last executing test programs: 1.721650707s ago: executing program 3 (id=1486): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200f2a7ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f0000000380)={[{@nolazytime}, {@auto_da_alloc}, {@sysvgroups}, {@norecovery}, {@jqfmt_vfsv0}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpid}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18) ftruncate(r2, 0x2007ffc) sendfile(r2, r2, 0x0, 0x800000009) r4 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x1}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) preadv2(r4, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0) 1.426106133s ago: executing program 4 (id=1499): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a01011d000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 1.361863564s ago: executing program 3 (id=1491): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0x19, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b705000008000000850000006a00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x18000000000002a0, 0x5c, 0x0, &(0x7f0000000600)="763894147583ddd056fea56a8800f8ea60b8030847e64e6bc8302bac38fb3172cf738a6612a826b7446be6e1a40c4a7c765f156cf282c2b26fd43b944eaf4aff12d09d5da4b7248158d3e398a467d11fee69d196508a76eb30844c25", 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50) 1.337361964s ago: executing program 4 (id=1492): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) perf_event_open(0x0, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, 0x0, 0x0) sendmsg$NFT_BATCH(r3, 0x0, 0x0) open(0x0, 0x147842, 0x49) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$packet(0x11, 0x3, 0x300) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1) removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00') 1.212671767s ago: executing program 4 (id=1494): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000580)={r0, 0x0, &(0x7f0000000280)=@udp6, 0x2}, 0x20) 1.123911548s ago: executing program 3 (id=1495): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) r2 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x2}}, 0x20) ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x4b6a, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x1}}, 0xfed7) 1.119216618s ago: executing program 4 (id=1496): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r1}, 0x18) statx(0xffffffffffffff9c, 0x0, 0x6000, 0x200, 0x0) r2 = syz_io_uring_setup(0x794a, &(0x7f0000000000)={0x0, 0x7836, 0x80, 0x1, 0x23f}, &(0x7f0000000080), &(0x7f0000000180)) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x6, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000004c0)={0x2, 0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000700)=""/4096, 0x1000}, {0x0}], &(0x7f00000003c0)=[0x100000001]}, 0x20) 1.07714806s ago: executing program 4 (id=1497): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc9a0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) ioprio_set$pid(0x2, 0x0, 0x4007) 837.106094ms ago: executing program 2 (id=1502): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r0 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 757.995316ms ago: executing program 1 (id=1504): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001f00)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20004884}], 0x1, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) r4 = dup2(r0, r3) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c) sendto$inet6(r3, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdf8fa514cd, &(0x7f0000000100)={0xa, 0x4e23, 0x1, @loopback, 0x3}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000140)=ANY=[@ANYRES32=r2], 0x9) 639.983498ms ago: executing program 1 (id=1506): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r1 = syz_open_dev$usbfs(0x0, 0xffffffffffffffff, 0x8401) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) 632.107118ms ago: executing program 1 (id=1507): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) socket$packet(0x11, 0xa, 0x300) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000001a00000000000018112000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000200007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES8=r1, @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000200)='bridge0\x00') r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/11], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setpgid(0x0, 0x0) migrate_pages(0x0, 0x2, 0x0, 0x0) 619.199939ms ago: executing program 2 (id=1508): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000b50000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 511.72312ms ago: executing program 1 (id=1510): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x46, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sync() sendmsg$tipc(0xffffffffffffffff, 0x0, 0x8820) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x5a) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00'}, 0x18) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0) capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001885a4e9409719f2af00f5001d4120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000acaaba8f03000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r3, 0x0, 0x5}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a01011d000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) close(r1) 385.597193ms ago: executing program 2 (id=1512): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet(0x2, 0x1, 0x9) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x60, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x1c}, {0xc, 0x3}, {0xc}}}]}]}, 0x60}}, 0x0) mbind(&(0x7f0000bdf000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x0) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000240)={0xf97cff8c, 0x8, 'SE