last executing test programs: 2m54.747808441s ago: executing program 3 (id=329): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) signalfd4(0xffffffffffffffff, &(0x7f0000000500), 0x8, 0x0) 2m54.722790713s ago: executing program 3 (id=330): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x90000005}) epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xfffeffff, 0x0, 0x443c000000000000) connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e) 2m53.846910693s ago: executing program 3 (id=361): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) socket$qrtr(0x2a, 0x2, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'}) 2m53.819993985s ago: executing program 3 (id=362): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db) r0 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x1, 0x2, 0x156}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x26c8, 0x0, 0x1, 0x0, 0x10) 2m53.679579226s ago: executing program 3 (id=366): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x325, 0x0, 0x0, {0x8}}, 0x14}}, 0x0) 2m53.354618972s ago: executing program 3 (id=380): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2) 2m53.316466015s ago: executing program 32 (id=380): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2) 2m42.9898005s ago: executing program 2 (id=724): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_usb_connect(0x2, 0x64, 0x0, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x5, 0x2, 0x0, 0x70bd2d, 0x25dfdbfe}, 0x10}}, 0x4) 2m40.465204431s ago: executing program 2 (id=799): r0 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x59fa, 0x400, 0x8, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x4000000000000209}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2m40.389409858s ago: executing program 2 (id=802): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc00x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x26c8, 0x0, 0x1, 0x0, 0x10) 2m36.241942679s ago: executing program 1 (id=922): socket(0x2, 0xa, 0x300) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', 0x0}) r2 = socket$packet(0x11, 0x3, 0x300) bind$packet(r2, &(0x7f0000000340)={0x11, 0x3, r1, 0x1, 0x80}, 0x14) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[], 0x0) 2m35.701401052s ago: executing program 1 (id=943): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x4}, 0x50) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2m35.698819882s ago: executing program 34 (id=943): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x4}, 0x50) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1m24.917788667s ago: executing program 7 (id=3306): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x20000000) 1m24.831205613s ago: executing program 7 (id=3310): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r2, 0x4b67, &(0x7f0000001ec0)={0x1, &(0x7f0000001e80)=[{0x0, 0x1000}]}) 1m24.733385692s ago: executing program 7 (id=3311): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) arch_prctl$ARCH_GET_CPUID(0x1011) 1m24.665599857s ago: executing program 7 (id=3312): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r2, &(0x7f0000000140)={'full'}, 0xfffffdef) 1m24.547798336s ago: executing program 7 (id=3315): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 1m24.397380318s ago: executing program 7 (id=3317): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="a21428c6c085", @void, {@ipv6={0x86dd, @generic={0x1, 0x6, "bcc1d7", 0x0, 0x6c, 0xff, @rand_addr=' \x01\x00', @loopback}}}}, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1m24.397207318s ago: executing program 35 (id=3317): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="a21428c6c085", @void, {@ipv6={0x86dd, @generic={0x1, 0x6, "bcc1d7", 0x0, 0x6c, 0xff, @rand_addr=' \x01\x00', @loopback}}}}, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.161034577s ago: executing program 6 (id=6372): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 1.160757988s ago: executing program 8 (id=6373): r0 = socket$netlink(0x10, 0x3, 0x14) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844) 1.160600718s ago: executing program 0 (id=6374): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) sendto$inet6(r0, 0x0, 0x900, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 636.98106ms ago: executing program 8 (id=6390): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x2e, 0x1c, 0x66, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100}, @address_reply={0x12, 0x0, 0x0, 0x2}}}}}, 0x0) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x1e9, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) 356.696042ms ago: executing program 4 (id=6400): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r0}, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=@newqdisc={0x6c, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x7, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x100, 0x75de0fa8, 0x5, 0x9, 0x81, 0x101, 0x7, 0x2, 0x7fffffff, 0xfffffffd, 0xd, 0xb, 0x3, 0x6, 0xca11, 0xffff}}]}}]}, 0x6c}}, 0x0) 281.390618ms ago: executing program 0 (id=6401): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x2}, 0x18) creat(&(0x7f00000000c0)='./file0\x00', 0x48) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=', @ANYBLOB="6f545f83"]) 281.078468ms ago: executing program 8 (id=6402): syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) kexec_load(0xfffffffffffffff7, 0x0, 0x0, 0x0) mkdir(0x0, 0x19) r0 = socket(0x28, 0x5, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8) 280.839628ms ago: executing program 4 (id=6403): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000) 279.948408ms ago: executing program 5 (id=6404): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='tlb_flush\x00', r0, 0x0, 0x40}, 0x18) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 258.92798ms ago: executing program 8 (id=6405): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r0], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000005c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x80000001, 0x0}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 251.69084ms ago: executing program 4 (id=6406): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r2, &(0x7f0000005f40)=[{{&(0x7f0000000d00)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000003400)=ANY=[@ANYBLOB="20000000000000000000000007000000440cd1700000000700000e0f940401001400000000000000000600000200000002000000000000001100000000000000000000000100000009000000000000001400000000000000eaffffff0100000006000000000000001400000000000000000000000200000006"], 0x80}}, {{&(0x7f00000010c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f00000012c0)=ANY=[], 0x28}}], 0x2, 0x4000004) 242.005861ms ago: executing program 6 (id=6407): r0 = socket(0x10, 0x803, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x800, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000) getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x100, 0xac}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e22}, @IFLA_IPTUN_FLAGS={0x8, 0x8, 0x35}, @IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0xa}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090) 185.286086ms ago: executing program 5 (id=6408): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0) fstat(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r3, 0x0, r1) setuid(r1) 184.913026ms ago: executing program 4 (id=6409): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a0063"], 0x3c}}, 0x0) 184.616816ms ago: executing program 0 (id=6410): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40000000}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000003"], 0x64}}, 0x0) 184.394186ms ago: executing program 8 (id=6411): r0 = mq_open(&(0x7f0000000000)='batadv_slave_1\x00', 0x8c2, 0x30, 0x0) r1 = mq_open(&(0x7f0000000000)='batadv_slave_1\x00', 0x40, 0xad, 0x0) mq_timedreceive(r1, &(0x7f00000000c0)=""/61, 0xfffffffffffffd88, 0x3, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) mq_timedsend(r0, 0x0, 0x0, 0x5, 0x0) 180.182936ms ago: executing program 5 (id=6412): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3, 0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r4}, &(0x7f0000000280), &(0x7f0000000140)=r1}, 0x22) 171.271817ms ago: executing program 0 (id=6413): r0 = gettid() timer_create(0x0, &(0x7f00000014c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5}) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) rt_sigtimedwait(&(0x7f00000017c0), 0x0, 0x0, 0x8) 113.305571ms ago: executing program 5 (id=6414): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x36}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0xf4, r2, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0xa8, 0x8, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x8, 0x9, 0x0, 0x1, [{0x4}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db717"}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0xf4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) 113.028871ms ago: executing program 0 (id=6415): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x3, 0x1000}, 0x4) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x1000, 0x1, 0x1000, 0x1, 0x7ff, 0xf84, 0x3}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002600)=@newtaction={0x18, 0x30, 0x12f, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) 112.760051ms ago: executing program 6 (id=6416): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a0101000000000000000001000000090003001e007a3200000000080007006e6174000900010073797a310000000014000480080002407c40280f080001400000000028000000000a05000000000000000000010000080900010073797a31000000000800024000000001140000001100010000000000000000000000000a026c953b9c177248a53e1741187772480395b0b22c6a152f9fe429eb09539dc00a75d6d88caa5b147da79f8163636e39ef266592cfb108e277ee3be9e304d0888706"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) 111.165192ms ago: executing program 5 (id=6417): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x2) fchdir(r1) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x10, 0x1) newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000180), 0x6000) 107.132822ms ago: executing program 8 (id=6418): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 90.713613ms ago: executing program 6 (id=6419): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='kmem_cache_free\x00', r1}, 0x10) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) 13.29356ms ago: executing program 6 (id=6420): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x0) 13.002829ms ago: executing program 5 (id=6421): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x100004c, &(0x7f0000000100), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) fallocate(r1, 0x0, 0x0, 0x8000c62) copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xae8, 0x863, 0x0) 12.749849ms ago: executing program 4 (id=6422): unshare(0x20000400) r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x18) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000040)='./file0\x00') openat2(r1, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18) 12.526159ms ago: executing program 0 (id=6423): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="3700000013000318680907070000000f0000ff3f13000000170a001700000000040037000d00030001362564aa58b9a6c011f6bbf44dc4", 0x37}], 0x1) symlink(0x0, 0x0) 7.70067ms ago: executing program 4 (id=6424): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000007000000612200000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r1], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r2, 0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000009c0)={{r3, 0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000980)='%pB \x00'}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000a40)={r4, &(0x7f0000000000), 0x0}, 0x20) 0s ago: executing program 6 (id=6425): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'}) kernel console output (not intermixed with test programs): ily 0 port 6081 - 0 [ 145.158344][T11998] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.169298][T11998] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.180231][ T7443] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.193889][ T7443] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.204453][ T7443] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.220454][ T7443] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.246272][ T7476] bridge_slave_1: left allmulticast mode [ 145.252198][ T7476] bridge_slave_1: left promiscuous mode [ 145.258168][ T7476] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.271192][ T7476] bridge_slave_0: left allmulticast mode [ 145.277073][ T7476] bridge_slave_0: left promiscuous mode [ 145.283024][ T7476] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.384819][ T7476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.398385][ T7476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.417516][ T7476] bond0 (unregistering): Released all slaves [ 145.462466][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 145.462483][ T29] audit: type=1326 audit(145.438:4065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.492086][ T29] audit: type=1326 audit(145.438:4066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.525087][ T29] audit: type=1326 audit(145.468:4067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.548651][ T29] audit: type=1326 audit(145.468:4068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.571720][ T29] audit: type=1326 audit(145.468:4069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.594936][ T29] audit: type=1326 audit(145.468:4070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.618245][ T29] audit: type=1326 audit(145.468:4071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.641430][ T29] audit: type=1326 audit(145.468:4072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.665282][ T29] audit: type=1326 audit(145.468:4073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.688424][ T29] audit: type=1326 audit(145.468:4074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12055 comm="syz.6.3324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 145.713491][ T7476] hsr_slave_0: left