] RIP: 0033:0x7f4023e6e017 [ 393.216589][ T8360] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 393.216603][ T8360] RSP: 002b:00007fff4173db18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 393.216620][ T8360] RAX: 0000000000000000 RBX: 00007f4023f02120 RCX: 00007f4023e6e017 [ 393.216630][ T8360] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff4173dbd0 [ 393.216640][ T8360] RBP: 00007fff4173dbd0 R08: 00007fff4173ebd0 R09: 00000000ffffffff [ 393.216650][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff4173ec60 [ 393.216660][ T8360] R13: 00007f4023f02120 R14: 000000000005fe2d R15: 00007fff4173eca0 [ 393.216688][ T8360] [ 393.216695][ T8360] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 393.275016][ T8360] CPU: 1 UID: 0 PID: 8360 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 393.275047][ T8360] Tainted: [L]=SOFTLOCKUP [ 393.275053][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 393.275063][ T8360] Call Trace: [ 393.275069][ T8360] [ 393.275078][ T8360] dump_stack_lvl+0xe8/0x150 [ 393.275106][ T8360] f2fs_stop_checkpoint+0x383/0x540 [ 393.275131][ T8360] f2fs_write_end_io+0x1274/0x1740 [ 393.275174][ T8360] __submit_merged_bio+0x256/0x6a0 [ 393.275201][ T8360] __submit_merged_write_cond+0x3c9/0x4e0 [ 393.275230][ T8360] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 393.275272][ T8360] f2fs_write_data_pages+0x287e/0x34f0 [ 393.275328][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 393.275397][ T8360] ? do_raw_spin_lock+0x12b/0x2f0 [ 393.275431][ T8360] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 393.275451][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 393.275470][ T8360] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 393.275488][ T8360] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 393.275513][ T8360] ? reacquire_held_locks+0x104/0x190 [ 393.275529][ T8360] ? rt_spin_lock+0x1e0/0x400 [ 393.275560][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 393.275586][ T8360] ? rt_spin_unlock+0x160/0x200 [ 393.275608][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 393.275631][ T8360] do_writepages+0x32e/0x550 [ 393.275652][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 393.275678][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 393.275711][ T8360] filemap_fdatawrite+0x1ec/0x2f0 [ 393.275735][ T8360] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 393.275752][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 393.275827][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 393.275859][ T8360] ? rt_spin_unlock+0x160/0x200 [ 393.275886][ T8360] f2fs_sync_dirty_inodes+0x30e/0x830 [ 393.275924][ T8360] f2fs_write_checkpoint+0x9df/0x26a0 [ 393.275946][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 393.275998][ T8360] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 393.276071][ T8360] kill_f2fs_super+0x314/0x730 [ 393.276100][ T8360] ? __pfx_kill_f2fs_super+0x10/0x10 [ 393.276134][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 393.276166][ T8360] deactivate_locked_super+0xbc/0x130 [ 393.276189][ T8360] cleanup_mnt+0x437/0x4d0 [ 393.276210][ T8360] ? _raw_spin_unlock_irq+0x23/0x50 [ 393.276233][ T8360] task_work_run+0x1d9/0x270 [ 393.276257][ T8360] ? __pfx_task_work_run+0x10/0x10 [ 393.276281][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.276300][ T8360] exit_to_user_mode_loop+0xed/0x480 [ 393.276323][ T8360] ? rcu_is_watching+0x15/0xb0 [ 393.276343][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.276361][ T8360] do_syscall_64+0x33e/0xf80 [ 393.276379][ T8360] ? trace_irq_disable+0x3b/0x140 [ 393.276402][ T8360] ? clear_bhb_loop+0x40/0x90 [ 393.276424][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.276441][ T8360] RIP: 0033:0x7f4023e6e017 [ 393.276459][ T8360] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 393.276472][ T8360] RSP: 002b:00007fff4173db18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 393.276491][ T8360] RAX: 0000000000000000 RBX: 00007f4023f02120 RCX: 00007f4023e6e017 [ 393.276504][ T8360] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff4173dbd0 [ 393.276515][ T8360] RBP: 00007fff4173dbd0 R08: 00007fff4173ebd0 R09: 00000000ffffffff [ 393.276527][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff4173ec60 [ 393.276538][ T8360] R13: 00007f4023f02120 R14: 000000000005fe2d R15: 00007fff4173eca0 [ 393.276568][ T8360] [ 393.309836][ T8360] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 393.309905][ T8360] CPU: 1 UID: 0 PID: 8360 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 393.309931][ T8360] Tainted: [L]=SOFTLOCKUP [ 393.309937][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 393.309947][ T8360] Call Trace: [ 393.309954][ T8360] [ 393.309961][ T8360] dump_stack_lvl+0xe8/0x150 [ 393.309989][ T8360] f2fs_stop_checkpoint+0x383/0x540 [ 393.310015][ T8360] f2fs_write_end_io+0x1274/0x1740 [ 393.310058][ T8360] __submit_merged_bio+0x256/0x6a0 [ 393.310084][ T8360] __submit_merged_write_cond+0x3c9/0x4e0 [ 393.310113][ T8360] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 393.310155][ T8360] f2fs_write_data_pages+0x287e/0x34f0 [ 393.310211][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 393.310281][ T8360] ? do_raw_spin_lock+0x12b/0x2f0 [ 393.310315][ T8360] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 393.310336][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 393.310355][ T8360] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 393.310374][ T8360] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 393.310398][ T8360] ? reacquire_held_locks+0x104/0x190 [ 393.310415][ T8360] ? rt_spin_lock+0x1e0/0x400 [ 393.310446][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 393.310474][ T8360] ? rt_spin_unlock+0x160/0x200 [ 393.310495][ T8360] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 393.310518][ T8360] do_writepages+0x32e/0x550 [ 393.310539][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 393.310565][ T8360] ? rt_spin_unlock+0x14f/0x200 [ 393.310597][ T8360] filemap_fdatawrite+0x1ec/0x2f0 [ 393.310620][ T8360] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 393.310638][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 393.310696][ T8360] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 393.310727][ T8360] ? rt_spin_unlock+0x160/0x200 [ 393.310753][ T8360] f2fs_sync_dirty_inodes+0x30e/0x830 [ 393.310791][ T8360] f2fs_write_checkpoint+0x9df/0x26a0 [ 393.310819][ T8360] ? __lock_acquire+0x6b5/0x2d10 [ 393.310872][ T8360] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 393.310946][ T8360] kill_f2fs_super+0x314/0x730 [ 393.310975][ T8360] ? __pfx_kill_f2fs_super+0x10/0x10 [ 393.311010][ T8360] ? lockdep_hardirqs_on+0x7a/0x110 [ 393.311040][ T8360] deactivate_locked_super+0xbc/0x130 [ 393.311064][ T8360] cleanup_mnt+0x437/0x4d0 [ 393.311086][ T8360] ? _raw_spin_unlock_irq+0x23/0x50 [ 393.311109][ T8360] task_work_run+0x1d9/0x270 [ 393.311130][ T8360] ? __pfx_task_work_run+0x10/0x10 [ 393.311153][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.311173][ T8360] exit_to_user_mode_loop+0xed/0x480 [ 393.311196][ T8360] ? rcu_is_watching+0x15/0xb0 [ 393.311216][ T8360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.311234][ T8360] do_syscall_64+0x33e/0xf80 [ 393.311252][ T8360] ? trace_irq_disable+0x3b/0x140 [ 393.311275][ T8360] ? clear_bhb_loop+0x40/0x90 [ 393.311297][ T8360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.311314][ T8360] RIP: 0033:0x7f4023e6e017 [ 393.311331][ T8360] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 393.311345][ T8360] RSP: 002b:00007fff4173db18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 393.311364][ T8360] RAX: 0000000000000000 RBX: 00007f4023f02120 RCX: 00007f4023e6e017 [ 393.311376][ T8360] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff4173dbd0 [ 393.311388][ T8360] RBP: 00007fff4173dbd0 R08: 00007fff4173ebd0 R09: 00000000ffffffff [ 393.311399][ T8360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff4173ec60 [ 393.311411][ T8360] R13: 00007f4023f02120 R14: 000000000005fe2d R15: 00007fff4173eca0 [ 393.311441][ T8360] [ 393.325079][ T8360] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 394.442128][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1081'. [ 394.442168][ T9919] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1081'. [ 395.740773][ T9959] syzkaller0: entered promiscuous mode [ 395.740798][ T9959] syzkaller0: entered allmulticast mode [ 395.827069][ T9945] loop2: detected capacity change from 0 to 32768 [ 395.849612][ T9945] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1082 (9945) [ 395.930100][ T9945] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 395.930133][ T9945] BTRFS info (device loop2): using blake2b checksum algorithm [ 395.937792][ T9965] bridge0: port 3(erspan0) entered blocking state [ 395.938042][ T9965] bridge0: port 3(erspan0) entered disabled state [ 395.938290][ T9965] erspan0: entered allmulticast mode [ 396.071684][ T9946] loop5: detected capacity change from 0 to 40427 [ 396.080306][ T9946] F2FS-fs: heap/no_heap options were deprecated [ 396.095445][ T9946] F2FS-fs (loop5): build fault injection rate: 19 [ 396.095468][ T9946] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 396.096502][ T9946] F2FS-fs (loop5): invalid crc value [ 396.182349][ T9946] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 396.197186][ T9965] erspan0: entered promiscuous mode [ 396.197784][ T9965] bridge0: port 3(erspan0) entered blocking state [ 396.224208][ T9965] bridge0: port 3(erspan0) entered forwarding state [ 396.277752][ T9945] BTRFS info (device loop2): enabling ssd optimizations [ 396.277781][ T9945] BTRFS info (device loop2): turning on async discard [ 396.277798][ T9945] BTRFS info (device loop2): enabling free space tree [ 396.655004][ T9946] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 396.725754][ T9946] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 396.871031][ T9946] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 396.892623][ T9946] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 396.918561][ T9972] erspan0: left allmulticast mode [ 396.918593][ T9972] erspan0: left promiscuous mode [ 396.918862][ T9972] bridge0: port 3(erspan0) entered disabled state [ 396.928477][ T9946] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 397.177314][ T8684] syz-executor: attempt to access beyond end of device [ 397.177314][ T8684] loop5: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 397.217256][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 397.217287][ T8684] Tainted: [L]=SOFTLOCKUP [ 397.217293][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 397.217303][ T8684] Call Trace: [ 397.217310][ T8684] [ 397.217318][ T8684] dump_stack_lvl+0xe8/0x150 [ 397.217345][ T8684] f2fs_stop_checkpoint+0x383/0x540 [ 397.217369][ T8684] f2fs_write_end_io+0x1274/0x1740 [ 397.217412][ T8684] __submit_merged_bio+0x256/0x6a0 [ 397.217439][ T8684] __submit_merged_write_cond+0x3c9/0x4e0 [ 397.217468][ T8684] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 397.217510][ T8684] f2fs_write_data_pages+0x287e/0x34f0 [ 397.217567][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 397.217634][ T8684] ? do_raw_spin_lock+0x12b/0x2f0 [ 397.217670][ T8684] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 397.217691][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 397.217717][ T8684] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 397.217735][ T8684] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 397.217760][ T8684] ? reacquire_held_locks+0x104/0x190 [ 397.217778][ T8684] ? rt_spin_lock+0x1e0/0x400 [ 397.217806][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 397.217832][ T8684] ? rt_spin_unlock+0x160/0x200 [ 397.217855][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 397.217879][ T8684] do_writepages+0x32e/0x550 [ 397.217900][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 397.217925][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 397.217959][ T8684] filemap_fdatawrite+0x1ec/0x2f0 [ 397.217981][ T8684] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 397.217999][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 397.218052][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 397.218084][ T8684] ? rt_spin_unlock+0x160/0x200 [ 397.218111][ T8684] f2fs_sync_dirty_inodes+0x30e/0x830 [ 397.218147][ T8684] f2fs_write_checkpoint+0x9df/0x26a0 [ 397.218169][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 397.218225][ T8684] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 397.218304][ T8684] kill_f2fs_super+0x314/0x730 [ 397.218336][ T8684] ? __pfx_kill_f2fs_super+0x10/0x10 [ 397.218372][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 397.218406][ T8684] deactivate_locked_super+0xbc/0x130 [ 397.218432][ T8684] cleanup_mnt+0x437/0x4d0 [ 397.218455][ T8684] ? _raw_spin_unlock_irq+0x23/0x50 [ 397.218479][ T8684] task_work_run+0x1d9/0x270 [ 397.218501][ T8684] ? __pfx_task_work_run+0x10/0x10 [ 397.218527][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.218547][ T8684] exit_to_user_mode_loop+0xed/0x480 [ 397.218572][ T8684] ? rcu_is_watching+0x15/0xb0 [ 397.218593][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.218612][ T8684] do_syscall_64+0x33e/0xf80 [ 397.218631][ T8684] ? trace_irq_disable+0x3b/0x140 [ 397.218655][ T8684] ? clear_bhb_loop+0x40/0x90 [ 397.218678][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.218703][ T8684] RIP: 0033:0x7f9020c3e017 [ 397.218721][ T8684] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 397.218736][ T8684] RSP: 002b:00007ffebbecec48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 397.218757][ T8684] RAX: 0000000000000000 RBX: 00007f9020cd2120 RCX: 00007f9020c3e017 [ 397.218769][ T8684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebbeced00 [ 397.218781][ T8684] RBP: 00007ffebbeced00 R08: 00007ffebbecfd00 R09: 00000000ffffffff [ 397.218794][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffebbecfd90 [ 397.218806][ T8684] R13: 00007f9020cd2120 R14: 0000000000060e43 R15: 00007ffebbecfdd0 [ 397.218838][ T8684] [ 397.218846][ T8684] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 397.220182][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 397.220211][ T8684] Tainted: [L]=SOFTLOCKUP [ 397.220217][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 397.220227][ T8684] Call Trace: [ 397.220234][ T8684] [ 397.220242][ T8684] dump_stack_lvl+0xe8/0x150 [ 397.220271][ T8684] f2fs_stop_checkpoint+0x383/0x540 [ 397.220297][ T8684] f2fs_write_end_io+0x1274/0x1740 [ 397.220343][ T8684] __submit_merged_bio+0x256/0x6a0 [ 