last executing test programs: 12.520611332s ago: executing program 3 (id=3459): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="34000000100039042cbd70000000000000000000", @ANYRES32=r2, @ANYBLOB="059800000020000014001280080001006772650008000280040012"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x439, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gre={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x2}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e22}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x8}]}}}]}, 0x48}}, 0x0) 12.407491842s ago: executing program 3 (id=3462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r2], 0x20}}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x1}) 12.239490897s ago: executing program 3 (id=3465): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) sendmmsg$inet6(r0, &(0x7f00000009c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5) syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_setup(0x8, &(0x7f0000000600)=0x0) io_submit(r2, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}]) 12.067941672s ago: executing program 3 (id=3468): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x2125099, 0x0) umount2(&(0x7f0000000140)='./file0/file0\x00', 0x0) 11.947301093s ago: executing program 3 (id=3469): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) prlimit64(0x0, 0x9, &(0x7f0000000d80)={0x3, 0x1c88000000}, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) close(r1) execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000002200)={[&(0x7f0000000340)='^-%-\\x\\$})\'!&}*', &(0x7f0000000440)='syz0']}, 0x0) 11.152796033s ago: executing program 3 (id=3481): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) close(r0) 11.096767248s ago: executing program 32 (id=3481): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) close(r0) 1.24075317s ago: executing program 5 (id=3827): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x80000) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000010000107000000000000fd000a0000000600010013"], 0x1c}}, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 1.200173263s ago: executing program 5 (id=3829): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00') syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0) fallocate(r1, 0x0, 0x0, 0x1001f0) fallocate(r1, 0x3, 0x1000, 0x10000) pread64(r0, &(0x7f0000004180)=""/4096, 0x1000, 0x0) truncate(&(0x7f0000000000)='./bus\x00', 0x8) 1.107256572s ago: executing program 4 (id=3831): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x100c8a2, 0xc000, 0x8, 0x328}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x0, 0x0, &(0x7f0000000680)='syzkaller\x00', 0x8005, 0x0, 0x0, 0x0, 0x76, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x7, 0x4, 0x5, 0x5}, 0x14) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000280)}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=')'], 0x50) io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0) 1.106859822s ago: executing program 5 (id=3832): r0 = socket(0x2, 0x80805, 0x0) ioctl$sock_qrtr_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000100)={'syzkaller1\x00'}) r1 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x4c080) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000380)={0x0, @dev, @remote}, &(0x7f00000003c0)=0xc) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000980)={&(0x7f0000000040), 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x28, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8054}, 0x40090) 809.161338ms ago: executing program 1 (id=3833): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) setresuid(0x0, 0xee00, 0x0) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) 792.5256ms ago: executing program 1 (id=3834): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'veth1_virt_wifi\x00', 0x0}) r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000800)={r2, r3, 0x25, 0x4, @val=@tcx}, 0x1c) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r4, r5, 0x4, r2}, 0x10) 743.357044ms ago: executing program 0 (id=3835): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 643.080222ms ago: executing program 1 (id=3837): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000800)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f00000001c0)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2}, 0x0, 0x3, 0x0, {0x2}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, 0x94) io_uring_enter(r1, 0x47f8, 0x4000, 0x2, 0x0, 0x1f) 571.410849ms ago: executing program 4 (id=3840): io_setup(0xb, &(0x7f00000003c0)=0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0x9}, 0x18) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) r2 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) io_submit(r0, 0x2, &(0x7f0000000a80)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x8, 0x9, r2, &(0x7f0000000380)="ba419f8d4fda55572b", 0x9, 0x8, 0x0, 0x0, r2}]) 514.563154ms ago: executing program 2 (id=3842): sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x800) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000082"], 0x34}}, 0x800) r0 = syz_io_uring_setup(0xc58, &(0x7f0000000380)={0x0, 0x0, 0x10100, 0x40000002, 0x1af}, &(0x7f00000004c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 480.718117ms ago: executing program 0 (id=3843): unshare(0x6a040000) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(0x0, 0x20ec1000000, 0x18401) ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'veth1_virt_wifi\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xf1ff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) 480.204727ms ago: executing program 2 (id=3844): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000380)='sched_switch\x00', r1}, 0x18) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r3, 0x0, 0xffff, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000000)) sendmmsg$unix(r5, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000340)="18", 0x1}], 0x1, 0x0, 0x0, 0x24004080}}], 0x1, 0x4000) 475.569407ms ago: executing program 5 (id=3845): bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8000000008}, 0x18) unshare(0x22020400) r1 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) unshare(0x2060280) fsmount(r1, 0x0, 0x0) 457.064899ms ago: executing program 4 (id=3846): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000240)=r3}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) 442.42079ms ago: executing program 5 (id=3847): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe04}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 356.989728ms ago: executing program 5 (id=3848): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x528, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8, 0x1, @perf_config_ext={0x1f5a685a}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x1008, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = syz_io_uring_setup(0x354, &(0x7f0000000240)={0x0, 0x6862, 0x80, 0x3, 0x1c0}, &(0x7f00000002c0)=0x0, &(0x7f0000000000)=0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x10847ba, 0x95c, 0xe, 0x0, 0x2e) 309.859492ms ago: executing program 4 (id=3849): r0 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0x78) sendfile(r1, r2, &(0x7f00000001c0), 0x8) fcntl$addseals(r2, 0x409, 0x8) fallocate(r2, 0x3, 0x9100, 0x3) close_range(r0, r2, 0x0) 286.939934ms ago: executing program 2 (id=3850): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='kfree\x00', r2, 0x0, 0x3}, 0x18) connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0xfffe, @dev}, 0x2}}, 0x2e) r3 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r3, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2, 0x3}}, 0x26) close(r3) 246.364998ms ago: executing program 2 (id=3851): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0) splice(r0, 0x0, r4, 0x0, 0x82, 0x0) write$bt_hci(r4, 0x0, 0x7) write(r2, 0x0, 0x0) 217.64299ms ago: executing program 0 (id=3852): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x9c3d, 0xc000, 0xc, 0xa0002f4}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/79, 0xce80}], 0x300}, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x0, 0x3) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 216.66874ms ago: executing program 1 (id=3853): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=@delchain={0x684, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@TCA_CHAIN={0x8, 0xb, 0x8}, @filter_kind_options=@f_u32={{0x8}, {0x650, 0x2, [@TCA_U32_SEL={0x624, 0x5, {0xd, 0xfb, 0x5, 0x4, 0x4, 0x2, 0x0, 0x7, [{0x1000, 0x7, 0xa, 0x40}, {0x0, 0xdbc, 0x6, 0x380}, {0x0, 0x1, 0x6, 0x8}, {0x2, 0x3, 0xffffffff, 0xeb1}, {0x100, 0x1000, 0x200, 0xc332}, {0x4, 0x7, 0x1c, 0x80}, {0x7f, 0x80000001, 0x0, 0x1ff}, {0x0, 0xfffffff8, 0x9, 0x9}, {0x8, 0xfffffff9, 0x73dd2260, 0x1}, {0x0, 0x0, 0x0, 0x7}, {0x5, 0x3, 0x1, 0xc8}, {0x8, 0xfffffff7, 0x7, 0x7}, {0xae, 0x1000, 0xe0000000, 0x3}, {0x6, 0xd54, 0x7174}, {0xfffffffe, 0xfffffffe, 0x562, 0x3}, {0x2, 0xa94b, 0x1, 0x6}, {0x8001, 0x9, 0x702a, 0xe33}, {0x7, 0x8, 0x7, 0x3}, {0x8, 0xd, 0x9, 0x3d5}, {0x6, 0x527, 0xfffffffd}, {0xfffffffb, 0xf0d8, 0x2, 0xf}, {0xe5, 0x3, 0x5, 0x10}, {0x8, 0xffffffff, 0x9, 0x4}, {0xff, 0x7ff, 0x52b}, {0x0, 0x13, 0x0, 0x1}, {0x15a57b82, 0x3, 0x9, 0xb7b}, {0x7, 0x6, 0x2, 0x7f}, {0xfffff70c, 0x0, 0x5, 0x5}, {0x7f, 0x0, 0xfffffff8, 0x8}, {0x32da994, 0x7, 0x3, 0x3c7}, {0x6, 0x9, 0x1, 0x5}, {0x8, 0x5, 0xd, 0x9}, {0xff, 0xefad, 0x7, 0x8}, {0x0, 0x5, 0x77fb, 0x400}, {0x7f, 0x8, 0xeae, 0x3}, {0xafe, 0x2, 0x9, 0xab}, {0x80, 0x10000, 0x3d, 0x4}, {0x6, 0x9, 0x1, 0x1}, {0x5, 0x80, 0x5, 0x400}, {0x81, 0x6, 0x8, 0x7fff}, {0x4, 0x8, 0xe, 0x2}, {0x7, 0x2, 0x2, 0xc}, {0x9, 0x7, 0x1ff, 0x7fffffff}, {0x3, 0xe, 0x4, 0x9}, {0x2, 0xfffffffc, 0x2, 0x2}, {0x7, 0x1, 0x400, 0xb05}, {0xe, 0x5, 0x9, 0x5c5}, {0x1, 0x8, 0x8}, {0x10001, 0x7fff, 0x35f7, 0x3}, {0xb, 0x9, 0x4, 0xfffffff8}, {0x8, 0x5, 0x401, 0x7fffffff}, {0x9, 0x7ff, 0xbc8, 0x7}, {0xd6, 0x7d5, 0x7a27, 0x1}, {0x1, 0x1, 0x0, 0x20000000}, {0x7, 0xb, 0x5, 0x400}, {0xf, 0x7, 0x0, 0xd457}, {0x7, 0x8, 0x2, 0x9}, {0xa13, 0x0, 0x9, 0x200}, {0x7, 0xde4, 0x9, 0xa08}, {0x6, 0x1, 0x884d, 0xd8d}, {0x3ff, 0x38, 0x1b, 0x6}, {0x8, 0x9, 0x1, 0x80}, {0xc, 0x7f, 0x1d, 0x4}, {0x0, 0x7f, 0x87c, 0x5}, {0x5, 0x7, 0x1, 0x2}, {0x97, 0x9, 0xa, 0x6}, {0x9, 0x9, 0x19, 0x114}, {0x7, 0x1, 0x1, 0x2}, {0x40000, 0x80000001, 0x21}, {0x5, 0x8, 0x0, 0x214f0}, {0x5, 0xb2aa, 0xe0, 0xfffffffa}, {0x73, 0x7, 0x4, 0x4}, {0x7, 0x7f, 0x9, 0xffffffff}, {0x4, 0x3, 0x0, 0x5}, {0x7fff, 0x3, 0x7fc, 0xf7}, {0xfd, 0x8000, 0x7, 0x1}, {0x2c, 0x80, 0x887, 0x2}, {0x800, 0xa, 0x7}, {0x6, 0x3, 0x10001, 0xb7}, {0x3, 0x7, 0x301d, 0x4}, {0x7f8e27ba, 0x7, 0xe2, 0x7}, {0x4, 0x8, 0xd, 0x6d7}, {0xfffffff9, 0x7fff, 0x5, 0x4}, {0x6, 0xffffffff, 0x8000, 0x6}, {0xffffff36, 0x80000001, 0x9, 0xfffffffe}, {0x15b, 0x5, 0x40, 0x2}, {0x4, 0x2d7, 0x7, 0x1000}, {0x8, 0x1, 0x7fff, 0x3}, {0x3ff, 0x1, 0x7, 0x9}, {0x9a6, 0x7fff, 0xfd, 0xfffffffa}, {0x80, 0xfffffff9, 0x2, 0x4}, {0x7, 0x1, 0x8000}, {0x1, 0x6, 0x7, 0x2}, {0x3, 0x4, 0x4, 0x54f}, {0x90d, 0x4, 0x9, 0x1}, {0x81, 0x0, 0x2, 0x6}, {0x2, 0xb, 0x8, 0x5}]}}, @TCA_U32_DIVISOR={0x8, 0x4, 0xd1}, @TCA_U32_MARK={0x10, 0xa, {0xffa, 0x2}}, @TCA_U32_MARK={0x10, 0xa, {0x7, 0x9c55}}]}}]}, 0x684}, 0x1, 0x0, 0x0, 0x10}, 0x0) 165.491675ms ago: executing program 1 (id=3854): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r2, 0x0) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x518, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0xed}, 0x4c58, 0xd, 0x0, 0x0, 0x8, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x11, r3, 0xc266c000) 143.956006ms ago: executing program 0 (id=3855): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x7, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000000700000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r4, r3, 0x25, 0x0, @val=@tracing}, 0x40) syz_emit_ethernet(0x11dc0, &(0x7f0000002480)=ANY=[], 0x0) 89.780622ms ago: executing program 1 (id=3856): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0xa}, 0x18) r1 = socket(0x10, 0x2, 0x0) write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8) 89.592902ms ago: executing program 4 (id=3857): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_io_uring_setup(0xbc0, &(0x7f0000000280)={0x0, 0x5568, 0x10000, 0x2, 0x285}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}}) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x0, 0x0) pread64(r5, &(0x7f0000000180)=""/73, 0xfffffdef, 0x55) io_uring_enter(r2, 0x29ab, 0xd480, 0x0, 0x0, 0x0) 88.127541ms ago: executing program 0 (id=3866): bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008bd6000000000000000018110000", @ANYRES32=r0], 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) 52.449695ms ago: executing program 2 (id=3858): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff) r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, r1, 0xffffffffffffffff, r2, 0x0) 46.257866ms ago: executing program 4 (id=3859): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000f80)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]}) r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x70, 0x103301) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) close_range(r2, 0xffffffffffffffff, 0x0) 526.21µs ago: executing program 0 (id=3860): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000240)=r3}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) 0s ago: executing program 2 (id=3861): r0 = epoll_create1(0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000600)='kfree\x00', r1}, 0x18) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) write$binfmt_script(r2, &(0x7f0000000600)={'#! ', './file0', [{0x20, 'memory5yvents\x00'}]}, 0x1a) perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x3, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x20000000001, 0xffffffffffffffff, 0x2) close_range(r0, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): ot/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd27c9f749 code=0x7ffc0000 [ 80.633598][ T6344] loop4: detected capacity change from 0 to 1024 [ 80.686409][ T6344] EXT4-fs: Ignoring removed nobh option [ 80.692055][ T6344] EXT4-fs: inline encryption not supported [ 80.727158][ T6344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.773016][ T6344] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1162: Allocating blocks 385-513 which overlap fs metadata [ 80.835268][ T6344] EXT4-fs (loop4): pa ffff8881098682a0: logic 16, phys. 129, len 24 [ 80.843574][ T6344] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 80.897547][ T6344] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 80.909970][ T6344] EXT4-fs (loop4): This should not happen!! Data will be lost [ 80.909970][ T6344] [ 80.919725][ T6344] EXT4-fs (loop4): Total free blocks count 0 [ 80.925766][ T6344] EXT4-fs (loop4): Free/Dirty block details [ 80.931791][ T6344] EXT4-fs (loop4): free_blocks=128 [ 80.937089][ T6344] EXT4-fs (loop4): dirty_blocks=0 [ 80.942293][ T6344] EXT4-fs (loop4): Block reservation details [ 80.948406][ T6344] EXT4-fs (loop4): i_reserved_data_blocks=0 [ 81.764027][ T6400] loop2: detected capacity change from 0 to 764 [ 81.772000][ T6400] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 81.787556][ T6400] Symlink component flag not implemented [ 81.803999][ T6400] Symlink component flag not implemented (7) [ 82.155512][ T6429] tipc: New replicast peer: 255.255.255.255 [ 82.161754][ T6429] tipc: Enabled bearer , priority 10 [ 82.178842][ T6429] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1197'. [ 82.187893][ T6429] tipc: Disabling bearer [ 82.266114][ T6436] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1201'. [ 82.461293][ T6445] loop0: detected capacity change from 0 to 512 [ 82.498787][ T6445] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.554854][ T6445] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.716621][ T6445] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.854825][ T6452] loop2: detected capacity change from 0 to 128 [ 83.033460][ T6452] bio_check_eod: 98 callbacks suppressed [ 83.033480][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.033480][ T6452] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 83.053401][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.053401][ T6452] loop2: rw=2049, sector=185, nr_sectors = 16 limit=128 [ 83.089900][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.089900][ T6452] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 83.116687][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.116687][ T6452] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 83.155690][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.155690][ T6452] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 83.198523][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.198523][ T6452] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 83.247933][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.247933][ T6452] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 83.278839][ T6475] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1215'. [ 83.325804][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.325804][ T6452] loop2: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 83.403882][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.403882][ T6452] loop2: rw=2049, sector=305, nr_sectors = 8 limit=128 [ 83.458358][ T6487] netlink: 'syz.4.1220': attribute type 1 has an invalid length. [ 83.486168][ T6452] syz.2.1205: attempt to access beyond end of device [ 83.486168][ T6452] loop2: rw=2049, sector=321, nr_sectors = 8 limit=128 [ 83.589984][ T6489] bond1: (slave geneve2): making interface the new active one [ 83.615878][ T6489] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 83.624638][ T5201] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0 [ 83.633743][ T5201] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0 [ 83.651619][ T5201] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0 [ 83.691404][ T5201] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0 [ 83.733901][ T6493] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1223'. [ 83.776368][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1222'. [ 83.811465][ T6498] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1222'. [ 84.236858][ T6539] tipc: Started in network mode [ 84.241795][ T6539] tipc: Node identity ac14140f, cluster identity 4711 [ 84.316090][ T6539] tipc: New replicast peer: 255.255.255.255 [ 84.322444][ T6539] tipc: Enabled bearer , priority 10 [ 84.328836][ T6544] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1242'. [ 84.337852][ T6544] tipc: Disabling bearer [ 85.178050][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 85.178140][ T29] audit: type=1326 audit(1767659734.765:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.243569][ T6579] loop1: detected capacity change from 0 to 128 [ 85.368606][ T29] audit: type=1326 audit(1767659734.795:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.392141][ T29] audit: type=1326 audit(1767659734.795:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.415574][ T29] audit: type=1326 audit(1767659734.795:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.439028][ T29] audit: type=1326 audit(1767659734.795:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.462543][ T29] audit: type=1326 audit(1767659734.795:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.485992][ T29] audit: type=1326 audit(1767659734.795:2923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.509459][ T29] audit: type=1326 audit(1767659734.795:2924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.532885][ T29] audit: type=1326 audit(1767659734.795:2925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.556434][ T29] audit: type=1326 audit(1767659734.795:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6573 comm="syz.2.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 85.641592][ T6588] loop4: detected capacity change from 0 to 1024 [ 85.662134][ T6588] EXT4-fs: Ignoring removed nomblk_io_submit option [ 85.673693][ T6590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1263'. [ 85.691463][ T6590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1263'. [ 85.702348][ T4221] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.714653][ T4221] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.762878][ T4221] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 85.775061][ T6588] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.796672][ T4221] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 86.479077][ T6588] syz.4.1250 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 86.493687][ T6588] CPU: 1 UID: 0 PID: 6588 Comm: syz.4.1250 Not tainted syzkaller #0 PREEMPT(voluntary) [ 86.493715][ T6588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 86.493732][ T6588] Call Trace: [ 86.493740][ T6588] [ 86.493781][ T6588] __dump_stack+0x1d/0x30 [ 86.493815][ T6588] dump_stack_lvl+0x95/0xd0 [ 86.493844][ T6588] dump_stack+0x15/0x1b [ 86.493936][ T6588] dump_header+0x81/0x240 [ 86.493964][ T6588] oom_kill_process+0x295/0x350 [ 86.493994][ T6588] out_of_memory+0x97b/0xb80 [ 86.494036][ T6588] try_charge_memcg+0x610/0xa10 [ 86.494099][ T6588] obj_cgroup_charge_pages+0xa6/0x150 [ 86.494156][ T6588] __memcg_kmem_charge_page+0x9f/0x170 [ 86.494219][ T6588] __alloc_frozen_pages_noprof+0x18f/0x360 [ 86.494252][ T6588] alloc_pages_mpol+0xb3/0x260 [ 86.494304][ T6588] alloc_pages_noprof+0x90/0x130 [ 86.494339][ T6588] __vmalloc_node_range_noprof+0xa7b/0x1310 [ 86.494421][ T6588] __kvmalloc_node_noprof+0x492/0x6b0 [ 86.494455][ T6588] ? ip_set_alloc+0x24/0x30 [ 86.494511][ T6588] ? ip_set_alloc+0x24/0x30 [ 86.494564][ T6588] ip_set_alloc+0x24/0x30 [ 86.494667][ T6588] hash_netiface_create+0x282/0x740 [ 86.494711][ T6588] ? __pfx_hash_netiface_create+0x10/0x10 [ 86.494751][ T6588] ip_set_create+0x3cc/0x970 [ 86.494808][ T6588] ? __mutex_lock_slowpath+0xa/0x10 [ 86.494876][ T6588] nfnetlink_rcv_msg+0x4c6/0x590 [ 86.494936][ T6588] netlink_rcv_skb+0x123/0x220 [ 86.494974][ T6588] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 86.495072][ T6588] nfnetlink_rcv+0x167/0x16c0 [ 86.495105][ T6588] ? kmem_cache_free+0xe3/0x3a0 [ 86.495161][ T6588] ? __kfree_skb+0x109/0x150 [ 86.495188][ T6588] ? nlmon_xmit+0x4f/0x60 [ 86.495212][ T6588] ? consume_skb+0x49/0x150 [ 86.495243][ T6588] ? nlmon_xmit+0x4f/0x60 [ 86.495267][ T6588] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 86.495308][ T6588] ? __dev_queue_xmit+0x13a6/0x1ee0 [ 86.495412][ T6588] ? __dev_queue_xmit+0x148/0x1ee0 [ 86.495443][ T6588] ? rb_insert_color+0x277/0x2b0 [ 86.495482][ T6588] ? ref_tracker_free+0x37d/0x3e0 [ 86.495532][ T6588] ? __netlink_deliver_tap+0x4dc/0x500 [ 86.495600][ T6588] netlink_unicast+0x5c0/0x690 [ 86.495630][ T6588] netlink_sendmsg+0x58b/0x6b0 [ 86.495664][ T6588] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.495757][ T6588] __sock_sendmsg+0x145/0x180 [ 86.495776][ T6588] ____sys_sendmsg+0x31e/0x4a0 [ 86.495815][ T6588] ___sys_sendmsg+0x17b/0x1d0 [ 86.495946][ T6588] __x64_sys_sendmsg+0xd4/0x160 [ 86.496020][ T6588] x64_sys_call+0x17ba/0x3000 [ 86.496060][ T6588] do_syscall_64+0xca/0x2b0 [ 86.496157][ T6588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.496183][ T6588] RIP: 0033:0x7fcd27c9f749 [ 86.496199][ T6588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.496278][ T6588] RSP: 002b:00007fcd26707038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 86.496326][ T6588] RAX: ffffffffffffffda RBX: 00007fcd27ef5fa0 RCX: 00007fcd27c9f749 [ 86.496341][ T6588] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004 [ 86.496399][ T6588] RBP: 00007fcd27d23f91 R08: 0000000000000000 R09: 0000000000000000 [ 86.496479][ T6588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.496495][ T6588] R13: 00007fcd27ef6038 R14: 00007fcd27ef5fa0 R15: 00007ffff09263a8 [ 86.496556][ T6588] [ 86.823505][ T6588] memory: usage 307200kB, limit 307200kB, failcnt 260 [ 86.830776][ T6588] memory+swap: usage 308260kB, limit 9007199254740988kB, failcnt 0 [ 86.838758][ T6588] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0 [ 86.846121][ T6588] Memory cgroup stats for /syz4: [ 86.846272][ T6588] cache 32768 [ 86.854535][ T6588] rss 0 [ 86.857342][ T6588] shmem 0 [ 86.860386][ T6588] mapped_file 0 [ 86.863987][ T6588] dirty 0 [ 86.866974][ T6588] writeback 0 [ 86.870302][ T6588] workingset_refault_anon 805 [ 86.874979][ T6588] workingset_refault_file 375 [ 86.879739][ T6588] swap 1085440 [ 86.883147][ T6588] swapcached 0 [ 86.886637][ T6588] pgpgin 69570 [ 86.890039][ T6588] pgpgout 69561 [ 86.893563][ T6588] pgfault 71064 [ 86.897071][ T6588] pgmajfault 114 [ 86.900630][ T6588] inactive_anon 0 [ 86.904259][ T6588] active_anon 0 [ 86.907818][ T6588] inactive_file 32768 [ 86.911840][ T6588] active_file 4096 [ 86.915551][ T6588] unevictable 0 [ 86.919053][ T6588] hierarchical_memory_limit 314572800 [ 86.924525][ T6588] hierarchical_memsw_limit 9223372036854771712 [ 86.930724][ T6588] total_cache 32768 [ 86.934547][ T6588] total_rss 0 [ 86.938080][ T6588] total_shmem 0 [ 86.941591][ T6588] total_mapped_file 0 [ 86.945574][ T6588] total_dirty 0 [ 86.949075][ T6588] total_writeback 0 [ 86.952898][ T6588] total_workingset_refault_anon 805 [ 86.958143][ T6588] total_workingset_refault_file 375 [ 86.963376][ T6588] total_swap 1085440 [ 86.967330][ T6588] total_swapcached 0 [ 86.971307][ T6588] total_pgpgin 69570 [ 86.975245][ T6588] total_pgpgout 69561 [ 86.979270][ T6588] total_pgfault 71064 [ 86.983268][ T6588] total_pgmajfault 114 [ 86.987382][ T6588] total_inactive_anon 0 [ 86.991547][ T6588] total_active_anon 0 [ 86.995522][ T6588] total_inactive_file 32768 [ 87.000339][ T6588] total_active_file 4096 [ 87.004626][ T6588] total_unevictable 0 [ 87.008663][ T6588] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1250,pid=6587,uid=0 [ 87.023395][ T6588] Memory cgroup out of memory: Killed process 6587 (syz.4.1250) total-vm:96016kB, anon-rss:1264kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 87.113587][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.148106][ T6624] loop2: detected capacity change from 0 to 2048 [ 87.175740][ T6624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.196294][ T6631] loop4: detected capacity change from 0 to 128 [ 87.381764][ T6621] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 87.404400][ T6621] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 14 with error 28 [ 87.417010][ T6621] EXT4-fs (loop2): This should not happen!! Data will be lost [ 87.417010][ T6621] [ 87.426708][ T6621] EXT4-fs (loop2): Total free blocks count 0 [ 87.432795][ T6621] EXT4-fs (loop2): Free/Dirty block details [ 87.438752][ T6621] EXT4-fs (loop2): free_blocks=2415919504 [ 87.444495][ T6621] EXT4-fs (loop2): dirty_blocks=16 [ 87.449712][ T6621] EXT4-fs (loop2): Block reservation details [ 87.455718][ T6621] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 87.502179][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.024163][ T6713] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1308'. [ 88.048614][ T6715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1310'. [ 88.074281][ T6715] bridge_slave_1: left allmulticast mode [ 88.080048][ T6715] bridge_slave_1: left promiscuous mode [ 88.085864][ T6715] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.142836][ T6715] bridge_slave_0: left promiscuous mode [ 88.148638][ T6715] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.174097][ T6724] loop4: detected capacity change from 0 to 1024 [ 88.196231][ T6724] EXT4-fs: Ignoring removed orlov option [ 88.221337][ T6724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.603338][ T6757] netlink: 'syz.3.1327': attribute type 1 has an invalid length. [ 88.662275][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.248803][ T6787] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 89.357662][ T6792] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1344'. [ 89.572820][ T6809] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 89.657979][ T6812] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1352'. [ 89.742909][ T6815] sch_tbf: peakrate 7 is lower than or equals to rate 19 ! [ 89.975787][ T6827] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1359'. [ 90.123431][ T6839] IPv6: NLM_F_CREATE should be specified when creating new route [ 90.158574][ T6842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6842 comm=syz.1.1365 [ 90.216157][ T6846] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1366'. [ 90.269298][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 90.269359][ T29] audit: type=1400 audit(1767659739.855:2978): avc: denied { getopt } for pid=6851 comm="syz.1.1370" lport=60009 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 90.311073][ T6854] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 90.328776][ T6854] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 90.365786][ T29] audit: type=1400 audit(1767659739.935:2979): avc: denied { write } for pid=6855 comm="syz.1.1372" laddr=fe80::10 lport=45890 faddr=fe80::3c fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 90.437458][ T29] audit: type=1326 audit(1767659740.015:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.2.