promiscuous mode [ 145.719388][ T7476] hsr_slave_1: left promiscuous mode [ 145.725380][ T7476] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 145.732923][ T7476] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 145.741324][ T7476] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 145.748945][ T7476] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 145.765818][ T7476] veth1_macvtap: left promiscuous mode [ 145.780731][ T7476] veth0_macvtap: left promiscuous mode [ 145.786509][ T7476] veth1_vlan: left promiscuous mode [ 145.794316][ T7476] veth0_vlan: left promiscuous mode [ 145.918687][ T7476] team0 (unregistering): Port device team_slave_1 removed [ 145.942144][ T7476] team0 (unregistering): Port device team_slave_0 removed [ 146.207986][T12043] chnl_net:caif_netlink_parms(): no params data found [ 146.252735][T12062] chnl_net:caif_netlink_parms(): no params data found [ 146.308482][T12043] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.315885][T12043] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.324254][T12043] bridge_slave_0: entered allmulticast mode [ 146.331212][T12043] bridge_slave_0: entered promiscuous mode [ 146.338313][T12043] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.345667][T12043] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.353347][T12043] bridge_slave_1: entered allmulticast mode [ 146.360303][T12043] bridge_slave_1: entered promiscuous mode [ 146.404455][T12043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.442121][T12043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.457114][T12062] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.464745][T12062] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.472686][T12062] bridge_slave_0: entered allmulticast mode [ 146.481490][T12062] bridge_slave_0: entered promiscuous mode [ 146.508188][T12062] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.515441][T12062] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.524856][T12062] bridge_slave_1: entered allmulticast mode [ 146.532424][T12062] bridge_slave_1: entered promiscuous mode [ 146.561722][T12043] team0: Port device team_slave_0 added [ 146.568531][T12043] team0: Port device team_slave_1 added [ 146.589170][T12062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.606672][T12043] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.614261][T12043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.640322][T12043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.653570][T12062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.683908][T12043] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.690993][T12043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.717045][T12043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.729207][T12062] team0: Port device team_slave_0 added [ 146.736112][T12062] team0: Port device team_slave_1 added [ 146.761254][T12062] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.768501][T12062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.794887][T12062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.806872][T12062] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.813985][T12062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.840473][T12062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.889021][T12043] hsr_slave_0: entered promiscuous mode [ 146.895366][T12043] hsr_slave_1: entered promiscuous mode [ 146.901586][T12043] debugfs: 'hsr0' already exists in 'hsr' [ 146.907537][T12043] Cannot create hsr debugfs directory [ 146.915673][T12062] hsr_slave_0: entered promiscuous mode [ 146.923465][T12062] hsr_slave_1: entered promiscuous mode [ 146.929904][T12062] debugfs: 'hsr0' already exists in 'hsr' [ 146.935732][T12062] Cannot create hsr debugfs directory [ 147.250494][T12062] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 147.260197][T12062] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 147.269662][T12062] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 147.278776][T12062] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 147.318459][T12062] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.331306][T12062] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.340901][ T7476] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.348074][ T7476] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.370413][ T7443] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.377639][ T7443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.439330][T12170] loop8: detected capacity change from 0 to 512 [ 147.479557][T12043] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 147.487452][T12170] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.511980][T12043] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 147.526292][T12043] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 147.543145][T12043] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 147.569397][T12062] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.617613][T12043] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.636281][T12043] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.648587][T11998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.659680][ T7443] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.666862][ T7443] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.677951][ T7443] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.685100][ T7443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.808164][T12043] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.846984][T12062] veth0_vlan: entered promiscuous mode [ 147.869363][T12062] veth1_vlan: entered promiscuous mode [ 147.911253][T12062] veth0_macvtap: entered promiscuous mode [ 147.937759][T12062] veth1_macvtap: entered promiscuous mode [ 147.951534][T12043] veth0_vlan: entered promiscuous mode [ 147.963593][T12043] veth1_vlan: entered promiscuous mode [ 147.971208][T12062] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 147.985368][T12062] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.004280][T12043] veth0_macvtap: entered promiscuous mode [ 148.015567][ T7476] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.033524][T12043] veth1_macvtap: entered promiscuous mode [ 148.043311][ T7476] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.059948][T12043] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.076902][ T7476] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.092301][T12043] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.103939][ T7476] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.118830][ T7443] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.128516][ T7476] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.140358][ T7476] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.154516][ T7476] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.170388][T12231] hub 6-0:1.0: USB hub found [ 148.176423][T12231] hub 6-0:1.0: 8 ports detected [ 148.211313][ T36] usb 11-1: enqueue for inactive port 0 [ 148.233147][ T36] usb 11-1: enqueue for inactive port 0 [ 148.251437][T12242] loop8: detected capacity change from 0 to 512 [ 148.279057][T12242] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.310723][ T36] vhci_hcd: vhci_device speed not set [ 148.323562][T12242] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.3377: Failed to acquire dquot type 1 [ 148.349982][T11998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.377622][T12260] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3387'. [ 148.419369][T12266] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3389'. [ 148.458993][T12271] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(5) [ 148.465661][T12271] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 148.473544][T12271] vhci_hcd vhci_hcd.0: Device attached [ 148.481891][T12274] vhci_hcd: connection closed [ 148.483722][T10170] vhci_hcd: stop threads [ 148.493031][T10170] vhci_hcd: release socket [ 148.497502][T10170] vhci_hcd: disconnect device [ 148.734865][T12300] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3402'. [ 148.817179][T12305] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3406'. [ 148.937434][T12315] netlink: 'syz.5.3411': attribute type 1 has an invalid length. [ 149.008377][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3415'. [ 149.017569][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3415'. [ 149.083428][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3415'. [ 149.111472][T12332] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3417'. [ 149.133612][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3415'. [ 149.142826][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3415'. [ 149.232940][T12341] vhci_hcd: invalid port number 96 [ 149.238372][T12341] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 149.950144][T12388] pim6reg1: entered promiscuous mode [ 149.955712][T12388] pim6reg1: entered allmulticast mode [ 150.234434][T12415] x_tables: ip_tables: udp match: only valid for protocol 17 [ 150.277182][T12419] rdma_op ffff88811a78d180 conn xmit_rdma 0000000000000000 [ 150.296054][T12423] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 150.317881][T12425] openvswitch: netlink: Message has 6 unknown bytes. [ 150.499196][ T29] kauditd_printk_skb: 141 callbacks suppressed [ 150.499219][ T29] audit: type=1400 audit(150.468:4214): avc: denied { ioctl } for pid=12448 comm="syz.8.3471" path="socket:[37893]" dev="sockfs" ino=37893 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 150.707792][ T29] audit: type=1400 audit(150.648:4215): avc: denied { bind } for pid=12448 comm="syz.8.3471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 150.726818][ T29] audit: type=1400 audit(150.648:4216): avc: denied { write } for pid=12448 comm="syz.8.3471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 151.154426][ T29] audit: type=1326 audit(151.108:4217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.177745][ T29] audit: type=1326 audit(151.108:4218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.200927][ T29] audit: type=1326 audit(151.108:4219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.223936][ T29] audit: type=1326 audit(151.108:4220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.247211][ T29] audit: type=1326 audit(151.108:4221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.270751][ T29] audit: type=1326 audit(151.108:4222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.293757][ T29] audit: type=1326 audit(151.108:4223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12474 comm="syz.4.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 151.463417][T12497] sd 0:0:1:0: device reset [ 151.508263][T12504] loop8: detected capacity change from 0 to 2048 [ 151.539865][T12504] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.588313][T11998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.624335][T12516] pimreg: entered allmulticast mode [ 151.644123][T12516] pimreg: left allmulticast mode [ 151.737654][T12531] loop8: detected capacity change from 0 to 764 [ 151.770258][T12531] Symlink component flag not implemented [ 151.788465][T12531] Symlink component flag not implemented (7) [ 151.867787][T12548] rdma_op ffff888118c35d80 conn xmit_rdma 0000000000000000 [ 152.151492][T12581] SELinux: policydb version 0 does not match my version range 15-35 [ 152.159732][T12581] SELinux: failed to load policy [ 152.239944][T12587] hub 6-0:1.0: USB hub found [ 152.261093][T12587] hub 6-0:1.0: 8 ports detected [ 152.359109][T12608] loop8: detected capacity change from 0 to 1024 [ 152.366287][T12608] EXT4-fs: Ignoring removed orlov option [ 152.377921][T12608] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.606902][T12628] hub 6-0:1.0: USB hub found [ 152.621298][T12628] hub 6-0:1.0: 8 ports detected [ 152.765700][T11998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.812236][T12661] netlink: 'syz.8.3558': attribute type 6 has an invalid length. [ 153.026349][T12674] hub 6-0:1.0: USB hub found [ 153.031647][T12674] hub 6-0:1.0: 8 ports detected [ 153.077297][T12682] SELinux: policydb version 0 does not match my version range 15-35 [ 153.086782][T12682] SELinux: failed to load policy [ 153.249760][T12701] hub 6-0:1.0: USB hub found [ 153.255479][T12701] hub 6-0:1.0: 8 ports detected [ 153.475046][T12730] __nla_validate_parse: 19 callbacks suppressed [ 153.475066][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3592'. [ 153.490537][T12730] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3592'. [ 153.499909][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3592'. [ 153.517147][ T7465] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.536832][ T7465] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.553857][T12732] hub 6-0:1.0: USB hub found [ 153.561216][T12732] hub 6-0:1.0: 8 ports detected [ 153.566240][ T7465] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.580491][ T7465] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.607546][T12737] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3595'. [ 153.616817][T12737] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3595'. [ 153.625902][T12737] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3595'. [ 153.635147][T12737] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3595'. [ 153.644146][T12737] netlink: 'syz.6.3595': attribute type 6 has an invalid length. [ 153.753788][T12756] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3603'. [ 153.835152][T12767] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3609'. [ 154.062173][T12788] dvmrp0: left allmulticast mode [ 154.486988][T12815] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3640'. [ 154.592091][T12827] pimreg: entered allmulticast mode [ 154.617846][T12827] pimreg: left allmulticast mode [ 155.140866][T12845] loop8: detected capacity change from 0 to 1024 [ 155.148661][T12843] pim6reg1: entered promiscuous mode [ 155.154090][T12843] pim6reg1: entered allmulticast mode [ 155.160132][T12845] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 155.192344][T12845] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #3: block 1: comm syz.8.3642: lblock 1 mapped to illegal pblock 1 (length 1) [ 155.210363][T12845] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.3642: Failed to acquire dquot type 0 [ 155.224333][T12845] EXT4-fs error (device loop8): ext4_free_blocks:6696: comm syz.8.3642: Freeing blocks not in datazone - block = 0, count = 4096 [ 155.238437][T12845] EXT4-fs error (device loop8): ext4_read_inode_bitmap:139: comm syz.8.3642: Invalid inode bitmap blk 0 in block_group 0 [ 155.252710][T12845] EXT4-fs error (device loop8) in ext4_free_inode:361: Corrupt filesystem [ 155.261411][T10170] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:68: lblock 1 mapped to illegal pblock 1 (length 1) [ 155.277100][T12845] EXT4-fs (loop8): 1 orphan inode deleted [ 155.283388][T10170] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:68: Failed to release dquot type 0 [ 155.299803][T12845] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.357466][T12845] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.413814][T12862] vhci_hcd: invalid port number 96 [ 155.419107][T12862] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 155.439388][T12869] sd 0:0:1:0: device reset [ 155.535278][T12880] openvswitch: netlink: Message has 6 unknown bytes. [ 155.547678][T12881] pim6reg1: entered promiscuous mode [ 155.553131][T12881] pim6reg1: entered allmulticast mode [ 155.665268][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 155.665287][ T29] audit: type=1400 audit(155.638:4356): avc: denied { ioctl } for pid=12887 comm="syz.0.3662" path="socket:[39435]" dev="sockfs" ino=39435 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 155.717057][T12890] pim6reg1: entered promiscuous mode [ 155.722480][T12890] pim6reg1: entered allmulticast mode [ 155.742585][ T29] audit: type=1400 audit(155.708:4357): avc: denied { execute } for pid=12893 comm="syz.6.3664" name="file1" dev="tmpfs" ino=453 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 155.764531][ T29] audit: type=1400 audit(155.708:4358): avc: denied { execute_no_trans } for pid=12893 comm="syz.6.3664" path="/85/file1" dev="tmpfs" ino=453 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 155.787477][ T29] audit: type=1400 audit(155.738:4359): avc: denied { append } for pid=12897 comm="syz.0.3677" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 155.809918][ T29] audit: type=1400 audit(155.738:4360): avc: denied { read } for pid=12897 comm="syz.0.3677" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 155.833107][ T29] audit: type=1400 audit(155.738:4361): avc: denied { open } for pid=12897 comm="syz.0.3677" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 155.859083][T12896] sd 0:0:1:0: device reset [ 155.918354][ T29] audit: type=1404 audit(155.888:4362): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 155.978253][ T29] audit: type=1400 audit(155.918:4363): avc: denied { prog_load } for pid=12909 comm="syz.0.3670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 155.997220][ T29] audit: type=1404 audit(155.918:4364): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 156.011702][ T29] audit: type=1400 audit(155.918:4365): avc: denied { prog_load } for pid=12909 comm="syz.0.3670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 156.176807][T12931] netlink: 'syz.8.3683': attribute type 3 has an invalid length. [ 156.184644][T12931] netlink: 'syz.8.3683': attribute type 3 has an invalid length. [ 156.275233][ T7438] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 156.298070][ T7438] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 156.316832][ T7438] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 156.335169][ T7438] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 156.474939][T12956] veth1_macvtap: left promiscuous mode [ 156.522891][T12963] lo speed is unknown, defaulting to 1000 [ 156.528872][T12963] lo speed is unknown, defaulting to 1000 [ 156.537052][T12963] lo speed is unknown, defaulting to 1000 [ 156.546832][T12963] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 156.556330][T12963] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 156.569793][T12963] lo speed is unknown, defaulting to 1000 [ 156.571254][ T36] hid_parser_main: 138 callbacks suppressed [ 156.571276][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.581311][T12963] lo speed is unknown, defaulting to 1000 [ 156.581772][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.581871][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.596511][T12963] lo speed is unknown, defaulting to 1000 [ 156.602820][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.617577][T12963] lo speed is unknown, defaulting to 1000 [ 156.624051][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.624082][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.624108][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.624134][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.624161][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.624252][ T36] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 156.627245][ T36] hid-generic 0000:0000:0000.0007: hidraw0: HID v8.00 Device [syz1] on syz0 [ 156.635322][T12963] lo speed is unknown, defaulting to 1000 [ 156.776865][T12970] hub 2-0:1.0: USB hub found [ 156.781644][T12970] hub 2-0:1.0: 8 ports detected [ 156.805820][T12974] vhci_hcd: invalid port number 96 [ 156.811037][T12974] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 157.048017][T12994] netem: change failed [ 157.327429][T13033] siw: device registration error -23 [ 157.476158][T13053] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 157.587476][T13066] siw: device registration error -23 [ 158.088838][T13098] netlink: 'syz.4.3764': attribute type 3 has an invalid length. [ 158.096839][T13098] netlink: 'syz.4.3764': attribute type 3 has an invalid length. [ 158.124772][T13104] siw: device registration error -23 [ 158.137525][T13103] hub 2-0:1.0: USB hub found [ 158.146630][T13103] hub 2-0:1.0: 8 ports detected [ 158.277439][T13120] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 158.307233][T13120] vhci_hcd: default hub control req: 1f07 v0017 i0001 l0 [ 158.655195][T13150] SELinux: failed to load policy [ 158.724638][T13165] __nla_validate_parse: 21 callbacks suppressed [ 158.724661][T13165] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3796'. [ 158.876461][T13184] SELinux: failed to load policy [ 158.917500][T13194] netlink: '+}[@': attribute type 1 has an invalid length. [ 159.063334][T13224] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3825'. [ 159.113410][T13225] SELinux: failed to load policy [ 159.478797][T13277] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3859'. [ 159.509937][T13282] netlink: 'syz.4.3851': attribute type 1 has an invalid length. [ 159.526834][T13283] loop8: detected capacity change from 0 to 512 [ 159.564758][T13283] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #3: comm syz.8.3850: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 159.607045][T13283] EXT4-fs error (device loop8): ext4_quota_enable:7127: comm syz.8.3850: Bad quota inode: 3, type: 0 [ 159.630464][T13283] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 159.646163][T13283] EXT4-fs (loop8): mount failed [ 159.710969][T13306] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 159.727276][T13306] vhci_hcd: default hub control req: 1f07 v0017 i0001 l0 [ 159.737151][T13310] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 159.850356][T13321] syz.4.3868: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 159.865266][T13321] CPU: 1 UID: 0 PID: 13321 Comm: syz.4.3868 Tainted: G W 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) [ 159.865390][T13321] Tainted: [W]=WARN [ 159.865400][T13321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 159.865417][T13321] Call Trace: [ 159.865426][T13321] [ 159.865436][T13321] __dump_stack+0x1d/0x30 [ 159.865465][T13321] dump_stack_lvl+0xe8/0x140 [ 159.865492][T13321] dump_stack+0x15/0x1b [ 159.865515][T13321] warn_alloc+0x12b/0x1a0 [ 159.865627][T13321] ? audit_log_end+0x1d7/0x1f0 [ 159.865667][T13321] ? audit_log_end+0x1d7/0x1f0 [ 159.865735][T13321] __vmalloc_node_range_noprof+0x9c/0xe00 [ 159.865834][T13321] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 159.865866][T13321] ? slow_avc_audit+0x104/0x140 [ 159.865906][T13321] vmalloc_user_noprof+0x7d/0xb0 [ 159.865986][T13321] ? xskq_create+0x80/0xe0 [ 159.866028][T13321] xskq_create+0x80/0xe0 [ 159.866065][T13321] xsk_init_queue+0x95/0xf0 [ 159.866105][T13321] xsk_setsockopt+0x477/0x640 [ 159.866144][T13321] ? __pfx_xsk_setsockopt+0x10/0x10 [ 159.866205][T13321] __sys_setsockopt+0x184/0x200 [ 159.866236][T13321] __x64_sys_setsockopt+0x64/0x80 [ 159.866261][T13321] x64_sys_call+0x20ec/0x2ff0 [ 159.866367][T13321] do_syscall_64+0xd2/0x200 [ 159.866480][T13321] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 159.866514][T13321] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 159.866589][T13321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.866643][T13321] RIP: 0033:0x7f28e051ebe9 [ 159.866664][T13321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.866688][T13321] RSP: 002b:00007f28def7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 159.866713][T13321] RAX: ffffffffffffffda RBX: 00007f28e0745fa0 RCX: 00007f28e051ebe9 [ 159.866730][T13321] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004 [ 159.866747][T13321] RBP: 00007f28e05a1e19 R08: 0000000000000004 R09: 0000000000000000 [ 159.866763][T13321] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000 [ 159.866780][T13321] R13: 00007f28e0746038 R14: 00007f28e0745fa0 R15: 00007ffc416471a8 [ 159.866812][T13321] [ 159.866882][T13321] Mem-Info: [ 160.090813][T13321] active_anon:6930 inactive_anon:21 isolated_anon:0 [ 160.090813][T13321] active_file:25237 inactive_file:2495 isolated_file:0 [ 160.090813][T13321] unevictable:0 dirty:302 writeback:0 [ 160.090813][T13321] slab_reclaimable:3424 slab_unreclaimable:14766 [ 160.090813][T13321] mapped:29986 shmem:3179 pagetables:1129 [ 160.090813][T13321] sec_pagetables:0 bounce:0 [ 160.090813][T13321] kernel_misc_reclaimable:0 [ 160.090813][T13321] free:1864738 free_pcp:24594 free_cma:0 [ 160.136307][T13321] Node 0 active_anon:27952kB inactive_anon:84kB active_file:100948kB inactive_file:9980kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119944kB dirty:1208kB writeback:0kB shmem:12716kB kernel_stack:4512kB pagetables:4748kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 160.164252][T13321] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 160.193162][T13321] lowmem_reserve[]: 0 2883 7862 7862 [ 160.198547][T13321] Node 0 DMA32 free:2949316kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952848kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB [ 160.229061][T13321] lowmem_reserve[]: 0 0 4978 4978 [ 160.234221][T13321] Node 0 Normal free:4494276kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28068kB inactive_anon:84kB active_file:100948kB inactive_file:9980kB unevictable:0kB writepending:1208kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:94284kB local_pcp:58248kB free_cma:0kB [ 160.266844][T13321] lowmem_reserve[]: 0 0 0 0 [ 160.271457][T13321] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 160.284472][T13321] Node 0 DMA32: 5*4kB (M) 4*8kB (M) 3*16kB (M) 3*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949316kB [ 160.300925][T13321] Node 0 Normal: 242*4kB (ME) 99*8kB (UME) 406*16kB (UME) 278*32kB (UME) 72*64kB (UM) 57*128kB (UM) 26*256kB (UM) 14*512kB (UME) 19*1024kB (UME) 40*2048kB (UM) 1062*4096kB (UM) = 4494208kB [ 160.319929][T13321] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 160.329303][T13321] 30961 total pagecache pages [ 160.334049][T13321] 54 pages in swap cache [ 160.338387][T13321] Free swap = 124780kB [ 160.342598][T13321] Total swap = 124996kB [ 160.346830][T13321] 2097051 pages RAM [ 160.350769][T13321] 0 pages HighMem/MovableOnly [ 160.355476][T13321] 80439 pages reserved [ 160.626927][T13348] SELinux: failed to load policy [ 160.672256][ T29] kauditd_printk_skb: 753 callbacks suppressed [ 160.672274][ T29] audit: type=1326 audit(162.640:5119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.811350][ T29] audit: type=1326 audit(162.680:5120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.834769][ T29] audit: type=1326 audit(162.710:5121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.857795][ T29] audit: type=1326 audit(162.710:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.880977][ T29] audit: type=1326 audit(162.720:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.904155][ T29] audit: type=1326 audit(162.720:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.927459][ T29] audit: type=1326 audit(162.720:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.950690][ T29] audit: type=1326 audit(162.720:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.973889][ T29] audit: type=1326 audit(162.720:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 160.997006][ T29] audit: type=1326 audit(162.720:5128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13360 comm="syz.4.