397.220371][ T8684] __submit_merged_write_cond+0x3c9/0x4e0 [ 397.220405][ T8684] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 397.220452][ T8684] f2fs_write_data_pages+0x287e/0x34f0 [ 397.220511][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 397.220584][ T8684] ? do_raw_spin_lock+0x12b/0x2f0 [ 397.220621][ T8684] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 397.220642][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 397.220663][ T8684] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 397.220682][ T8684] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 397.220713][ T8684] ? reacquire_held_locks+0x104/0x190 [ 397.220732][ T8684] ? rt_spin_lock+0x1e0/0x400 [ 397.220763][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 397.220792][ T8684] ? rt_spin_unlock+0x160/0x200 [ 397.220814][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 397.220838][ T8684] do_writepages+0x32e/0x550 [ 397.220864][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 397.220892][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 397.220926][ T8684] filemap_fdatawrite+0x1ec/0x2f0 [ 397.220950][ T8684] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 397.220969][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 397.221029][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 397.221062][ T8684] ? rt_spin_unlock+0x160/0x200 [ 397.221086][ T8684] f2fs_sync_dirty_inodes+0x30e/0x830 [ 397.221121][ T8684] f2fs_write_checkpoint+0x9df/0x26a0 [ 397.221143][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 397.221198][ T8684] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 397.221271][ T8684] kill_f2fs_super+0x314/0x730 [ 397.221296][ T8684] ? __pfx_kill_f2fs_super+0x10/0x10 [ 397.221328][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 397.221360][ T8684] deactivate_locked_super+0xbc/0x130 [ 397.221381][ T8684] cleanup_mnt+0x437/0x4d0 [ 397.221402][ T8684] ? _raw_spin_unlock_irq+0x23/0x50 [ 397.221420][ T8684] task_work_run+0x1d9/0x270 [ 397.221438][ T8684] ? __pfx_task_work_run+0x10/0x10 [ 397.221458][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.221473][ T8684] exit_to_user_mode_loop+0xed/0x480 [ 397.221492][ T8684] ? rcu_is_watching+0x15/0xb0 [ 397.221511][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.221529][ T8684] do_syscall_64+0x33e/0xf80 [ 397.221546][ T8684] ? trace_irq_disable+0x3b/0x140 [ 397.221568][ T8684] ? clear_bhb_loop+0x40/0x90 [ 397.221589][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.221606][ T8684] RIP: 0033:0x7f9020c3e017 [ 397.221623][ T8684] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 397.221636][ T8684] RSP: 002b:00007ffebbecec48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 397.221655][ T8684] RAX: 0000000000000000 RBX: 00007f9020cd2120 RCX: 00007f9020c3e017 [ 397.221667][ T8684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebbeced00 [ 397.221678][ T8684] RBP: 00007ffebbeced00 R08: 00007ffebbecfd00 R09: 00000000ffffffff [ 397.221690][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffebbecfd90 [ 397.221710][ T8684] R13: 00007f9020cd2120 R14: 0000000000060e43 R15: 00007ffebbecfdd0 [ 397.221741][ T8684] [ 397.221769][ T8684] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 397.221812][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 397.221837][ T8684] Tainted: [L]=SOFTLOCKUP [ 397.221843][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 397.221853][ T8684] Call Trace: [ 397.221859][ T8684] [ 397.221866][ T8684] dump_stack_lvl+0xe8/0x150 [ 397.221890][ T8684] f2fs_stop_checkpoint+0x383/0x540 [ 397.221915][ T8684] f2fs_write_end_io+0x1274/0x1740 [ 397.221960][ T8684] __submit_merged_bio+0x256/0x6a0 [ 397.221987][ T8684] __submit_merged_write_cond+0x3c9/0x4e0 [ 397.222017][ T8684] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 397.222062][ T8684] f2fs_write_data_pages+0x287e/0x34f0 [ 397.222119][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 397.222193][ T8684] ? do_raw_spin_lock+0x12b/0x2f0 [ 397.222226][ T8684] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 397.222246][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 397.222264][ T8684] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 397.222283][ T8684] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 397.222308][ T8684] ? reacquire_held_locks+0x104/0x190 [ 397.222327][ T8684] ? rt_spin_lock+0x1e0/0x400 [ 397.222358][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 397.222387][ T8684] ? rt_spin_unlock+0x160/0x200 [ 397.222415][ T8684] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 397.222438][ T8684] do_writepages+0x32e/0x550 [ 397.222458][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 397.222482][ T8684] ? rt_spin_unlock+0x14f/0x200 [ 397.222515][ T8684] filemap_fdatawrite+0x1ec/0x2f0 [ 397.222539][ T8684] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 397.222557][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 397.222615][ T8684] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 397.222646][ T8684] ? rt_spin_unlock+0x160/0x200 [ 397.222672][ T8684] f2fs_sync_dirty_inodes+0x30e/0x830 [ 397.222716][ T8684] f2fs_write_checkpoint+0x9df/0x26a0 [ 397.222740][ T8684] ? __lock_acquire+0x6b5/0x2d10 [ 397.222793][ T8684] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 397.222871][ T8684] kill_f2fs_super+0x314/0x730 [ 397.222902][ T8684] ? __pfx_kill_f2fs_super+0x10/0x10 [ 397.222938][ T8684] ? lockdep_hardirqs_on+0x7a/0x110 [ 397.222972][ T8684] deactivate_locked_super+0xbc/0x130 [ 397.222996][ T8684] cleanup_mnt+0x437/0x4d0 [ 397.223019][ T8684] ? _raw_spin_unlock_irq+0x23/0x50 [ 397.223043][ T8684] task_work_run+0x1d9/0x270 [ 397.223065][ T8684] ? __pfx_task_work_run+0x10/0x10 [ 397.223090][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.223110][ T8684] exit_to_user_mode_loop+0xed/0x480 [ 397.223133][ T8684] ? rcu_is_watching+0x15/0xb0 [ 397.223153][ T8684] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.223173][ T8684] do_syscall_64+0x33e/0xf80 [ 397.223191][ T8684] ? trace_irq_disable+0x3b/0x140 [ 397.223214][ T8684] ? clear_bhb_loop+0x40/0x90 [ 397.223237][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.223252][ T8684] RIP: 0033:0x7f9020c3e017 [ 397.223269][ T8684] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 397.223283][ T8684] RSP: 002b:00007ffebbecec48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 397.223302][ T8684] RAX: 0000000000000000 RBX: 00007f9020cd2120 RCX: 00007f9020c3e017 [ 397.223314][ T8684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffebbeced00 [ 397.223326][ T8684] RBP: 00007ffebbeced00 R08: 00007ffebbecfd00 R09: 00000000ffffffff [ 397.223337][ T8684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffebbecfd90 [ 397.223348][ T8684] R13: 00007f9020cd2120 R14: 0000000000060e43 R15: 00007ffebbecfdd0 [ 397.223378][ T8684] [ 397.232870][ C1] ip6_tunnel: ip6erspan0 xmit: Local address not yet configured! [ 397.243943][ T8684] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 397.548697][ T822] loop5: lost filesystem error report for type 5 error -108 [ 397.551231][ T822] loop5: lost filesystem error report for type 5 error -108 [ 398.535982][T10020] syzkaller0: entered promiscuous mode [ 398.536008][T10020] syzkaller0: entered allmulticast mode [ 398.777643][ T8360] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 399.231726][T10031] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1118'. [ 399.952581][ T3147] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 400.084231][ T3147] usb 3-1: device descriptor read/64, error -71 [ 400.382945][ T3147] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 400.554504][ T3147] usb 3-1: device descriptor read/64, error -71 [ 400.693135][ T3147] usb usb3-port1: attempt power cycle [ 401.052542][ T3147] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 401.073649][ T3147] usb 3-1: device descriptor read/8, error -71 [ 401.342572][ T3147] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 401.363402][ T3147] usb 3-1: device descriptor read/8, error -71 [ 401.475052][ T3147] usb usb3-port1: unable to enumerate USB device [ 401.558814][T10067] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1129'. [ 403.016592][T10079] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 403.622257][T10106] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input8 [ 404.724525][T10127] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1148'. [ 404.753963][ T822] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 404.838081][T10108] loop6: detected capacity change from 0 to 40427 [ 404.839191][T10108] F2FS-fs: heap/no_heap options were deprecated [ 404.851784][T10108] F2FS-fs (loop6): build fault injection rate: 19 [ 404.851803][T10108] F2FS-fs (loop6): build fault injection type: 0x3bfe8c [ 404.853273][T10108] F2FS-fs (loop6): invalid crc value [ 404.877921][T10108] f2fs_printk: 4 callbacks suppressed [ 404.877937][T10108] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 404.912703][ T822] usb 3-1: Using ep0 maxpacket: 16 [ 404.915193][ T822] usb 3-1: unable to get BOS descriptor or descriptor too short [ 404.916252][ T822] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 404.916273][ T822] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 404.953581][ T822] usb 3-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 404.953694][ T822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.953715][ T822] usb 3-1: Product: syz [ 404.953728][ T822] usb 3-1: Manufacturer: syz [ 404.953747][ T822] usb 3-1: SerialNumber: syz [ 405.228232][T10108] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 405.284077][ T822] usb 3-1: Audio class v2/v3 interfaces need an interface association [ 405.284477][ T822] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 405.316943][ T822] usb 3-1: 1:2 : does not exist [ 405.346552][T10108] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 405.631448][T10108] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 405.655373][T10108] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060 [ 405.658100][T10108] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 405.660572][T10108] F2FS-fs (loop6): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 405.661289][T10141] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1152'. [ 405.662042][T10108] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 405.678612][T10108] F2FS-fs (loop6): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80 [ 405.681059][T10141] netlink: 'syz.5.1152': attribute type 1 has an invalid length. [ 405.684124][T10108] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80 [ 405.713756][T10134] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 406.005512][ T8725] syz-executor: attempt to access beyond end of device [ 406.005512][ T8725] loop6: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 406.021370][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 406.021400][ T8725] Tainted: [L]=SOFTLOCKUP [ 406.021406][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 406.021417][ T8725] Call Trace: [ 406.021423][ T8725] [ 406.021431][ T8725] dump_stack_lvl+0xe8/0x150 [ 406.021460][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 406.021486][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 406.021530][ T8725] __submit_merged_bio+0x256/0x6a0 [ 406.021558][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 406.021587][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 406.021630][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 406.021687][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 406.021760][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 406.021796][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 406.021818][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 406.021838][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 406.021858][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 406.021883][ T8725] ? reacquire_held_locks+0x104/0x190 [ 406.021902][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 406.021940][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 406.021969][ T8725] ? rt_spin_unlock+0x160/0x200 [ 406.021992][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 406.022017][ T8725] do_writepages+0x32e/0x550 [ 406.022039][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 406.022066][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 406.022100][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 406.022125][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 406.022144][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 406.022204][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 406.022235][ T8725] ? rt_spin_unlock+0x160/0x200 [ 406.022264][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 406.022299][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 406.022317][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 406.022364][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 406.022435][ T8725] kill_f2fs_super+0x314/0x730 [ 406.022465][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 406.022498][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 406.022529][ T8725] deactivate_locked_super+0xbc/0x130 [ 406.022553][ T8725] cleanup_mnt+0x437/0x4d0 [ 406.022577][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 406.022600][ T8725] task_work_run+0x1d9/0x270 [ 406.022620][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 406.022644][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.022664][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 406.022689][ T8725] ? rcu_is_watching+0x15/0xb0 [ 406.022707][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.022725][ T8725] do_syscall_64+0x33e/0xf80 [ 406.022744][ T8725] ? trace_irq_disable+0x3b/0x140 [ 406.022767][ T8725] ? clear_bhb_loop+0x40/0x90 [ 406.022789][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.022806][ T8725] RIP: 0033:0x7f632c8be017 [ 406.022824][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 406.022838][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 406.022857][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 406.022869][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 406.022880][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 406.022893][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 406.022904][ T8725] R13: 00007f632c952120 R14: 0000000000063010 R15: 00007ffd21c46e00 [ 406.022940][ T8725] [ 406.036948][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 406.037282][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 406.037308][ T8725] Tainted: [L]=SOFTLOCKUP [ 406.037314][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 406.037324][ T8725] Call Trace: [ 406.037331][ T8725] [ 406.037338][ T8725] dump_stack_lvl+0xe8/0x150 [ 406.037367][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 406.037393][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 406.037439][ T8725] __submit_merged_bio+0x256/0x6a0 [ 406.037467][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 406.037498][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 406.037543][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 406.037604][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 406.037679][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 406.037715][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 406.037736][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 406.037756][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 406.037775][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 406.037800][ T8725] ? reacquire_held_locks+0x104/0x190 [ 406.037817][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 406.037849][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 406.037878][ T8725] ? rt_spin_unlock+0x160/0x200 [ 406.037901][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 406.037931][ T8725] do_writepages+0x32e/0x550 [ 406.037952][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 406.037979][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 406.038013][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 406.038038][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 406.038060][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 406.038123][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 406.038155][ T8725] ? rt_spin_unlock+0x160/0x200 [ 406.038182][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 406.038222][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 406.038243][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 406.038299][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 406.038379][ T8725] kill_f2fs_super+0x314/0x730 [ 406.038409][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 406.038445][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 406.038478][ T8725] deactivate_locked_super+0xbc/0x130 [ 406.038504][ T8725] cleanup_mnt+0x437/0x4d0 [ 406.038527][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 406.038549][ T8725] task_work_run+0x1d9/0x270 [ 406.038570][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 406.038596][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.038616][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 406.038639][ T8725] ? rcu_is_watching+0x15/0xb0 [ 406.038659][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.038677][ T8725] do_syscall_64+0x33e/0xf80 [ 406.038695][ T8725] ? trace_irq_disable+0x3b/0x140 [ 406.038718][ T8725] ? clear_bhb_loop+0x40/0x90 [ 406.038740][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.038757][ T8725] RIP: 0033:0x7f632c8be017 [ 406.038775][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 406.038789][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 406.038809][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 406.038821][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 406.038832][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 406.038844][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 406.038856][ T8725] R13: 00007f632c952120 R14: 0000000000063010 R15: 00007ffd21c46e00 [ 406.038887][ T8725] [ 406.038946][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 406.038984][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 406.039007][ T8725] Tainted: [L]=SOFTLOCKUP [ 406.039013][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 406.039022][ T8725] Call Trace: [ 406.039029][ T8725] [ 406.039035][ T8725] dump_stack_lvl+0xe8/0x150 [ 406.039060][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 406.039082][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 406.039125][ T8725] __submit_merged_bio+0x256/0x6a0 [ 406.039151][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 406.039180][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 406.039221][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 406.039277][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 406.039345][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 406.039378][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 406.039398][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 406.039415][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 406.039434][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 406.039458][ T8725] ? reacquire_held_locks+0x104/0x190 [ 406.039475][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 406.039506][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 406.039533][ T8725] ? rt_spin_unlock+0x160/0x200 [ 406.039555][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 406.039583][ T8725] do_writepages+0x32e/0x550 [ 406.039604][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 406.039628][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 406.039661][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 406.039682][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 406.039698][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 406.039754][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 406.039785][ T8725] ? rt_spin_unlock+0x160/0x200 [ 406.039811][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 406.039847][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 406.039869][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 406.039928][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 406.040001][ T8725] kill_f2fs_super+0x314/0x730 [ 406.040029][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 406.040064][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 406.040095][ T8725] deactivate_locked_super+0xbc/0x130 [ 406.040118][ T8725] cleanup_mnt+0x437/0x4d0 [ 406.040139][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 406.040162][ T8725] task_work_run+0x1d9/0x270 [ 406.040182][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 406.040206][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.040225][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 406.040247][ T8725] ? rcu_is_watching+0x15/0xb0 [ 406.040266][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.040284][ T8725] do_syscall_64+0x33e/0xf80 [ 406.040302][ T8725] ? trace_irq_disable+0x3b/0x140 [ 406.040324][ T8725] ? clear_bhb_loop+0x40/0x90 [ 406.040346][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.040363][ T8725] RIP: 0033:0x7f632c8be017 [ 406.040378][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 406.040391][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 406.040408][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 406.040419][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 406.040430][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 406.040442][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 406.040453][ T8725] R13: 00007f632c952120 R14: 0000000000063010 R15: 00007ffd21c46e00 [ 406.040487][ T8725] [ 406.041730][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 406.445496][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1156'. [ 