Linux', "dbdfd48ffc86e769417748fb58b8d3100fe9b7d0ae29a436e79a81da1fa7b80781ecce886808a9b7a55b6932e7697b048f21cb5b73bd38c8dbdb4fc407ab5d111173068673b08899fa6021222d5c29a5b66c05f1e3687a0b04511cfd50b18743bb92166441c899f8ea9f9d997066d9634b5b195263a932253ff09efdfcd22b57a5f21b59a70734d67fe9539f32646dc712a199ba0a8b7d15be3fa0e57646dc2572d46c307281fbef63bc50fa99d407f7e1e05b1a66"}, 0xc5) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r2, &(0x7f0000000040)={&(0x7f0000000180)=@hci={0x1f, 0x0, 0x6}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000380)="27050200340f14000600002fb96dbcf706060000170008005f452bedbdd53bc5ff1144ee162f", 0x26}], 0x1}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002ebd7000000000001400000018000180140002006e657464657673696d3000000000000008001c"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040800) 361.545953ms ago: executing program 0 (id=1513): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x8, 0x1, 0x7f, 0x1, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 292.979645ms ago: executing program 4 (id=1514): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x80032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$igmp(0x2, 0x3, 0x2) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x80, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2f}, @NFTA_SET_EXPRESSIONS={0x3c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x106}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}}, 0x20050800) 292.742955ms ago: executing program 3 (id=1515): bpf$MAP_CREATE(0x0, &(0x7f0000001300)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYBLOB="0960cd7d4f5f671ecbd42f98f098c00aabf1d96ee429d513be9ef82a21ad"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001280)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7b130000f015f4308f7adb8d9c53468300000000200012800b00010067656e657665000010000280060005004e20000004000600"], 0x40}}, 0x40800) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x9}, 0x18) socket$inet6(0xa, 0x3, 0xff) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0) preadv(r1, &(0x7f0000001380)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1, 0x6, 0xffff) write$qrtrtun(r1, &(0x7f00000013c0)="080000150812d0b46fa3bf81158ac7bd51d4438e2e3ea2a3f84bab3aed9361796611309fc86563035c2c22320000000000001400000000000000000000198a6c2ac6f970e8e35c74d96bce53f0905ab8c8af2e6dfd52694adc4758e4855e11a3df8a53504ad0772db63bb81ac7039beb2fa5c5f3daddfcffb417f04700ff6a7540d6cd1d7d35e5ab118e4c0e05a5c72a5b801a11e59ce6d1c1ee4b04fc2daca804261fc6f6824ee5efce825f07ef098f0a267e1a205eaab4fefc8462c1e2b60a46956b315c4002c34ccf1a48bc87fc47a1a4e2356d95d94c44e85fe1bfb1136058ae96e710390d777d96fe44955689c827e300906bd144db40d84704cebd8eb7edae8abc8848b1dea7f49cf3aaaea27e16c223fd34f1006710965350bd71fc6b0143b2e31d249c9de1f1dbb5450f24478df2555a3b5730c60ac10df7e56edd51a8e43b59600000d2e934ed026fdbc6759c0b300000000000000000000000e7fbffffff8b4c2c5f86abc15f536054e8e9ad96ef265f40d45b8d23e6697199d5161a898d3ad9707dbaeffd607009e59ba2bd2a242dd04bac2f1ae0af833855a29e1c0ba77aef2db57305daa23ebd2b0085595b25c104980730aeed7b70a0dd84ad5c69ee00000000000000000000000000000000000048822f3486be3f60a80b91a268978d225ddd1d9cbddd5922b7a2f37cf312f5c8014af8113d8bd50a38ef7910b2d0bf39f7450f0f3f5771e27d050bdae6807296ed8567cfe0432f03c8b698b1056f17b42f34907c8c05bb3d70ca69360ed35227f7defcf1fb510f935eb4d8ae7db341223948038418dcf684b5b8d69f745c9113e89eb569c0c50f5c75109f09f7dd", 0x263) getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='hrtimer_expire_entry\x00', r0}, 0x18) close(0xffffffffffffffff) openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1002002, 0x0) getpid() open(0x0, 0x40542, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_sock_diag(0x10, 0x3, 0x4) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x84040, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="01005ee1fadefcdbdf2501000000", @ANYRES32=r2], 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x20000, 0x0, 0x0, 0x40f00}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 292.610165ms ago: executing program 0 (id=1516): r0 = socket$netlink(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040000280ffffff05000500000000000a"], 0x80}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000010000000000000044000500"/133], 0xfc}, 0x1, 0x0, 0x0, 0x2000c010}, 0x0) bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000140)=0x4, 0x4) connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) 253.343485ms ago: executing program 1 (id=1517): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r1 = syz_open_dev$usbfs(0x0, 0xffffffffffffffff, 0x8401) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) 231.120446ms ago: executing program 0 (id=1518): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r1}, 0x18) statx(0xffffffffffffff9c, 0x0, 0x6000, 0x200, 0x0) r2 = syz_io_uring_setup(0x794a, &(0x7f0000000000)={0x0, 0x7836, 0x80, 0x1, 0x23f}, &(0x7f0000000080), &(0x7f0000000180)) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x6, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000004c0)={0x2, 0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000700)=""/4096, 0x1000}, {0x0}], &(0x7f00000003c0)=[0x100000001]}, 0x20) 227.255736ms ago: executing program 3 (id=1519): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000003c0)='htcp', 