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 161.115184][ T3364] hid-generic 0000:3000000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 161.161600][T13393] 9pnet_fd: Insufficient options for proto=fd [ 161.219441][T13404] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3904'. [ 161.228565][T13404] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3904'. [ 161.359923][T13420] lo speed is unknown, defaulting to 1000 [ 161.601724][T13452] sctp: [Deprecated]: syz.8.3925 (pid 13452) Use of int in maxseg socket option. [ 161.601724][T13452] Use struct sctp_assoc_value instead [ 161.652686][T13460] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 161.735962][T13471] loop0: detected capacity change from 0 to 128 [ 161.753541][T13471] ext4: Unknown parameter 'obj_user' [ 161.945252][T13502] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 161.961322][T13506] batadv_slave_1: entered promiscuous mode [ 161.968434][T13506] batadv0: entered promiscuous mode [ 161.974604][T13505] batadv0: left promiscuous mode [ 161.979854][T13505] batadv_slave_1: left promiscuous mode [ 162.021480][T13511] netlink: 'syz.6.3955': attribute type 3 has an invalid length. [ 162.034830][T13516] loop0: detected capacity change from 0 to 512 [ 162.066203][T13518] lo speed is unknown, defaulting to 1000 [ 162.080514][T13516] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.106703][T13516] syz.0.3957 (13516) used greatest stack depth: 8960 bytes left [ 162.132010][T13529] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3958'. [ 162.151432][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.178773][T13535] netlink: 'syz.5.3965': attribute type 1 has an invalid length. [ 162.206577][T13535] bond1: entered promiscuous mode [ 162.212265][T13535] 8021q: adding VLAN 0 to HW filter on device bond1 [ 162.233313][T13535] 8021q: adding VLAN 0 to HW filter on device bond1 [ 162.274533][T13535] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 162.284978][T13535] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 162.343718][T13535] bond1: (slave ip6gre1): making interface the new active one [ 162.351393][T13535] ip6gre1: entered promiscuous mode [ 162.367472][T13535] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 162.559728][T13571] veth3: entered promiscuous mode [ 162.605112][T13577] netlink: 'syz.8.3984': attribute type 1 has an invalid length. [ 162.613059][T13577] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3984'. [ 162.634171][T13580] hub 2-0:1.0: USB hub found [ 162.641004][T13580] hub 2-0:1.0: 8 ports detected [ 162.683996][T13591] pimreg: entered allmulticast mode [ 162.692913][T13591] pimreg: left allmulticast mode [ 162.705331][T13589] lo speed is unknown, defaulting to 1000 [ 162.814165][T13608] smc: net device bond0 applied user defined pnetid SYZ2 [ 162.840809][T13608] smc: net device bond0 erased user defined pnetid SYZ2 [ 163.027242][T13644] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4016'. [ 163.037284][T13638] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4013'. [ 163.054225][T13638] IPVS: Error joining to the multicast group [ 163.083422][T13649] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4018'. [ 163.120457][T13649] 8021q: adding VLAN 0 to HW filter on device bond1 [ 163.154571][T13649] bond1: (slave batadv1): Opening slave failed [ 163.483028][T13707] netlink: 'syz.0.4035': attribute type 21 has an invalid length. [ 164.164842][T13809] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4052'. [ 164.173941][T13809] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4052'. [ 164.194698][T13813] netlink: 204 bytes leftover after parsing attributes in process `syz.4.4054'. [ 164.318426][T13836] netlink: 'syz.8.4065': attribute type 30 has an invalid length. [ 164.703437][T13884] SELinux: Context system_u:object_r:utempter_exec_t:s0 is not valid (left unmapped). [ 164.843898][T13908] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 164.848547][T13906] lo speed is unknown, defaulting to 1000 [ 164.852356][T13908] SELinux: failed to load policy [ 165.316889][T13981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4133'. [ 165.531690][T14020] random: crng reseeded on system resumption [ 165.671279][ T29] kauditd_printk_skb: 549 callbacks suppressed [ 165.671299][ T29] audit: type=1400 audit(935.667:5678): avc: denied { map_create } for pid=14037 comm="syz.5.4161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 165.696589][ T29] audit: type=1400 audit(935.667:5679): avc: denied { perfmon } for pid=14037 comm="syz.5.4161" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 165.727120][ T29] audit: type=1400 audit(935.667:5680): avc: denied { read write } for pid=12043 comm="syz-executor" name="loop0" dev="devtmpfs" ino=1345 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 165.750334][ T29] audit: type=1400 audit(935.667:5681): avc: denied { open } for pid=12043 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=1345 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 165.773244][ T29] audit: type=1400 audit(935.667:5682): avc: denied { ioctl } for pid=12043 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=1345 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 165.797561][ T29] audit: type=1400 audit(935.677:5683): avc: denied { execute } for pid=14039 comm="syz.0.4162" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=43333 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 165.823553][ T29] audit: type=1400 audit(935.677:5684): avc: denied { map_read map_write } for pid=14039 comm="syz.0.4162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 165.843087][ T29] audit: type=1400 audit(935.677:5685): avc: denied { prog_load } for pid=14039 comm="syz.0.4162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 165.861872][ T29] audit: type=1400 audit(935.677:5686): avc: denied { bpf } for pid=14039 comm="syz.0.4162" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 165.881987][ T29] audit: type=1400 audit(935.677:5687): avc: denied { prog_run } for pid=14039 comm="syz.0.4162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 165.909048][T14045] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4164'. [ 165.940350][T14049] lo speed is unknown, defaulting to 1000 [ 165.986665][T14055] loop0: detected capacity change from 0 to 512 [ 165.999944][T14055] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 166.246535][T14088] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 166.301131][T14100] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4190'. [ 166.327318][T14100] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4190'. [ 166.360902][T14100] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4190'. [ 166.377144][T14100] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4190'. [ 166.437162][T14100] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4190'. [ 166.587901][T14139] IPVS: Error joining to the multicast group [ 166.854999][T14191] macvtap0: refused to change device tx_queue_len [ 166.922186][T14202] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 166.935519][T14198] vhci_hcd: invalid port number 96 [ 166.940935][T14198] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 167.107579][T14224] bond0: entered promiscuous mode [ 167.112864][T14224] bond0: entered allmulticast mode [ 167.118256][T14224] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.128925][T14224] bond0 (unregistering): Released all slaves [ 167.871172][T14293] 0X: renamed from caif0 [ 167.877684][T14293] 0X: entered allmulticast mode [ 167.883244][T14293] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 168.143521][T14318] SELinux: security_context_str_to_sid () failed with errno=-22 [ 168.276351][T14335] netlink: 'syz.5.4298': attribute type 12 has an invalid length. [ 168.284409][T14335] netlink: 'syz.5.4298': attribute type 29 has an invalid length. [ 168.292431][T14335] netlink: 'syz.5.4298': attribute type 2 has an invalid length. [ 168.300315][T14335] netlink: 'syz.5.4298': attribute type 3 has an invalid length. [ 168.461263][T14374] netlink: 'syz.5.4315': attribute type 13 has an invalid length. [ 168.469192][T14374] netlink: 'syz.5.4315': attribute type 17 has an invalid length. [ 168.521302][T14374] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 168.591536][T14386] ipvlan2: entered promiscuous mode [ 168.598651][T14386] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 168.607678][T14386] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 168.723017][T14396] SELinux: unknown common r [ 168.727878][T14396] SELinux: failed to load policy [ 169.081895][T14416] syzkaller1: entered promiscuous mode [ 169.087549][T14416] syzkaller1: entered allmulticast mode [ 169.174299][T14418] netlink: 'syz.8.4334': attribute type 4 has an invalid length. [ 169.185788][ T36] lo speed is unknown, defaulting to 1000 [ 169.191902][ T36] syz2: Port: 1 Link DOWN [ 169.750014][T14498] netlink: '+}[@': attribute type 1 has an invalid length. [ 170.140073][T14530] netlink: 'syz.8.4383': attribute type 1 has an invalid length. [ 170.185293][T14537] loop0: detected capacity change from 0 to 128 [ 170.291272][T14549] __nla_validate_parse: 8 callbacks suppressed [ 170.291288][T14549] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4392'. [ 170.585917][ T29] kauditd_printk_skb: 304 callbacks suppressed [ 170.585933][ T29] audit: type=1326 audit(940.856:5992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.615468][ T29] audit: type=1326 audit(940.856:5993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.641297][ T29] audit: type=1326 audit(940.877:5994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.664484][ T29] audit: type=1326 audit(940.888:5995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.687672][ T29] audit: type=1326 audit(940.888:5996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.710737][ T29] audit: type=1326 audit(940.888:5997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.733717][ T29] audit: type=1326 audit(940.919:5998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.756912][ T29] audit: type=1326 audit(940.919:5999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.779964][ T29] audit: type=1326 audit(940.919:6000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.802863][ T29] audit: type=1326 audit(940.919:6001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14568 comm="syz.5.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e2f71ebe9 code=0x7ffc0000 [ 170.877595][T14583] syzkaller1: entered promiscuous mode [ 170.883325][T14583] syzkaller1: entered allmulticast mode [ 170.927959][T14588] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 171.074500][T14603] SELinux: failed to load policy [ 171.094549][T14619] syz.0.4421: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 171.109179][T14619] CPU: 0 UID: 0 PID: 14619 Comm: syz.0.4421 Tainted: G W 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) [ 171.109260][T14619] Tainted: [W]=WARN [ 171.109287][T14619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 171.109349][T14619] Call Trace: [ 171.109356][T14619] [ 171.109365][T14619] __dump_stack+0x1d/0x30 [ 171.109392][T14619] dump_stack_lvl+0xe8/0x140 [ 171.109416][T14619] dump_stack+0x15/0x1b [ 171.109437][T14619] warn_alloc+0x12b/0x1a0 [ 171.109540][T14619] ? audit_log_end+0x1d7/0x1f0 [ 171.109622][T14619] ? audit_log_end+0x1d7/0x1f0 [ 171.109658][T14619] __vmalloc_node_range_noprof+0x9c/0xe00 [ 171.109700][T14619] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 171.109775][T14619] ? slow_avc_audit+0x104/0x140 [ 171.109814][T14619] vmalloc_user_noprof+0x7d/0xb0 [ 171.109850][T14619] ? xskq_create+0x80/0xe0 [ 171.109940][T14619] xskq_create+0x80/0xe0 [ 171.109985][T14619] xsk_init_queue+0x95/0xf0 [ 171.110033][T14619] xsk_setsockopt+0x477/0x640 [ 171.110134][T14619] ? __pfx_xsk_setsockopt+0x10/0x10 [ 171.110203][T14619] __sys_setsockopt+0x184/0x200 [ 171.110231][T14619] __x64_sys_setsockopt+0x64/0x80 [ 171.110255][T14619] x64_sys_call+0x20ec/0x2ff0 [ 171.110284][T14619] do_syscall_64+0xd2/0x200 [ 171.110363][T14619] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 171.110391][T14619] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 171.110424][T14619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.110452][T14619] RIP: 0033:0x7f1e8bf2ebe9 [ 171.110472][T14619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.110559][T14619] RSP: 002b:00007f1e8a98f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 171.110578][T14619] RAX: ffffffffffffffda RBX: 00007f1e8c155fa0 RCX: 00007f1e8bf2ebe9 [ 171.110602][T14619] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004 [ 171.110618][T14619] RBP: 00007f1e8bfb1e19 R08: 0000000000000004 R09: 0000000000000000 [ 171.110708][T14619] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000 [ 171.110724][T14619] R13: 00007f1e8c156038 R14: 00007f1e8c155fa0 R15: 00007fffa58d22c8 [ 171.110747][T14619] [ 171.110755][T14619] Mem-Info: [ 171.336822][T14619] active_anon:9943 inactive_anon:24 isolated_anon:0 [ 171.336822][T14619] active_file:25237 inactive_file:2497 isolated_file:0 [ 171.336822][T14619] unevictable:0 dirty:202 writeback:0 [ 171.336822][T14619] slab_reclaimable:3444 slab_unreclaimable:28195 [ 171.336822][T14619] mapped:28980 shmem:6043 pagetables:1379 [ 171.336822][T14619] sec_pagetables:0 bounce:0 [ 171.336822][T14619] kernel_misc_reclaimable:0 [ 171.336822][T14619] free:1855552 free_pcp:16994 free_cma:0 [ 171.382499][T14619] Node 0 active_anon:39772kB inactive_anon:96kB active_file:100948kB inactive_file:9988kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115920kB dirty:808kB writeback:0kB shmem:24172kB kernel_stack:4608kB pagetables:5516kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 171.410069][T14619] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 171.438993][T14619] lowmem_reserve[]: 0 2883 7862 7862 [ 171.444412][T14619] Node 0 DMA32 free:2949316kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952848kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB [ 171.475385][T14619] lowmem_reserve[]: 0 0 4978 4978 [ 171.480542][T14619] Node 0 Normal free:4457532kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:39772kB inactive_anon:96kB active_file:100948kB inactive_file:9988kB unevictable:0kB writepending:808kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:64412kB local_pcp:32744kB free_cma:0kB [ 171.513069][T14619] lowmem_reserve[]: 0 0 0 0 [ 171.517645][T14619] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 171.530404][T14619] Node 0 DMA32: 5*4kB (M) 4*8kB (M) 3*16kB (M) 3*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949316kB [ 171.546730][T14619] Node 0 Normal: 447*4kB (UME) 135*8kB (UME) 74*16kB (UME) 287*32kB (UME) 185*64kB (UM) 121*128kB (UME) 56*256kB (UME) 29*512kB (UM) 23*1024kB (UME) 33*2048kB (UM) 1049*4096kB (UM) = 4457588kB [ 171.566056][T14619] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 171.575456][T14619] 33830 total pagecache pages [ 171.580222][T14619] 57 pages in swap cache [ 171.584498][T14619] Free swap = 124768kB [ 