last executing test programs: 49.327803144s ago: executing program 2 (id=734): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d80)={0x7, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) close(0x3) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) 49.248450944s ago: executing program 2 (id=737): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_emit_ethernet(0xfdef, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd6002000800fe2c00fe8000000000000000000000000000bbff02000000000000000000000000000132"], 0x0) 49.247669265s ago: executing program 2 (id=740): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)={0xc, 0x0, 0x0, 0x3}, 0x8) 49.176182524s ago: executing program 2 (id=746): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 49.153650434s ago: executing program 2 (id=748): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x20000000) 48.914637913s ago: executing program 2 (id=763): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./control\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) 48.880758433s ago: executing program 32 (id=763): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./control\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) 41.317890393s ago: executing program 0 (id=1083): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x73b, 0x200}, 0x280, 0x0, 0xfffffffe, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x30000000, 0x800, 0x0, 0x2}, &(0x7f0000000940)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2, 0x37dc12502000000, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) 41.041144692s ago: executing program 0 (id=1089): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x26, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x3ffd, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c"]}]}, 0x114}], 0x1}, 0x0) 40.947160252s ago: executing program 0 (id=1094): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x2, @empty, 'bond_slave_1\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x1, @local, 'veth0\x00'}}, 0x1e) 40.887201852s ago: executing program 0 (id=1099): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 40.850969502s ago: executing program 0 (id=1102): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1) 40.635312201s ago: executing program 0 (id=1108): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0) 40.635025631s ago: executing program 33 (id=1108): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0) 3.134153958s ago: executing program 1 (id=2487): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0) fcntl$setlease(r0, 0x400, 0x1) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000200)='./bus\x00', 0x1612c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x200) 2.277177636s ago: executing program 1 (id=2528): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', 0x0}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x40000000000}, 0x18) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="800000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000005000128009000100766c616e00000000400002800600010000000000340003800c00010000000000000000000c00010094040000000000000c00010000010000000000000c000100040000000000000008000500", @ANYRES32=r2, @ANYBLOB="080003"], 0x80}}, 0x0) 2.230420596s ago: executing program 1 (id=2531): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_free\x00', r0}, 0x18) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) socket$nl_netfilter(0x10, 0x3, 0xc) close_range(r1, 0xffffffffffffffff, 0x0) 1.980110945s ago: executing program 1 (id=2546): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x84, &(0x7f0000000500)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = syz_open_dev$evdev(&(0x7f0000001900), 0x0, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000d80)) read$hidraw(r0, 0x0, 0x49) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) 1.878187185s ago: executing program 4 (id=2553): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001100)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffff0000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000) 1.828105145s ago: executing program 4 (id=2557): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_free\x00', r0}, 0x18) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) socket$nl_netfilter(0x10, 0x3, 0xc) close_range(r1, 0xffffffffffffffff, 0x0) 1.598868574s ago: executing program 4 (id=2570): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 1.400655314s ago: executing program 1 (id=2578): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000f40), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=") lsetxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000740), 0x0, 0x0, 0x2) 1.213774473s ago: executing program 3 (id=2585): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) clock_adjtime(0x6, 0x0) 735.125552ms ago: executing program 4 (id=2586): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x2) readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 734.347422ms ago: executing program 3 (id=2587): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xe) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4b, &(0x7f0000000040)=0x5, 0x4) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f0000005000)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x60, 0x0) 733.908182ms ago: executing program 5 (id=2598): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) getsockname$packet(r1, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="00000000e000030000000000000000000000000008"], 0x38}}, 0x0) 698.290712ms ago: executing program 5 (id=2589): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) getgroups(0x0, 0x0) 443.729521ms ago: executing program 3 (id=2590): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffa0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/udplite6\x00') close_range(r2, 0xffffffffffffffff, 0x0) 430.322181ms ago: executing program 4 (id=2591): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf38, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000036000900feffffff0000000001000000040000000c0001800600200005470000080002"], 0x2c}}, 0x0) 390.892841ms ago: executing program 5 (id=2592): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) close(r2) 359.715171ms ago: executing program 5 (id=2593): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x9}, 0x18) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000200)=@raw=[@exit, @ldst, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @exit], &(0x7f0000000280)='GPL\x00', 0x4, 0xdf, &(0x7f00000002c0)=""/223, 0x0, 0x0, '\x00', 0x0, 0x25, r2, 0xc, 0x0, 0x2, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 300.398781ms ago: executing program 3 (id=2595): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0100000000000000000000000004"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40089000, 0x0, 0x0, 0x0, 0x0, 0x0) 300.114501ms ago: executing program 4 (id=2596): r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r0, &(0x7f00000003c0)='M', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) r1 = socket(0x10, 0x3, 0x0) sendto$inet6(r1, &(0x7f0000000080)="7800000018002507b9409b14ffff0b7a0204be04020714056406040c5c0009003f0006180a0000000d0085a168d0bf46d32345653610648d270005000a06024e49935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000400160008030a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000280)='p', 0x29fcb, 0x0, 0x0, 0x0) 299.900741ms ago: executing program 6 (id=2599): timer_create(0x7, 0x0, &(0x7f0000000240)=0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='hrtimer_start\x00', r4, 0x0, 0x6}, 0x18) timer_settime(r0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {r1, r2+10000000}}, 0x0) 290.450171ms ago: executing program 5 (id=2600): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00') preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000480)=""/128, 0x80}], 0x1, 0x12e, 0x0) 268.719561ms ago: executing program 6 (id=2601): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fstatfs(0xffffffffffffffff, 0x0) 256.43654ms ago: executing program 5 (id=2602): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r1, 0x407, 0x100004) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 163.82085ms ago: executing program 3 (id=2603): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) recvmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000040)=""/30, 0x1e}], 0x1}, 0x10000) 81.955731ms ago: executing program 6 (id=2604): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, 0x0}, 0x0) 60.99656ms ago: executing program 3 (id=2605): socket$kcm(0x2, 0x5, 0x84) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x10, 0x0, 0x0, 0xd28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57) 48.65904ms ago: executing program 6 (id=2606): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffdcc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x6a1e) 19.54237ms ago: executing program 1 (id=2607): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) msgctl$IPC_RMID(0x0, 0x0) stat(0x0, 0x0) 18.87428ms ago: executing program 6 (id=2608): r0 = socket$inet6(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000000)=0x1, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x6, @local, 0x6}, 0x1c) 0s ago: executing program 6 (id=2609): ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f00000000c0)={0x1, 'ip6gre0\x00', 0x10004}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'dummy0\x00'}, 0x18) kernel console output (not intermixed with test programs): [ 42.003440][ T4218] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117 [ 42.016043][ T4218] EXT4-fs (loop4): This should not happen!! Data will be lost [ 42.016043][ T4218] [ 42.129691][ T28] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117 [ 42.142391][ T28] EXT4-fs (loop4): This should not happen!! Data will be lost [ 42.142391][ T28] [ 42.185847][ T28] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28 [ 42.198684][ T28] EXT4-fs (loop4): This should not happen!! Data will be lost [ 42.198684][ T28] [ 42.208396][ T28] EXT4-fs (loop4): Total free blocks count 0 [ 42.214442][ T28] EXT4-fs (loop4): Free/Dirty block details [ 42.220410][ T28] EXT4-fs (loop4): free_blocks=0 [ 42.239209][ T29] kauditd_printk_skb: 133 callbacks suppressed [ 42.239223][ T29] audit: type=1400 audit(1737165537.498:562): avc: denied { bind } for pid=4239 comm="syz.2.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 42.332618][ T4244] loop3: detected capacity change from 0 to 8192 [ 42.379794][ T29] audit: type=1400 audit(1737165537.638:563): avc: denied { create } for pid=4247 comm="syz.4.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 42.418583][ T4252] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.454142][ T29] audit: type=1400 audit(1737165537.638:564): avc: denied { mount } for pid=4243 comm="syz.3.353" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 42.476064][ T29] audit: type=1400 audit(1737165537.668:565): avc: denied { write } for pid=4247 comm="syz.4.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 42.495285][ T29] audit: type=1400 audit(1737165537.698:566): avc: denied { unmount } for pid=3299 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 42.580438][ T4252] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.638490][ T4252] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.710251][ T4252] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.811422][ T29] audit: type=1326 audit(1737165538.068:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4296 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 42.835327][ T29] audit: type=1326 audit(1737165538.068:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4296 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 42.860055][ T29] audit: type=1326 audit(1737165538.098:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4296 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 42.875833][ T4252] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.883567][ T29] audit: type=1326 audit(1737165538.098:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4296 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 42.915049][ T29] audit: type=1326 audit(1737165538.098:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4296 comm="syz.1.377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 42.917496][ T4252] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.959316][ T4252] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.992852][ T4252] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.079884][ T4311] bond1: entered promiscuous mode [ 43.084971][ T4311] bond1: entered allmulticast mode [ 43.090453][ T4311] 8021q: adding VLAN 0 to HW filter on device bond1 [ 43.100890][ T4311] bond1 (unregistering): Released all slaves [ 43.230985][ T4324] bond1: entered promiscuous mode [ 43.236176][ T4324] bond1: entered allmulticast mode [ 43.246047][ T4324] 8021q: adding VLAN 0 to HW filter on device bond1 [ 43.283893][ T4324] bond1 (unregistering): Released all slaves [ 43.385690][ T165] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 43.866881][ T4361] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 43.880409][ T4363] batadv_slave_1: entered promiscuous mode [ 43.887434][ T4363] batadv_slave_1: left promiscuous mode [ 43.954674][ T4371] bond1: entered promiscuous mode [ 43.959830][ T4371] bond1: entered allmulticast mode [ 43.965365][ T4371] 8021q: adding VLAN 0 to HW filter on device bond1 [ 43.975483][ T4371] bond1 (unregistering): Released all slaves [ 44.193058][ T4391] IPv6: NLM_F_CREATE should be specified when creating new route [ 44.332000][ T4404] bond1: entered promiscuous mode [ 44.337153][ T4404] bond1: entered allmulticast mode [ 44.354425][ T4404] 8021q: adding VLAN 0 to HW filter on device bond1 [ 44.375139][ T4404] bond1 (unregistering): Released all slaves [ 44.567863][ T4434] IPv6: NLM_F_CREATE should be specified when creating new route [ 44.617871][ T28] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 44.814714][ T4459] batadv_slave_1: entered promiscuous mode [ 44.822411][ T4459] batadv_slave_1: left promiscuous mode [ 45.060464][ T4488] Zero length message leads to an empty skb [ 45.094597][ T4490] bond1: entered promiscuous mode [ 45.102145][ T4490] bond1: entered allmulticast mode [ 45.111897][ T4490] 8021q: adding VLAN 0 to HW filter on device bond1 [ 45.127549][ T4490] bond1 (unregistering): Released all slaves [ 45.374306][ T4498] bridge0: port 3(ip6gretap0) entered blocking state [ 45.381147][ T4498] bridge0: port 3(ip6gretap0) entered disabled state [ 45.391611][ T4498] ip6gretap0: entered allmulticast mode [ 45.399611][ T4498] ip6gretap0: entered promiscuous mode [ 45.406791][ T4498] bridge0: port 3(ip6gretap0) entered blocking state [ 45.413601][ T4498] bridge0: port 3(ip6gretap0) entered forwarding state [ 45.891910][ T4548] __nla_validate_parse: 7 callbacks suppressed [ 45.891926][ T4548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.492'. [ 45.917649][ T4547] pim6reg1: entered promiscuous mode [ 45.923245][ T4547] pim6reg1: entered allmulticast mode [ 45.965151][ T4552] bond1: entered promiscuous mode [ 45.970316][ T4552] bond1: entered allmulticast mode [ 45.976293][ T4552] 8021q: adding VLAN 0 to HW filter on device bond1 [ 45.988785][ T4552] bond1 (unregistering): Released all slaves [ 46.165108][ T4573] netem: change failed [ 46.224122][ T4575] program syz.3.497 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 46.255487][ T4583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.500'. [ 46.345989][ T4599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.518'. [ 46.374049][ T4601] netem: change failed [ 46.439672][ T4613] program syz.1.512 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 46.469000][ T4617] SELinux: Context system_u:object_r:xen_device_t:s0 is not valid (left unmapped). [ 46.537569][ T4627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.533'. [ 46.570629][ T4629] bond1: entered promiscuous mode [ 46.575996][ T4629] bond1: entered allmulticast mode [ 46.581397][ T4629] 8021q: adding VLAN 0 to HW filter on device bond1 [ 46.591610][ T4629] bond1 (unregistering): Released all slaves [ 46.610686][ T4632] pim6reg1: entered promiscuous mode [ 46.616167][ T4632] pim6reg1: entered allmulticast mode [ 46.742104][ T4654] program syz.4.532 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 47.607572][ T29] kauditd_printk_skb: 158 callbacks suppressed [ 47.607590][ T29] audit: type=1400 audit(1737165542.868:730): avc: denied { read } for pid=4690 comm="syz.1.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 47.645730][ T29] audit: type=1400 audit(1737165542.898:731): avc: denied { name_connect } for pid=4694 comm="syz.4.553" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 47.680126][ T4698] serio: Serial port ptm0 [ 47.837592][ T4710] pim6reg1: entered promiscuous mode [ 47.843017][ T4710] pim6reg1: entered allmulticast mode [ 47.921951][ T29] audit: type=1326 audit(1737165543.178:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.1.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 47.945271][ T29] audit: type=1326 audit(1737165543.178:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.1.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 47.968633][ T29] audit: type=1326 audit(1737165543.178:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.1.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 47.991947][ T29] audit: type=1326 audit(1737165543.178:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.1.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 48.018390][ T4729] netlink: 8 bytes leftover after parsing attributes in process `syz.1.563'. [ 48.059429][ T29] audit: type=1400 audit(1737165543.318:736): avc: denied { ioctl } for pid=4733 comm="syz.1.570" path="socket:[8975]" dev="sockfs" ino=8975 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 48.083854][ T29] audit: type=1400 audit(1737165543.318:737): avc: denied { connect } for pid=4733 comm="syz.1.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 48.103203][ T29] audit: type=1400 audit(1737165543.318:738): avc: denied { write } for pid=4733 comm="syz.1.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 48.165786][ T4744] program syz.2.575 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 48.209341][ T29] audit: type=1326 audit(1737165543.468:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4748 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe36ce5d29 code=0x7ffc0000 [ 48.358303][ T4768] serio: Serial port ptm0 [ 48.577671][ T4808] netlink: 'syz.3.604': attribute type 1 has an invalid length. [ 48.602473][ T4807] serio: Serial port ptm0 [ 48.691199][ T4820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.609'. [ 48.738699][ T4821] loop0: detected capacity change from 0 to 512 [ 48.834281][ T4821] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.608: corrupted in-inode xattr: invalid ea_ino [ 48.853470][ T4821] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.608: couldn't read orphan inode 15 (err -117) [ 48.882382][ T4821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.908851][ T4848] syz.3.620 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 48.927136][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.938314][ T4850] serio: Serial port ptm0 [ 49.004970][ T4861] xt_TPROXY: Can be used only with -p tcp or -p udp [ 49.171407][ T4888] serio: Serial port ptm0 [ 49.177194][ T4892] netlink: 'syz.2.639': attribute type 1 has an invalid length. [ 49.187643][ T4886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.637'. [ 49.208888][ T4897] xt_TPROXY: Can be used only with -p tcp or -p udp [ 49.388242][ T4928] xt_TPROXY: Can be used only with -p tcp or -p udp [ 49.423347][ T4922] loop0: detected capacity change from 0 to 512 [ 49.437107][ T4935] netlink: 4 bytes leftover after parsing attributes in process `syz.3.660'. [ 49.458753][ T4922] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.664: bg 0: block 248: padding at end of block bitmap is not set [ 49.473462][ T4922] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.664: Failed to acquire dquot type 1 [ 49.497596][ T4922] EXT4-fs (loop0): 1 truncate cleaned up [ 49.509342][ T4922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.533167][ T4922] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.616195][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.750220][ T4966] SELinux: syz.4.674 (4966) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 49.774845][ T4973] @: renamed from vlan0 (while UP) [ 49.905890][ T4987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.684'. [ 49.914774][ T4987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.684'. [ 49.937493][ T4997] netlink: 'syz.0.689': attribute type 1 has an invalid length. [ 50.205471][ T5041] syz.4.710[5041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.213982][ T5041] syz.4.710[5041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.228718][ T5041] syz.4.710[5041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.335399][ T5063] netlink: 'syz.4.720': attribute type 1 has an invalid length. [ 50.462207][ T5086] xt_hashlimit: max too large, truncated to 1048576 [ 50.479586][ T5086] Cannot find set identified by id 0 to match [ 50.489398][ T5089] syz.0.732[5089] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.489554][ T5089] syz.0.732[5089] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.501193][ T5089] syz.0.732[5089] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.650638][ T5116] syz.0.743[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.662249][ T5116] syz.0.743[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.673742][ T5116] syz.0.743[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 50.721250][ T5122] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 51.117461][ T5169] vlan2: entered allmulticast mode [ 51.134412][ T5172] ALSA: seq fatal error: cannot create timer (-19) [ 51.162790][ T5177] vhci_hcd: invalid port number 236 [ 51.292182][ T5163] chnl_net:caif_netlink_parms(): no params data found [ 51.335245][ T5191] syz.0.775[5191] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 51.369592][ T5199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.389696][ T5199] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.406672][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.413849][ T5163] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.421146][ T5163] bridge_slave_0: entered allmulticast mode [ 51.428229][ T5163] bridge_slave_0: entered promiscuous mode [ 51.435263][ T5163] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.442466][ T5163] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.449831][ T5163] bridge_slave_1: entered allmulticast mode [ 51.456470][ T5163] bridge_slave_1: entered promiscuous mode [ 51.473913][ T5163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.484353][ T5163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.504296][ T5163] team0: Port device team_slave_0 added [ 51.511108][ T5163] team0: Port device team_slave_1 added [ 51.526672][ T5163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.533782][ T5163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.559926][ T5163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.571392][ T5163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.578488][ T5163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.604572][ T5163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.625870][ T5209] IPv6: NLM_F_CREATE should be specified when creating new route [ 51.643395][ T5163] hsr_slave_0: entered promiscuous mode [ 51.650114][ T5163] hsr_slave_1: entered promiscuous mode [ 51.660111][ T5163] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.668505][ T5163] Cannot create hsr debugfs directory [ 51.681619][ T5213] block device autoloading is deprecated and will be removed. [ 51.719953][ T5211] syzkaller0: entered promiscuous mode [ 51.725534][ T5211] syzkaller0: entered allmulticast mode [ 51.881383][ T5233] netlink: 'syz.4.791': attribute type 3 has an invalid length. [ 51.889163][ T5233] __nla_validate_parse: 5 callbacks suppressed [ 51.889176][ T5233] netlink: 766 bytes leftover after parsing attributes in process `syz.4.791'. [ 52.018084][ T5256] mmap: syz.4.802 (5256) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 52.184284][ T5163] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 52.191156][ T5237] netlink: 'syz.1.793': attribute type 1 has an invalid length. [ 52.198944][ T5237] netlink: 224 bytes leftover after parsing attributes in process `syz.1.793'. [ 52.210240][ T5163] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 52.220400][ T5163] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 52.236215][ T5163] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 52.281325][ T5163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.296548][ T5163] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.306861][ T3406] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.314082][ T3406] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.331810][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.338914][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.382670][ T5282] netlink: 452 bytes leftover after parsing attributes in process `syz.0.812'. [ 52.429612][ T5290] SELinux: failed to load policy [ 52.483654][ T5163] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.505779][ T5302] IPv6: NLM_F_CREATE should be specified when creating new route [ 52.558206][ T5313] netlink: 12 bytes leftover after parsing attributes in process `syz.1.824'. [ 52.572599][ T5313] geneve2: entered promiscuous mode [ 52.577985][ T5313] geneve2: entered allmulticast mode [ 52.637001][ T5327] loop0: detected capacity change from 0 to 128 [ 52.645301][ T5327] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.663480][ T5163] veth0_vlan: entered promiscuous mode [ 52.664050][ T5327] ext4 filesystem being mounted at /177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 52.671693][ T5163] veth1_vlan: entered promiscuous mode [ 52.719630][ T5163] veth0_macvtap: entered promiscuous mode [ 52.727902][ T5163] veth1_macvtap: entered promiscuous mode [ 52.738582][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.749058][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.758911][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.769428][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.779479][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.789993][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.799826][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.810362][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.820196][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.830732][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.841463][ T5163] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.864003][ T3298] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.877901][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.888449][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.898287][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.908833][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.918844][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.929308][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.939347][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.949900][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.959789][ T5163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.970234][ T5163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.984750][ T5163] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.007094][ T5163] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.016439][ T5163] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.025171][ T5163] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.033931][ T5163] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.075533][ T2594] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.095319][ T29] kauditd_printk_skb: 404 callbacks suppressed [ 53.095337][ T29] audit: type=1400 audit(1737165777.347:1142): avc: denied { mac_admin } for pid=5340 comm="syz.0.830" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 53.128515][ T29] audit: type=1400 audit(1737165777.367:1143): avc: denied { map_create } for pid=5342 comm="syz.4.