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 90.460987][ T29] audit: type=1326 audit(1767659740.015:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.2.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 90.484468][ T29] audit: type=1326 audit(1767659740.015:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.2.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 90.507966][ T29] audit: type=1326 audit(1767659740.015:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.2.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 90.531606][ T29] audit: type=1326 audit(1767659740.015:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.2.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 90.557634][ T6864] netlink: 'syz.1.1376': attribute type 7 has an invalid length. [ 90.578004][ T29] audit: type=1326 audit(1767659740.165:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd27c9f749 code=0x7ffc0000 [ 90.604154][ T29] audit: type=1326 audit(1767659740.185:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd27c9f749 code=0x7ffc0000 [ 90.627864][ T29] audit: type=1326 audit(1767659740.185:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd27c9f749 code=0x7ffc0000 [ 90.669742][ T6872] ip6t_srh: unknown srh match flags 4000 [ 90.718699][ T6880] loop1: detected capacity change from 0 to 512 [ 90.748552][ T6886] loop3: detected capacity change from 0 to 128 [ 90.761143][ T6880] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 90.799822][ T6880] EXT4-fs (loop1): mount failed [ 90.868503][ T6903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.877438][ T6900] vhci_hcd vhci_hcd.4: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 90.916181][ T6903] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.974922][ T6886] bio_check_eod: 314 callbacks suppressed [ 90.974941][ T6886] syz.3.1387: attempt to access beyond end of device [ 90.974941][ T6886] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 91.002230][ T6903] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1394'. [ 91.032914][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.032914][ T6886] loop3: rw=2049, sector=185, nr_sectors = 16 limit=128 [ 91.068430][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.068430][ T6886] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 91.083862][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.083862][ T6886] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 91.097834][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.097834][ T6886] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 91.111527][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.111527][ T6886] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 91.126567][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.126567][ T6886] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 91.140355][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.140355][ T6886] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 91.154317][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.154317][ T6886] loop3: rw=2049, sector=305, nr_sectors = 8 limit=128 [ 91.172300][ T6886] syz.3.1387: attempt to access beyond end of device [ 91.172300][ T6886] loop3: rw=2049, sector=321, nr_sectors = 8 limit=128 [ 91.362378][ T6917] loop4: detected capacity change from 0 to 8192 [ 91.487328][ T6917] loop4: p1 p2[DM] p4 [ 91.491531][ T6917] loop4: p1 size 196608 extends beyond EOD, truncated [ 91.510913][ T6917] loop4: p2 start 4292936063 is beyond EOD, truncated [ 91.517806][ T6917] loop4: p4 size 50331648 extends beyond EOD, truncated [ 91.610808][ T6934] loop3: detected capacity change from 0 to 512 [ 91.627893][ T6934] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.640841][ T6934] ext4 filesystem being mounted at /291/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.675144][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.685762][ T6940] loop4: detected capacity change from 0 to 1024 [ 91.692566][ T6940] EXT4-fs: inline encryption not supported [ 91.698866][ T6940] EXT4-fs: Ignoring removed bh option [ 91.717990][ T6940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.768543][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.793760][ T6955] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6955 comm=syz.4.1415 [ 91.820410][ T6953] vhci_hcd vhci_hcd.2: invalid port number 96 [ 91.826575][ T6953] vhci_hcd vhci_hcd.2: default hub control req: 2000 vfffc i0060 l7 [ 92.058988][ T6978] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 92.512552][ T7010] capability: warning: `syz.3.1441' uses 32-bit capabilities (legacy support in use) [ 92.630779][ T7027] bridge0: entered promiscuous mode [ 92.638146][ T7027] bridge0: port 4(macsec1) entered blocking state [ 92.644664][ T7027] bridge0: port 4(macsec1) entered disabled state [ 92.652364][ T7027] macsec1: entered allmulticast mode [ 92.657820][ T7027] bridge0: entered allmulticast mode [ 92.663948][ T7027] macsec1: left allmulticast mode [ 92.669063][ T7027] bridge0: left allmulticast mode [ 92.677122][ T7027] bridge0: left promiscuous mode [ 92.712957][ T7037] loop1: detected capacity change from 0 to 512 [ 92.720053][ T7038] loop3: detected capacity change from 0 to 1024 [ 92.727179][ T7038] EXT4-fs: Ignoring removed oldalloc option [ 92.731395][ T7037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.741596][ T7038] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 92.746522][ T7037] ext4 filesystem being mounted at /298/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.778683][ T7038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.793681][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.895576][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.022630][ T7068] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1467'. [ 93.127756][ T7080] dvmrp1: entered allmulticast mode [ 93.143678][ T7080] dvmrp1: left allmulticast mode [ 93.169114][ T7084] loop4: detected capacity change from 0 to 512 [ 93.175982][ T7084] EXT4-fs: inline encryption not supported [ 93.248078][ T7084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.429236][ T7094] vhci_hcd vhci_hcd.2: invalid port number 96 [ 93.435445][ T7094] vhci_hcd vhci_hcd.2: default hub control req: 2000 vfffc i0060 l7 [ 93.470539][ T7098] SELinux: failed to load policy [ 93.777017][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 93.787255][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 93.815254][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 93.827286][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 93.916736][ T3401] kernel write not supported for file /vcs (pid: 3401 comm: kworker/1:3) [ 93.987690][ T7145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.995149][ T7145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 94.011733][ T7145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 94.019253][ T7145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 94.050797][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.064947][ T7143] loop2: detected capacity change from 0 to 8192 [ 94.084829][ T7149] loop1: detected capacity change from 0 to 1024 [ 94.092980][ T7149] EXT4-fs: Ignoring removed orlov option [ 94.108404][ T7149] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.109531][ T7143] loop2: p1 p2[DM] p4 [ 94.126200][ T7143] loop2: p1 size 196608 extends beyond EOD, truncated [ 94.141397][ T7143] loop2: p2 start 4292936063 is beyond EOD, truncated [ 94.148389][ T7143] loop2: p4 size 50331648 extends beyond EOD, truncated [ 94.398298][ T7174] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 94.420347][ T7176] __nla_validate_parse: 2 callbacks suppressed [ 94.420362][ T7176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1515'. [ 94.444159][ T7174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.458519][ T7174] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.537726][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.555899][ T7185] IPv6: NLM_F_CREATE should be specified when creating new route [ 94.566278][ T7186] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7186 comm=syz.0.1518 [ 94.578787][ T7186] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7186 comm=syz.0.1518 [ 94.600861][ T7188] EXT4-fs: Ignoring removed oldalloc option [ 94.641700][ T7188] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 94.686465][ T7194] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1524'. [ 94.697409][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.706990][ T7194] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 94.716589][ T7188] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.782141][ T7200] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1526'. [ 94.798117][ T7200] IPVS: Error connecting to the multicast addr [ 94.832598][ T7204] ipip0: entered promiscuous mode [ 94.839992][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.942601][ T7225] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7225 comm=syz.2.1537 [ 95.024371][ T7237] EXT4-fs: Ignoring removed oldalloc option [ 95.043958][ T7237] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 95.058179][ T7237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.094581][ T7243] ipip0: entered promiscuous mode [ 95.192249][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.362842][ T29] kauditd_printk_skb: 337 callbacks suppressed [ 95.362858][ T29] audit: type=1400 audit(1767659744.945:3324): avc: denied { ioctl } for pid=7256 comm="syz.1.1552" path="socket:[16971]" dev="sockfs" ino=16971 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 95.419641][ T29] audit: type=1400 audit(1767659744.985:3325): avc: denied { ioctl } for pid=7256 comm="syz.1.1552" path="socket:[16973]" dev="sockfs" ino=16973 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1 [ 95.477100][ T29] audit: type=1400 audit(1767659745.055:3326): avc: denied { read } for pid=7260 comm="syz.4.1554" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 95.500218][ T29] audit: type=1400 audit(1767659745.055:3327): avc: denied { open } for pid=7260 comm="syz.4.1554" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 95.541013][ T29] audit: type=1400 audit(1767659745.065:3328): avc: denied { ioctl } for pid=7260 comm="syz.4.1554" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d0e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 95.705987][ T29] audit: type=1400 audit(1767659745.275:3329): avc: denied { setopt } for pid=7271 comm="syz.1.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 96.258842][ T7320] set_capacity_and_notify: 3 callbacks suppressed [ 96.258863][ T7320] loop3: detected capacity change from 0 to 1764 [ 96.285814][ T7322] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1580'. [ 96.438559][ T7331] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 96.561802][ T29] audit: type=1326 audit(1767659746.145:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 96.636639][ T29] audit: type=1326 audit(1767659746.175:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 96.660175][ T29] audit: type=1326 audit(1767659746.175:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 96.683625][ T29] audit: type=1326 audit(1767659746.175:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.3.1590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 96.727096][ T7351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.735844][ T7351] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 96.757853][ T7347] loop4: detected capacity change from 0 to 1024 [ 96.772214][ T7345] loop3: detected capacity change from 0 to 4096 [ 96.779187][ T7347] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.786455][ T7345] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.795462][ T7345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.819263][ T7347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.906625][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.152599][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.256321][ T7380] loop4: detected capacity change from 0 to 128 [ 97.268437][ T7380] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 97.329017][ T7380] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.425601][ T7390] ref_ctr_offset mismatch. inode: 0x633 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x18 [ 97.496919][ T7397] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1611'. [ 97.584495][ T3325] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 98.168482][ T7478] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1644'. [ 98.640022][ T7532] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1667'. [ 98.858877][ T7566] syzkaller0: refused to change device tx_queue_len [ 98.946720][ T7583] loop1: detected capacity change from 0 to 1024 [ 98.954977][ T7583] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a041c01c, mo2=0002] [ 98.963399][ T7583] System zones: 0-1, 3-36 [ 98.969635][ T7583] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.008257][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.042418][ T7595] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 99.137281][ T7617] sd 0:0:1:0: device reset [ 99.241086][ T7638] SELinux: Context system_u:object_r:ppp_device_t:s0 is not valid (left unmapped). [ 99.287851][ T7645] loop1: detected capacity change from 0 to 1024 [ 99.300605][ T7645] EXT4-fs: Ignoring removed orlov option [ 99.314843][ T7645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.362788][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.862302][ T7735] macvtap0: refused to change device tx_queue_len [ 99.980077][ T7748] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1716'. [ 100.156719][ T7767] vlan2: entered allmulticast mode [ 100.438218][ T29] kauditd_printk_skb: 115 callbacks suppressed [ 100.438249][ T29] audit: type=1326 audit(1767659750.025:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.474281][ T29] audit: type=1326 audit(1767659750.055:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.497956][ T29] audit: type=1326 audit(1767659750.055:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.521483][ T29] audit: type=1326 audit(1767659750.055:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.545070][ T29] audit: type=1326 audit(1767659750.055:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.568527][ T29] audit: type=1326 audit(1767659750.055:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.592006][ T29] audit: type=1326 audit(1767659750.055:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.615760][ T29] audit: type=1326 audit(1767659750.055:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.639314][ T29] audit: type=1326 audit(1767659750.055:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7787 comm="syz.0.