171.588646][T14619] Total swap = 124996kB [ 171.592902][T14619] 2097051 pages RAM [ 171.596719][T14619] 0 pages HighMem/MovableOnly [ 171.601441][T14619] 80439 pages reserved [ 171.716093][T14639] loop0: detected capacity change from 0 to 1024 [ 171.735130][T14639] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 171.746194][T14639] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 171.759517][T14639] JBD2: no valid journal superblock found [ 171.765483][T14639] EXT4-fs (loop0): Could not load journal inode [ 171.786648][T14639] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 171.844868][T11192] hid_parser_main: 49 callbacks suppressed [ 171.844900][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4 [ 171.858715][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2 [ 171.868845][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.876730][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.884529][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.892222][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.900004][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.907791][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.915883][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.924088][T11192] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 171.970451][T11192] hid-generic 0000:3000000:0000.0009: hidraw0: HID v0.00 Device [sy] on syz0 [ 172.095762][T14692] loop0: detected capacity change from 0 to 512 [ 172.099251][T14697] sctp: [Deprecated]: syz.5.4460 (pid 14697) Use of int in maxseg socket option. [ 172.099251][T14697] Use struct sctp_assoc_value instead [ 172.165252][T14692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.197483][T14692] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.4456: corrupted inode contents [ 172.218035][T14692] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.4456: mark_inode_dirty error [ 172.246144][T14692] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.4456: corrupted inode contents [ 172.259237][T14715] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 172.269385][T14692] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.4456: mark_inode_dirty error [ 172.313213][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.335905][T14724] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 172.385086][T14726] SELinux: failed to load policy [ 172.409033][T14733] netlink: 'syz.0.4481': attribute type 3 has an invalid length. [ 172.461872][T14737] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4475'. [ 172.497216][T14741] lo speed is unknown, defaulting to 1000 [ 172.732761][T14763] SELinux: failed to load policy [ 172.758353][T14773] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4492'. [ 172.795501][T14775] lo speed is unknown, defaulting to 1000 [ 173.093442][T14808] lo speed is unknown, defaulting to 1000 [ 173.095948][T14809] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4509'. [ 173.132109][T14812] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4520'. [ 173.271937][T14827] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 173.291758][T14820] lo speed is unknown, defaulting to 1000 [ 173.468007][T14848] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4527'. [ 173.477564][T14848] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4527'. [ 173.517847][T14856] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4542'. [ 173.527065][T14856] netlink: 84 bytes leftover after parsing attributes in process `syz.6.4542'. [ 173.577585][T14862] netlink: 'syz.0.4534': attribute type 1 has an invalid length. [ 173.600510][T14862] bond1: entered promiscuous mode [ 173.606210][T14862] 8021q: adding VLAN 0 to HW filter on device bond1 [ 173.624391][T14862] 8021q: adding VLAN 0 to HW filter on device bond1 [ 173.632232][T14862] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 173.642866][T14862] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 173.655254][T14862] bond1: (slave ip6gre1): making interface the new active one [ 173.662932][T14862] ip6gre1: entered promiscuous mode [ 173.670189][T14862] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 173.686378][T14865] veth3: entered promiscuous mode [ 173.744814][T14873] netlink: 'syz.4.4540': attribute type 1 has an invalid length. [ 173.752725][T14873] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4540'. [ 173.794623][T14883] batadv_slave_1: entered promiscuous mode [ 173.810927][T14883] batadv0: entered promiscuous mode [ 173.816808][T14882] batadv0: left promiscuous mode [ 173.822154][T14882] batadv_slave_1: left promiscuous mode [ 173.837264][T14887] smc: net device bond0 applied user defined pnetid SYZ2 [ 173.844944][T14887] smc: net device bond0 erased user defined pnetid SYZ2 [ 173.973740][T14901] netlink: 'syz.4.4551': attribute type 3 has an invalid length. [ 174.315876][T14928] IPVS: Error joining to the multicast group [ 174.490602][T14945] pimreg: entered allmulticast mode [ 174.507600][T14945] pimreg: left allmulticast mode [ 174.632337][T14967] 8021q: adding VLAN 0 to HW filter on device bond1 [ 174.667534][T14967] bond1: (slave batadv1): Opening slave failed [ 174.686093][T14975] lo speed is unknown, defaulting to 1000 [ 174.714529][T14982] netlink: 'syz.4.4587': attribute type 21 has an invalid length. [ 174.835403][T14990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 175.090544][T15018] lo speed is unknown, defaulting to 1000 [ 175.107134][T15023] __nla_validate_parse: 4 callbacks suppressed [ 175.107156][T15023] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4604'. [ 175.142199][T15025] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4606'. [ 175.151161][T15025] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4606'. [ 175.235038][T15036] netlink: 'syz.4.4613': attribute type 1 has an invalid length. [ 175.247012][T15038] netlink: 204 bytes leftover after parsing attributes in process `syz.0.4611'. [ 175.265209][T15036] bond0: entered promiscuous mode [ 175.270617][T15036] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.282483][T15044] loop0: detected capacity change from 0 to 512 [ 175.289816][T15044] EXT4-fs: Ignoring removed mblk_io_submit option [ 175.296537][T15044] ext4: Unknown parameter 'noacl' [ 175.325319][ T29] kauditd_printk_skb: 704 callbacks suppressed [ 175.325349][ T29] audit: type=1400 audit(945.865:6706): avc: denied { create } for pid=15048 comm="syz.0.4618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 175.351712][T15036] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.356599][ T29] audit: type=1400 audit(945.876:6707): avc: denied { open } for pid=15050 comm="syz.5.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 175.377175][ T29] audit: type=1400 audit(945.897:6708): avc: denied { kernel } for pid=15050 comm="syz.5.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 175.377822][T15036] bond0: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 175.396709][ T29] audit: type=1400 audit(945.897:6709): avc: denied { ioctl } for pid=15048 comm="syz.0.4618" path="socket:[46052]" dev="sockfs" ino=46052 ioctlcmd=0x89a0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 175.406926][T15036] bond0: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 175.433473][ T29] audit: type=1400 audit(945.982:6710): avc: denied { module_request } for pid=15048 comm="syz.0.4618" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 175.463481][ T29] audit: type=1400 audit(946.013:6711): avc: denied { create } for pid=15050 comm="syz.5.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 175.493175][ T29] audit: type=1400 audit(946.045:6712): avc: denied { sys_module } for pid=15048 comm="syz.0.4618" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 175.500971][T15036] bond0: (slave ip6gre1): making interface the new active one [ 175.514021][ T29] audit: type=1400 audit(946.045:6713): avc: denied { read } for pid=15050 comm="syz.5.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 175.521529][T15036] ip6gre1: entered promiscuous mode [ 175.573608][T15036] bond0: (slave ip6gre1): Enslaving as an active interface with an up link [ 175.606404][ T29] audit: type=1400 audit(946.098:6714): avc: denied { write } for pid=15050 comm="syz.5.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 175.677673][ T29] audit: type=1326 audit(946.235:6715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15061 comm="syz.4.4621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 175.977992][T15086] veth5: entered promiscuous mode [ 176.050025][T15100] lo speed is unknown, defaulting to 1000 [ 176.054778][T15093] hub 2-0:1.0: USB hub found [ 176.064100][T15093] hub 2-0:1.0: 8 ports detected [ 176.103868][T15100] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4635'. [ 176.214758][T15116] lo speed is unknown, defaulting to 1000 [ 176.231966][T15123] veth3: entered promiscuous mode [ 176.237597][T15124] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4657'. [ 176.316533][T15125] lo speed is unknown, defaulting to 1000 [ 176.368261][T15130] netlink: 'syz.5.4649': attribute type 1 has an invalid length. [ 176.376188][T15130] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4649'. [ 176.543568][T15141] lo speed is unknown, defaulting to 1000 [ 176.552480][T15145] hub 2-0:1.0: USB hub found [ 176.552857][T15145] hub 2-0:1.0: 8 ports detected [ 176.652693][T15151] pimreg: entered allmulticast mode [ 176.664349][T15151] pimreg: left allmulticast mode [ 176.702342][T15158] smc: net device bond0 applied user defined pnetid SYZ2 [ 176.722586][T15158] smc: net device bond0 erased user defined pnetid SYZ2 [ 176.880696][T15178] hub 2-0:1.0: USB hub found [ 176.893078][T15178] hub 2-0:1.0: 8 ports detected [ 176.935226][T15188] lo speed is unknown, defaulting to 1000 [ 177.202813][T15211] veth3: entered promiscuous mode [ 177.363686][T15231] netlink: 'syz.6.4690': attribute type 1 has an invalid length. [ 177.371681][T15231] netlink: 224 bytes leftover after parsing attributes in process `syz.6.4690'. [ 177.591900][T15253] lo speed is unknown, defaulting to 1000 [ 177.638124][T15259] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4698'. [ 178.013569][T15279] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4704'. [ 178.262712][T15292] netlink: 'syz.0.4706': attribute type 1 has an invalid length. [ 178.375497][T15307] loop0: detected capacity change from 0 to 512 [ 178.420982][T15307] EXT4-fs: Ignoring removed mblk_io_submit option [ 178.439841][T15307] EXT4-fs: Ignoring removed nomblk_io_submit option [ 178.455510][T15307] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 178.464234][T15307] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 178.473981][T15313] random: crng reseeded on system resumption [ 178.503234][T15307] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.4709: Allocating blocks 41-42 which overlap fs metadata [ 178.517611][T15307] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.4709: Allocating blocks 41-42 which overlap fs metadata [ 178.533254][T15307] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.4709: Failed to acquire dquot type 1 [ 178.547411][T15307] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 178.565633][T15307] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.4709: corrupted inode contents [ 178.578940][T15307] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #12: comm syz.0.4709: mark_inode_dirty error [ 178.594805][T15307] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.4709: corrupted inode contents [ 178.623314][T15307] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.4709: mark_inode_dirty error [ 178.667461][T15307] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.4709: corrupted inode contents [ 178.690161][T15307] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 178.709967][T15307] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.4709: corrupted inode contents [ 178.727287][T15344] netlink: 'syz.6.4724': attribute type 1 has an invalid length. [ 178.737861][T15307] EXT4-fs error (device loop0): ext4_truncate:4666: inode #12: comm syz.0.4709: mark_inode_dirty error [ 178.782788][T15307] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 178.831803][T15307] EXT4-fs (loop0): 1 truncate cleaned up [ 178.838131][T15307] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.906994][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.136290][T15388] lo speed is unknown, defaulting to 1000 [ 179.563500][T15422] loop0: detected capacity change from 0 to 1024 [ 179.624819][T15422] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 179.696444][T15432] netlink: 'syz.4.4763': attribute type 1 has an invalid length. [ 179.726764][T15422] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.4759: Allocating blocks 449-513 which overlap fs metadata [ 179.788146][T15421] EXT4-fs (loop0): pa ffff888106e962a0: logic 48, phys. 177, len 21 [ 179.796355][T15421] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 179.985974][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.106842][ T29] kauditd_printk_skb: 306 callbacks suppressed [ 180.106857][ T29] audit: type=1400 audit(1718.927:7018): avc: denied { write } for pid=15451 comm="syz.8.4769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 180.130100][T15465] loop0: detected capacity change from 0 to 128 [ 180.170155][ T29] audit: type=1400 audit(1718.980:7019): avc: denied { mount } for pid=15464 comm="syz.0.4773" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 180.418795][ T29] audit: type=1326 audit(1719.086:7020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e8bf25ba7 code=0x7ffc0000 [ 180.442219][ T29] audit: type=1326 audit(1719.086:7021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8becadd9 code=0x7ffc0000 [ 180.465402][ T29] audit: type=1326 audit(1719.097:7022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e8bf25ba7 code=0x7ffc0000 [ 180.488794][ T29] audit: type=1326 audit(1719.097:7023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8becadd9 code=0x7ffc0000 [ 180.511983][ T29] audit: type=1326 audit(1719.097:7024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e8bf25ba7 