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 53.147727][ T29] audit: type=1400 audit(1737165777.367:1144): avc: denied { bpf } for pid=5342 comm="syz.4.833" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 53.168261][ T29] audit: type=1400 audit(1737165777.367:1145): avc: denied { map_read map_write } for pid=5342 comm="syz.4.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 53.188124][ T29] audit: type=1400 audit(1737165777.367:1146): avc: denied { prog_load } for pid=5342 comm="syz.4.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 53.207256][ T29] audit: type=1400 audit(1737165777.367:1147): avc: denied { perfmon } for pid=5342 comm="syz.4.833" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 53.228125][ T29] audit: type=1400 audit(1737165777.367:1148): avc: denied { prog_run } for pid=5342 comm="syz.4.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 53.247185][ T29] audit: type=1400 audit(1737165777.387:1149): avc: denied { create } for pid=5342 comm="syz.4.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 53.267324][ T29] audit: type=1400 audit(1737165777.397:1150): avc: denied { read write } for pid=3298 comm="syz-executor" name="loop0" dev="devtmpfs" ino=545 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 53.290642][ T29] audit: type=1400 audit(1737165777.397:1151): avc: denied { open } for pid=3298 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=545 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 53.316337][ T2594] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.359016][ T5352] loop0: detected capacity change from 0 to 512 [ 53.378148][ T2594] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.393071][ T5352] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.836: casefold flag without casefold feature [ 53.408391][ T5352] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.836: couldn't read orphan inode 15 (err -117) [ 53.424498][ T5352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.463199][ T2594] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.548462][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.585643][ T2594] bridge_slave_1: left allmulticast mode [ 53.591370][ T2594] bridge_slave_1: left promiscuous mode [ 53.597158][ T2594] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.617196][ T5378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.845'. [ 53.626196][ T2594] bridge_slave_0: left allmulticast mode [ 53.631956][ T2594] bridge_slave_0: left promiscuous mode [ 53.637821][ T2594] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.655024][ T5384] xt_connbytes: Forcing CT accounting to be enabled [ 53.665759][ T5384] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 53.793112][ T5398] netlink: 256 bytes leftover after parsing attributes in process `syz.4.856'. [ 53.805081][ T2594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 53.817720][ T2594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 53.829465][ T2594] bond0 (unregistering): Released all slaves [ 53.881647][ T2594] hsr_slave_0: left promiscuous mode [ 53.894544][ T2594] hsr_slave_1: left promiscuous mode [ 53.902977][ T5415] 9pnet: p9_errstr2errno: server reported unknown error ‌@يخ‚ح(للي«Q [ 53.911857][ T2594] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 53.919369][ T2594] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 53.932792][ T2594] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 53.940305][ T2594] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 53.967597][ T2594] veth1_macvtap: left promiscuous mode [ 53.973179][ T2594] veth0_macvtap: left promiscuous mode [ 53.978838][ T2594] veth1_vlan: left promiscuous mode [ 53.984171][ T2594] veth0_vlan: left promiscuous mode [ 54.104246][ T2594] team0 (unregistering): Port device team_slave_1 removed [ 54.113961][ T2594] team0 (unregistering): Port device team_slave_0 removed [ 54.144666][ T5421] netlink: 76 bytes leftover after parsing attributes in process `syz.3.867'. [ 54.180941][ T5418] netdevsim netdevsim5: Direct firmware load for œ failed with error -2 [ 54.288180][ T5449] netlink: 'syz.1.880': attribute type 1 has an invalid length. [ 54.433605][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.887'. [ 54.442596][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.887'. [ 54.451843][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.887'. [ 54.505867][ T5470] veth1_to_bridge: entered allmulticast mode [ 54.512410][ T5470] veth1_to_bridge: left allmulticast mode [ 54.561034][ T5480] SELinux: policydb version 0 does not match my version range 15-33 [ 54.574829][ T5480] SELinux: failed to load policy [ 54.698978][ C0] hrtimer: interrupt took 69169 ns [ 55.532994][ T5547] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 55.651543][ T5556] bond1: entered promiscuous mode [ 55.656883][ T5556] bond1: entered allmulticast mode [ 55.662543][ T5556] 8021q: adding VLAN 0 to HW filter on device bond1 [ 55.674966][ T5556] bond1 (unregistering): Released all slaves [ 55.744947][ T5570] 9pnet: p9_errstr2errno: server reported unknown error ‌@يخ‚ح(للي«Q [ 55.961519][ T5606] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 56.118437][ T5639] netdevsim netdevsim1: Direct firmware load for œ failed with error -2 [ 56.177934][ T5647] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 56.285159][ T5663] serio: Serial port ttyS3 [ 56.489388][ T5694] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=41 sclass=netlink_audit_socket pid=5694 comm=syz.5.993 [ 56.617005][ T5713] loop3: detected capacity change from 0 to 512 [ 56.632739][ T5716] netlink: 'syz.4.1004': attribute type 1 has an invalid length. [ 56.649949][ T5713] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.665618][ T5713] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 56.710584][ T5727] Invalid ELF header magic: != ELF [ 56.726251][ T5731] bpf_get_probe_write_proto: 5 callbacks suppressed [ 56.726270][ T5731] syz.4.1010[5731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.733044][ T5731] syz.4.1010[5731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.745864][ T5733] netem: incorrect gi model size [ 56.745977][ T5731] syz.4.1010[5731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.757225][ T5733] netem: change failed [ 57.032816][ T5755] syz.4.1021[5755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.032932][ T5755] syz.4.1021[5755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.044412][ T5755] syz.4.1021[5755] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.085185][ T5759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.105626][ T5759] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.462583][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.508952][ T5802] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 57.517125][ T5802] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 57.638057][ T5819] bond1: entered promiscuous mode [ 57.643192][ T5819] bond1: entered allmulticast mode [ 57.648736][ T5819] 8021q: adding VLAN 0 to HW filter on device bond1 [ 57.662589][ T5819] bond1 (unregistering): Released all slaves [ 58.189384][ T5862] serio: Serial port ttyS3 [ 58.219893][ T5860] loop0: detected capacity change from 0 to 8192 [ 58.229300][ T29] kauditd_printk_skb: 327 callbacks suppressed [ 58.229316][ T29] audit: type=1400 audit(1737165782.487:1479): avc: denied { mount } for pid=5858 comm="syz.0.1080" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 58.326658][ T29] audit: type=1400 audit(1737165782.577:1480): avc: denied { read } for pid=5867 comm="syz.4.1073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 58.353532][ T29] audit: type=1400 audit(1737165782.607:1481): avc: denied { unmount } for pid=3298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 58.498876][ T29] audit: type=1326 audit(1737165782.757:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5882 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 58.545327][ T29] audit: type=1326 audit(1737165782.757:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5882 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 58.568847][ T29] audit: type=1326 audit(1737165782.757:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5882 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 58.592667][ T29] audit: type=1326 audit(1737165782.757:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5882 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 58.616288][ T29] audit: type=1326 audit(1737165782.757:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5882 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 58.640015][ T29] audit: type=1400 audit(1737165782.777:1487): avc: denied { name_bind } for pid=5885 comm="syz.0.1081" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 58.661764][ T29] audit: type=1400 audit(1737165782.797:1488): avc: denied { node_bind } for pid=5881 comm="syz.4.1078" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 58.830813][ T5907] netlink: 'syz.0.1089': attribute type 1 has an invalid length. [ 58.838682][ T5907] __nla_validate_parse: 7 callbacks suppressed [ 58.838699][ T5907] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1089'. [ 58.893054][ T5913] syz.3.1092[5913] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 58.893173][ T5913] syz.3.1092[5913] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 58.904649][ T5913] syz.3.1092[5913] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 58.946885][ T5922] vhci_hcd: invalid port number 236 [ 58.962355][ T5923] vlan2: entered allmulticast mode [ 59.193767][ T5945] bridge0: entered allmulticast mode [ 59.301389][ T5960] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1114'. [ 59.310749][ T5960] unsupported nla_type 65024 [ 59.317164][ T5956] syzkaller0: entered promiscuous mode [ 59.322858][ T5956] syzkaller0: entered allmulticast mode [ 59.463407][ T5982] SELinux: syz.4.1124 (5982) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 59.512262][ T5986] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1126'. [ 59.547327][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 59.558163][ T5997] Invalid ELF header magic: != ELF [ 59.582518][ T6000] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1130'. [ 59.600665][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.607856][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.615072][ T5955] bridge_slave_0: entered allmulticast mode [ 59.621854][ T5955] bridge_slave_0: entered promiscuous mode [ 59.629128][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.636318][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.643741][ T5955] bridge_slave_1: entered allmulticast mode [ 59.650381][ T5955] bridge_slave_1: entered promiscuous mode [ 59.676365][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.690195][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.724205][ T5955] team0: Port device team_slave_0 added [ 59.730894][ T5955] team0: Port device team_slave_1 added [ 59.749578][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.756732][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.782797][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.794334][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.801421][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.828110][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.856622][ T5955] hsr_slave_0: entered promiscuous mode [ 59.862654][ T5955] hsr_slave_1: entered promiscuous mode [ 59.868627][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.876298][ T5955] Cannot create hsr debugfs directory [ 59.909114][ T3406] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.948785][ T3406] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.970890][ T5955] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 59.980096][ T5955] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 59.989174][ T5955] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 60.000424][ T3406] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.011512][ T5955] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 60.048234][ T3406] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.061480][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.074172][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.083548][ T165] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.090635][ T165] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.101455][ T3387] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.108658][ T3387] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.133725][ T5955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.159713][ T3406] bridge_slave_1: left allmulticast mode [ 60.165399][ T3406] bridge_slave_1: left promiscuous mode [ 60.171261][ T3406] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.179453][ T3406] bridge_slave_0: left allmulticast mode [ 60.185108][ T3406] bridge_slave_0: left promiscuous mode [ 60.190810][ T3406] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.277538][ T3406] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 60.288237][ T3406] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 60.297943][ T3406] bond0 (unregistering): Released all slaves [ 60.327306][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.409228][ T3406] hsr_slave_0: left promiscuous mode [ 60.415734][ T3406] hsr_slave_1: left promiscuous mode [ 60.421715][ T3406] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.429350][ T3406] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 60.445517][ T3406] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 60.452966][ T3406] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 60.468857][ T3406] veth1_macvtap: left promiscuous mode [ 60.474380][ T3406] veth0_macvtap: left promiscuous mode [ 60.479941][ T3406] veth1_vlan: left promiscuous mode [ 60.485195][ T3406] veth0_vlan: left promiscuous mode [ 60.488552][ T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0 [ 60.498218][ T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0 [ 60.509802][ T35] hid-generic 0000:0003:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 60.600212][ T3406] team0 (unregistering): Port device team_slave_1 removed [ 60.610148][ T3406] team0 (unregistering): Port device team_slave_0 removed [ 60.643058][ T6051] netlink: 'syz.3.1145': attribute type 3 has an invalid length. [ 60.650950][ T6051] netlink: 766 bytes leftover after parsing attributes in process `syz.3.1145'. [ 60.711650][ T6066] xt_connbytes: Forcing CT accounting to be enabled [ 60.725726][ T6066] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 60.826927][ T5955] veth0_vlan: entered promiscuous mode [ 60.845016][ T5955] veth1_vlan: entered promiscuous mode [ 60.858542][ T5955] veth0_macvtap: entered promiscuous mode [ 60.882718][ T5955] veth1_macvtap: entered promiscuous mode [ 60.894878][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.905545][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.915395][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.925992][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.935970][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.946664][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.956632][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.967121][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.978720][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.993994][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.004498][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.014344][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.024915][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.034767][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.041195][ T6092] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1158'. [ 61.045251][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.064235][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.074801][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.087162][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.103303][ T5955] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.112188][ T5955] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.121153][ T5955] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.129890][ T5955] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.142748][ T6034] chnl_net:caif_netlink_parms(): no params data found [ 61.170169][ T6099] netlink: 'syz.3.1160': attribute type 1 has an invalid length. [ 61.178042][ T6099] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1160'. [ 61.242198][ T6034] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.249507][ T6034] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.273856][ T6034] bridge_slave_0: entered allmulticast mode [ 61.284048][ T6034] bridge_slave_0: entered promiscuous mode [ 61.290875][ T6034] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.298070][ T6034] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.305251][ T6034] bridge_slave_1: entered allmulticast mode [ 61.311740][ T6034] bridge_slave_1: entered promiscuous mode [ 61.331716][ T6034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.343370][ T6034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.382785][ T6034] team0: Port device team_slave_0 added [ 61.398321][ T6034] team0: Port device team_slave_1 added [ 61.422745][ T6034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.429799][ T6034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.456013][ T6034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.486061][ T6121] syzkaller0: entered promiscuous mode [ 61.491659][ T6121] syzkaller0: entered allmulticast mode [ 61.512357][ T6034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.519371][ T6034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.545427][ T6034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.601378][ T6034] hsr_slave_0: entered promiscuous mode [ 61.609862][ T6034] hsr_slave_1: entered promiscuous mode [ 61.615955][ T6034] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.623540][ T6034] Cannot create hsr debugfs directory [ 62.024322][ T6034] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.038281][ T6034] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.049403][ T6034] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.060594][ T6034] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.103029][ T6034] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.152202][ T6034] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.168259][ T3406] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.175399][ T3406] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.199170][ T6034] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 62.209636][ T6034] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.226517][ T6145] netlink: 'syz.4.1174': attribute type 1 has an invalid length. [ 62.234289][ T6145] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1174'. [ 62.253943][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.261059][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.308796][ T6155] loop6: detected capacity change from 0 to 512 [ 62.347095][ T6034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.400616][ T6155] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.402767][ T6168] SELinux: policydb version 0 does not match my version range 15-33 [ 62.413490][ T6155] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 62.432249][ T6168] SELinux: failed to load policy [ 62.491340][ T6034] veth0_vlan: entered promiscuous mode [ 62.505051][ T6034] veth1_vlan: entered promiscuous mode [ 62.524271][ T6034] veth0_macvtap: entered promiscuous mode [ 62.540198][ T6034] veth1_macvtap: entered promiscuous mode [ 62.553002][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.563631][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.573559][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.584242][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.594108][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.604626][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.614488][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.625064][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.634954][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.645516][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.656907][ T6034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.665308][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.675826][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.685815][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.696324][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.706247][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.716965][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.726816][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.737313][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.747247][ T6034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.757710][ T6034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.768458][ T6034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.779060][ T6034] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.787934][ T6034] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.796690][ T6034] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.805400][ T6034] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.853722][ T6199] batman_adv: batadv0: Adding interface: gretap1 [ 62.860313][ T6199] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.885747][ T6199] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 62.971830][ T6210] SELinux: policydb version 0 does not match my version range 15-33 [ 62.980293][ T6210] SELinux: failed to load policy [ 63.068794][ T6224] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1211'. [ 63.078049][ T6224] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1211'. [ 63.146639][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.208024][ T6238] ebt_among: dst integrity fail: 1ad [ 63.236775][ T29] kauditd_printk_skb: 225 callbacks suppressed [ 63.236774][ T6241] bridge0: entered allmulticast mode [ 63.236793][ T29] audit: type=1400 audit(1737165787.497:1714): avc: denied { setopt } for pid=6240 comm="syz.5.1210" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 63.253802][ T6241] pim6reg: entered allmulticast mode [ 63.280982][ T29] audit: type=1400 audit(1737165787.537:1715): avc: denied { create } for pid=6246 comm="syz.4.1213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 63.309833][ T29] audit: type=1400 audit(1737165787.567:1716): avc: denied { write } for pid=6246 comm="syz.4.1213" path="socket:[15183]" dev="sockfs" ino=15183 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 63.365233][ T29] audit: type=1400 audit(1737165787.617:1717): avc: denied { mounton } for pid=6252 comm="syz.6.1216" path="/4/bus" dev="tmpfs" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 63.421576][ T29] audit: type=1326 audit(1737165787.677:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6257 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 63.433562][ T6253] loop6: detected capacity change from 0 to 512 [ 63.445173][ T29] audit: type=1326 audit(1737165787.677:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6257 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 63.457548][ T6253] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 63.474864][ T29] audit: type=1326 audit(1737165787.677:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.3.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 63.487904][ T6253] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 63.511354][ T29] audit: type=1326 audit(1737165787.677:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.3.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 63.511416][ T29] audit: type=1326 audit(1737165787.677:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.3.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 63.511448][ T29] audit: type=1326 audit(1737165787.677:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.3.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 63.602221][ T6265] xt_hashlimit: max too large, truncated to 1048576 [ 63.610360][ T6265] Cannot find set identified by id 0 to match [ 63.618298][ T6253] EXT4-fs (loop6): 1 truncate cleaned up [ 63.635220][ T6253] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.678882][ T6253] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.979022][ T6316] __nla_validate_parse: 1 callbacks suppressed [ 63.979037][ T6316] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1247'. [ 64.153750][ T6341] tls_set_device_offload: netdev not found [ 64.281854][ T6353] loop3: detected capacity change from 0 to 764 [ 64.292041][ T6353] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 64.312973][ T6353] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.321296][ T6353] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.329563][ T6353] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.337799][ T6353] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.356647][ T6353] vxlan0: entered promiscuous mode [ 64.361890][ T6353] vxlan0: entered allmulticast mode [ 64.373220][ T6353] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.376629][ T6360] loop6: detected capacity change from 0 to 128 [ 64.381683][ T6353] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.396544][ T6353] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.404925][ T6353] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.488425][ T6368] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 64.496888][ T6368] SELinux: failed to load policy [ 64.561736][ T6376] loop3: detected capacity change from 0 to 512 [ 64.576591][ T6376] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 64.595271][ T6381] xt_hashlimit: max too large, truncated to 1048576 [ 64.603913][ T6381] Cannot find set identified by id 0 to match [ 64.614368][ T6376] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 64.637417][ T6376] EXT4-fs (loop3): 1 truncate cleaned up [ 64.643530][ T6376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.670086][ T6390] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 64.670086][ T6390] program syz.4.1281 not setting count and/or reply_len properly [ 64.699534][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.762434][ T6403] SELinux: security_context_str_to_sid (@) failed with errno=-22 [ 64.859391][ T6419] 9p: Unknown access argument 1844674407370955161518446744073709551615: -34 [ 65.109201][ T6427] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1298'. [ 65.124525][ T6430] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 65540, id = 0 [ 65.137882][ T6429] IPVS: stopping master sync thread 6430 ... [ 65.296087][ T6436] loop3: detected capacity change from 0 to 128 [ 65.337279][ T6436] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 65.361635][ T6441] hub 9-0:1.0: USB hub found [ 65.369445][ T6441] hub 9-0:1.0: 8 ports detected [ 65.375975][ T6448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 65.384492][ T6448] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 65.392989][ T6436] ext4 filesystem being mounted at /228/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 65.467972][ T3299] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 65.985984][ T6501] 9pnet_fd: p9_fd_create_tcp (6501): problem connecting socket to 127.0.0.1 [ 66.332196][ T6524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 66.351799][ T6524] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 66.491061][ T28] nci: nci_rsp_packet: unknown rsp opcode 0x303 [ 66.582378][ T6543] IPv6: NLM_F_CREATE should be specified when creating new route [ 66.828620][ T6564] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 66.836993][ T6564] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 66.845253][ T6564] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 66.853616][ T6564] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 66.862540][ T6564] vxlan0: entered promiscuous mode [ 66.867784][ T6564] vxlan0: entered allmulticast mode [ 66.939973][ T6564] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 66.948543][ T6564] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 66.956991][ T6564] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 66.965652][ T6564] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 67.338018][ T6596] SELinux: security_context_str_to_sid (u) failed with errno=-22 [ 67.780324][ T6661] loop6: detected capacity change from 0 to 512 [ 67.787111][ T6661] EXT4-fs: Ignoring removed oldalloc option [ 67.798448][ T6661] EXT4-fs error (device loop6): ext4_xattr_inode_iget:436: comm syz.6.1402: Parent and EA inode have the same ino 15 [ 67.811924][ T6661] EXT4-fs (loop6): Remounting filesystem read-only [ 67.819047][ T6661] EXT4-fs (loop6): 1 orphan inode deleted [ 67.825243][ T6661] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.839396][ T6661] SELinux: (dev loop6, type ext4) getxattr errno 5 [ 67.851477][ T6661] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.885785][ T6667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.894916][ T6667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.940455][ T6673] loop6: detected capacity change from 0 to 8192 [ 67.992906][ T6683] netlink: 664 bytes leftover after parsing attributes in process `syz.6.1408'. [ 68.033724][ T6689] 9pnet_fd: p9_fd_create_tcp (6689): problem connecting socket to 127.0.0.1 [ 68.101098][ T6698] syz.4.1419[6698] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.101179][ T6698] syz.4.1419[6698] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.123458][ T6698] syz.4.1419[6698] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.240362][ T6715] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1425'. [ 68.343170][ T29] kauditd_printk_skb: 365 callbacks suppressed [ 68.343186][ T29] audit: type=1400 audit(1737165792.597:2089): avc: denied { execute } for pid=6727 comm="syz.1.1434" path="/54/hugetlb.1GB.usage_in_bytes" dev="tmpfs" ino=293 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 68.445130][ T29] audit: type=1400 audit(1737165792.697:2090): avc: denied { read } for pid=6735 comm="syz.1.1436" dev="nsfs" ino=4026533011 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 68.466923][ T29] audit: type=1400 audit(1737165792.697:2091): avc: denied { open } for pid=6735 comm="syz.1.1436" path="net:[4026533011]" dev="nsfs" ino=4026533011 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 68.490390][ T29] audit: type=1400 audit(1737165792.697:2092): avc: denied { create } for pid=6735 comm="syz.1.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 68.523489][ T6742] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1439'. [ 68.553033][ T29] audit: type=1326 audit(1737165792.727:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.1.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 68.576669][ T29] audit: type=1326 audit(1737165792.727:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.1.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 68.600155][ T29] audit: type=1326 audit(1737165792.727:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.1.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 68.623608][ T29] audit: type=1326 audit(1737165792.777:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.1.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 68.647157][ T29] audit: type=1400 audit(1737165792.777:2097): avc: denied { create } for pid=6741 comm="syz.3.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 68.667419][ T29] audit: type=1400 audit(1737165792.777:2098): avc: denied { write } for pid=6741 comm="syz.3.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 68.773922][ T6750] loop3: detected capacity change from 0 to 8192 [ 68.827134][ T6757] syz.3.1447[6757] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.827282][ T6757] syz.3.1447[6757] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.865858][ T6757] syz.3.1447[6757] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.959018][ T6774] netlink: 664 bytes leftover after parsing attributes in process `syz.5.1455'. [ 69.010936][ T6778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.023586][ T6780] batadv_slave_1: entered promiscuous mode [ 69.029889][ T6780] batadv_slave_0: entered promiscuous mode [ 69.035930][ T6778] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.036034][ T6779] batadv_slave_0: left promiscuous mode [ 69.049384][ T6779] batadv_slave_1: left promiscuous mode [ 69.093778][ T6785] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1460'. [ 69.103670][ T6717] 9pnet_fd: p9_fd_create_tcp (6717): problem connecting socket to 127.0.0.1 [ 69.664592][ T6816] syz.1.1473[6816] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.664676][ T6816] syz.1.1473[6816] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.689259][ T6816] syz.1.1473[6816] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.848272][ T6843] netlink: 664 bytes leftover after parsing attributes in process `syz.1.1484'. [ 69.891659][ T6849] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1488'. [ 69.897439][ T6851] syz.4.1486[6851] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.927870][ T6855] SET target dimension over the limit! [ 70.117777][ T6872] loop3: detected capacity change from 0 to 512 [ 70.127836][ T6872] EXT4-fs: Ignoring removed oldalloc option [ 70.137247][ T6872] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.1497: Parent and EA inode have the same ino 15 [ 70.154859][ T6872] EXT4-fs (loop3): Remounting filesystem read-only [ 70.171626][ T6872] EXT4-fs (loop3): 1 orphan inode deleted [ 70.181715][ T6872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.194324][ T6872] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 70.202852][ T6872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.365685][ T6905] atomic_op ffff888113c21d28 conn xmit_atomic 0000000000000000 [ 70.791532][ T6954] loop6: detected capacity change from 0 to 2048 [ 70.825987][ T6954] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.077981][ T6971] batadv_slave_1: entered promiscuous mode [ 71.105942][ T6971] batadv_slave_0: entered promiscuous mode [ 71.125801][ T6970] batadv_slave_0: left promiscuous mode [ 71.131549][ T6970] batadv_slave_1: left promiscuous mode [ 71.262751][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.368080][ T6983] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1541'. [ 71.459226][ T6987] syzkaller0: entered allmulticast mode [ 71.465535][ T6987] syzkaller0: left allmulticast mode [ 71.512391][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1549'. [ 71.549795][ T6991] bond1: entered promiscuous mode [ 71.554943][ T6991] bond1: entered allmulticast mode [ 71.560361][ T6991] 8021q: adding VLAN 0 to HW filter on device bond1 [ 71.637039][ T7000] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1553'. [ 71.744247][ T7009] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1556'. [ 71.759271][ T7014] netlink: 'syz.6.1557': attribute type 4 has an invalid length. [ 72.131106][ T7051] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1573'. [ 72.201792][ T7063] loop3: detected capacity change from 0 to 2048 [ 72.211473][ T28] nci: nci_rsp_packet: unknown rsp opcode 0x303 [ 72.237959][ T7063] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.253636][ T7069] loop6: detected capacity change from 0 to 1024 [ 72.271687][ T7069] EXT4-fs: Ignoring removed oldalloc option [ 72.294320][ T7069] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 72.316007][ T7069] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 72.326288][ T7069] EXT4-fs (loop6): required journal recovery suppressed and not mounted read-only [ 72.575496][ T7089] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1589'. [ 72.584435][ T7089] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1589'. [ 72.643461][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.832193][ T7114] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6) [ 72.838808][ T7114] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 72.846313][ T7114] vhci_hcd vhci_hcd.0: Device attached [ 72.854848][ T7115] vhci_hcd: connection closed [ 72.855067][ T11] vhci_hcd: stop threads [ 72.864341][ T11] vhci_hcd: release socket [ 72.868803][ T11] vhci_hcd: disconnect device [ 72.870161][ T7120] vlan2: entered allmulticast mode [ 73.093736][ T7139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 73.105740][ T7139] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 73.480841][ T29] kauditd_printk_skb: 187 callbacks suppressed [ 73.480874][ T29] audit: type=1400 audit(1737165797.737:2286): avc: denied { read write } for pid=7169 comm="syz.5.1623" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 73.510794][ T29] audit: type=1400 audit(1737165797.737:2287): avc: denied { open } for pid=7169 comm="syz.5.1623" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 73.545304][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1 [ 73.552888][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.560414][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.567903][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.575312][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.582774][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.605475][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.613061][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x2 [ 73.613173][ T29] audit: type=1400 audit(1737165797.867:2288): avc: denied { sys_module } for pid=7173 comm="syz.6.1624" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 73.620479][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.649310][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.656894][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.664335][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.671764][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x4 [ 73.679264][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.686710][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.694206][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.701685][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.709565][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.717093][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.724536][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.732087][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.739604][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.747156][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.754600][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.762070][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.769509][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.777023][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.784435][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.791869][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.799402][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.806831][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.814310][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.821865][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.829317][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.836765][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.844233][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.852007][ T3376] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 73.865404][ T3376] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz1 [ 74.095572][ T29] audit: type=1400 audit(1737165798.337:2289): avc: denied { connect } for pid=7190 comm="syz.3.1632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 74.158173][ T7196] loop3: detected capacity change from 0 to 512 [ 74.184953][ T7196] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 74.202791][ T7198] syzkaller0: entered allmulticast mode [ 74.213735][ T7198] syzkaller0: left allmulticast mode [ 74.296022][ T7196] EXT4-fs (loop3): 1 truncate cleaned up [ 74.305799][ T7196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.335668][ T29] audit: type=1400 audit(1737165798.587:2290): avc: denied { setattr } for pid=7194 comm="syz.3.1634" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 74.389375][ T7206] __nla_validate_parse: 2 callbacks suppressed [ 74.389391][ T7206] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1637'. [ 74.435324][ T7206] bond1: entered promiscuous mode [ 74.440448][ T7206] bond1: entered allmulticast mode [ 74.455534][ T7206] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.519169][ T29] audit: type=1400 audit(1737165798.777:2291): avc: denied { append } for pid=7211 comm="syz.5.1638" name="mISDNtimer" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 75.028018][ T29] audit: type=1400 audit(1737165799.277:2292): avc: denied { create } for pid=7249 comm="syz.1.1656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 75.115578][ T29] audit: type=1400 audit(1737165799.347:2293): avc: denied { read } for pid=7252 comm="syz.6.1658" name="ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 75.138696][ T29] audit: type=1400 audit(1737165799.347:2294): avc: denied { open } for pid=7252 comm="syz.6.1658" path="/dev/ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 75.163213][ T29] audit: type=1400 audit(1737165799.347:2295): avc: denied { ioctl } for pid=7252 comm="syz.6.1658" path="/dev/ptp0" dev="devtmpfs" ino=245 ioctlcmd=0x3d05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 75.263586][ T7262] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1660'. [ 75.300557][ T7262] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1660'. [ 75.339369][ T7207] syz.3.1634 (7207) used greatest stack depth: 8440 bytes left [ 75.417575][ T7274] netlink: 'syz.5.1666': attribute type 3 has an invalid length. [ 75.478710][ T7276] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 76.264368][ T7320] IPv6: NLM_F_CREATE should be specified when creating new route [ 76.327595][ T7322] xt_hashlimit: max too large, truncated to 1048576 [ 76.387887][ T7196] syz.3.1634 (7196) used greatest stack depth: 6080 bytes left [ 76.411307][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.822945][ T7382] netlink: 'syz.5.1711': attribute type 39 has an invalid length. [ 76.930692][ T7400] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1721'. [ 77.230071][ T7434] IPv6: Can't replace route, no match found [ 77.291107][ T7442] netlink: 'syz.1.1742': attribute type 10 has an invalid length. [ 77.399152][ T7442] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 77.811714][ T7488] SELinux: failed to load policy [ 78.224416][ T7532] rdma_op ffff888140e5fd80 conn xmit_rdma 0000000000000000 [ 78.253397][ T7535] SELinux: policydb version 0 does not match my version range 15-33 [ 78.268844][ T7535] SELinux: failed to load policy [ 78.289213][ T7537] bond1: entered promiscuous mode [ 78.294313][ T7537] bond1: entered allmulticast mode [ 78.299701][ T7537] 8021q: adding VLAN 0 to HW filter on device bond1 [ 78.310392][ T7537] bond1 (unregistering): Released all slaves [ 78.372746][ T7555] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1791'. [ 78.470828][ T7571] SELinux: policydb version 0 does not match my version range 15-33 [ 78.488737][ T7571] SELinux: failed to load policy [ 78.548251][ T29] kauditd_printk_skb: 53 callbacks suppressed [ 78.548267][ T29] audit: type=1326 audit(1737165802.807:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 78.596618][ T29] audit: type=1326 audit(1737165802.807:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 78.620286][ T29] audit: type=1326 audit(1737165802.807:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 78.643772][ T29] audit: type=1326 audit(1737165802.807:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 78.667596][ T29] audit: type=1326 audit(1737165802.807:2353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7578 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 78.692121][ T29] audit: type=1400 audit(1737165802.947:2354): avc: denied { audit_write } for pid=7584 comm="syz.3.1805" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 78.713408][ T29] audit: type=1107 audit(1737165802.947:2355): pid=7584 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 78.833167][ T29] audit: type=1400 audit(1737165803.087:2356): avc: denied { write } for pid=7598 comm="syz.4.1811" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 78.867145][ T7599] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 78.874599][ T7599] vhci_hcd: invalid port number 23 [ 78.891856][ T7601] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1813'. [ 78.961990][ T7604] SELinux: policydb version 0 does not match my version range 15-33 [ 78.982587][ T29] audit: type=1400 audit(1737165803.237:2357): avc: denied { tracepoint } for pid=7605 comm="syz.3.1815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 79.012677][ T7604] SELinux: failed to load policy [ 79.087843][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1816'. [ 79.096838][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1816'. [ 79.113299][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1816'. [ 79.169136][ T29] audit: type=1326 audit(1737165803.427:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7609 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 79.223613][ T7619] rdma_op ffff888140e5f180 conn xmit_rdma 0000000000000000 [ 79.276393][ T7626] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 79.310500][ T7629] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (8) [ 79.471482][ T7645] smc: net device bond0 applied user defined pnetid SYZ0 [ 79.496117][ T7645] smc: net device bond0 erased user defined pnetid SYZ0 [ 79.557686][ T7654] rdma_op ffff888140e5f180 conn xmit_rdma 0000000000000000 [ 79.571103][ T7653] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7653 comm=syz.4.1837 [ 79.610184][ T7656] smc: net device bond0 applied user defined pnetid SYZ0 [ 79.627958][ T7656] smc: net device bond0 erased user defined pnetid SYZ0 [ 79.742235][ T7667] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 79.750700][ T7667] vhci_hcd: invalid port number 23 [ 79.848701][ T7680] bpf_get_probe_write_proto: 5 callbacks suppressed [ 79.848739][ T7680] syz.5.1849[7680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.863364][ T7680] syz.5.1849[7680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.880742][ T7680] syz.5.1849[7680] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.144832][ T7711] loop3: detected capacity change from 0 to 1024 [ 80.188362][ T7711] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.245368][ T7718] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 80.254473][ T7719] EXT4-fs (loop3): shut down requested (0) [ 80.318839][ T50] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 80.340891][ T7726] loop1: detected capacity change from 0 to 164 [ 80.351094][ T50] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 80.363861][ T50] EXT4-fs (loop3): This should not happen!! Data will be lost [ 80.363861][ T50] [ 80.372040][ T7726] syz.1.1867: attempt to access beyond end of device [ 80.372040][ T7726] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 80.373537][ T50] EXT4-fs (loop3): Total free blocks count 0 [ 80.389199][ T7726] syz.1.1867: attempt to access beyond end of device [ 80.389199][ T7726] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 80.393550][ T50] EXT4-fs (loop3): Free/Dirty block details [ 80.412862][ T50] EXT4-fs (loop3): free_blocks=68451041280 [ 80.418852][ T50] EXT4-fs (loop3): dirty_blocks=6032 [ 80.424152][ T50] EXT4-fs (loop3): Block reservation details [ 80.426708][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1868'. [ 80.430232][ T50] EXT4-fs (loop3): i_reserved_data_blocks=377 [ 80.583038][ T7742] netlink: 'syz.5.1885': attribute type 1 has an invalid length. [ 80.643027][ T7742] 8021q: adding VLAN 0 to HW filter on device bond3 [ 80.655711][ T7742] bond2: (slave bond3): making interface the new active one [ 80.667914][ T7742] bond2: (slave bond3): Enslaving as an active interface with an up link [ 80.745095][ T7750] syz.5.1877[7750] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.745156][ T7750] syz.5.1877[7750] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.757782][ T7750] syz.5.1877[7750] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.767765][ T7754] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1879'. [ 80.848695][ T7762] syz.3.1883[7762] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.848828][ T7762] syz.3.1883[7762] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.862692][ T7762] syz.3.1883[7762] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 80.898239][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1884'. [ 80.941875][ T7772] netlink: 'syz.3.1889': attribute type 1 has an invalid length. [ 80.985343][ T7772] 8021q: adding VLAN 0 to HW filter on device bond2 [ 80.994762][ T7772] bond1: (slave bond2): making interface the new active one [ 81.005114][ T7772] bond1: (slave bond2): Enslaving as an active interface with an up link [ 81.198194][ T7817] vcan0: entered allmulticast mode [ 81.203890][ T7819] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1912'. [ 81.228930][ T7817] vcan0 (unregistering): left allmulticast mode [ 81.297683][ T7828] netlink: zone id is out of range [ 81.302913][ T7828] netlink: zone id is out of range [ 81.308531][ T7828] netlink: set zone limit has 4 unknown bytes [ 81.355034][ T7834] syz.1.1918[7834] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 81.389527][ T7838] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 81.508582][ T7849] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1924'. [ 81.632007][ T7855] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1937'. [ 82.080518][ T7874] netlink: 'syz.6.1934': attribute type 1 has an invalid length. [ 82.278432][ T7885] netlink: 'syz.3.1940': attribute type 15 has an invalid length. [ 82.449202][ T7908] loop3: detected capacity change from 0 to 256 [ 82.451229][ T7911] netlink: 'syz.1.1953': attribute type 10 has an invalid length. [ 82.463720][ T7911] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1953'. [ 82.473139][ T7908] FAT-fs (loop3): bogus number of FAT sectors [ 82.479338][ T7908] FAT-fs (loop3): Can't find a valid FAT filesystem [ 82.488455][ T7911] team0: entered promiscuous mode [ 82.493584][ T7911] team_slave_0: entered promiscuous mode [ 82.499403][ T7911] team_slave_1: entered promiscuous mode [ 82.505239][ T7911] team0: entered allmulticast mode [ 82.510415][ T7911] team_slave_0: entered allmulticast mode [ 82.516287][ T7911] team_slave_1: entered allmulticast mode [ 82.525357][ T7911] bridge0: port 3(team0) entered blocking state [ 82.531944][ T7911] bridge0: port 3(team0) entered disabled state [ 82.559059][ T7911] bridge0: port 3(team0) entered blocking state [ 82.565437][ T7911] bridge0: port 3(team0) entered forwarding state [ 82.595481][ T7916] batadv_slave_1: entered promiscuous mode [ 82.603444][ T7916] batadv_slave_1: left promiscuous mode [ 82.663874][ T7924] netlink: 'syz.5.1958': attribute type 15 has an invalid length. [ 82.712800][ T7930] loop3: detected capacity change from 0 to 256 [ 82.726014][ T7930] FAT-fs (loop3): bogus number of FAT sectors [ 82.732147][ T7930] FAT-fs (loop3): Can't find a valid FAT filesystem [ 82.763613][ T7936] SELinux: syz.1.1964 (7936) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 82.888615][ T7954] loop3: detected capacity change from 0 to 512 [ 82.952083][ T7954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.968203][ T7954] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.188665][ T7988] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 20000 - 0 [ 83.197071][ T7988] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 20000 - 0 [ 83.205605][ T7988] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 20000 - 0 [ 83.213925][ T7988] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 20000 - 0 [ 83.237647][ T7990] loop6: detected capacity change from 0 to 256 [ 83.244431][ T7990] FAT-fs (loop6): bogus number of FAT sectors [ 83.250736][ T7990] FAT-fs (loop6): Can't find a valid FAT filesystem [ 83.266434][ T7988] geneve2: entered promiscuous mode [ 83.271725][ T7988] geneve2: entered allmulticast mode [ 83.383532][ T7996] loop1: detected capacity change from 0 to 1024 [ 83.400502][ T7996] EXT4-fs: Ignoring removed orlov option [ 83.406257][ T7996] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.458837][ T7996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.585938][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.636549][ T8005] loop1: detected capacity change from 0 to 512 [ 83.668770][ T8005] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.686765][ T8005] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.790094][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.929165][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 83.929179][ T29] audit: type=1400 audit(1737165808.187:2494): avc: denied { read } for pid=8018 comm="syz.5.1996" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 83.960736][ T29] audit: type=1400 audit(1737165808.217:2495): avc: denied { open } for pid=8018 comm="syz.5.1996" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 84.039080][ T29] audit: type=1400 audit(1737165808.297:2496): avc: denied { ioctl } for pid=8020 comm="syz.1.1997" path="socket:[21622]" dev="sockfs" ino=21622 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 84.073231][ T7952] syz.3.1971 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 84.084334][ T7952] CPU: 0 UID: 0 PID: 7952 Comm: syz.3.1971 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0 [ 84.095104][ T7952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 84.105198][ T7952] Call Trace: [ 84.108503][ T7952] [ 84.111439][ T7952] dump_stack_lvl+0xf2/0x150 [ 84.116066][ T7952] dump_stack+0x15/0x1a [ 84.120307][ T7952] dump_header+0x83/0x2d0 [ 84.124771][ T7952] oom_kill_process+0x341/0x4c0 [ 84.129648][ T7952] out_of_memory+0x9af/0xbe0 [ 84.134241][ T7952] ? css_next_descendant_pre+0x11c/0x140 [ 84.139890][ T7952] mem_cgroup_out_of_memory+0x13e/0x190 [ 84.145461][ T7952] try_charge_memcg+0x508/0x7f0 [ 84.150386][ T7952] charge_memcg+0x50/0xc0 [ 84.154764][ T7952] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 84.160773][ T7952] __read_swap_cache_async+0x236/0x480 [ 84.166323][ T7952] swap_cluster_readahead+0x279/0x3f0 [ 84.171821][ T7952] swapin_readahead+0xe4/0x6f0 [ 84.176597][ T7952] ? __rcu_read_unlock+0x34/0x70 [ 84.181666][ T7952] ? swap_cache_get_folio+0x77/0x210 [ 84.186967][ T7952] do_swap_page+0x31b/0x2550 [ 84.191592][ T7952] ? __rcu_read_lock+0x36/0x50 [ 84.196403][ T7952] ? __pfx_default_wake_function+0x10/0x10 [ 84.202293][ T7952] handle_mm_fault+0x8e4/0x2ac0 [ 84.207186][ T7952] exc_page_fault+0x3b9/0x650 [ 84.211879][ T7952] asm_exc_page_fault+0x26/0x30 [ 84.216777][ T7952] RIP: 0033:0x7f46d2aaf425 [ 84.221224][ T7952] Code: c1 fa 02 e8 8d fa ff ff 48 83 fd 04 7f d7 48 83 c4 08 5b 5d 41 5c 41 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 55 48 89 f0 <41> 54 48 29 f8 49 89 fc 55 53 48 83 ec 08 48 3d 80 00 00 00 0f 8e [ 84.240833][ T7952] RSP: 002b:00007ffe900b3000 EFLAGS: 00010246 [ 84.246963][ T7952] RAX: 00007f46d22cf1c8 RBX: 00007f46d22cf180 RCX: ffffffff81547e5e [ 84.254944][ T7952] RDX: 0000000000000010 RSI: 00007f46d22cf1c8 RDI: 00007f46d22cf180 [ 84.262927][ T7952] RBP: 00007f46d22cf140 R08: 00007f46d22cf180 R09: 00007f46d2db2000 [ 84.270918][ T7952] R10: 00007f46d2249008 R11: 0000000000000003 R12: 00007f46d22cf138 [ 84.278886][ T7952] R13: 0000000000000010 R14: 0000000000000032 R15: 00007f46d2249008 [ 84.286861][ T7952] ? __remove_mapping+0x17e/0x470 [ 84.291914][ T7952] [ 84.295187][ T7952] memory: usage 307200kB, limit 307200kB, failcnt 1668 [ 84.302364][ T7952] memory+swap: usage 307836kB, limit 9007199254740988kB, failcnt 0 [ 84.310336][ T7952] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 84.311516][ T8019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 84.317683][ T7952] Memory cgroup stats for /syz3: [ 84.320109][ T7952] cache 8192 [ 84.332888][ T8019] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 84.334653][ T7952] rss 4096 [ 84.345353][ T7952] shmem 0 [ 84.348335][ T7952] mapped_file 0 [ 84.351833][ T7952] dirty 0 [ 84.354784][ T7952] writeback 8192 [ 84.358434][ T7952] workingset_refault_anon 2198 [ 84.363251][ T7952] workingset_refault_file 220 [ 84.367954][ T7952] swap 651264 [ 84.371288][ T7952] swapcached 8192 [ 84.374938][ T7952] pgpgin 81934 [ 84.378463][ T7952] pgpgout 81930 [ 84.381927][ T7952] pgfault 77093 [ 84.385567][ T7952] pgmajfault 327 [ 84.389259][ T7952] inactive_anon 0 [ 84.393067][ T7952] active_anon 8192 [ 84.396820][ T7952] inactive_file 0 [ 84.400470][ T7952] active_file 8192 [ 84.404269][ T7952] unevictable 0 [ 84.407760][ T7952] hierarchical_memory_limit 314572800 [ 84.410155][ T8025] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1999'. [ 84.413194][ T7952] hierarchical_memsw_limit 9223372036854771712 [ 84.413207][ T7952] total_cache 8192 [ 84.432183][ T7952] total_rss 4096 [ 84.435772][ T7952] total_shmem 0 [ 84.439245][ T7952] total_mapped_file 0 [ 84.443272][ T7952] total_dirty 0 [ 84.446857][ T7952] total_writeback 8192 [ 84.451053][ T7952] total_workingset_refault_anon 2198 [ 84.456419][ T7952] total_workingset_refault_file 220 [ 84.461625][ T7952] total_swap 651264 [ 84.465645][ T7952] total_swapcached 8192 [ 84.469809][ T7952] total_pgpgin 81934 [ 84.473714][ T7952] total_pgpgout 81930 [ 84.477730][ T7952] total_pgfault 77093 [ 84.481725][ T7952] total_pgmajfault 327 [ 84.485823][ T7952] total_inactive_anon 0 [ 84.489983][ T7952] total_active_anon 8192 [ 84.494237][ T7952] total_inactive_file 0 [ 84.495461][ T29] audit: type=1400 audit(1737165808.627:2497): avc: denied { setopt } for pid=8022 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 84.498417][ T7952] total_active_file 8192 [ 84.517358][ T29] audit: type=1400 audit(1737165808.717:2498): avc: denied { create } for pid=8027 comm="syz.1.2000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 84.521553][ T7952] total_unevictable 0 [ 84.521566][ T7952] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null) [ 84.541749][ T29] audit: type=1400 audit(1737165808.737:2499): avc: denied { write } for pid=8027 comm="syz.1.2000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 84.545641][ T7952] ,cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1971,pid=7952,uid=0 [ 84.545719][ T7952] Memory cgroup out of memory: Killed process 7952 (syz.3.1971) total-vm:95696kB, anon-rss:788kB, file-rss:22468kB, shmem-rss:128kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 84.783750][ T29] audit: type=1400 audit(1737165809.037:2500): avc: denied { create } for pid=8044 comm="syz.4.2008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 84.861995][ T29] audit: type=1326 audit(1737165809.117:2501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8050 comm="syz.1.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 84.892953][ T29] audit: type=1326 audit(1737165809.117:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8050 comm="syz.1.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 84.916464][ T29] audit: type=1326 audit(1737165809.117:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8050 comm="syz.1.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f241a175d29 code=0x7ffc0000 [ 84.998887][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.019852][ T8060] loop6: detected capacity change from 0 to 1024 [ 85.041219][ T8060] EXT4-fs: test_dummy_encryption option not supported [ 85.277896][ T8096] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2032'. [ 85.288796][ T8096] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2032'. [ 85.327836][ T8102] loop1: detected capacity change from 0 to 2048 [ 85.369120][ T8102] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.435180][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.467362][ T8122] __nla_validate_parse: 1 callbacks suppressed [ 85.467380][ T8122] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2043'. [ 85.704762][ T8145] loop6: detected capacity change from 0 to 512 [ 85.729286][ T8145] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.743958][ T8145] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.782806][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.861441][ T8162] loop1: detected capacity change from 0 to 2048 [ 85.878188][ T8162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.984805][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.746356][ T8246] bpf_get_probe_write_proto: 2 callbacks suppressed [ 86.746378][ T8246] syz.5.2098[8246] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.753360][ T8246] syz.5.2098[8246] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.753418][ T8248] loop1: detected capacity change from 0 to 512 [ 86.766228][ T8246] syz.5.2098[8246] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.777481][ T8248] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 86.827045][ T8248] EXT4-fs (loop1): 1 truncate cleaned up [ 86.841672][ T8248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.982286][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.027659][ T8275] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2110'. [ 87.038698][ T8279] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2111'. [ 87.048536][ T8275] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2110'. [ 87.075681][ T8278] syzkaller1: entered promiscuous mode [ 87.081285][ T8278] syzkaller1: entered allmulticast mode [ 87.245126][ T8297] loop6: detected capacity change from 0 to 512 [ 87.277518][ T8297] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2121: bg 0: block 248: padding at end of block bitmap is not set [ 87.295439][ T8297] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.2121: Failed to acquire dquot type 1 [ 87.343959][ T8297] EXT4-fs (loop6): 1 truncate cleaned up [ 87.354237][ T8297] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.367883][ T8297] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.400937][ T8322] syz.3.2132[8322] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.401059][ T8322] syz.3.2132[8322] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.425771][ T8322] syz.3.2132[8322] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.437946][ T8322] netlink: 'syz.3.2132': attribute type 10 has an invalid length. [ 87.459758][ T8322] team0: Device hsr_slave_0 failed to register rx_handler [ 87.509182][ T8330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2136'. [ 87.518275][ T8330] bridge_slave_1: left allmulticast mode [ 87.523982][ T8330] bridge_slave_1: left promiscuous mode [ 87.529865][ T8330] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.544491][ T8330] bridge_slave_0: left allmulticast mode [ 87.550342][ T8330] bridge_slave_0: left promiscuous mode [ 87.556136][ T8330] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.564558][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.611897][ T8340] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2141'. [ 87.649802][ T8346] SELinux: security_context_str_to_sid (u) failed with errno=-22 [ 87.672575][ T8348] @ے: renamed from vlan0 (while UP) [ 87.703629][ T8351] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2156'. [ 87.804184][ T8367] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2153'. [ 88.169062][ T8422] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2179'. [ 88.178229][ T8422] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2179'. [ 88.238016][ T8432] loop6: detected capacity change from 0 to 512 [ 88.253295][ T8432] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.265992][ T8432] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.266485][ T8437] loop3: detected capacity change from 0 to 2048 [ 88.283577][ T8437] EXT4-fs: Ignoring removed mblk_io_submit option [ 88.308454][ T8437] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.337076][ T8437] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2183: bg 0: block 234: padding at end of block bitmap is not set [ 88.351907][ T8437] EXT4-fs (loop3): Remounting filesystem read-only [ 88.360272][ T8437] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 12, error -5) [ 88.387459][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.397772][ T8420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.421801][ T8420] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.789940][ T8477] netlink: 'syz.4.2200': attribute type 153 has an invalid length. [ 88.904776][ T8489] syz.4.2207[8489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.904885][ T8489] syz.4.2207[8489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.919053][ T8489] syz.4.2207[8489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.935513][ T29] kauditd_printk_skb: 192 callbacks suppressed [ 88.935530][ T29] audit: type=1326 audit(1737165813.197:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.4.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 88.976515][ T29] audit: type=1326 audit(1737165813.197:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.4.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 88.984104][ T8496] syz.3.2208[8496] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.000140][ T29] audit: type=1326 audit(1737165813.197:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.4.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.035228][ T29] audit: type=1326 audit(1737165813.197:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.4.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.058762][ T29] audit: type=1326 audit(1737165813.197:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.4.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.149593][ T29] audit: type=1326 audit(1737165813.407:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8505 comm="syz.4.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.204273][ T29] audit: type=1326 audit(1737165813.407:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8505 comm="syz.4.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.227907][ T29] audit: type=1326 audit(1737165813.407:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8505 comm="syz.4.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.251385][ T29] audit: type=1326 audit(1737165813.407:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8505 comm="syz.4.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.275762][ T29] audit: type=1326 audit(1737165813.407:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8505 comm="syz.4.