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 100.663236][ T7791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=7791 comm=syz.3.1734 [ 100.775046][ T7806] ip6erspan0: entered promiscuous mode [ 100.825256][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1753'. [ 100.828785][ T7813] sd 0:0:1:0: device reset [ 100.834312][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1753'. [ 100.859165][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1753'. [ 100.868151][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1753'. [ 100.921307][ T7824] netlink: 'syz.0.1749': attribute type 2 has an invalid length. [ 100.929201][ T7824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1749'. [ 100.953609][ T7824] netlink: 'syz.0.1749': attribute type 2 has an invalid length. [ 100.961676][ T7824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1749'. [ 100.977553][ T29] audit: type=1326 audit(1767659750.565:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7825 comm="syz.1.1750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 101.125650][ T7838] loop4: detected capacity change from 0 to 1024 [ 101.154804][ T7838] EXT4-fs: Ignoring removed bh option [ 101.215250][ T7838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.249499][ T7838] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1756: Allocating blocks 385-513 which overlap fs metadata [ 101.310032][ T7838] EXT4-fs (loop4): pa ffff8881098682a0: logic 16, phys. 129, len 24 [ 101.318163][ T7838] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 101.349289][ T7861] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1765'. [ 101.359310][ T7861] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1765'. [ 101.381788][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.498257][ T7864] SELinux: failed to load policy [ 101.508983][ T7875] loop2: detected capacity change from 0 to 1024 [ 101.516060][ T7875] EXT4-fs: inline encryption not supported [ 101.550220][ T7875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.604432][ T7875] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.1772: Allocating blocks 385-513 which overlap fs metadata [ 101.664443][ T7886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7886 comm=syz.1.1775 [ 101.696270][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.285632][ T7916] loop4: detected capacity change from 0 to 128 [ 102.316433][ T7916] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 102.346431][ T7916] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 102.389679][ T5197] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 102.430431][ T7920] loop4: detected capacity change from 0 to 128 [ 102.488021][ T7920] ext4 filesystem being mounted at /360/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.705633][ T7941] netlink: 332 bytes leftover after parsing attributes in process `syz.3.1799'. [ 103.021783][ T7969] SELinux: ebitmap: truncated map [ 103.062162][ T7969] SELinux: failed to load policy [ 103.221984][ T5192] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.233944][ T5192] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.266063][ T5192] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.274900][ T5192] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.618378][ T8025] rdma_rxe: rxe_newlink: failed to add syz_tun [ 103.806348][ T8032] syz.0.1839: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 103.821004][ T8032] CPU: 0 UID: 0 PID: 8032 Comm: syz.0.1839 Not tainted syzkaller #0 PREEMPT(voluntary) [ 103.821031][ T8032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 103.821044][ T8032] Call Trace: [ 103.821052][ T8032] [ 103.821082][ T8032] __dump_stack+0x1d/0x30 [ 103.821108][ T8032] dump_stack_lvl+0x95/0xd0 [ 103.821197][ T8032] dump_stack+0x15/0x1b [ 103.821270][ T8032] warn_alloc+0x12b/0x1a0 [ 103.821299][ T8032] ? __schedule+0x85f/0xcd0 [ 103.821331][ T8032] ? __rcu_read_unlock+0x4f/0x70 [ 103.821358][ T8032] __vmalloc_node_range_noprof+0xa0/0x1310 [ 103.821466][ T8032] ? __futex_wait+0x1fa/0x260 [ 103.821490][ T8032] ? __pfx_futex_wake_mark+0x10/0x10 [ 103.821551][ T8032] ? __rcu_read_unlock+0x4f/0x70 [ 103.821576][ T8032] ? avc_has_perm_noaudit+0xab/0x130 [ 103.821619][ T8032] ? should_fail_ex+0x30/0x280 [ 103.821657][ T8032] ? should_failslab+0x8c/0xb0 [ 103.821698][ T8032] vmalloc_user_noprof+0x7d/0xb0 [ 103.821729][ T8032] ? xskq_create+0x80/0xe0 [ 103.821840][ T8032] xskq_create+0x80/0xe0 [ 103.821923][ T8032] xsk_init_queue+0x95/0xf0 [ 103.821972][ T8032] xsk_setsockopt+0x3f5/0x640 [ 103.822010][ T8032] ? __pfx_xsk_setsockopt+0x10/0x10 [ 103.822042][ T8032] __sys_setsockopt+0x184/0x200 [ 103.822091][ T8032] __x64_sys_setsockopt+0x64/0x80 [ 103.822119][ T8032] x64_sys_call+0x21d5/0x3000 [ 103.822147][ T8032] do_syscall_64+0xca/0x2b0 [ 103.822197][ T8032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.822264][ T8032] RIP: 0033:0x7f7cb2b9f749 [ 103.822281][ T8032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.822302][ T8032] RSP: 002b:00007f7cb1607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 103.822324][ T8032] RAX: ffffffffffffffda RBX: 00007f7cb2df5fa0 RCX: 00007f7cb2b9f749 [ 103.822412][ T8032] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004 [ 103.822426][ T8032] RBP: 00007f7cb2c23f91 R08: 0000000000000004 R09: 0000000000000000 [ 103.822440][ T8032] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.822453][ T8032] R13: 00007f7cb2df6038 R14: 00007f7cb2df5fa0 R15: 00007ffc3bc99928 [ 103.822474][ T8032] [ 103.822481][ T8032] Mem-Info: [ 104.044339][ T8032] active_anon:51788 inactive_anon:4 isolated_anon:0 [ 104.044339][ T8032] active_file:20914 inactive_file:2427 isolated_file:0 [ 104.044339][ T8032] unevictable:0 dirty:325 writeback:0 [ 104.044339][ T8032] slab_reclaimable:3398 slab_unreclaimable:19803 [ 104.044339][ T8032] mapped:41910 shmem:47311 pagetables:983 [ 104.044339][ T8032] sec_pagetables:0 bounce:0 [ 104.044339][ T8032] kernel_misc_reclaimable:0 [ 104.044339][ T8032] free:1830087 free_pcp:13231 free_cma:0 [ 104.090029][ T8032] Node 0 active_anon:207152kB inactive_anon:16kB active_file:83656kB inactive_file:9708kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:167756kB dirty:1300kB writeback:0kB shmem:189360kB kernel_stack:4320kB pagetables:3932kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 104.118018][ T8032] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 104.147750][ T8032] lowmem_reserve[]: 0 2880 7859 7859 [ 104.153131][ T8032] Node 0 DMA32 free:2945988kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949516kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB [ 104.184719][ T8032] lowmem_reserve[]: 0 0 4978 4978 [ 104.189878][ T8032] Node 0 Normal free:4358188kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:208428kB inactive_anon:16kB active_file:83656kB inactive_file:9708kB unevictable:0kB writepending:1300kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:48636kB local_pcp:38732kB free_cma:0kB [ 104.223131][ T8032] lowmem_reserve[]: 0 0 0 0 [ 104.227751][ T8032] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 104.240585][ T8032] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945988kB [ 104.256783][ T8032] Node 0 Normal: 679*4kB (UE) 546*8kB (UE) 224*16kB (UE) 83*32kB (UE) 148*64kB (UM) 136*128kB (UE) 154*256kB (UM) 109*512kB (UME) 79*1024kB (UME) 48*2048kB (U) 987*4096kB (UM) = 4357388kB [ 104.275553][ T8032] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 104.284924][ T8032] 70731 total pagecache pages [ 104.289739][ T8032] 27 pages in swap cache [ 104.294008][ T8032] Free swap = 56916kB [ 104.298155][ T8032] Total swap = 124996kB [ 104.302336][ T8032] 2097051 pages RAM [ 104.306190][ T8032] 0 pages HighMem/MovableOnly [ 104.310884][ T8032] 81272 pages reserved [ 105.055352][ T8139] SELinux: ebitmap: truncated map [ 105.061043][ T8139] SELinux: failed to load policy [ 105.131569][ T8151] __nla_validate_parse: 4 callbacks suppressed [ 105.131593][ T8151] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1877'. [ 105.325112][ T8184] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8184 comm=syz.1.1885 [ 105.337885][ T8184] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8184 comm=syz.1.1885 [ 105.482404][ T8202] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1890'. [ 105.790962][ T8235] macvtap0: refused to change device tx_queue_len [ 106.052972][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 106.052991][ T29] audit: type=1326 audit(1767659755.635:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 106.099692][ T29] audit: type=1326 audit(1767659755.635:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 106.123226][ T29] audit: type=1326 audit(1767659755.635:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2ec9c4f783 code=0x7ffc0000 [ 106.146607][ T29] audit: type=1326 audit(1767659755.635:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2ec9c4e1ff code=0x7ffc0000 [ 106.170215][ T29] audit: type=1326 audit(1767659755.645:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2ec9c4f7d7 code=0x7ffc0000 [ 106.193667][ T29] audit: type=1326 audit(1767659755.645:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ec9c4df90 code=0x7ffc0000 [ 106.217337][ T29] audit: type=1326 audit(1767659755.645:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2ec9c4e3aa code=0x7ffc0000 [ 106.240792][ T29] audit: type=1326 audit(1767659755.645:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 106.264459][ T29] audit: type=1326 audit(1767659755.645:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 106.288146][ T29] audit: type=1326 audit(1767659755.645:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8262 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 106.329110][ T8276] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001158 ! [ 106.404482][ T8285] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 106.416643][ T8286] vhci_hcd vhci_hcd.2: invalid port number 96 [ 106.422851][ T8286] vhci_hcd vhci_hcd.2: default hub control req: 8011 v0005 i0060 l7 [ 106.464488][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.472042][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.479576][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.487026][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.494549][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.502042][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.509612][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.517062][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.524550][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.532223][ T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 106.544640][ T10] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [sy] on syz0 [ 106.699746][ T8312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1927'. [ 106.724076][ T8312] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.731661][ T8312] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.739514][ T8312] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.747024][ T8312] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.762202][ T8316] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1929'. [ 106.831528][ T8321] loop4: detected capacity change from 0 to 128 [ 106.988125][ T8338] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8338 comm=syz.0.1939 [ 107.116332][ T8356] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1944'. [ 107.125705][ T8356] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1944'. [ 107.358268][ T8376] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1955'. [ 107.367819][ T8376] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 107.537339][ T8391] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1962'. [ 107.560825][ T8394] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 107.573303][ T8395] macvtap1: entered promiscuous mode [ 107.578732][ T8395] macvtap1: entered allmulticast mode [ 107.585306][ T8394] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1964'. [ 107.594584][ T8395] dummy0: entered promiscuous mode [ 107.602033][ T8395] dummy0: entered allmulticast mode [ 107.609350][ T8395] team0: Device macvtap1 failed to register rx_handler [ 107.617251][ T8395] dummy0: left allmulticast mode [ 107.622413][ T8395] dummy0: left promiscuous mode [ 107.622499][ T8397] xt_CT: You must specify a L4 protocol and not use inversions on it [ 107.657180][ T8394] hsr_slave_0: left promiscuous mode [ 107.787278][ T8410] block device autoloading is deprecated and will be removed. [ 107.898943][ T3424] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 108.347904][ T8465] IPv6: Can't replace route, no match found [ 108.837104][ T8500] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2007'. [ 109.116427][ T8528] netlink: 'syz.2.2020': attribute type 7 has an invalid length. [ 109.124236][ T8528] netlink: 'syz.2.2020': attribute type 8 has an invalid length. [ 109.673354][ T8576] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 109.718774][ T8576] hsr_slave_0: left promiscuous mode [ 109.730290][ T8576] hsr_slave_1: left promiscuous mode [ 110.124105][ T8630] serio: Serial port ptm0 [ 110.277208][ T8630] serio: Serial port ptm0 [ 110.716846][ T8695] netlink: 'syz.4.2057': attribute type 3 has an invalid length. [ 110.907046][ T8706] __nla_validate_parse: 3 callbacks suppressed [ 110.907065][ T8706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2063'. [ 110.997320][ T8716] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2067'. [ 111.052143][ T8722] wireguard0: entered promiscuous mode [ 111.057835][ T8722] wireguard0: entered allmulticast mode [ 111.090305][ T8729] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2073'. [ 111.099394][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2073'. [ 111.123455][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2072'. [ 111.132451][ T8727] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2072'. [ 111.178582][ T8735] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2076'. [ 111.239267][ T8743] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2079'. [ 111.258463][ T8740] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 111.334094][ T8754] loop1: detected capacity change from 0 to 1024 [ 111.341502][ T8754] EXT4-fs: Ignoring removed orlov option [ 111.351449][ T8754] EXT4-fs mount: 2 callbacks suppressed [ 111.351465][ T8754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.388645][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.418571][ T8764] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 111.428355][ T29] kauditd_printk_skb: 132 callbacks suppressed [ 111.428372][ T29] audit: type=1400 audit(1767659761.015:3673): avc: denied { relabelto } for pid=8763 comm="syz.3.2088" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 111.460670][ T29] audit: type=1400 audit(1767659761.015:3674): avc: denied { associate } for pid=8763 comm="syz.3.2088" name="/" dev="cgroup2" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0" [ 111.518924][ T8769] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2090'. [ 111.546898][ T8771] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 111.556307][ T8771] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2091'. [ 111.666263][ T29] audit: type=1400 audit(1767659761.235:3675): avc: denied { accept } for pid=8780 comm="syz.4.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 111.746455][ T29] audit: type=1400 audit(1767659761.335:3676): avc: denied { accept } for pid=8780 comm="syz.4.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 111.810079][ T8795] serio: Serial port ptm0 [ 111.960472][ T8795] serio: Serial port ptm0 [ 112.028666][ T29] audit: type=1400 audit(1767659761.615:3677): avc: denied { accept } for pid=8808 comm="syz.1.2107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 112.183895][ T8834] rdma_op ffff888104676d80 conn xmit_rdma 0000000000000000 [ 112.285481][ T8848] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) ! [ 112.425711][ T29] audit: type=1326 audit(1767659762.005:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8861 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 112.479607][ T29] audit: type=1326 audit(1767659762.005:3679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8861 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 112.503188][ T29] audit: type=1326 audit(1767659762.005:3680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8861 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 112.526756][ T29] audit: type=1326 audit(1767659762.005:3681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8861 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 112.550269][ T29] audit: type=1326 audit(1767659762.005:3682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8861 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 113.693677][ T8969] loop1: detected capacity change from 0 to 1024 [ 113.701287][ T8969] EXT4-fs: inline encryption not supported [ 113.720154][ T8969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.738199][ T8969] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.2169: Allocating blocks 385-513 which overlap fs metadata [ 113.756174][ T8969] EXT4-fs (loop1): pa ffff88810799ba80: logic 16, phys. 129, len 24 [ 113.764262][ T8969] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 113.774906][ T8969] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28 [ 113.787388][ T8969] EXT4-fs (loop1): This should not happen!! Data will be lost [ 113.787388][ T8969] [ 113.797108][ T8969] EXT4-fs (loop1): Total free blocks count 0 [ 113.803161][ T8969] EXT4-fs (loop1): Free/Dirty block details [ 113.809193][ T8969] EXT4-fs (loop1): free_blocks=128 [ 113.814361][ T8969] EXT4-fs (loop1): dirty_blocks=0 [ 113.819470][ T8969] EXT4-fs (loop1): Block reservation details [ 113.825482][ T8969] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 114.363089][ T9092] netlink: 'syz.3.2191': attribute type 1 has an invalid length. [ 114.436990][ T9108] SELinux: Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped). [ 114.597163][ T9135] netlink: 'syz.4.2212': attribute type 1 has an invalid length. [ 114.618450][ T9139] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2572 sclass=netlink_xfrm_socket pid=9139 comm=syz.2.2213 [ 114.647513][ T9135] 8021q: adding VLAN 0 to HW filter on device bond2 [ 114.675540][ T9142] bond2: (slave gretap1): making interface the new active one [ 114.689128][ T9142] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 114.838611][ T9149] SELinux: Context system_u:object_r:dhcpc_state_t:s0 is not valid (left unmapped). [ 114.966245][ T9161] af_packet: tpacket_rcv: packet too big, clamped from 154 to 4294967286. macoff=82 [ 115.417170][ T9192] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 115.427531][ T9192] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.437967][ T9192] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 115.471464][ T9196] netlink: zone id is out of range [ 115.476652][ T9196] netlink: zone id is out of range [ 115.497731][ T9196] netlink: zone id is out of range [ 115.503024][ T9196] netlink: zone id is out of range [ 115.529322][ T9192] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 115.539713][ T9192] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.550042][ T9192] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 115.572812][ T9196] netlink: set zone limit has 8 unknown bytes [ 115.649558][ T9206] loop1: detected capacity change from 0 to 164 [ 115.659849][ T9206] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 115.669496][ T9192] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 115.679901][ T9192] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.690248][ T9192] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 115.712159][ T9206] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 115.729234][ T9206] Symlink component flag not implemented [ 115.734952][ T9206] Symlink component flag not implemented [ 115.741727][ T9192] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 115.752104][ T9192] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.762576][ T9192] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 115.773746][ T9206] Symlink component flag not implemented (7) [ 115.779822][ T9206] Symlink component flag not implemented (116) [ 115.846410][ T9220] syzkaller0: entered promiscuous mode [ 115.852059][ T9220] syzkaller0: entered allmulticast mode [ 115.862159][ T9222] netlink: 'syz.1.2247': attribute type 4 has an invalid length. [ 115.878793][ T4221] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 115.887205][ T4221] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0 [ 115.895507][ T4221] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 115.908494][ T9222] netlink: 'syz.1.2247': attribute type 4 has an invalid length. [ 115.924473][ T4221] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 115.932988][ T4221] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0 [ 115.941464][ T4221] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 115.975846][ T4221] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 115.984189][ T4221] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0 [ 115.992562][ T4221] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 116.039225][ T4221] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.047538][ T4221] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0 [ 116.055991][ T4221] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 116.124906][ T9232] rdma_rxe: rxe_newlink: failed to add syz_tun [ 116.210935][ T9236] netlink: 'syz.1.2253': attribute type 1 has an invalid length. [ 116.303682][ T9245] __nla_validate_parse: 7 callbacks suppressed [ 116.303698][ T9245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2257'. [ 116.331674][ T9243] loop1: detected capacity change from 0 to 2048 [ 116.337751][ T9245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2257'. [ 116.397170][ T9243] loop1: p1 < > p4 [ 116.402010][ T9243] loop1: p4 size 8388608 extends beyond EOD, truncated [ 116.478571][ T29] kauditd_printk_skb: 101 callbacks suppressed [ 116.478590][ T29] audit: type=1326 audit(1767659766.065:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.523285][ T29] audit: type=1326 audit(1767659766.065:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.546868][ T29] audit: type=1326 audit(1767659766.075:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.570384][ T29] audit: type=1326 audit(1767659766.075:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.593852][ T29] audit: type=1326 audit(1767659766.075:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.617312][ T29] audit: type=1326 audit(1767659766.085:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.640821][ T29] audit: type=1326 audit(1767659766.085:3790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.686729][ T9256] netlink: 'syz.0.2260': attribute type 4 has an invalid length. [ 116.777914][ T29] audit: type=1326 audit(1767659766.245:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.801416][ T29] audit: type=1326 audit(1767659766.255:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 116.825010][ T29] audit: type=1326 audit(1767659766.265:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9251 comm="syz.2.2259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 117.001270][ T9273] SELinux: Context Ü is not valid (left unmapped). [ 117.154091][ T9285] ALSA: seq fatal error: cannot create timer (-22) [ 117.380319][ T9311] netlink: 'syz.2.2287': attribute type 3 has an invalid length. [ 117.388402][ T9311] netlink: 'syz.2.2287': attribute type 1 has an invalid length. [ 117.396235][ T9311] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.2287'. [ 117.931518][ T9333] loop1: detected capacity change from 0 to 512 [ 117.949541][ T9333] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.2295: error while reading EA inode 32 err=-116 [ 117.962726][ T9333] EXT4-fs (loop1): Remounting filesystem read-only [ 117.969782][ T9333] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -30) [ 117.980501][ T9333] EXT4-fs (loop1): 1 orphan inode deleted [ 117.986931][ T9333] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.032945][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.097508][ T9347] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2300'. [ 118.185165][ T9353] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2302'. [ 118.218745][ T9361] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2308'. [ 118.335347][ T9384] loop4: detected capacity change from 0 to 1024 [ 118.342715][ T9384] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 118.353727][ T9384] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 118.376486][ T9384] JBD2: no valid journal superblock found [ 118.382280][ T9384] EXT4-fs (loop4): Could not load journal inode [ 118.594934][ T9416] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2335'. [ 118.790334][ T9434] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2344'. [ 119.483122][ T9472] loop1: detected capacity change from 0 to 512 [ 119.545455][ T9472] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2360'. [ 119.669346][ T9479] loop1: detected capacity change from 0 to 2048 [ 119.692696][ T9479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.710761][ T9479] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2362: bg 0: block 234: padding at end of block bitmap is not set [ 119.764401][ T9487] loop4: detected capacity change from 0 to 4096 [ 119.782502][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.804135][ T9487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.984413][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.111494][ T9515] SELinux: Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped). [ 120.341683][ T9544] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9544 comm=syz.4.2393 [ 120.354253][ T9544] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9544 comm=syz.4.2393 [ 120.386423][ T9546] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2395'. [ 120.481580][ T9556] netlink: 'syz.3.2399': attribute type 7 has an invalid length. [ 120.518901][ T9560] pim6reg: entered allmulticast mode [ 120.543852][ T9560] pim6reg: left allmulticast mode [ 120.848750][ T9617] raw_sendmsg: syz.1.2426 forgot to set AF_INET. Fix it! [ 121.197900][ T9660] netlink: 'syz.4.2447': attribute type 13 has an invalid length. [ 121.245906][ T9660] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.253217][ T9660] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.294541][ T9660] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.306334][ T9660] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.355584][ T4219] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 121.364330][ T4219] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 20004 - 0 [ 121.373126][ T4219] netdevsim netdevsim4 eth0: unset [1, 1] type 2 family 0 port 6081 - 0 [ 121.385542][ T9673] pim6reg: entered allmulticast mode [ 121.393129][ T9673] pim6reg: left allmulticast mode [ 121.401173][ T4219] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 121.409713][ T4219] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 20004 - 0 [ 121.418204][ T4219] netdevsim netdevsim4 eth1: unset [1, 1] type 2 family 0 port 6081 - 0 [ 121.426700][ T4219] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 121.435141][ T4219] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 20004 - 0 [ 121.443767][ T4219] netdevsim netdevsim4 eth2: unset [1, 1] type 2 family 0 port 6081 - 0 [ 121.452280][ T4219] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 121.460771][ T4219] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 20004 - 0 [ 121.469303][ T4219] netdevsim netdevsim4 eth3: unset [1, 1] type 2 family 0 port 6081 - 0 [ 121.494584][ T9675] __nla_validate_parse: 6 callbacks suppressed [ 121.494605][ T9675] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2453'. [ 121.688959][ T29] kauditd_printk_skb: 260 callbacks suppressed [ 121.688974][ T29] audit: type=1326 audit(1767659771.275:4054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.1.