code=0x7ffc0000 [ 180.535113][ T29] audit: type=1326 audit(1719.097:7025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8becadd9 code=0x7ffc0000 [ 180.558351][ T29] audit: type=1326 audit(1719.097:7026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1e8bf25ba7 code=0x7ffc0000 [ 180.581388][ T29] audit: type=1326 audit(1719.097:7027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15464 comm="syz.0.4773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1e8becadd9 code=0x7ffc0000 [ 181.887244][T15531] netlink: 'syz.8.4805': attribute type 1 has an invalid length. [ 181.895277][T15531] __nla_validate_parse: 11 callbacks suppressed [ 181.895292][T15531] netlink: 224 bytes leftover after parsing attributes in process `syz.8.4805'. [ 181.993686][T15545] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4809'. [ 182.781978][T15624] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 182.790446][T15624] SELinux: failed to load policy [ 183.278694][T15677] netlink: 3 bytes leftover after parsing attributes in process `syz.5.4870'. [ 183.288830][T15677] 0X: renamed from caif0 [ 183.295579][T15677] 0X: entered allmulticast mode [ 183.300838][T15677] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 184.377551][T15754] ipvlan2: entered promiscuous mode [ 184.386930][T15754] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 184.406081][T15754] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 184.452818][T15766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4910'. [ 184.478153][T15768] lo speed is unknown, defaulting to 1000 [ 184.724136][T15781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4918'. [ 184.781631][T15787] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4933'. [ 185.092061][ T29] kauditd_printk_skb: 572 callbacks suppressed [ 185.092079][ T29] audit: type=1326 audit(2492.197:7600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.8.4925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 185.134561][ T29] audit: type=1326 audit(2492.229:7601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.8.4925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 185.158063][ T29] audit: type=1326 audit(2492.229:7602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.8.4925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 185.181713][ T29] audit: type=1326 audit(2492.229:7603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.8.4925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 185.205131][ T29] audit: type=1326 audit(2492.229:7604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.8.4925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 185.271346][ T29] audit: type=1400 audit(2492.366:7605): avc: denied { create } for pid=15797 comm="syz.8.4939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 185.292210][ T29] audit: type=1400 audit(2492.366:7606): avc: denied { write } for pid=15797 comm="syz.8.4939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 185.312519][ T29] audit: type=1400 audit(2492.366:7607): avc: denied { create } for pid=15799 comm="syz.5.4928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 185.339164][T15806] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4931'. [ 185.356310][T15806] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4931'. [ 185.371528][ T29] audit: type=1400 audit(2492.451:7608): avc: denied { open } for pid=15801 comm="syz.8.4930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 185.390471][ T29] audit: type=1400 audit(2492.451:7609): avc: denied { kernel } for pid=15801 comm="syz.8.4930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 185.416968][T15806] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4931'. [ 185.432057][T15806] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4931'. [ 186.816651][T15974] __nla_validate_parse: 4 callbacks suppressed [ 186.816665][T15974] netlink: 3 bytes leftover after parsing attributes in process `syz.6.4993'. [ 186.859841][T15974] 0X: renamed from caif0 [ 186.875566][T15974] 0X: entered allmulticast mode [ 186.880868][T15974] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 187.028919][T15997] netlink: 'syz.6.4999': attribute type 12 has an invalid length. [ 187.036893][T15997] netlink: 'syz.6.4999': attribute type 29 has an invalid length. [ 187.044770][T15997] netlink: 148 bytes leftover after parsing attributes in process `syz.6.4999'. [ 187.053891][T15997] netlink: 'syz.6.4999': attribute type 2 has an invalid length. [ 187.061733][T15997] netlink: 'syz.6.4999': attribute type 3 has an invalid length. [ 187.069632][T15997] netlink: 3 bytes leftover after parsing attributes in process `syz.6.4999'. [ 187.242594][T16027] netlink: 3 bytes leftover after parsing attributes in process `syz.0.5008'. [ 187.251910][T16027] 0X: renamed from caif0 [ 187.274260][T16027] 0X: entered allmulticast mode [ 187.279735][T16027] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 187.511843][T16049] netlink: 'syz.0.5025': attribute type 13 has an invalid length. [ 187.519732][T16049] netlink: 'syz.0.5025': attribute type 17 has an invalid length. [ 187.609398][T16049] 0X: left allmulticast mode [ 187.614499][T16049] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 187.692559][T16066] SELinux: unknown common r [ 187.698996][T16066] SELinux: failed to load policy [ 188.237980][T16098] syzkaller1: entered promiscuous mode [ 188.243678][T16098] syzkaller1: entered allmulticast mode [ 188.272309][T16100] SELinux: unknown common r [ 188.277108][T16100] SELinux: failed to load policy [ 188.698776][T16128] SELinux: unknown common r [ 188.703733][T16128] SELinux: failed to load policy [ 188.726783][T16130] openvswitch: netlink: Message has 6 unknown bytes. [ 188.778991][T16136] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5054'. [ 188.788599][T16136] IPVS: Error joining to the multicast group [ 189.387256][T16166] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 189.387256][T16166] program syz.6.5063 not setting count and/or reply_len properly [ 189.624567][T16177] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5078'. [ 190.505153][ T29] kauditd_printk_skb: 280 callbacks suppressed [ 190.505225][ T29] audit: type=1326 audit(2497.919:7890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16264 comm="syz.4.5085" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f28e051ebe9 code=0x0 [ 190.648589][T16276] raw_sendmsg: syz.8.5076 forgot to set AF_INET. Fix it! [ 190.832687][T16294] openvswitch: netlink: Message has 6 unknown bytes. [ 190.841521][T16296] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 190.841521][T16296] program syz.0.5087 not setting count and/or reply_len properly [ 190.893941][ T29] audit: type=1400 audit(2498.321:7891): avc: denied { setopt } for pid=16297 comm="syz.8.5088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 191.304750][ T29] audit: type=1326 audit(2498.765:7892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16309 comm="syz.6.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 191.329630][ T29] audit: type=1326 audit(2498.786:7893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16309 comm="syz.6.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 191.352771][ T29] audit: type=1326 audit(2498.786:7894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16309 comm="syz.6.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 191.376153][ T29] audit: type=1326 audit(2498.786:7895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16309 comm="syz.6.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 191.409151][T10170] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 191.453815][T16326] openvswitch: netlink: Message has 6 unknown bytes. [ 191.474357][ T29] audit: type=1400 audit(2498.934:7896): avc: denied { name_connect } for pid=16328 comm="syz.4.5102" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 191.897639][ T29] audit: type=1326 audit(2499.389:7897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16339 comm="syz.6.5107" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc46103ebe9 code=0x0 [ 191.921339][ T29] audit: type=1400 audit(2499.410:7898): avc: denied { listen } for pid=16343 comm="syz.4.5109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 192.059323][T16355] openvswitch: netlink: Message has 6 unknown bytes. [ 192.123392][ T29] audit: type=1400 audit(2499.621:7899): avc: denied { accept } for pid=16359 comm="syz.0.5118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 192.170207][T16368] netlink: 96 bytes leftover after parsing attributes in process `syz.8.5120'. [ 192.349181][T16401] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5133'. [ 192.502215][T16431] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5150'. [ 192.724006][T16462] loop0: detected capacity change from 0 to 164 [ 192.735575][T16464] netlink: 96 bytes leftover after parsing attributes in process `syz.5.5165'. [ 192.752740][T16462] syz.0.5164: attempt to access beyond end of device [ 192.752740][T16462] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 192.781656][T16462] syz.0.5164: attempt to access beyond end of device [ 192.781656][T16462] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 192.870414][T16474] hub 6-0:1.0: USB hub found [ 192.875458][T16474] hub 6-0:1.0: 8 ports detected [ 192.892369][T16483] tipc: Invalid UDP bearer configuration [ 192.892463][T16483] tipc: Enabling of bearer rejected, failed to enable media [ 192.963168][T16491] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5175'. [ 193.006485][T16491] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5175'. [ 193.877118][T16506] netlink: 96 bytes leftover after parsing attributes in process `syz.6.5182'. [ 194.051776][T16543] loop0: detected capacity change from 0 to 164 [ 194.078069][T16543] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 194.141329][T16557] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5209'. [ 194.155669][T16557] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5209'. [ 194.266401][T16579] loop0: detected capacity change from 0 to 1024 [ 194.287170][T16579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.354504][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.411940][T16598] block device autoloading is deprecated and will be removed. [ 194.471163][T16602] hub 6-0:1.0: USB hub found [ 194.484001][T16602] hub 6-0:1.0: 8 ports detected [ 195.150350][T16668] lo speed is unknown, defaulting to 1000 [ 195.346678][T16698] bridge0: entered promiscuous mode [ 195.376987][T16698] bridge0: port 3(macsec1) entered blocking state [ 195.383626][T16698] bridge0: port 3(macsec1) entered disabled state [ 195.410249][ T29] kauditd_printk_skb: 90 callbacks suppressed [ 195.410292][ T29] audit: type=1400 audit(2503.099:7990): avc: denied { mount } for pid=16693 comm="syz.8.5271" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 195.410513][T16698] macsec1: entered allmulticast mode [ 195.443784][T16698] bridge0: entered allmulticast mode [ 195.478505][T16698] macsec1: left allmulticast mode [ 195.483703][T16698] bridge0: left allmulticast mode [ 195.495840][T16698] bridge0: left promiscuous mode [ 195.557145][T16711] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2 [ 195.619292][ T29] audit: type=1326 audit(2503.321:7991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.645216][ T29] audit: type=1326 audit(2503.342:7992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.668560][ T29] audit: type=1326 audit(2503.342:7993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.692286][ T29] audit: type=1326 audit(2503.342:7994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.719135][ T29] audit: type=1326 audit(2503.427:7995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.742319][ T29] audit: type=1326 audit(2503.427:7996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.765519][ T29] audit: type=1326 audit(2503.427:7997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.790931][ T29] audit: type=1326 audit(2503.501:7998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.814270][ T29] audit: type=1326 audit(2503.501:7999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16716 comm="syz.6.5281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 195.902410][T16732] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5289'. [ 196.079455][T16760] lo speed is unknown, defaulting to 1000 [ 196.264516][T16778] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2 [ 196.559437][T16813] netdevsim netdevsim8: Direct firmware load for ./file0/file1 failed with error -2 [ 197.085064][T16886] bridge0: port 1(macsec0) entered blocking state [ 197.091718][T16886] bridge0: port 1(macsec0) entered disabled state [ 197.111661][T16886] macsec0: entered allmulticast mode [ 197.120936][T16886] macsec0: left allmulticast mode [ 198.026094][T16960] __nla_validate_parse: 5 callbacks suppressed [ 198.026161][T16960] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5406'. [ 198.046618][T16962] tipc: Started in network mode [ 198.051741][T16962] tipc: Node identity ac14140f, cluster identity 4711 [ 198.072223][T16962] tipc: New replicast peer: 255.255.255.255 [ 198.078398][T16962] tipc: Enabled bearer , priority 10 [ 198.087077][T16960] netlink: 104 bytes leftover after parsing attributes in process `syz.6.5406'. [ 198.144080][T16973] 9pnet: p9_errstr2errno: server reported unknown error W~uZz&4 [ 198.371004][T17011] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5414'. [ 198.381317][T17011] netlink: 104 bytes leftover after parsing attributes in process `syz.4.5414'. [ 198.473309][T17024] vhci_hcd: default hub control req: 0007 v0f00 i0006 l0 [ 198.513672][T17030] tipc: Started in network mode [ 198.518889][T17030] tipc: Node identity ac14140f, cluster identity 4711 [ 198.526772][T17030] tipc: New replicast peer: 255.255.255.255 [ 198.533426][T17030] tipc: Enabled bearer , priority 10 [ 198.614011][T17047] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5430'. [ 198.626785][T17047] netlink: 104 bytes leftover after parsing attributes in process `syz.5.5430'. [ 198.774827][T17062] vhci_hcd: default hub control req: 0007 v0f00 i0006 l0 [ 199.026564][T17094] 9pnet: p9_errstr2errno: server reported unknown error W~uZz&4 [ 199.141311][T11192] tipc: Node number set to 2886997007 [ 199.514918][T17124] bridge0: port 3(batadv1) entered blocking state [ 199.521588][T17124] bridge0: port 3(batadv1) entered disabled state [ 199.528893][T17124] batadv1: entered allmulticast mode [ 199.535059][T17124] batadv1: entered promiscuous mode [ 199.617370][T11192] tipc: Node number set to 2886997007 [ 199.989811][ T7432] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 199.999419][ T7432] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 200.239163][ T29] kauditd_printk_skb: 159 callbacks suppressed [ 200.239179][ T29] audit: type=1326 audit(202.187:8159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.279229][T17157] vhci_hcd: default hub control req: 0007 v0f00 i0006 l0 [ 200.287284][ T29] audit: type=1326 audit(202.187:8160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.310785][ T29] audit: type=1326 audit(202.187:8161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.333721][ T29] audit: type=1326 audit(202.187:8162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.356981][ T29] audit: type=1326 audit(202.187:8163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.380617][ T29] audit: type=1326 audit(202.187:8164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.403858][ T29] audit: type=1326 audit(202.187:8165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17158 comm="syz.4.5480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 200.478132][T17168] SELinux: Context system_u:object is not valid (left unmapped). [ 200.493903][ T29] audit: type=1400 audit(202.450:8166): avc: denied { relabelto } for pid=17167 comm="syz.8.5483" name="cgroup.procs" dev="cgroup" ino=788 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object" [ 200.519448][ T29] audit: type=1400 audit(202.450:8167): avc: denied { associate } for pid=17167 comm="syz.8.5483" name="cgroup.procs" dev="cgroup" ino=788 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object" [ 200.710751][T17193] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5495'. [ 200.719891][T17193] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5495'. [ 200.772993][ T29] audit: type=1326 audit(202.744:8168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17198 comm="syz.6.5497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 201.153873][T17223] bridge0: port 3(batadv1) entered blocking state [ 201.160499][T17223] bridge0: port 3(batadv1) entered disabled state [ 201.167172][T17223] batadv1: entered allmulticast mode [ 201.173385][T17223] batadv1: entered promiscuous mode [ 201.244940][T17234] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5513'. [ 201.254396][T17234] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 201.319806][T17244] loop0: detected capacity change from 0 to 512 [ 201.329953][T17244] EXT4-fs (loop0): bad s_min_extra_isize: 65528 [ 201.402873][T17254] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5524'. [ 201.478472][T17263] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 201.627145][ T7432] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 201.636549][ T7432] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 201.765003][T17299] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 201.880415][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 202.258285][T17340] bridge0: port 3(batadv1) entered blocking state [ 202.265204][T17340] bridge0: port 3(batadv1) entered disabled state [ 202.272432][T17340] batadv1: entered allmulticast mode [ 202.279037][T17340] batadv1: entered promiscuous mode [ 202.337792][T17346] netlink: 'syz.4.5566': attribute type 3 has an invalid length. [ 202.438040][T17356] netlink: 'syz.4.5572': attribute type 1 has an invalid length. [ 202.445856][T17356] netlink: 'syz.4.5572': attribute type 4 has an invalid length. [ 202.539637][T17368] bridge0: port 1(batadv1) entered blocking state [ 202.546428][T17368] bridge0: port 1(batadv1) entered disabled state [ 202.572040][T17368] batadv1: entered allmulticast mode [ 202.578465][T17372] netlink: 'syz.8.5579': attribute type 3 has an invalid length. [ 202.605493][T17368] batadv1: entered promiscuous mode [ 202.679076][T17382] netlink: 'syz.8.5585': attribute type 1 has an invalid length. [ 202.687019][T17382] netlink: 'syz.8.5585': attribute type 4 has an invalid length. [ 202.731170][ T7443] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 202.740519][ T7443] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 202.828093][T17404] netlink: 'syz.5.5596': attribute type 3 has an invalid length. [ 202.861833][T17409] __nla_validate_parse: 10 callbacks suppressed [ 202.861851][T17409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5597'. [ 202.911479][T17414] bridge0: port 3(batadv1) entered blocking state [ 202.918508][T17414] bridge0: port 3(batadv1) entered disabled state [ 202.925258][T17414] batadv1: entered allmulticast mode [ 202.931374][T17414] batadv1: entered promiscuous mode [ 202.987104][T17423] netlink: 'syz.5.5601': attribute type 1 has an invalid length. [ 202.995076][T17423] netlink: 'syz.5.5601': attribute type 4 has an invalid length. [ 203.003262][T17423] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.5601'. [ 203.017426][ T7432] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 203.027010][ T7432] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 203.389109][ T7438] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 203.398633][ T7438] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 203.735612][T17490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 203.759263][T17490] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 203.841295][T17494] lo speed is unknown, defaulting to 1000 [ 204.011427][T17517] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5650'. [ 204.114868][T17528] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5654'. [ 204.598861][T17563] lo speed is unknown, defaulting to 1000 [ 204.660916][T17569] random: crng reseeded on system resumption [ 205.022432][ T29] kauditd_printk_skb: 233 callbacks suppressed [ 205.022467][ T29] audit: type=1326 audit(207.208:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17576 comm="syz.6.5676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 205.066169][ T29] audit: type=1326 audit(207.250:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.6.5676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 205.089306][ T29] audit: type=1326 audit(207.250:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17574 comm="syz.6.5676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46103ebe9 code=0x7ffc0000 [ 205.162361][ T29] audit: type=1326 audit(207.323:8405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.185545][ T29] audit: type=1326 audit(207.323:8406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.208589][ T29] audit: type=1326 audit(207.323:8407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.231927][ T29] audit: type=1326 audit(207.323:8408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.255195][ T29] audit: type=1326 audit(207.323:8409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.278359][ T29] audit: type=1326 audit(207.334:8410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.301636][ T29] audit: type=1326 audit(207.334:8411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17584 comm="syz.8.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 205.355744][T17599] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5685'. [ 205.384734][T17604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 205.400489][T17602] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5686'. [ 205.410792][T17604] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 205.445492][T17612] random: crng reseeded on system resumption [ 205.687164][T17637] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5705'. [ 205.779071][T17643] random: crng reseeded on system resumption [ 206.496649][T17665] loop0: detected capacity change from 0 to 512 [ 206.519539][T17668] lo speed is unknown, defaulting to 1000 [ 206.529501][T17665] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 206.549057][T17665] EXT4-fs (loop0): orphan cleanup on readonly fs [ 206.561122][T17665] EXT4-fs (loop0): 1 orphan inode deleted [ 206.567188][ T7427] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:11: Failed to release dquot type 1 [ 206.579389][T17673] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5719'. [ 206.583076][T17665] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 206.617232][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.717222][T17690] loop0: detected capacity change from 0 to 512 [ 206.730084][T17690] EXT4-fs: Ignoring removed mblk_io_submit option [ 206.759850][T17690] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 206.796256][T17690] EXT4-fs (loop0): 1 truncate cleaned up [ 206.808369][T17690] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.626144][T17709] lo speed is unknown, defaulting to 1000 [ 207.633488][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.680067][T11192] hid_parser_main: 6 callbacks suppressed [ 207.680085][T11192] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 207.694467][T17721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5737'. [ 207.694932][T11192] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 207.904963][T17745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 207.923639][T17745] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 208.163174][T17765] loop0: detected capacity change from 0 to 164 [ 208.369936][T17782] netlink: 'syz.8.5767': attribute type 10 has an invalid length. [ 208.381472][T17782] team0: Port device dummy0 added [ 208.390712][T17782] netlink: 'syz.8.5767': attribute type 10 has an invalid length. [ 208.402168][T17782] team0: Port device dummy0 removed [ 208.410733][T17782] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 208.630550][T17812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 208.639749][T17812] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 208.660370][T11193] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 208.667938][T17813] loop0: detected capacity change from 0 to 1024 [ 208.674653][T11193] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 208.695512][T17813] EXT4-fs: Ignoring removed nomblk_io_submit option [ 208.711851][T17813] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 208.728021][T17813] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.760067][T17822] netlink: 'syz.5.5783': attribute type 10 has an invalid length. [ 208.771311][T17822] team0: Port device dummy0 added [ 208.780416][T17822] netlink: 'syz.5.5783': attribute type 10 has an invalid length. [ 208.790888][T17822] team0: Port device dummy0 removed [ 208.798564][T17822] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 209.048488][T17851] netlink: 'syz.6.5796': attribute type 10 has an invalid length. [ 209.060536][T17851] team0: Port device dummy0 added [ 209.070379][T17851] netlink: 'syz.6.5796': attribute type 10 has an invalid length. [ 209.097286][T17851] team0: Port device dummy0 removed [ 209.120441][T17851] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 209.450517][T12043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.482087][T17883] netlink: 'syz.4.5809': attribute type 10 has an invalid length. [ 209.492379][T17883] team0: Port device dummy0 added [ 209.500304][T17883] netlink: 'syz.4.5809': attribute type 10 has an invalid length. [ 209.522954][T17883] team0: Port device dummy0 removed [ 209.529785][T17883] dummy0: entered promiscuous mode [ 209.886355][ T29] kauditd_printk_skb: 122 callbacks suppressed [ 209.886417][ T29] audit: type=1400 audit(212.312:8533): avc: denied { connect } for pid=17905 comm="syz.8.5818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 209.921222][T11193] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 209.931348][T11193] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 210.031249][ T29] audit: type=1400 audit(212.459:8534): avc: denied { read } for pid=17922 comm="syz.8.5826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 210.055074][ T29] audit: type=1326 audit(212.491:8535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.078318][ T29] audit: type=1326 audit(212.491:8536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.110461][ T29] audit: type=1326 audit(212.543:8537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.133665][ T29] audit: type=1326 audit(212.543:8538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.156909][ T29] audit: type=1326 audit(212.543:8539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.179919][ T29] audit: type=1326 audit(212.543:8540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.203041][ T29] audit: type=1326 audit(212.543:8541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.225993][ T29] audit: type=1326 audit(212.543:8542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17924 comm="syz.4.5827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 210.349896][T17947] pim6reg: entered allmulticast mode [ 210.357169][T17947] pim6reg: left allmulticast mode [ 211.270546][T17992] netlink: 'syz.0.5854': attribute type 10 has an invalid length. [ 211.340441][T17992] team0: Port device dummy0 added [ 211.386162][T17996] netlink: 'syz.0.5854': attribute type 10 has an invalid length. [ 211.438475][T17996] team0: Port device dummy0 removed [ 211.449348][T17996] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 211.671665][T18008] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 211.671665][T18008] program syz.5.5863 not setting count and/or reply_len properly [ 211.750836][T18014] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5866'. [ 212.446816][T18049] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 212.446816][T18049] program syz.6.5879 not setting count and/or reply_len properly [ 212.468940][T18052] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5880'. [ 