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff484f15d29 code=0x7ffc0000 [ 89.287017][ T8507] loop3: detected capacity change from 0 to 8192 [ 89.315763][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.413005][ T8520] netlink: 'syz.6.2216': attribute type 10 has an invalid length. [ 89.451076][ T8520] team0: Device hsr_slave_0 failed to register rx_handler [ 89.836741][ T8569] Cannot find del_set index 0 as target [ 90.013394][ T8581] loop1: detected capacity change from 0 to 256 [ 90.033472][ T8581] msdos: Bad value for 'tz' [ 90.119481][ T8588] geneve2: entered promiscuous mode [ 90.124777][ T8588] geneve2: entered allmulticast mode [ 90.413738][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x1 [ 90.421352][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.428823][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.436421][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.443830][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.451520][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.458990][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x4 [ 90.466565][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.474115][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x2 [ 90.481603][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.489127][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.496555][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.504195][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.511644][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x4 [ 90.519225][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.526665][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.534141][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.542189][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.550097][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.557614][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.565091][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.572539][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.580029][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.587533][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.594920][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.602340][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.609747][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.617185][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.624730][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.632186][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.639580][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.647071][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.654538][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.661963][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.669448][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.676944][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.684341][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.691789][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 90.701731][ T8] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 90.919246][ T8659] batadv1: entered promiscuous mode [ 90.925208][ T8659] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 90.976841][ T8665] loop6: detected capacity change from 0 to 2048 [ 90.998667][ T8665] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.026569][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.915177][ T8736] bpf_get_probe_write_proto: 20 callbacks suppressed [ 91.915196][ T8736] syz.4.2316[8736] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 91.925590][ T8736] syz.4.2316[8736] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 91.937277][ T8736] syz.4.2316[8736] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.214689][ T8762] __nla_validate_parse: 11 callbacks suppressed [ 92.214711][ T8762] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2329'. [ 92.292933][ T8766] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 92.311846][ T8766] SELinux: failed to load policy [ 92.857151][ T8796] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2344'. [ 92.866232][ T8796] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2344'. [ 92.954150][ T8800] program syz.6.2355 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 93.076856][ T8816] netlink: 'syz.6.2352': attribute type 10 has an invalid length. [ 93.085177][ T8816] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.092478][ T8816] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.103270][ T8816] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.110395][ T8816] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.117830][ T8816] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.124911][ T8816] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.138736][ T8816] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 93.249617][ T8831] loop6: detected capacity change from 0 to 164 [ 93.258353][ T8831] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 93.268170][ T8831] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 93.407239][ T8841] veth1_vlan: left promiscuous mode [ 93.594410][ T8863] loop3: detected capacity change from 0 to 1024 [ 93.629145][ T8863] EXT4-fs (loop3): mounted filesystem 00000000-b10a-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.641545][ T8863] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.670026][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-b10a-0000-0000-000000000000. [ 93.831017][ T8881] netlink: 'syz.4.2382': attribute type 10 has an invalid length. [ 93.845011][ T8881] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.852328][ T8881] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.862417][ T8881] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.869552][ T8881] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.876934][ T8881] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.884142][ T8881] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.894746][ T8881] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 93.932744][ T8885] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.2384'. [ 94.058835][ T8901] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8901 comm=syz.6.2390 [ 94.093520][ T29] kauditd_printk_skb: 140 callbacks suppressed [ 94.093535][ T29] audit: type=1400 audit(1737165818.347:2844): avc: denied { setopt } for pid=8902 comm="syz.6.2391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 94.552700][ T29] audit: type=1400 audit(1737165818.807:2845): avc: denied { compute_member } for pid=8925 comm="syz.1.2399" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 94.814279][ T29] audit: type=1400 audit(1737165819.067:2846): avc: denied { write } for pid=8955 comm="syz.1.2409" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 95.037774][ T8990] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2424'. [ 95.070331][ T29] audit: type=1326 audit(1737165819.317:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.093912][ T29] audit: type=1326 audit(1737165819.317:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.117507][ T29] audit: type=1326 audit(1737165819.327:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.141069][ T29] audit: type=1326 audit(1737165819.327:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.164534][ T29] audit: type=1326 audit(1737165819.327:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.167925][ T8974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 95.188158][ T29] audit: type=1326 audit(1737165819.327:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.220146][ T29] audit: type=1326 audit(1737165819.327:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.3.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46d2bd5d29 code=0x7ffc0000 [ 95.221372][ T8974] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.345876][ T9008] netlink: 'syz.1.2433': attribute type 1 has an invalid length. [ 96.066098][ T9092] serio: Serial port ptm0 [ 96.116888][ T9098] syz.1.2466: attempt to access beyond end of device [ 96.116888][ T9098] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 96.213737][ T9110] loop1: detected capacity change from 0 to 512 [ 96.248730][ T9110] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.265602][ T9110] ext4 filesystem being mounted at /298/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 96.294948][ T9118] loop6: detected capacity change from 0 to 512 [ 96.305731][ T9118] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 96.319252][ T9118] EXT4-fs (loop6): 1 truncate cleaned up [ 96.331544][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.343185][ T9118] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.378874][ T9122] syz.1.2474[9122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.378948][ T9122] syz.1.2474[9122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.412883][ T5955] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.436942][ T9122] syz.1.2474[9122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.538857][ T9135] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2481'. [ 96.578381][ T9135] netlink: 'syz.5.2481': attribute type 4 has an invalid length. [ 96.692497][ T9137] ebtables: ebtables: counters copy to user failed while replacing table [ 96.838626][ T9160] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 96.926556][ T9170] random: crng reseeded on system resumption [ 97.044618][ T9181] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2499'. [ 97.099045][ T9185] serio: Serial port ptm0 [ 97.142915][ T9189] loop3: detected capacity change from 0 to 2048 [ 97.174669][ T9194] 9pnet: p9_errstr2errno: server reported unknown error ‌@يخ‚ح(للي«Q00000000000000000005 [ 97.186777][ T9189] loop3: p2 p3 < > p4 < p5 > [ 97.191503][ T9189] loop3: partition table partially beyond EOD, truncated [ 97.199489][ T9189] loop3: p2 start 16908804 is beyond EOD, truncated [ 97.206235][ T9189] loop3: p3 start 4284289 is beyond EOD, truncated [ 97.213928][ T9189] loop3: p5 start 16908804 is beyond EOD, truncated [ 97.261197][ T9200] ALSA: seq fatal error: cannot create timer (-19) [ 97.340869][ T9217] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2513'. [ 97.358887][ T9217] netlink: 'syz.5.2513': attribute type 2 has an invalid length. [ 97.366723][ T9217] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2513'. [ 97.389466][ T9219] netlink: 'syz.3.2514': attribute type 21 has an invalid length. [ 97.397353][ T9219] IPv6: NLM_F_CREATE should be specified when creating new route [ 97.424286][ T9224] block device autoloading is deprecated and will be removed. [ 97.432969][ T9225] netlink: 'syz.4.2517': attribute type 3 has an invalid length. [ 97.440933][ T9224] syz.5.2516: attempt to access beyond end of device [ 97.440933][ T9224] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 97.462213][ T9229] netlink: 'syz.3.2519': attribute type 1 has an invalid length. [ 97.611773][ T9252] atomic_op ffff888109a72128 conn xmit_atomic 0000000000000000 [ 97.661300][ T9254] random: crng reseeded on system resumption [ 97.679367][ T9260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2532'. [ 97.688355][ T9260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2532'. [ 97.708242][ T9264] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 97.750413][ T9261] syz.3.2533: attempt to access beyond end of device [ 97.750413][ T9261] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 97.891128][ T9288] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2545'. [ 97.901043][ T9288] netlink: 'syz.4.2545': attribute type 4 has an invalid length. [ 97.924328][ T9290] 9pnet_fd: p9_fd_create_tcp (9290): problem connecting socket to 127.0.0.1 [ 98.042692][ T9312] random: crng reseeded on system resumption [ 98.219380][ T9337] serio: Serial port ptm0 [ 98.460978][ T9363] loop1: detected capacity change from 0 to 512 [ 98.477701][ T9363] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.490426][ T9363] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.551819][ T9377] random: crng reseeded on system resumption [ 98.671855][ T9384] loop6: detected capacity change from 0 to 2048 [ 98.725683][ T9384] loop6: p2 p3 < > p4 < p5 > [ 98.730522][ T9384] loop6: partition table partially beyond EOD, truncated [ 98.737746][ T9384] loop6: p2 start 16908804 is beyond EOD, truncated [ 98.744402][ T9384] loop6: p3 start 4284289 is beyond EOD, truncated [ 98.767696][ T9384] loop6: p5 start 16908804 is beyond EOD, truncated [ 99.142813][ T9393] serio: Serial port ptm0 [ 99.157992][ T29] kauditd_printk_skb: 107 callbacks suppressed [ 99.158010][ T29] audit: type=1326 audit(1737165823.417:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.192598][ T29] audit: type=1326 audit(1737165823.417:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.216637][ T29] audit: type=1326 audit(1737165823.417:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.240267][ T29] audit: type=1326 audit(1737165823.417:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.263832][ T29] audit: type=1326 audit(1737165823.417:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.287345][ T29] audit: type=1326 audit(1737165823.417:2966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.311036][ T29] audit: type=1326 audit(1737165823.417:2967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.334693][ T29] audit: type=1326 audit(1737165823.417:2968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.358294][ T29] audit: type=1326 audit(1737165823.417:2969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.381739][ T29] audit: type=1326 audit(1737165823.417:2970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9395 comm="syz.5.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd637b5d29 code=0x7ffc0000 [ 99.479189][ T9403] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 99.835581][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.853549][ T9429] ================================================================== [ 99.861703][ T9429] BUG: KCSAN: data-race in bq_flush_to_queue / cpu_map_kthread_run [ 99.869823][ T9429] [ 99.872153][ T9429] write to 0xffff888140d72900 of 8 bytes by task 9432 on cpu 0: [ 99.879800][ T9429] cpu_map_kthread_run+0x49b/0x11f0 [ 99.885028][ T9429] kthread+0x1d1/0x210 [ 99.889114][ T9429] ret_from_fork+0x4b/0x60 [ 99.893547][ T9429] ret_from_fork_asm+0x1a/0x30 [ 99.898330][ T9429] [ 99.900657][ T9429] read to 0xffff888140d72900 of 8 bytes by task 9429 on cpu 1: [ 99.908210][ T9429] bq_flush_to_queue+0x125/0x360 [ 99.913183][ T9429] cpu_map_enqueue+0x19e/0x1b0 [ 99.917970][ T9429] xdp_do_redirect_frame+0x2a4/0x6b0 [ 99.923272][ T9429] bpf_test_run_xdp_live+0x8c6/0x1040 [ 99.928700][ T9429] bpf_prog_test_run_xdp+0x51d/0x8b0 [ 99.934003][ T9429] bpf_prog_test_run+0x20f/0x3a0 [ 99.938955][ T9429] __sys_bpf+0x400/0x7a0 [ 99.943208][ T9429] __x64_sys_bpf+0x43/0x50 [ 99.947648][ T9429] x64_sys_call+0x2914/0x2dc0 [ 99.952341][ T9429] do_syscall_64+0xc9/0x1c0 [ 99.956862][ T9429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.962769][ T9429] [ 99.965096][ T9429] value changed: 0xffff88813e511070 -> 0x0000000000000000 [ 99.972205][ T9429] [ 99.974529][ T9429] Reported by Kernel Concurrency Sanitizer on: [ 99.980680][ T9429] CPU: 1 UID: 0 PID: 9429 Comm: syz.3.2605 Not tainted 6.13.0-rc7-syzkaller-00189-g595523945be0 #0 [ 99.991369][ T9429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 100.001436][ T9429] ================================================================== [ 100.071978][ T9439] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 65540, id = 0 [ 100.072321][ T9436] IPVS: stopping master sync thread 9439 ...