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 121.751122][ T29] audit: type=1326 audit(1767659771.305:4055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.1.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 121.774717][ T29] audit: type=1326 audit(1767659771.305:4056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.1.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 121.798223][ T29] audit: type=1326 audit(1767659771.305:4057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.1.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 121.821733][ T29] audit: type=1326 audit(1767659771.305:4058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9692 comm="syz.1.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 121.933157][ T9706] netlink: 27 bytes leftover after parsing attributes in process `syz.1.2468'. [ 121.980727][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 121.989781][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 121.998885][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 122.015353][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 122.024580][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 122.034034][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 122.075490][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 122.084572][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2471'. [ 122.160584][ T9727] pim6reg: entered allmulticast mode [ 122.172264][ T9727] pim6reg: left allmulticast mode [ 122.235039][ T29] audit: type=1326 audit(1767659771.815:4059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9736 comm="syz.0.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 122.272377][ T29] audit: type=1326 audit(1767659771.815:4060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9738 comm="syz.1.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 122.296064][ T29] audit: type=1326 audit(1767659771.815:4061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9738 comm="syz.1.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 122.319971][ T29] audit: type=1326 audit(1767659771.815:4062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9738 comm="syz.1.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 122.343571][ T29] audit: type=1326 audit(1767659771.815:4063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9738 comm="syz.1.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ec9c4f749 code=0x7ffc0000 [ 122.412235][ T9752] bridge0: port 3(vlan2) entered blocking state [ 122.418732][ T9752] bridge0: port 3(vlan2) entered disabled state [ 122.437522][ T9752] vlan2: entered allmulticast mode [ 122.442698][ T9752] bridge0: entered allmulticast mode [ 122.454233][ T9752] vlan2: left allmulticast mode [ 122.459309][ T9752] bridge0: left allmulticast mode [ 122.784606][ T9799] netlink: 'syz.3.2508': attribute type 13 has an invalid length. [ 123.043075][ T9799] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.050373][ T9799] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.491545][ T5172] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 123.500531][ T5172] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.580585][ T5172] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 123.589661][ T5172] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.625097][ T5172] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 123.634140][ T5172] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.665313][ T9833] serio: Serial port ttyS3 [ 123.700799][ T5172] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 123.709823][ T5172] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.878437][ T9861] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9861 comm=syz.0.2533 [ 123.891042][ T9861] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9861 comm=syz.0.2533 [ 123.910721][ T9863] bond3: entered promiscuous mode [ 123.915896][ T9863] bond3: entered allmulticast mode [ 123.921532][ T9863] 8021q: adding VLAN 0 to HW filter on device bond3 [ 123.931150][ T9863] bond3 (unregistering): Released all slaves [ 124.074009][ T9880] SELinux: failed to load policy [ 124.134904][ T9882] loop4: detected capacity change from 0 to 8192 [ 124.167242][ T3325] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 124.175114][ T3325] FAT-fs (loop4): Filesystem has been set read-only [ 124.667971][ T9936] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 124.789044][ T9944] block device autoloading is deprecated and will be removed. [ 125.199837][ T9971] syzkaller1: entered promiscuous mode [ 125.205403][ T9971] syzkaller1: entered allmulticast mode [ 125.397397][ T9994] loop4: detected capacity change from 0 to 1024 [ 125.404194][ T9994] EXT4-fs: inline encryption not supported [ 125.410125][ T9994] EXT4-fs: Ignoring removed nobh option [ 125.429100][ T9994] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 125.490235][ T9994] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002] [ 125.516150][ T9994] System zones: 0-1, 3-12 [ 125.527728][ T9994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.652913][T10015] netlink: 'syz.2.2602': attribute type 7 has an invalid length. [ 125.660752][T10015] netlink: 'syz.2.2602': attribute type 8 has an invalid length. [ 125.892624][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.478706][T10107] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 126.570335][T10121] __nla_validate_parse: 15 callbacks suppressed [ 126.570404][T10121] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2652'. [ 126.603386][T10123] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2653'. [ 126.612555][T10123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2653'. [ 126.621644][T10123] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2653'. [ 126.630634][T10123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2653'. [ 126.639712][T10123] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2653'. [ 126.645291][T10127] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2655'. [ 126.688540][T10132] loop4: detected capacity change from 0 to 1024 [ 126.695327][T10132] EXT4-fs: Ignoring removed orlov option [ 126.707673][T10132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.743881][ T29] kauditd_printk_skb: 208 callbacks suppressed [ 126.743899][ T29] audit: type=1400 audit(1767659776.325:4272): avc: denied { checkpoint_restore } for pid=10135 comm="syz.2.2658" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 126.847198][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.028315][T10162] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2670'. [ 127.038913][T10164] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2671'. [ 127.049050][T10164] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2671'. [ 127.122785][T10168] netlink: 'syz.0.2672': attribute type 7 has an invalid length. [ 127.130650][T10168] netlink: 'syz.0.2672': attribute type 8 has an invalid length. [ 127.157787][ T29] audit: type=1326 audit(1767659776.745:4273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.183199][ T29] audit: type=1326 audit(1767659776.745:4274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.206868][ T29] audit: type=1326 audit(1767659776.745:4275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.230643][ T29] audit: type=1326 audit(1767659776.745:4276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.254470][ T29] audit: type=1326 audit(1767659776.745:4277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.278174][ T29] audit: type=1326 audit(1767659776.765:4278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.301958][ T29] audit: type=1326 audit(1767659776.775:4279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 127.325566][ T29] audit: type=1326 audit(1767659776.775:4280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7cb2b9f783 code=0x7ffc0000 [ 127.349100][ T29] audit: type=1326 audit(1767659776.775:4281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7cb2b9e1ff code=0x7ffc0000 [ 127.446462][T10186] ALSA: seq fatal error: cannot create timer (-19) [ 127.496352][T10195] netlink: 'syz.1.2686': attribute type 1 has an invalid length. [ 127.516587][T10195] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 127.525152][T10195] bond1: (slave batadv1): making interface the new active one [ 127.534352][T10195] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 127.551182][T10195] bond1 (unregistering): (slave batadv1): Releasing active interface [ 127.560721][T10195] bond1 (unregistering): Released all slaves [ 128.213226][T10253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.265810][T10253] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.586588][T10285] sd 0:0:1:0: device reset [ 128.810610][T10301] tipc: Failed to remove unknown binding: 66,1,1/0:339110082/339110084 [ 128.819021][T10301] tipc: Failed to remove unknown binding: 66,1,1/0:339110082/339110084 [ 129.290533][T10334] xt_hashlimit: max too large, truncated to 1048576 [ 129.299556][T10334] xt_CT: You must specify a L4 protocol and not use inversions on it [ 129.335688][T10338] : renamed from gre0 (while UP) [ 129.351139][T10338] netlink: 'syz.1.2748': attribute type 1 has an invalid length. [ 129.359048][T10338] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check. [ 129.377662][T10338] netlink: 'syz.1.2748': attribute type 1 has an invalid length. [ 129.385553][T10338] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check. [ 129.407449][T10342] loop4: detected capacity change from 0 to 164 [ 129.482667][T10355] netlink: 'syz.1.2754': attribute type 298 has an invalid length. [ 130.870624][T10579] loop4: detected capacity change from 0 to 512 [ 130.881663][T10579] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.2794: error while reading EA inode 32 err=-116 [ 130.895863][T10579] EXT4-fs (loop4): Remounting filesystem read-only [ 130.902872][T10579] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -30) [ 130.953865][T10579] EXT4-fs (loop4): 1 orphan inode deleted [ 130.971816][T10579] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.044580][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.278325][T10623] loop3: detected capacity change from 0 to 512 [ 131.294883][T10623] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.2811: error while reading EA inode 32 err=-116 [ 131.307960][T10623] EXT4-fs (loop3): Remounting filesystem read-only [ 131.314687][T10623] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30) [ 131.325589][T10623] EXT4-fs (loop3): 1 orphan inode deleted [ 131.332471][T10623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.361085][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.779085][ T29] kauditd_printk_skb: 332 callbacks suppressed [ 131.779104][ T29] audit: type=1326 audit(1767659781.365:4614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.2.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 131.834374][ T29] audit: type=1326 audit(1767659781.365:4615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.2.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 131.858087][ T29] audit: type=1326 audit(1767659781.365:4616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.2.