407.028209][T10137] bridge0: port 2(bridge_slave_1) entered disabled state [ 407.042237][T10137] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.183895][T10137] bond_slave_0: left promiscuous mode [ 407.183950][T10137] bond_slave_1: left promiscuous mode [ 407.470606][ T5872] usb 3-1: USB disconnect, device number 11 [ 407.961314][T10137] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 407.979197][T10137] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 408.320152][T10169] loop6: detected capacity change from 0 to 40427 [ 408.321232][T10169] F2FS-fs: heap/no_heap options were deprecated [ 408.354299][T10169] F2FS-fs (loop6): build fault injection rate: 19 [ 408.354321][T10169] F2FS-fs (loop6): build fault injection type: 0x3bfe8c [ 408.356258][T10169] F2FS-fs (loop6): invalid crc value [ 408.390213][T10169] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810 [ 408.478592][T10169] F2FS-fs (loop6): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410 [ 408.498385][T10169] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 408.629181][T10169] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 408.720471][ T8725] syz-executor: attempt to access beyond end of device [ 408.720471][ T8725] loop6: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 408.727144][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 408.727172][ T8725] Tainted: [L]=SOFTLOCKUP [ 408.727178][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 408.727189][ T8725] Call Trace: [ 408.727196][ T8725] [ 408.727203][ T8725] dump_stack_lvl+0xe8/0x150 [ 408.727231][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 408.727256][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 408.727300][ T8725] __submit_merged_bio+0x256/0x6a0 [ 408.727327][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 408.727354][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 408.727403][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 408.727460][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 408.727529][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 408.727564][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 408.727583][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 408.727603][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 408.727622][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 408.727646][ T8725] ? reacquire_held_locks+0x104/0x190 [ 408.727663][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 408.727693][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 408.727720][ T8725] ? rt_spin_unlock+0x160/0x200 [ 408.727743][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 408.727766][ T8725] do_writepages+0x32e/0x550 [ 408.727787][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 408.727813][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 408.727846][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 408.727870][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 408.727888][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 408.727945][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 408.727977][ T8725] ? rt_spin_unlock+0x160/0x200 [ 408.728003][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 408.728040][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 408.728062][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 408.728115][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 408.728193][ T8725] kill_f2fs_super+0x314/0x730 [ 408.728221][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 408.728256][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 408.728287][ T8725] deactivate_locked_super+0xbc/0x130 [ 408.728311][ T8725] cleanup_mnt+0x437/0x4d0 [ 408.728333][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 408.728355][ T8725] task_work_run+0x1d9/0x270 [ 408.728376][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 408.728406][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.728425][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 408.728448][ T8725] ? rcu_is_watching+0x15/0xb0 [ 408.728467][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.728485][ T8725] do_syscall_64+0x33e/0xf80 [ 408.728504][ T8725] ? trace_irq_disable+0x3b/0x140 [ 408.728526][ T8725] ? clear_bhb_loop+0x40/0x90 [ 408.728547][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.728564][ T8725] RIP: 0033:0x7f632c8be017 [ 408.728582][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 408.728597][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 408.728616][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 408.728628][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 408.728638][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 408.728650][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 408.728661][ T8725] R13: 00007f632c952120 R14: 0000000000063b9c R15: 00007ffd21c46e00 [ 408.728692][ T8725] [ 408.728719][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 408.730126][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 408.730153][ T8725] Tainted: [L]=SOFTLOCKUP [ 408.730160][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 408.730169][ T8725] Call Trace: [ 408.730177][ T8725] [ 408.730184][ T8725] dump_stack_lvl+0xe8/0x150 [ 408.730212][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 408.730237][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 408.730284][ T8725] __submit_merged_bio+0x256/0x6a0 [ 408.730311][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 408.730341][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 408.730393][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 408.730454][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 408.730535][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 408.730570][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 408.730591][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 408.730610][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 408.730629][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 408.730654][ T8725] ? reacquire_held_locks+0x104/0x190 [ 408.730672][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 408.730703][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 408.730732][ T8725] ? rt_spin_unlock+0x160/0x200 [ 408.730754][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 408.730778][ T8725] do_writepages+0x32e/0x550 [ 408.730798][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 408.730824][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 408.730859][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 408.730883][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 408.730901][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 408.730965][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 408.730998][ T8725] ? rt_spin_unlock+0x160/0x200 [ 408.731024][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 408.731064][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 408.731087][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 408.731144][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 408.731224][ T8725] kill_f2fs_super+0x314/0x730 [ 408.731253][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 408.731291][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 408.731324][ T8725] deactivate_locked_super+0xbc/0x130 [ 408.731347][ T8725] cleanup_mnt+0x437/0x4d0 [ 408.731369][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 408.731399][ T8725] task_work_run+0x1d9/0x270 [ 408.731420][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 408.731445][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.731464][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 408.731488][ T8725] ? rcu_is_watching+0x15/0xb0 [ 408.731508][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.731527][ T8725] do_syscall_64+0x33e/0xf80 [ 408.731544][ T8725] ? trace_irq_disable+0x3b/0x140 [ 408.731567][ T8725] ? clear_bhb_loop+0x40/0x90 [ 408.731589][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.731606][ T8725] RIP: 0033:0x7f632c8be017 [ 408.731623][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 408.731637][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 408.731655][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 408.731667][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 408.731678][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 408.731691][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 408.731702][ T8725] R13: 00007f632c952120 R14: 0000000000063b9c R15: 00007ffd21c46e00 [ 408.731735][ T8725] [ 408.731787][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 408.731936][ T8725] CPU: 1 UID: 0 PID: 8725 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 408.731960][ T8725] Tainted: [L]=SOFTLOCKUP [ 408.731966][ T8725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 408.731976][ T8725] Call Trace: [ 408.731982][ T8725] [ 408.731989][ T8725] dump_stack_lvl+0xe8/0x150 [ 408.732013][ T8725] f2fs_stop_checkpoint+0x383/0x540 [ 408.732037][ T8725] f2fs_write_end_io+0x1274/0x1740 [ 408.732079][ T8725] __submit_merged_bio+0x256/0x6a0 [ 408.732105][ T8725] __submit_merged_write_cond+0x3c9/0x4e0 [ 408.732133][ T8725] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 408.732174][ T8725] f2fs_write_data_pages+0x287e/0x34f0 [ 408.732230][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 408.732299][ T8725] ? do_raw_spin_lock+0x12b/0x2f0 [ 408.732333][ T8725] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 408.732353][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 408.732371][ T8725] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 408.732397][ T8725] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 408.732424][ T8725] ? reacquire_held_locks+0x104/0x190 [ 408.732442][ T8725] ? rt_spin_lock+0x1e0/0x400 [ 408.732472][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 408.732499][ T8725] ? rt_spin_unlock+0x160/0x200 [ 408.732520][ T8725] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 408.732544][ T8725] do_writepages+0x32e/0x550 [ 408.732564][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 408.732588][ T8725] ? rt_spin_unlock+0x14f/0x200 [ 408.732621][ T8725] filemap_fdatawrite+0x1ec/0x2f0 [ 408.732645][ T8725] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 408.732662][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 408.732720][ T8725] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 408.732752][ T8725] ? rt_spin_unlock+0x160/0x200 [ 408.732778][ T8725] f2fs_sync_dirty_inodes+0x30e/0x830 [ 408.732815][ T8725] f2fs_write_checkpoint+0x9df/0x26a0 [ 408.732838][ T8725] ? __lock_acquire+0x6b5/0x2d10 [ 408.732891][ T8725] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 408.732966][ T8725] kill_f2fs_super+0x314/0x730 [ 408.732993][ T8725] ? __pfx_kill_f2fs_super+0x10/0x10 [ 408.733028][ T8725] ? lockdep_hardirqs_on+0x7a/0x110 [ 408.733060][ T8725] deactivate_locked_super+0xbc/0x130 [ 408.733082][ T8725] cleanup_mnt+0x437/0x4d0 [ 408.733103][ T8725] ? _raw_spin_unlock_irq+0x23/0x50 [ 408.733126][ T8725] task_work_run+0x1d9/0x270 [ 408.733147][ T8725] ? __pfx_task_work_run+0x10/0x10 [ 408.733170][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.733189][ T8725] exit_to_user_mode_loop+0xed/0x480 [ 408.733212][ T8725] ? rcu_is_watching+0x15/0xb0 [ 408.733231][ T8725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.733249][ T8725] do_syscall_64+0x33e/0xf80 [ 408.733268][ T8725] ? trace_irq_disable+0x3b/0x140 [ 408.733289][ T8725] ? clear_bhb_loop+0x40/0x90 [ 408.733310][ T8725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.733327][ T8725] RIP: 0033:0x7f632c8be017 [ 408.733344][ T8725] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 408.733358][ T8725] RSP: 002b:00007ffd21c45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 408.733376][ T8725] RAX: 0000000000000000 RBX: 00007f632c952120 RCX: 00007f632c8be017 [ 408.733394][ T8725] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd21c45d30 [ 408.733405][ T8725] RBP: 00007ffd21c45d30 R08: 00007ffd21c46d30 R09: 00000000ffffffff [ 408.733417][ T8725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd21c46dc0 [ 408.733428][ T8725] R13: 00007f632c952120 R14: 0000000000063b9c R15: 00007ffd21c46e00 [ 408.733458][ T8725] [ 408.749674][ T8725] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 409.729931][T10140] bridge_slave_0 (unregistering): left allmulticast mode [ 409.729960][T10140] bridge_slave_0 (unregistering): left promiscuous mode [ 409.743072][T10140] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.898103][T10149] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 410.022792][ T3030] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.101211][ T3030] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.290968][T10182] bond9 (unregistering): Released all slaves [ 410.506480][ T5748] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 410.608069][ T3030] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.608266][ T3030] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 410.682599][ T5748] usb 6-1: Using ep0 maxpacket: 16 [ 410.687530][ T5748] usb 6-1: unable to get BOS descriptor or descriptor too short [ 410.688748][ T5748] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 410.688770][ T5748] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 410.698513][ T5748] usb 6-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 410.698543][ T5748] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 410.698562][ T5748] usb 6-1: Product: syz [ 410.698575][ T5748] usb 6-1: Manufacturer: syz [ 410.698589][ T5748] usb 6-1: SerialNumber: syz [ 411.026848][ T5748] usb 6-1: Audio class v2/v3 interfaces need an interface association [ 411.027308][ T5748] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 411.055940][ T5748] usb 6-1: 1:2 : does not exist [ 411.216461][T10212] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1177'. [ 412.162392][T10244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1185'. [ 412.538599][T10236] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.546693][T10236] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.150636][T10236] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 413.185643][T10236] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 413.280121][ T5748] usb 6-1: USB disconnect, device number 2 [ 414.529359][ T3040] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.530316][ T3040] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.665271][ T3040] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.670804][ T3040] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 415.042596][ T822] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 415.197940][ T822] usb 6-1: Using ep0 maxpacket: 16 [ 415.218127][ T822] usb 6-1: unable to get BOS descriptor or descriptor too short [ 415.222268][ T822] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 415.222291][ T822] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 415.235920][ T822] usb 6-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 415.235947][ T822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.235966][ T822] usb 6-1: Product: syz [ 415.235979][ T822] usb 6-1: Manufacturer: syz [ 415.235992][ T822] usb 6-1: SerialNumber: syz [ 415.500866][ T822] usb 6-1: Audio class v2/v3 interfaces need an interface association [ 415.501174][ T822] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 415.527046][ T822] usb 6-1: 1:2 : does not exist [ 415.642323][T10305] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1209'. [ 416.119819][T10299] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.126265][T10299] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.192053][T10299] bond_slave_0: left promiscuous mode [ 416.192167][T10299] bond_slave_1: left promiscuous mode [ 417.785111][T10299] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 417.812813][T10299] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 417.866718][ T5748] usb 6-1: USB disconnect, device number 3 [ 419.807379][T10312] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 419.817739][ T152] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.845719][ T152] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.845833][ T152] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.845869][ T152] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.103668][T10362] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 420.447923][ T5638] IPVS: starting estimator thread 0... [ 420.481488][T10380] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 420.481509][T10380] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10380, name: syz.5.1237 [ 420.481525][T10380] preempt_count: 1, expected: 0 [ 420.481534][T10380] RCU nest depth: 2, expected: 2 [ 420.481551][T10380] 4 locks held by syz.5.1237/10380: [ 420.481563][T10380] #0: ffffffff8dfc8200 (rcu_read_lock){....}-{1:3}, at: nf_hook+0xa1/0x3a0 [ 420.481616][T10380] #1: ffffffff8de5f380 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 420.482994][T10380] #2: ffffffff8dfc8200 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 420.483023][T10380] #3: ffff88803edae8f0 (&cp->lock#2){+...}-{3:3}, at: ip_vs_conn_new+0x14fe/0x25f0 [ 420.483052][T10380] Preemption disabled at: [ 420.483055][T10380] [] hlist_bl_lock+0x18/0x110 [ 420.483075][T10380] CPU: 0 UID: 0 PID: 10380 Comm: syz.5.1237 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 420.483090][T10380] Tainted: [L]=SOFTLOCKUP [ 420.483094][T10380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 420.483100][T10380] Call Trace: [ 420.483105][T10380] [ 420.483111][T10380] dump_stack_lvl+0xe8/0x150 [ 420.483127][T10380] __might_resched+0x329/0x480 [ 420.483142][T10380] ? hlist_bl_lock+0x18/0x110 [ 420.483154][T10380] rt_spin_lock+0xc2/0x400 [ 420.483171][T10380] ? __pfx_rt_spin_lock+0x10/0x10 [ 420.483185][T10380] ? rcu_is_watching+0x15/0xb0 [ 420.483195][T10380] ? __local_bh_disable_ip+0x3c/0x420 [ 420.483211][T10380] ip_vs_conn_new+0x14fe/0x25f0 [ 420.483233][T10380] ? ip_vs_conn_new+0x1491/0x25f0 [ 420.483267][T10380] ? __pfx_ip_vs_conn_new+0x10/0x10 [ 420.483290][T10380] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 420.483313][T10380] ? lockdep_hardirqs_on+0x7a/0x110 [ 420.483344][T10380] ? ip_vs_lblcr_schedule+0x2e3/0x1b50 [ 420.483379][T10380] ip_vs_schedule+0x10fd/0x1d70 [ 420.483413][T10380] ? __pfx_ip_vs_schedule+0x10/0x10 [ 420.483435][T10380] ? __ip_vs_svc_fwm_find+0x624/0x6b0 [ 420.483455][T10380] ? ip_vs_service_find+0xbc/0x3c0 [ 420.483474][T10380] udp_conn_schedule+0x391/0x7a0 [ 420.483491][T10380] ? __pfx_udp_conn_schedule+0x10/0x10 [ 420.483509][T10380] ip_vs_in_hook+0xc50/0x1bf0 [ 420.483528][T10380] ? __pfx_ip_vs_in_hook+0x10/0x10 [ 420.483551][T10380] ? nf_hook+0xa1/0x3a0 [ 420.483562][T10380] ? nf_hook+0xa1/0x3a0 [ 420.483573][T10380] ? __pfx_ip_vs_in_hook+0x10/0x10 [ 420.483587][T10380] nf_hook_slow+0xc5/0x220 [ 420.483600][T10380] ? __pfx_dst_output+0x10/0x10 [ 420.483610][T10380] nf_hook+0x22a/0x3a0 [ 420.483623][T10380] ? nf_hook+0xa1/0x3a0 [ 420.483632][T10380] ? __pfx_nf_hook+0x10/0x10 [ 420.483644][T10380] ? __pfx_dst_output+0x10/0x10 [ 420.483657][T10380] ? __ip_local_out+0x152/0x6a0 [ 420.483669][T10380] __ip_local_out+0x558/0x6a0 [ 420.483679][T10380] ? __pfx_dst_output+0x10/0x10 [ 420.483692][T10380] ip_local_out+0x2a/0x190 [ 420.483704][T10380] ip_send_skb+0x45/0xc0 [ 420.483716][T10380] udp_send_skb+0x7e4/0xf70 [ 420.483735][T10380] udp_sendmsg+0x1937/0x21a0 [ 420.483757][T10380] ? __pfx_udp_sendmsg+0x10/0x10 [ 420.483798][T10380] ? __lock_acquire+0x6b5/0x2d10 [ 420.483818][T10380] udpv6_sendmsg+0x996/0x25c0 [ 420.483837][T10380] ? __lock_acquire+0x6b5/0x2d10 [ 420.483854][T10380] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 420.483870][T10380] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 420.483882][T10380] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 420.483908][T10380] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 420.483924][T10380] ? inet_send_prepare+0x1b9/0x270 [ 420.483938][T10380] ? inet6_sendmsg+0xe4/0x120 [ 420.483949][T10380] ? __pfx_inet6_sendmsg+0x10/0x10 [ 420.483958][T10380] sock_sendmsg_nosec+0x90/0x150 [ 420.483973][T10380] ____sys_sendmsg+0x55c/0x870 [ 420.483987][T10380] ? __pfx_____sys_sendmsg+0x10/0x10 [ 420.484002][T10380] ? import_iovec+0x73/0xa0 [ 420.484018][T10380] ___sys_sendmsg+0x2a5/0x360 [ 420.484027][T10380] ? __lock_acquire+0x6b5/0x2d10 [ 420.484044][T10380] ? __pfx____sys_sendmsg+0x10/0x10 [ 420.484058][T10380] ? futex_wait+0x2a2/0x390 [ 420.484085][T10380] ? __fget_files+0x2a/0x420 [ 420.484096][T10380] ? __fget_files+0x3a6/0x420 [ 420.484112][T10380] __x64_sys_sendmsg+0x1c3/0x2a0 [ 420.484124][T10380] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 420.484140][T10380] ? rcu_is_watching+0x15/0xb0 [ 420.484156][T10380] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.484167][T10380] do_syscall_64+0x15f/0xf80 [ 420.484178][T10380] ? trace_irq_disable+0x3b/0x140 [ 420.484192][T10380] ? clear_bhb_loop+0x40/0x90 [ 420.484204][T10380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.484214][T10380] RIP: 0033:0x7f9020c3cdd9 [ 420.484231][T10380] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 420.484240][T10380] RSP: 002b:00007f901ee8e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 420.484252][T10380] RAX: ffffffffffffffda RBX: 00007f9020eb5fa0 RCX: 00007f9020c3cdd9 [ 420.484259][T10380] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 420.484266][T10380] RBP: 00007f9020cd2d69 R08: 0000000000000000 R09: 0000000000000000 [ 420.484273][T10380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.484280][T10380] R13: 00007f9020eb6038 R14: 00007f9020eb5fa0 R15: 00007ffebbecf9d8 [ 420.484298][T10380] [ 420.542800][T10381] IPVS: using max 11 ests per chain, 26400 per kthread [ 421.702567][T10356] Bluetooth: hci3: command 0x0406 tx timeout