0x4) sendmmsg$inet(r0, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000ac0)="89e4192d92359cb3ee294530ae76ad6dc4ff20cc3ccc9d41018dd482ad1f395d4e38bd22b6fcae05c49fbdfdf66ae2994f191e9222effcb97205d0aaed4b29919f9e3bab7fdb276ca29501903c98de0b0cc8afca563f94fe69b6927ae594d1b53ad9f4a9f9f5c84a518d37939c84a5bd15048115ac421e9c56866ab6f91b0e8181d8999dd86c0177a971a39bf35b38eb0504bf70c02cc307c62d6f06c80b146153ca56a182831696c8cf46d2b065744e6dd4415ceff773e8d3a45aacc4fd8972cbe77878ce48d531066ec9e4790196e4a17b08ea09d4d3febf6721a44390383c7261e9e09f20c23f95e9c04d3c10220f3962d98b2bd98d5c3e50169a4c0c99f29c7a336489c26259957c4bdeae1c8cdf60d817db09336f680bbe954dc05669c9d48cb0a0488ed2385d935a7166b3187189e08d421903d546126289651db812f9c8754c0dc6f24a22ca988a2ac131cc52d724bb086a53a94e515e09fef354e9ca0daacaa347e96b3efd7c5c4063f6eb0cf55f08ff942780e6846d78410057ca2b845e69eeda4066de60a033e2f3c7e47b2f0c0c4c7da98b1d658c620f70dbe6eb8b5dd90216caa82c91db4c0f7ea02df5d5f8d6815d2d7868e6a6053f31a4fbe8732a1310ca7a79814177a981e5ab68dfeba4fe46ed4c51819be1308f73455e311f511ce4360cc7c24836c9b895ee5ce93cc42dd88f02d91b479c1748339024343700cce897087bbaae4fbd8e2ad5da016265ef097043acaf87504dde2421", 0x21e}], 0x1}}], 0x1, 0x40) sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0) 200.515857ms ago: executing program 2 (id=1520): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) socket$packet(0x11, 0xa, 0x300) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000001a00000000000018112000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000200007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES8=r1, @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000200)='bridge0\x00') r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/13], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setpgid(0x0, 0x0) migrate_pages(0x0, 0x2, 0x0, 0x0) 153.151967ms ago: executing program 0 (id=1521): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) socket$packet(0x11, 0xa, 0x300) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000001a00000000000018112000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000200007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES8=r1, @ANYRES32=0x1, @ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000200)='bridge0\x00') r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setpgid(0x0, 0x0) migrate_pages(0x0, 0x2, 0x0, 0x0) 112.203918ms ago: executing program 1 (id=1522): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000b50000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 111.874188ms ago: executing program 2 (id=1523): socket$packet(0x11, 0x3, 0x300) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x5, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4) sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000b00)={0xa, 0x4e23, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/130, 0x82}, 0xdb30}], 0x1, 0x40002042, 0x0) 81.468859ms ago: executing program 0 (id=1524): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002ebd7000000000001400000018000180140002"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040800) 72.004119ms ago: executing program 2 (id=1525): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) r2 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x2}}, 0x20) ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x4b6a, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x1}}, 0xfed7) 25.47041ms ago: executing program 3 (id=1526): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a01011d000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 0s ago: executing program 0 (id=1527): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x8, 0x1, 0x7f, 0x1, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) kernel console output (not intermixed with test programs): audit: type=1400 audit(1759177064.544:90): avc: denied { read write } for pid=3298 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 34.522189][ T3306] veth1_vlan: entered promiscuous mode [ 34.533669][ T3430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.543072][ T3430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.552029][ T3430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.561633][ T3303] veth1_macvtap: entered promiscuous mode [ 34.577799][ T3304] veth1_vlan: entered promiscuous mode [ 34.602137][ T3304] veth0_macvtap: entered promiscuous mode [ 34.610402][ T3304] veth1_macvtap: entered promiscuous mode [ 34.627784][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.637062][ T3306] veth0_macvtap: entered promiscuous mode [ 34.647724][ T3472] random: crng reseeded on system resumption [ 34.669759][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.679132][ T3306] veth1_macvtap: entered promiscuous mode [ 34.696715][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.705317][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.729830][ T3430] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.742456][ T3430] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.771439][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.782489][ T3430] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.798442][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.810225][ T3430] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.852304][ T3430] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.894194][ T3430] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.920532][ T57] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.957907][ T57] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.991620][ T3482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 34.997931][ T3487] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET) [ 35.005835][ T57] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.025539][ T3485] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 35.038589][ T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.047707][ T3485] SELinux: failed to load policy [ 35.051813][ T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.093623][ T3494] bridge0: port 3(gretap0) entered blocking state [ 35.100280][ T3494] bridge0: port 3(gretap0) entered disabled state [ 35.108903][ T3494] gretap0: entered allmulticast mode [ 35.114900][ T3494] gretap0: entered promiscuous mode [ 35.120909][ T3494] bridge0: port 3(gretap0) entered blocking state [ 35.127673][ T3494] bridge0: port 3(gretap0) entered forwarding state [ 35.136873][ T57] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.137176][ T3482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 35.156971][ T3498] netlink: 'syz.3.11': attribute type 19 has an invalid length. [ 35.164650][ T3498] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11'. [ 35.172178][ T3500] bridge0: port 3(gretap0) entered blocking state [ 35.179938][ T3500] bridge0: port 3(gretap0) entered disabled state [ 35.200548][ T3500] gretap0: entered allmulticast mode [ 35.217147][ T3500] gretap0: entered promiscuous mode [ 35.224200][ T3500] bridge0: port 3(gretap0) entered blocking state [ 35.230804][ T3500] bridge0: port 3(gretap0) entered forwarding state [ 35.267238][ T3507] sd 0:0:1:0: device reset [ 35.278628][ T3498] Zero length message leads to an empty skb [ 35.296275][ T3508] loop0: detected capacity change from 0 to 512 [ 35.326463][ T3498] mmap: syz.3.11 (3498) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 35.358855][ T313] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 35.379751][ T3508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 35.386553][ T3514] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16'. [ 35.400987][ T3508] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 35.428176][ T313] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 35.479966][ T313] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 35.494074][ T3521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18'. [ 35.524767][ T313] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 35.558981][ T3529] netlink: 'syz.4.21': attribute type 10 has an invalid length. [ 35.566745][ T3529] netlink: 40 bytes leftover after parsing attributes in process `syz.4.21'. [ 35.576523][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.596681][ T3529] team0: Port device geneve1 added [ 35.621795][ T3529] syz.4.21 (3529) used greatest stack depth: 10672 bytes left [ 35.653571][ T3533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18'. [ 35.673968][ T3534] loop0: detected capacity change from 0 to 764 [ 35.688807][ T3534] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 35.700523][ T3534] netlink: 100 bytes leftover after parsing attributes in process `syz.0.24'. [ 35.748599][ T3539] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23'. [ 35.825809][ T3541] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23'. [ 36.207041][ T3553] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 36.238153][ T3553] SELinux: failed to load policy [ 36.800076][ T3497] syz.3.11 (3497) used greatest stack depth: 10248 bytes left [ 36.908074][ T3567] syzkaller1: entered promiscuous mode [ 36.913657][ T3567] syzkaller1: entered allmulticast mode [ 37.254857][ T3501] syz.3.11 (3501) used greatest stack depth: 9832 bytes left [ 37.298598][ T3581] vhci_hcd: invalid port number 236 [ 37.302531][ T3583] vhci_hcd: invalid port number 236 [ 37.368385][ T3587] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 37.392272][ T3587] bond1: entered allmulticast mode [ 37.397956][ T3587] 8021q: adding VLAN 0 to HW filter on device bond1 [ 37.580913][ T3595] vhci_hcd: invalid port number 236 [ 37.734150][ T3603] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 37.801211][ T3611] loop4: detected capacity change from 0 to 512 [ 37.809327][ T3611] EXT4-fs: Invalid want_extra_isize 2408 [ 38.071787][ T3629] vhci_hcd: invalid port number 236 [ 38.088533][ T3634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 38.121519][ T3634] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 39.204066][ T3662] loop0: detected capacity change from 0 to 512 [ 39.215230][ T3662] EXT4-fs: Ignoring removed bh option [ 39.256849][ T3662] ext4: Bad value for 'max_batch_time' [ 39.266771][ T29] kauditd_printk_skb: 427 callbacks suppressed [ 39.266788][ T29] audit: type=1400 audit(1759177069.334:518): avc: denied { read } for pid=3661 comm="syz.0.63" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 39.295967][ T29] audit: type=1400 audit(1759177069.334:519): avc: denied { open } for pid=3661 comm="syz.0.63" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 39.395741][ T29] audit: type=1400 audit(1759177069.434:520): avc: denied { nlmsg_read } for pid=3661 comm="syz.0.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 39.529396][ T3665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 39.557939][ T3665] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 39.884269][ T3674] loop0: detected capacity change from 0 to 256 [ 39.935016][ T3674] FAT-fs (loop0): codepage cp861 not found [ 40.024182][ T29] audit: type=1400 audit(1759177070.084:521): avc: denied { create } for pid=3676 comm="syz.0.69" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 40.052191][ T29] audit: type=1400 audit(1759177070.094:522): avc: denied { bind } for pid=3676 comm="syz.0.69" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 40.071853][ T29] audit: type=1400 audit(1759177070.094:523): avc: denied { write } for pid=3676 comm="syz.0.69" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 40.155735][ T29] audit: type=1400 audit(1759177070.214:524): avc: denied { create } for pid=3680 comm="syz.0.71" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 40.247672][ T3689] loop4: detected capacity change from 0 to 128 [ 40.258214][ T29] audit: type=1400 audit(1759177070.314:525): avc: denied { create } for pid=3684 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 40.277838][ T29] audit: type=1400 audit(1759177070.324:526): avc: denied { bind } for pid=3684 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 40.297392][ T29] audit: type=1400 audit(1759177070.324:527): avc: denied { listen } for