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 131.881804][ T29] audit: type=1326 audit(1767659781.365:4617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.2.2827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 131.946162][ T29] audit: type=1400 audit(1767659781.495:4618): avc: denied { bind } for pid=10667 comm="syz.3.2830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 131.965743][ T29] audit: type=1400 audit(1767659781.515:4619): avc: denied { listen } for pid=10667 comm="syz.3.2830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 132.024744][T10674] dvmrp1: entered allmulticast mode [ 132.031846][T10675] __nla_validate_parse: 14 callbacks suppressed [ 132.031865][T10675] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2832'. [ 132.051086][T10674] dvmrp1: left allmulticast mode [ 132.067845][ T29] audit: type=1400 audit(1767659781.655:4620): avc: denied { read } for pid=10676 comm="syz.2.2834" path="socket:[27021]" dev="sockfs" ino=27021 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 132.170951][T10690] netlink: 'syz.4.2841': attribute type 1 has an invalid length. [ 132.277624][T10704] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2847'. [ 132.390192][T10717] loop4: detected capacity change from 0 to 128 [ 132.408492][T10717] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 132.428244][T10717] ext4 filesystem being mounted at /561/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 132.457854][ T3325] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 132.481382][T10722] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.491848][T10722] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.610481][T10722] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.620887][T10722] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.722151][T10722] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.732550][T10722] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.798641][T10749] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2864'. [ 132.811826][T10722] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 132.822209][T10722] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.843622][ T4221] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.846482][T10749] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2864'. [ 132.861309][ T4221] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.877255][ T29] audit: type=1326 audit(1767659782.465:4621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10752 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 132.900922][ T29] audit: type=1326 audit(1767659782.465:4622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10752 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 132.903237][ T4221] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.924517][ T29] audit: type=1326 audit(1767659782.465:4623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10752 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 132.956769][ T4221] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.981567][ T4221] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.989951][ T4221] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.025744][ T4221] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.034185][ T4221] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.066909][ T4221] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.075173][ T4221] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.115174][T10770] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10770 comm=syz.4.2873 [ 133.144227][ T4221] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.152540][ T4221] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.259863][T10777] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2876'. [ 133.663944][T10824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2897'. [ 133.977893][T10867] sd 0:0:1:0: device reset [ 134.624657][T10927] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 134.729906][T10939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2946'. [ 134.741045][T10939] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2946'. [ 134.752596][T10939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2946'. [ 134.762440][T10939] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2946'. [ 134.787899][T10941] netlink: 'syz.3.2947': attribute type 3 has an invalid length. [ 135.129339][T10983] SELinux: failed to load policy [ 135.629489][T11039] netem: change failed [ 136.023531][T11077] netlink: 'syz.2.3009': attribute type 3 has an invalid length. [ 136.057115][T11081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.065808][T11081] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.173065][T11091] Invalid argument reading file caps for ./file0 [ 136.352697][T11101] loop3: detected capacity change from 0 to 256 [ 136.360394][T11101] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 136.729593][T11141] rdma_op ffff88811c4b7d80 conn xmit_rdma 0000000000000000 [ 136.797831][ T29] kauditd_printk_skb: 276 callbacks suppressed [ 136.797851][ T29] audit: type=1400 audit(1767659786.375:4900): avc: denied { read } for pid=11151 comm="syz.1.3042" dev="nsfs" ino=4026532862 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 136.825525][ T29] audit: type=1400 audit(1767659786.375:4901): avc: denied { open } for pid=11151 comm="syz.1.3042" path="net:[4026532862]" dev="nsfs" ino=4026532862 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 136.849124][ T29] audit: type=1400 audit(1767659786.375:4902): avc: denied { ioctl } for pid=11146 comm="syz.2.3040" path="socket:[28455]" dev="sockfs" ino=28455 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 136.910972][ T9818] kernel write not supported for file bpf-prog (pid: 9818 comm: kworker/0:15) [ 136.961766][ T29] audit: type=1400 audit(1767659786.545:4903): avc: denied { tracepoint } for pid=11165 comm="syz.0.3050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 137.299273][ T29] audit: type=1400 audit(1767659786.885:4904): avc: denied { create } for pid=11193 comm="syz.0.3062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 137.319061][ T29] audit: type=1400 audit(1767659786.885:4905): avc: denied { connect } for pid=11193 comm="syz.0.3062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 137.338936][ T29] audit: type=1400 audit(1767659786.885:4906): avc: denied { write } for pid=11193 comm="syz.0.3062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 137.501813][T11200] __nla_validate_parse: 6 callbacks suppressed [ 137.501833][T11200] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3074'. [ 137.543016][ T29] audit: type=1400 audit(1767659787.085:4907): avc: denied { bind } for pid=11199 comm="syz.2.3074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 137.741500][ T29] audit: type=1400 audit(1767659787.325:4908): avc: denied { bind } for pid=11212 comm="syz.3.3069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 137.797103][ T29] audit: type=1400 audit(1767659787.355:4909): avc: denied { listen } for pid=11212 comm="syz.3.3069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 138.017747][T11233] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3079'. [ 138.038490][T11230] SELinux: failed to load policy [ 138.300556][T11272] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 138.474169][T11288] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3104'. [ 138.483407][T11288] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3104'. [ 138.492476][T11288] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3104'. [ 138.503803][T11288] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3104'. [ 138.512831][T11288] netlink: 'syz.1.3104': attribute type 6 has an invalid length. [ 138.636260][T11315] netlink: 'syz.3.3116': attribute type 3 has an invalid length. [ 138.937625][T11348] SELinux: Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped). [ 139.026068][T11353] serio: Serial port ttyS3 [ 139.207508][T11370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3141'. [ 139.238383][T11372] veth0: entered promiscuous mode [ 139.244692][T11372] veth0: left promiscuous mode [ 139.270441][T11374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3143'. [ 139.673474][T11392] syzkaller1: entered promiscuous mode [ 139.679174][T11392] syzkaller1: entered allmulticast mode [ 139.832671][T11403] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 139.965216][T11426] ALSA: seq fatal error: cannot create timer (-22) [ 140.188397][T11451] SELinux: failed to load policy [ 140.639200][T11524] Falling back ldisc for ttyS3. [ 141.503197][T11662] sch_fq: defrate 1884 ignored. [ 141.530474][T11664] vlan2: entered allmulticast mode [ 141.655764][T11679] vlan0: entered allmulticast mode [ 141.661003][T11679] bridge_slave_0: entered allmulticast mode [ 141.748858][T11691] loop3: detected capacity change from 0 to 512 [ 141.755648][T11691] EXT4-fs: Ignoring removed i_version option [ 141.764095][T11691] EXT4-fs (loop3): orphan cleanup on readonly fs [ 141.774049][T11691] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.3231: EA inode hash validation failed [ 141.787147][T11691] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 141.801309][T11691] EXT4-fs error (device loop3): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.3.3231: EA inode 11 ref wraparound: ref_count=0 ref_change=-1 [ 141.818791][T11691] EXT4-fs (loop3): Remounting filesystem read-only [ 141.825371][T11691] EXT4-fs warning (device loop3): ext4_xattr_inode_dec_ref_all:1230: inode #11: comm syz.3.3231: ea_inode dec ref err=-117 [ 141.840011][T11691] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30) [ 141.849236][T11691] EXT4-fs (loop3): 1 orphan inode deleted [ 141.855708][T11691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 141.876227][ T29] kauditd_printk_skb: 461 callbacks suppressed [ 141.876284][ T29] audit: type=1400 audit(1767659791.465:5371): avc: denied { mount } for pid=11690 comm="syz.3.3231" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 141.938052][ T29] audit: type=1400 audit(1767659791.525:5372): avc: denied { mounton } for pid=11690 comm="syz.3.3231" path="/651/file0" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 141.962046][ T29] audit: type=1326 audit(1767659791.545:5373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 141.985956][ T29] audit: type=1326 audit(1767659791.545:5374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.010730][ T29] audit: type=1326 audit(1767659791.545:5375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.039372][ T29] audit: type=1326 audit(1767659791.565:5376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.063089][ T29] audit: type=1326 audit(1767659791.565:5377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.087413][ T29] audit: type=1326 audit(1767659791.595:5378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.111040][ T29] audit: type=1326 audit(1767659791.595:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.135308][ T29] audit: type=1326 audit(1767659791.595:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.2.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 142.171263][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.199140][T11713] loop3: detected capacity change from 0 to 128 [ 142.211712][T11713] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3239'. [ 142.344967][T11727] 9pnet: p9_errstr2errno: server reported unknown error 0x00000 [ 142.399180][T11737] all: renamed from lo (while UP) [ 142.416815][T11738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 142.425340][T11738] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 142.719144][T11766] sd 0:0:1:0: device reset [ 142.786782][T11771] SELinux: ebitmap: truncated map [ 142.794042][T11771] SELinux: failed to load policy [ 143.081984][T11800] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 143.091371][T11800] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 143.141231][T11803] vlan2: entered allmulticast mode [ 143.269046][T11809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3282'. [ 143.293075][T11809] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3282'. [ 143.405874][T11826] Process accounting resumed [ 143.434685][T11833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3291'. [ 143.510739][T11841] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3294'. [ 144.064510][T11887] netlink: 'syz.0.3315': attribute type 3 has an invalid length. [ 144.144324][T11893] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3319'. [ 144.231864][T11904] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3324'. [ 144.328429][ T36] IPVS: starting estimator thread 0... [ 144.369246][T11920] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3331'. [ 144.430391][T11918] IPVS: using max 1824 ests per chain, 91200 per kthread [ 144.456780][T11920] team0 (unregistering): Port device team_slave_0 removed [ 144.482550][T11929] rdma_op ffff88811ef8f180 conn xmit_rdma 0000000000000000 [ 144.506010][T11920] team0 (unregistering): Port device team_slave_1 removed [ 144.856038][ T9818] IPVS: starting estimator thread 0... [ 144.897782][T11963] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3352'. [ 144.907734][T11963] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3352'. [ 144.925131][T11972] netlink: 'syz.1.3354': attribute type 1 has an invalid length. [ 144.946057][T11959] IPVS: using max 1728 ests per chain, 86400 per kthread [ 145.036077][T11983] Process accounting resumed [ 145.277393][T12015] netlink: 'syz.3.3374': attribute type 1 has an invalid length. [ 145.277414][T12015] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3374'. [ 145.659979][T12032] loop3: detected capacity change from 0 to 256 [ 145.806647][T12045] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 146.524385][T12097] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=12097 comm=syz.4.3408 [ 146.537124][T12097] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12097 comm=syz.4.3408 [ 146.934789][ T29] kauditd_printk_skb: 369 callbacks suppressed [ 146.934806][ T29] audit: type=1326 audit(1767659796.515:5750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.3420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7cb2b3b829 code=0x7ffc0000 [ 147.045979][ T29] audit: type=1326 audit(1767659796.555:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.3420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 147.069721][ T29] audit: type=1326 audit(1767659796.575:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.3420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7cb2b9f749 code=0x7ffc0000 [ 147.144408][ T29] audit: type=1400 audit(1767659796.715:5753): avc: denied { read } for pid=12143 comm="syz.0.3430" path="socket:[31182]" dev="sockfs" ino=31182 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 147.184210][ T29] audit: type=1400 audit(1767659796.755:5754): avc: denied { setopt } for pid=12146 comm="syz.2.3431" lport=46374 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 147.306900][ T29] audit: type=1400 audit(1767659796.895:5755): avc: denied { bind } for pid=12153 comm="syz.2.3435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 147.358837][ T29] audit: type=1326 audit(1767659796.895:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12152 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 147.382546][ T29] audit: type=1326 audit(1767659796.895:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12152 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 147.406169][ T29] audit: type=1326 audit(1767659796.895:5758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12152 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 147.429693][ T29] audit: type=1326 