212.583467][T18062] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 212.583467][T18062] program syz.0.5892 not setting count and/or reply_len properly [ 213.111722][T18085] netlink: 68 bytes leftover after parsing attributes in process `syz.6.5893'. [ 213.545085][T18118] netlink: 'syz.5.5905': attribute type 3 has an invalid length. [ 213.656649][T18123] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5907'. [ 213.778062][T18126] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5908'. [ 214.069399][T18143] SELinux: failed to load policy [ 214.182094][T18152] netlink: 68 bytes leftover after parsing attributes in process `syz.5.5922'. [ 214.211643][T18154] tipc: Started in network mode [ 214.216715][T18154] tipc: Node identity ac14140f, cluster identity 4711 [ 214.228928][T18154] tipc: New replicast peer: 255.255.255.83 [ 214.235024][T18154] tipc: Enabled bearer , priority 10 [ 214.677462][T18187] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5935'. [ 214.707991][T18187] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5935'. [ 214.763700][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 214.763715][ T29] audit: type=1326 audit(217.438:8594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.839040][ T29] audit: type=1326 audit(217.480:8595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.862263][ T29] audit: type=1326 audit(217.480:8596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.885197][ T29] audit: type=1326 audit(217.480:8597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.908487][ T29] audit: type=1326 audit(217.480:8598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.931996][ T29] audit: type=1326 audit(217.480:8599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.955283][ T29] audit: type=1326 audit(217.480:8600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 214.978435][ T29] audit: type=1326 audit(217.480:8601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 215.001511][ T29] audit: type=1326 audit(217.480:8602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 215.024825][ T29] audit: type=1326 audit(217.480:8603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18191 comm="syz.8.5938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8c6debe9 code=0x7ffc0000 [ 215.144908][T18208] hub 9-0:1.0: USB hub found [ 215.149853][T18208] hub 9-0:1.0: 8 ports detected [ 215.298610][ T23] tipc: Node number set to 2886997007 [ 217.005722][T18368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6017'. [ 217.015017][T18368] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6017'. [ 217.295788][T18414] veth0: entered promiscuous mode [ 217.316232][T18414] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6037'. [ 217.594399][T18454] vcan0: tx drop: invalid da for name 0xfffffffffffffffe [ 217.757071][T18476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6066'. [ 217.832395][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a5c4200: rx timeout, send abort [ 217.867089][T18483] lo speed is unknown, defaulting to 1000 [ 217.909881][T18489] netlink: 104 bytes leftover after parsing attributes in process `syz.4.6072'. [ 217.970891][T18498] sch_fq: defrate 4294967295 ignored. [ 218.046149][T18507] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18507 comm=syz.5.6080 [ 218.308463][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a5c5800: rx timeout, send abort [ 218.317068][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a5c4200: abort rx timeout. Force session deactivation [ 218.394916][T18550] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.402190][T18550] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.404044][T18553] sctp: [Deprecated]: syz.4.6095 (pid 18553) Use of struct sctp_assoc_value in delayed_ack socket option. [ 218.404044][T18553] Use struct sctp_sack_info instead [ 218.428742][T18550] 0X: left allmulticast mode [ 218.460014][T18550] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 218.473229][T18550] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.505103][T18550] veth3: left promiscuous mode [ 218.513546][ T23] syz1: Port: 1 Link DOWN [ 218.518327][ T7441] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.527315][ T7441] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.563061][ T7441] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.572307][ T7441] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.594224][ T7441] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.603217][ T7441] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.612852][ T7441] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.622096][ T7441] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.632724][T18566] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6104'. [ 218.792850][ C0] vcan0: j1939_tp_rxtimer: 0xffff88811a5c5800: abort rx timeout. Force session deactivation [ 218.839847][T18593] netlink: 48 bytes leftover after parsing attributes in process `syz.0.6117'. [ 218.937212][T18603] SELinux: Context system_u:object_r:iptables_conf_t:s0 is not valid (left unmapped). [ 218.945532][T18605] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6123'. [ 219.000506][T18611] netlink: 'syz.5.6126': attribute type 2 has an invalid length. [ 219.008739][T18611] netlink: 'syz.5.6126': attribute type 1 has an invalid length. [ 219.016911][T18611] netlink: 199820 bytes leftover after parsing attributes in process `syz.5.6126'. [ 219.102444][T18623] pim6reg: entered allmulticast mode [ 219.110439][T18623] pim6reg: left allmulticast mode [ 219.185340][T18633] 9pnet_fd: Insufficient options for proto=fd [ 219.258855][T18643] netlink: 92 bytes leftover after parsing attributes in process `syz.0.6141'. [ 219.307032][T18650] netlink: 'syz.0.6145': attribute type 1 has an invalid length. [ 219.315003][T18650] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.6145'. [ 219.540399][ T29] kauditd_printk_skb: 185 callbacks suppressed [ 219.540418][ T29] audit: type=1400 audit(222.448:8789): avc: denied { create } for pid=18694 comm="syz.5.6166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 219.569991][ T29] audit: type=1400 audit(222.448:8790): avc: denied { create } for pid=18696 comm="syz.0.6167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 219.589295][ T29] audit: type=1400 audit(222.448:8791): avc: denied { bind } for pid=18696 comm="syz.0.6167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 219.608819][ T29] audit: type=1400 audit(222.448:8792): avc: denied { node_bind } for pid=18696 comm="syz.0.6167" saddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 219.630277][ T29] audit: type=1400 audit(222.448:8793): avc: denied { execute } for pid=18696 comm="syz.0.6167" path="/589/cpuacct.usage_percpu_user" dev="tmpfs" ino=3047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 219.654461][ T29] audit: type=1400 audit(222.448:8794): avc: denied { connect } for pid=18696 comm="syz.0.6167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 219.674503][ T29] audit: type=1400 audit(222.511:8795): avc: denied { write } for pid=18694 comm="syz.5.6166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 219.695050][ T29] audit: type=1400 audit(222.532:8796): avc: denied { create } for pid=18698 comm="syz.0.6168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 219.733670][ T29] audit: type=1400 audit(222.658:8797): avc: denied { connect } for pid=18698 comm="syz.0.6168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 219.756652][ T29] audit: type=1400 audit(222.668:8798): avc: denied { bind } for pid=18703 comm="syz.5.6170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 220.008494][T18734] wireguard0: entered promiscuous mode [ 220.014084][T18734] wireguard0: entered allmulticast mode [ 220.050087][T18740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.061357][T18740] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.150495][T18742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6187'. [ 220.737099][T18807] rdma_op ffff888112f6a180 conn xmit_rdma 0000000000000000 [ 220.905433][T18833] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18833 comm=syz.5.6214 [ 221.100895][T18870] netlink: 'syz.6.6226': attribute type 22 has an invalid length. [ 221.124520][T18870] netlink: 'syz.6.6226': attribute type 22 has an invalid length. [ 221.126668][ T7441] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 221.159470][ T7441] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 221.178981][ T7441] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 221.197877][ T7441] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 221.403737][T18907] netlink: 'syz.8.6238': attribute type 1 has an invalid length. [ 221.513761][T18923] SELinux: Context system_u:object_r:dhcpc_state_t:s0 is not valid (left unmapped). [ 221.619348][T18936] sch_tbf: burst 0 is lower than device veth1 mtu (1514) ! [ 222.443061][T18985] pim6reg: entered allmulticast mode [ 222.466617][T18985] pim6reg: left allmulticast mode [ 223.113987][T19026] __nla_validate_parse: 5 callbacks suppressed [ 223.114002][T19026] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6289'. [ 223.140884][T19030] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6290'. [ 223.142746][T19024] pim6reg: entered allmulticast mode [ 223.149857][T19030] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6290'. [ 223.199019][T19024] pim6reg: left allmulticast mode [ 223.217388][T19038] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6305'. [ 223.834822][T19044] bridge: RTM_NEWNEIGH with invalid ether address [ 223.926607][T19056] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6302'. [ 223.944221][T19055] netlink: 'syz.6.6301': attribute type 21 has an invalid length. [ 223.952106][T19055] netlink: 156 bytes leftover after parsing attributes in process `syz.6.6301'. [ 224.687649][ T29] kauditd_printk_skb: 194 callbacks suppressed [ 224.687666][ T29] audit: type=1326 audit(227.867:8993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.758196][ T29] audit: type=1326 audit(227.899:8994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.781599][ T29] audit: type=1326 audit(227.899:8995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.804900][ T29] audit: type=1326 audit(227.899:8996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.827878][ T29] audit: type=1326 audit(227.899:8997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.833714][T19080] netlink: 7 bytes leftover after parsing attributes in process `syz.0.6313'. [ 224.851613][ T29] audit: type=1326 audit(227.899:8998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.883813][ T29] audit: type=1326 audit(227.899:8999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.906966][ T29] audit: type=1326 audit(227.899:9000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.929854][ T29] audit: type=1326 audit(227.899:9001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.952948][ T29] audit: type=1326 audit(227.899:9002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19062 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f28e051ebe9 code=0x7ffc0000 [ 224.976611][T19080] netlink: 7 bytes leftover after parsing attributes in process `syz.0.6313'. [ 225.123512][T19099] netlink: 96 bytes leftover after parsing attributes in process `syz.0.6321'. [ 225.322839][T19096] Set syz1 is full, maxelem 65536 reached [ 225.473559][T19122] SELinux: failed to load policy [ 225.735429][T19158] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 225.826969][T19165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6354'. [ 226.286639][T19205] infiniband syz!: set active [ 226.291403][T19205] infiniband syz!: added team_slave_0 [ 226.327799][T19205] RDS/IB: syz!: added [ 226.331855][T19205] smc: adding ib device syz! with port count 1 [ 226.343150][T19205] smc: ib device syz! port 1 has pnetid [ 227.098929][T19269] 9pnet: Could not find request transport: oT_ [ 227.167270][T19285] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19285 comm=syz.6.6407 [ 227.257733][T19303] af_packet: tpacket_rcv: packet too big, clamped from 24 to 4294967272. macoff=96 [ 227.391289][T19318] 1X: renamed from 60X [ 227.403275][T19318] 1X: entered allmulticast mode [ 227.408572][T19318] A link change request failed with some changes committed already. Interface 61X may have been left with an inconsistent configuration, please check. [ 227.425987][T19305] ================================================================== [ 227.434383][T19305] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read [ 227.443010][T19305] [ 227.445424][T19305] write to 0xffff88811e6f0228 of 8 bytes by task 19314 on cpu 0: [ 227.453150][T19305] shmem_file_splice_read+0x470/0x600 [ 227.458540][T19305] splice_direct_to_actor+0x26f/0x680 [ 227.463926][T19305] do_splice_direct+0xda/0x150 [ 227.468698][T19305] do_sendfile+0x380/0x650 [ 227.473137][T19305] __x64_sys_sendfile64+0x105/0x150 [ 227.478352][T19305] x64_sys_call+0x2bb0/0x2ff0 [ 227.483046][T19305] do_syscall_64+0xd2/0x200 [ 227.487595][T19305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.493500][T19305] [ 227.495830][T19305] write to 0xffff88811e6f0228 of 8 bytes by task 19305 on cpu 1: [ 227.503558][T19305] shmem_file_splice_read+0x470/0x600 [ 227.509035][T19305] splice_direct_to_actor+0x26f/0x680 [ 227.514418][T19305] do_splice_direct+0xda/0x150 [ 227.519288][T19305] do_sendfile+0x380/0x650 [ 227.523810][T19305] __x64_sys_sendfile64+0x105/0x150 [ 227.529031][T19305] x64_sys_call+0x2bb0/0x2ff0 [ 227.533720][T19305] do_syscall_64+0xd2/0x200 [ 227.538245][T19305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.544165][T19305] [ 227.546489][T19305] value changed: 0x00000000000323a0 -> 0x00000000000323d0 [ 227.553596][T19305] [ 227.555919][T19305] Reported by Kernel Concurrency Sanitizer on: [ 227.562164][T19305] CPU: 1 UID: 0 PID: 19305 Comm: syz.8.6418 Tainted: G W 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) [ 227.576251][T19305] Tainted: [W]=WARN [ 227.580152][T19305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 227.590321][T19305] ==================================================================