pid=3684 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 41.228404][ T3708] netlink: 'syz.3.80': attribute type 10 has an invalid length. [ 41.389466][ T3711] __nla_validate_parse: 6 callbacks suppressed [ 41.389485][ T3711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.78'. [ 43.987977][ T3771] loop0: detected capacity change from 0 to 512 [ 44.040381][ T3771] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.066260][ T3771] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 44.132898][ T3776] netlink: 12 bytes leftover after parsing attributes in process `syz.1.98'. [ 44.299390][ T3778] loop2: detected capacity change from 0 to 512 [ 44.323446][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.348310][ T3778] ======================================================= [ 44.348310][ T3778] WARNING: The mand mount option has been deprecated and [ 44.348310][ T3778] and is ignored by this kernel. Remove the mand [ 44.348310][ T3778] option from the mount to silence this warning. [ 44.348310][ T3778] ======================================================= [ 44.496136][ T3778] EXT4-fs (loop2): orphan cleanup on readonly fs [ 44.503406][ T3778] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.100: bg 0: block 248: padding at end of block bitmap is not set [ 44.532446][ T3778] __quota_error: 23 callbacks suppressed [ 44.532465][ T3778] Quota error (device loop2): write_blk: dquota write failed [ 44.545680][ T3778] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 44.555776][ T3778] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.100: Failed to acquire dquot type 1 [ 44.575676][ T3778] EXT4-fs (loop2): 1 truncate cleaned up [ 44.592496][ T3778] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 44.605481][ T3787] loop0: detected capacity change from 0 to 128 [ 44.618008][ T29] audit: type=1400 audit(1759177074.684:551): avc: denied { read } for pid=3777 comm="syz.2.100" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 44.640367][ T29] audit: type=1400 audit(1759177074.684:552): avc: denied { open } for pid=3777 comm="syz.2.100" path="/8/bus/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 44.663673][ T3778] syz.2.100 (3778) used greatest stack depth: 9280 bytes left [ 44.663763][ T29] audit: type=1400 audit(1759177074.734:553): avc: denied { setattr } for pid=3777 comm="syz.2.100" path="/8/bus/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 44.701230][ T3787] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 44.722576][ T3787] ext4 filesystem being mounted at /33/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 44.794850][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.827927][ T29] audit: type=1400 audit(1759177074.894:554): avc: denied { create } for pid=3793 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 44.992932][ T3794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.109'. [ 45.011492][ T3800] loop3: detected capacity change from 0 to 128 [ 45.023829][ T3297] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 45.023982][ T29] audit: type=1400 audit(1759177075.054:555): avc: denied { setopt } for pid=3793 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 45.034728][ T3800] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 45.067649][ T3800] ext4 filesystem being mounted at /18/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 45.110330][ T29] audit: type=1400 audit(1759177075.164:556): avc: denied { read write } for pid=3795 comm="syz.4.111" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 45.134553][ T29] audit: type=1400 audit(1759177075.164:557): avc: denied { open } for pid=3795 comm="syz.4.111" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 45.581114][ T3812] netlink: 14 bytes leftover after parsing attributes in process `syz.4.113'. [ 45.901299][ T3812] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 45.914534][ T3812] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 45.951018][ T29] audit: type=1400 audit(1759177076.014:558): avc: denied { getopt } for pid=3816 comm="syz.1.115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 46.116102][ T3812] bond0 (unregistering): Released all slaves [ 46.178333][ T3830] sctp: [Deprecated]: syz.1.115 (pid 3830) Use of struct sctp_assoc_value in delayed_ack socket option. [ 46.178333][ T3830] Use struct sctp_sack_info instead [ 46.458793][ T3298] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 46.582125][ T3839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 46.593523][ T3839] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 47.063046][ T3847] loop3: detected capacity change from 0 to 512 [ 47.244229][ T3847] EXT4-fs: test_dummy_encryption option not supported [ 47.898848][ T3860] loop2: detected capacity change from 0 to 256 [ 48.158781][ T3868] loop1: detected capacity change from 0 to 512 [ 48.188048][ T3868] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.202672][ T3868] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 48.281434][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.316038][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 48.348334][ T3886] loop3: detected capacity change from 0 to 512 [ 48.361452][ T3886] EXT4-fs (loop3): orphan cleanup on readonly fs [ 48.369638][ T3886] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.136: bg 0: block 248: padding at end of block bitmap is not set [ 48.386984][ T3886] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.136: Failed to acquire dquot type 1 [ 48.404995][ T3886] EXT4-fs (loop3): 1 truncate cleaned up [ 48.413564][ T3886] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 48.458879][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.535182][ T3891] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 48.629817][ T3889] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 49.779865][ T3901] loop2: detected capacity change from 0 to 128 [ 49.830260][ T3901] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 49.851165][ T3901] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.913588][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 49.913608][ T29] audit: type=1400 audit(1759177079.974:578): avc: denied { setattr } for pid=3900 comm="syz.2.139" path="/18/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 50.035170][ T29] audit: type=1400 audit(1759177080.024:579): avc: denied { ioctl } for pid=3900 comm="syz.2.139" path="/18/file1/file1" dev="loop2" ino=12 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 50.073998][ T3306] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 50.109407][ T3919] loop3: detected capacity change from 0 to 512 [ 50.129299][ T3919] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.149622][ T3919] ext4 filesystem being mounted at /28/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 50.169498][ T3926] netlink: 104 bytes leftover after parsing attributes in process `syz.2.143'. [ 50.182222][ T29] audit: type=1400 audit(1759177080.234:580): avc: denied { nlmsg_read } for pid=3925 comm="syz.2.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 50.210492][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.221933][ T29] audit: type=1400 audit(1759177080.244:581): avc: denied { override_creds } for pid=3922 comm="syz.0.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 50.263434][ T3930] netlink: 24 bytes leftover after parsing attributes in process `syz.0.150'. [ 50.295003][ T3932] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.304930][ T29] audit: type=1400 audit(1759177080.304:582): avc: denied { ioctl } for pid=3927 comm="syz.0.149" path="socket:[6193]" dev="sockfs" ino=6193 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 50.322338][ T3932] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.275368][ T3945] loop4: detected capacity change from 0 to 256 [ 51.283351][ T29] audit: type=1400 audit(1759177081.344:583): avc: denied { create } for pid=3943 comm="syz.0.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 51.461294][ T3956] loop4: detected capacity change from 0 to 512 [ 51.529474][ T3956] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.542293][ T3956] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 52.540487][ T29] audit: type=1400 audit(1759177082.334:584): avc: denied { ioctl } for pid=3959 comm="syz.0.161" path="socket:[5927]" dev="sockfs" ino=5927 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 52.565007][ T29] audit: type=1400 audit(1759177082.334:585): avc: denied { connect } for pid=3959 comm="syz.0.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 52.584724][ T29] audit: type=1400 audit(1759177082.344:586): avc: denied { kexec_image_load } for pid=3959 comm="syz.0.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 52.607361][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.113882][ T29] audit: type=1400 audit(1759177082.924:587): avc: denied { bind } for pid=3977 comm="syz.2.165" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 53.188553][ T3992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 53.197390][ T3992] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 53.299680][ T3997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.173'. [ 53.385014][ T4000] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.187919][ T4077] loop0: detected capacity change from 0 to 2048 [ 55.249581][ T4077] loop0: p1 p3 p4 [ 55.255129][ T4077] loop0: p4 size 589824 extends beyond EOD, truncated [ 55.273048][ T4077] ./file0: Can't open blockdev [ 55.287544][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 55.287580][ T29] audit: type=1400 audit(1759177085.334:601): avc: denied { read write } for pid=4076 comm="syz.0.208" name="loop0p1" dev="devtmpfs" ino=588 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 55.317201][ T29] audit: type=1400 audit(1759177085.334:602): avc: denied { open } for pid=4076 comm="syz.0.208" path="/dev/loop0p1" dev="devtmpfs" ino=588 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 55.327993][ T3288] udevd[3288]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 55.340524][ T29] audit: type=1400 audit(1759177085.334:603): avc: denied { mounton } for pid=4076 comm="syz.0.208" path="/dev/loop0p1" dev="devtmpfs" ino=588 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 55.413723][ T3840] udevd[3840]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 55.514460][ T4083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.523393][ T4083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.860450][ T4097] ieee802154 phy0 wpan0: encryption failed: -22 [ 55.914754][ T4099] loop0: detected capacity change from 0 to 512 [ 55.921161][ T29] audit: type=1400 audit(1759177085.924:604): avc: denied { write } for pid=4089 comm="syz.1.