audit(1767659796.895:5759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12152 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e3ddf749 code=0x7ffc0000 [ 147.509296][T12165] loop3: detected capacity change from 0 to 512 [ 147.551894][T12165] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 147.732555][T12188] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 148.623060][T12231] sock: sock_timestamping_bind_phc: sock not bind to device [ 148.750380][ T5172] bridge_slave_1: left allmulticast mode [ 148.756847][ T5172] bridge_slave_1: left promiscuous mode [ 148.762676][ T5172] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.789817][ T5172] bridge_slave_0: left allmulticast mode [ 148.795524][ T5172] bridge_slave_0: left promiscuous mode [ 148.801985][ T5172] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.008298][ T5172] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 149.018144][ T5172] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.046468][ T5172] bond0 (unregistering): Released all slaves [ 149.078647][ T5172] tipc: Left network mode [ 149.219721][ T5172] team0 (unregistering): Port device team_slave_1 removed [ 149.251592][ T5172] team0 (unregistering): Port device team_slave_0 removed [ 149.753117][T12257] chnl_net:caif_netlink_parms(): no params data found [ 149.822603][T12257] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.829811][T12257] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.846481][T12257] bridge_slave_0: entered allmulticast mode [ 149.863377][T12257] bridge_slave_0: entered promiscuous mode [ 149.873037][T12257] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.880225][T12257] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.934428][T12302] __nla_validate_parse: 9 callbacks suppressed [ 149.934446][T12302] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3497'. [ 149.955687][T12257] bridge_slave_1: entered allmulticast mode [ 149.962663][T12257] bridge_slave_1: entered promiscuous mode [ 150.000762][T12305] geneve3: entered promiscuous mode [ 150.008717][ T5172] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.019292][T12257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 150.034371][T12257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 150.044116][ T5172] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.077074][ T5172] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.099587][ T5172] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.114999][T12257] team0: Port device team_slave_0 added [ 150.131924][T12257] team0: Port device team_slave_1 added [ 150.155970][T12257] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 150.162998][T12257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 150.189080][T12257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 150.201665][T12257] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 150.208781][T12257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 150.234788][T12257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 150.280278][T12257] hsr_slave_0: entered promiscuous mode [ 150.286757][T12257] hsr_slave_1: entered promiscuous mode [ 150.392121][T12343] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3514'. [ 150.408406][T12343] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3514'. [ 150.445251][T12257] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 150.461686][T12257] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 150.489731][T12352] vlan2: entered allmulticast mode [ 150.500919][T12257] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 150.517633][T12257] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 150.569945][T12257] 8021q: adding VLAN 0 to HW filter on device bond0 [ 150.582313][T12257] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.610014][ T5201] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.617180][ T5201] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.639675][ T5201] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.646918][ T5201] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.844591][T12257] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.876041][T12388] netlink: 27 bytes leftover after parsing attributes in process `syz.4.3531'. [ 150.963363][T12403] ipip0: entered promiscuous mode [ 151.108093][T12257] veth0_vlan: entered promiscuous mode [ 151.136472][T12257] veth1_vlan: entered promiscuous mode [ 151.162172][T12257] veth0_macvtap: entered promiscuous mode [ 151.189054][T12257] veth1_macvtap: entered promiscuous mode [ 151.220067][T12257] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 151.252576][T12257] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 151.274594][ T416] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.344644][ T416] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.369678][ T416] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.399162][ T416] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.546235][T12457] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3557'. [ 151.558028][T12455] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3555'. [ 151.567826][T12457] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3557'. [ 151.649904][T12469] ipip0: entered promiscuous mode [ 151.657234][T12473] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3563'. [ 151.666979][T12473] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3563'. [ 151.711197][T12473] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3563'. [ 151.927498][T12509] netlink: zone id is out of range [ 151.932732][T12509] netlink: zone id is out of range [ 151.938950][T12509] netlink: zone id is out of range [ 151.944793][T12509] netlink: zone id is out of range [ 151.963167][T12509] netlink: set zone limit has 8 unknown bytes [ 152.135639][ T29] kauditd_printk_skb: 157 callbacks suppressed [ 152.135695][ T29] audit: type=1400 audit(1767659801.715:5917): avc: denied { read } for pid=12522 comm="syz.1.3586" name="usbmon1" dev="devtmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 152.165477][ T29] audit: type=1400 audit(1767659801.715:5918): avc: denied { open } for pid=12522 comm="syz.1.3586" path="/dev/usbmon1" dev="devtmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 152.194026][ T29] audit: type=1326 audit(1767659801.775:5919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.219458][ T29] audit: type=1326 audit(1767659801.805:5920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.243084][ T29] audit: type=1326 audit(1767659801.805:5921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.266813][ T29] audit: type=1326 audit(1767659801.805:5922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.290465][ T29] audit: type=1326 audit(1767659801.805:5923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.314036][ T29] audit: type=1326 audit(1767659801.805:5924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.337607][ T29] audit: type=1326 audit(1767659801.805:5925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.361194][ T29] audit: type=1326 audit(1767659801.805:5926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.2.3587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422c9df749 code=0x7ffc0000 [ 152.498709][T12542] netlink: 'syz.1.3596': attribute type 298 has an invalid length. [ 152.537555][T12548] tipc: New replicast peer: 255.255.255.255 [ 152.543739][T12548] tipc: Enabled bearer , priority 10 [ 152.587168][T12551] tipc: Disabling bearer [ 152.835246][T12572] netlink: 'syz.0.3605': attribute type 10 has an invalid length. [ 153.068041][T12599] loop5: detected capacity change from 0 to 164 [ 153.177358][T12599] bio_check_eod: 98 callbacks suppressed [ 153.177378][T12599] syz.5.3617: attempt to access beyond end of device [ 153.177378][T12599] loop5: rw=8912896, sector=263328, nr_sectors = 4 limit=164 [ 153.239910][T12599] syz.5.3617: attempt to access beyond end of device [ 153.239910][T12599] loop5: rw=8388608, sector=263328, nr_sectors = 4 limit=164 [ 153.651600][T12638] netlink: 'syz.0.3632': attribute type 12 has an invalid length. [ 153.838954][T12656] syzkaller1: entered promiscuous mode [ 153.844554][T12656] syzkaller1: entered allmulticast mode [ 154.173510][T12697] syz_tun: entered promiscuous mode [ 154.192290][T12697] syz_tun: refused to change device tx_queue_len [ 154.406899][T12711] tipc: Started in network mode [ 154.411918][T12711] tipc: Node identity ac14140f, cluster identity 4711 [ 154.419267][T12711] tipc: New replicast peer: 255.255.255.255 [ 154.425388][T12711] tipc: Enabled bearer , priority 10 [ 154.443758][T12711] tipc: Disabling bearer [ 154.532879][T12715] bridge0: entered promiscuous mode [ 155.387017][ T36] hid_parser_main: 48 callbacks suppressed [ 155.387098][ T36] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 155.401079][ T36] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 155.681241][T12791] __nla_validate_parse: 18 callbacks suppressed [ 155.681259][T12791] netlink: 5 bytes leftover after parsing attributes in process `syz.4.3698'. [ 155.697159][T12791] 0ªî{X¹¦: renamed from gretap0 [ 155.704312][T12791] 0ªî{X¹¦: entered allmulticast mode [ 155.711734][T12791] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 155.784643][T12795] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3700'. [ 155.795069][T12795] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3700'. [ 155.835167][T12803] smc: net device hsr0 applied user defined pnetid SYZ2 [ 155.843447][T12803] smc: net device hsr0 erased user defined pnetid SYZ2 [ 156.294954][T12812] Set syz1 is full, maxelem 65536 reached [ 156.318889][T12836] tipc: Started in network mode [ 156.323816][T12836] tipc: Node identity ac14140f, cluster identity 4711 [ 156.348626][T12836] tipc: New replicast peer: 255.255.255.255 [ 156.354823][T12836] tipc: Enabled bearer , priority 10 [ 156.368813][T12836] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3717'. [ 156.377992][T12836] tipc: Disabling bearer [ 156.476170][T12843] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3721'. [ 156.496666][T12843] bridge0: entered promiscuous mode [ 156.651737][T12869] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3731'. [ 156.664839][T12869] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3731'. [ 157.003768][T12908] Set syz1 is full, maxelem 65536 reached [ 157.059224][T12916] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3751'. [ 157.097325][T12922] netlink: 'syz.5.3753': attribute type 29 has an invalid length. [ 157.106782][T12922] netlink: 'syz.5.3753': attribute type 29 has an invalid length. [ 157.117533][T12922] netlink: 500 bytes leftover after parsing attributes in process `syz.5.3753'. [ 157.126708][T12922] unsupported nla_type 66 [ 157.174246][T12932] sg_read: process 97 (syz.5.3757) changed security contexts after opening file descriptor, this is not allowed. [ 157.238029][ T29] kauditd_printk_skb: 182 callbacks suppressed [ 157.238046][ T29] audit: type=1326 audit(1767659806.825:6109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.272318][ T29] audit: type=1326 audit(1767659806.825:6110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.296763][ T29] audit: type=1326 audit(1767659806.825:6111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.320566][ T29] audit: type=1326 audit(1767659806.825:6112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.345114][ T29] audit: type=1326 audit(1767659806.825:6113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.369532][ T29] audit: type=1326 audit(1767659806.825:6114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.393172][ T29] audit: type=1326 audit(1767659806.825:6115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.417816][ T29] audit: type=1326 audit(1767659806.825:6116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.441506][ T29] audit: type=1326 audit(1767659806.825:6117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.465790][ T29] audit: type=1326 audit(1767659806.825:6118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12942 comm="syz.5.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3f758f749 code=0x7ffc0000 [ 157.504371][T12950] netlink: 7 bytes leftover after parsing attributes in process `syz.1.3762'. [ 157.620943][T12961] vlan2: entered allmulticast mode [ 159.215538][T13100] loop5: detected capacity change from 0 to 2048 [ 159.250466][T13100] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.288716][T12257] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.006899][T13147] sch_fq: defrate 0 ignored. [ 160.427272][T13189] ================================================================== [ 160.435410][T13189] BUG: KCSAN: data-race in bq_flush_to_queue / cpu_map_kthread_run [ 160.443341][T13189] [ 160.445695][T13189] write to 0xffff88813a00f6c0 of 8 bytes by task 13190 on cpu 0: [ 160.453437][T13189] cpu_map_kthread_run+0x529/0x1560 [ 160.458674][T13189] kthread+0x489/0x510 [ 160.462789][T13189] ret_from_fork+0x149/0x290 [ 160.467422][T13189] ret_from_fork_asm+0x1a/0x30 [ 160.472237][T13189] [ 160.474590][T13189] read to 0xffff88813a00f6c0 of 8 bytes by task 13189 on cpu 1: [ 160.482250][T13189] bq_flush_to_queue+0x124/0x350 [ 160.487219][T13189] cpu_map_enqueue+0x1a6/0x1c0 [ 160.492028][T13189] xdp_do_redirect_frame+0x27c/0x560 [ 160.497358][T13189] bpf_test_run_xdp_live+0x98c/0x11d0 [ 160.502779][T13189] bpf_prog_test_run_xdp+0x525/0x970 [ 160.508106][T13189] bpf_prog_test_run+0x204/0x340 [ 160.513075][T13189] __sys_bpf+0x4c0/0x7c0 [ 160.517353][T13189] __x64_sys_bpf+0x41/0x50 [ 160.521821][T13189] x64_sys_call+0x28e1/0x3000 [ 160.526538][T13189] do_syscall_64+0xca/0x2b0 [ 160.531083][T13189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.537011][T13189] [ 160.539351][T13189] value changed: 0xffff88815c2d8070 -> 0x0000000000000000 [ 160.546485][T13189] [ 160.548837][T13189] Reported by Kernel Concurrency Sanitizer on: [ 160.555022][T13189] CPU: 1 UID: 0 PID: 13189 Comm: syz.0.3860 Not tainted syzkaller #0 PREEMPT(voluntary) [ 160.564863][T13189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 160.574973][T13189] ==================================================================