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 56.059899][ T4099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.086775][ T4099] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 56.109216][ T4110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.124876][ T4110] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.167961][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.235434][ T4120] dvmrp1: entered allmulticast mode [ 56.327947][ T4123] netlink: 24 bytes leftover after parsing attributes in process `syz.1.225'. [ 56.751112][ T4136] tipc: Started in network mode [ 56.756115][ T4136] tipc: Node identity 922abf98311c, cluster identity 4711 [ 56.763351][ T4136] tipc: Enabled bearer , priority 0 [ 56.779333][ T4136] syzkaller0: entered promiscuous mode [ 56.784875][ T4136] syzkaller0: entered allmulticast mode [ 56.799823][ T4136] tipc: Resetting bearer [ 56.825725][ T4135] tipc: Resetting bearer [ 56.834134][ T4149] loop0: detected capacity change from 0 to 512 [ 56.854081][ T4135] tipc: Disabling bearer [ 56.871263][ T4149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.884294][ T4149] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 56.945010][ T4155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.953815][ T4155] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.039490][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.382274][ T29] audit: type=1400 audit(1759177087.444:605): avc: denied { mount } for pid=4157 comm="syz.2.236" name="/" dev="configfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 57.405622][ T29] audit: type=1400 audit(1759177087.444:606): avc: denied { search } for pid=4157 comm="syz.2.236" name="/" dev="configfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.428122][ T29] audit: type=1400 audit(1759177087.444:607): avc: denied { search } for pid=4157 comm="syz.2.236" name="/" dev="configfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.450282][ T29] audit: type=1400 audit(1759177087.444:608): avc: denied { read open } for pid=4157 comm="syz.2.236" path="/" dev="configfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 57.548432][ T29] audit: type=1400 audit(1759177087.584:609): avc: denied { name_bind } for pid=4160 comm="syz.0.237" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 57.825954][ T29] audit: type=1400 audit(1759177087.884:610): avc: denied { mounton } for pid=4168 comm="syz.1.241" path="/proc/126/task" dev="proc" ino=6571 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 58.189965][ T4200] process 'syz.3.246' launched '/dev/fd/5' with NULL argv: empty string added [ 58.575001][ T4210] loop4: detected capacity change from 0 to 512 [ 58.606279][ T4210] EXT4-fs: Ignoring removed mblk_io_submit option [ 58.612850][ T4210] EXT4-fs: inline encryption not supported [ 58.627488][ T4210] EXT4-fs: test_dummy_encryption option not supported [ 59.190926][ T4235] loop3: detected capacity change from 0 to 512 [ 59.427096][ T4235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.806019][ T4235] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 60.008369][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.354000][ T4261] dvmrp1: entered allmulticast mode [ 60.509078][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 60.509093][ T29] audit: type=1400 audit(1759177346.573:615): avc: denied { write } for pid=4256 comm="syz.4.274" name="udp6" dev="proc" ino=4026532659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 60.902870][ T4271] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 61.360319][ T29] audit: type=1400 audit(1759177347.263:616): avc: denied { bind } for pid=4274 comm="syz.3.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 61.379868][ T29] audit: type=1400 audit(1759177347.263:617): avc: denied { name_bind } for pid=4274 comm="syz.3.279" src=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 61.401936][ T29] audit: type=1400 audit(1759177347.263:618): avc: denied { node_bind } for pid=4274 comm="syz.3.279" src=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 61.531638][ T4284] loop1: detected capacity change from 0 to 128 [ 61.546192][ T4286] loop2: detected capacity change from 0 to 512 [ 61.569571][ T4284] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 61.585094][ T4284] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.600223][ T4286] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.613303][ T4286] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 61.676942][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.714575][ T4292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.285'. [ 61.726623][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 61.755264][ T10] IPVS: starting estimator thread 0... [ 61.764919][ T4292] syz_tun: entered promiscuous mode [ 61.881090][ T4295] IPVS: using max 2304 ests per chain, 115200 per kthread [ 61.948298][ T29] audit: type=1400 audit(1759177347.913:619): avc: denied { bind } for pid=4299 comm="syz.2.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 61.977000][ T29] audit: type=1400 audit(1759177348.043:620): avc: denied { write } for pid=4301 comm="syz.4.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 62.052179][ T4307] hub 9-0:1.0: USB hub found [ 62.057171][ T4307] hub 9-0:1.0: 8 ports detected [ 62.529668][ T29] audit: type=1400 audit(1759177348.583:621): avc: denied { ioctl } for pid=4314 comm="syz.3.291" path="socket:[6800]" dev="sockfs" ino=6800 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 62.958461][ T4328] netlink: 20 bytes leftover after parsing attributes in process `syz.4.295'. [ 63.243455][ T4334] 9pnet_fd: Insufficient options for proto=fd [ 63.904483][ T4347] loop3: detected capacity change from 0 to 8192 [ 63.959217][ T29] audit: type=1400 audit(1759177350.023:622): avc: denied { read } for pid=4355 comm="syz.0.308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 64.225589][ T4360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.308'. [ 64.418457][ T4367] loop3: detected capacity change from 0 to 2048 [ 64.453086][ T4367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.896410][ T29] audit: type=1400 audit(1759177350.563:623): avc: denied { shutdown } for pid=4349 comm="syz.2.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 64.948992][ T29] audit: type=1400 audit(1759177351.013:624): avc: denied { write } for pid=4366 comm="syz.3.311" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 64.974148][ T4367] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 64.996199][ T4367] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28 [ 65.008880][ T4367] EXT4-fs (loop3): This should not happen!! Data will be lost [ 65.008880][ T4367] [ 65.018681][ T4367] EXT4-fs (loop3): Total free blocks count 0 [ 65.024694][ T4367] EXT4-fs (loop3): Free/Dirty block details [ 65.031108][ T4367] EXT4-fs (loop3): free_blocks=66060288 [ 65.036791][ T4367] EXT4-fs (loop3): dirty_blocks=48 [ 65.041928][ T4367] EXT4-fs (loop3): Block reservation details [ 65.047968][ T4367] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 65.179145][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.626784][ T4398] usb usb8: usbfs: process 4398 (syz.3.314) did not claim interface 0 before use [ 66.309204][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 66.309220][ T29] audit: type=1326 audit(1759177352.373:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.347637][ T4446] bridge0: port 3(gretap0) entered blocking state [ 66.354162][ T4446] bridge0: port 3(gretap0) entered disabled state [ 66.362614][ T4446] gretap0: entered allmulticast mode [ 66.368256][ T29] audit: type=1326 audit(1759177352.403:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.373589][ T4446] gretap0: entered promiscuous mode [ 66.391786][ T29] audit: type=1326 audit(1759177352.403:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.401282][ T4446] bridge0: port 3(gretap0) entered blocking state [ 66.420624][ T29] audit: type=1326 audit(1759177352.403:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.427526][ T4446] bridge0: port 3(gretap0) entered forwarding state [ 66.450790][ T29] audit: type=1326 audit(1759177352.403:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.481317][ T29] audit: type=1326 audit(1759177352.403:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.491515][ T4452] bridge0: port 3(gretap0) entered blocking state [ 66.505120][ T29] audit: type=1326 audit(1759177352.403:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.511361][ T4452] bridge0: port 3(gretap0) entered disabled state [ 66.534770][ T29] audit: type=1326 audit(1759177352.403:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.562648][ T4452] gretap0: entered allmulticast mode [ 66.564677][ T29] audit: type=1326 audit(1759177352.403:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.572246][ T4452] gretap0: entered promiscuous mode [ 66.593575][ T29] audit: type=1326 audit(1759177352.403:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4445 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 66.636623][ T4452] bridge0: port 3(gretap0) entered blocking state [ 66.643126][ T4452] bridge0: port 3(gretap0) entered forwarding state [ 66.930910][ T4492] dvmrp1: entered allmulticast mode [ 67.518360][ T4535] openvswitch: netlink: Message has 6 unknown bytes. [ 67.562126][ T4540] netlink: 'syz.2.326': attribute type 10 has an invalid length. [ 67.570404][ T4540] netlink: 40 bytes leftover after parsing attributes in process `syz.2.326'. [ 67.681174][ T4540] team0: Port device geneve1 added [ 67.808328][ T4552] bridge0: port 3(gretap0) entered blocking state [ 67.814836][ T4552] bridge0: port 3(gretap0) entered disabled state [ 67.821512][ T4552] gretap0: entered allmulticast mode [ 67.931939][ T4571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.333'. [ 67.940804][ T4571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.333'. [ 67.949835][ T4571] netlink: 'syz.2.333': attribute type 18 has an invalid length. [ 67.962893][ T4552] gretap0: entered promiscuous mode [ 68.022434][ T4574] netlink: 16 bytes leftover after parsing attributes in process `syz.4.332'. [ 68.092479][ T4573] netlink: 'syz.4.332': attribute type 4 has an invalid length. [ 68.117924][ T4552] bridge0: port 3(gretap0) entered blocking state [ 68.124462][ T4552] bridge0: port 3(gretap0) entered forwarding state [ 68.148901][ T4575] netlink: 'syz.4.332': attribute type 4 has an invalid length. [ 68.335499][ T4570] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.361193][ T4570] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.370194][ T4570] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.379551][ T4570] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.439474][ T4579] loop1: detected capacity change from 0 to 128 [ 68.457198][ T4585] openvswitch: netlink: Message has 6 unknown bytes. [ 68.707727][ T4593] usb usb8: usbfs: process 4593 (syz.2.338) did not claim interface 0 before use [ 68.823422][ T4579] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 68.947007][ T4579] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.090100][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 69.362595][ T4619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.352'. [ 69.477240][ T4624] usb usb8: usbfs: process 4624 (syz.3.350) did not claim interface 0 before use [ 69.699672][ T4630] loop1: detected capacity change from 0 to 512 [ 69.728952][ T4628] loop4: detected capacity change from 0 to 1024 [ 69.781466][ T4630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.797685][ T4628] EXT4-fs: Ignoring removed orlov option [ 69.800741][ T4630] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.911007][ T4628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.038920][ T4630] netlink: 'syz.1.356': attribute type 7 has an invalid length. [ 70.046802][ T4630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.356'. [ 70.202168][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.232781][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.257843][ T4643] netlink: 'syz.3.359': attribute type 1 has an invalid length. [ 70.303271][ T4643] 8021q: adding VLAN 0 to HW filter on device bond1 [ 70.406593][ T4656] netlink: 4 bytes leftover after parsing attributes in process `syz.3.359'. [ 70.437012][ T4656] bond1 (unregistering): Released all slaves [ 70.520176][ T4663] syzkaller1: entered promiscuous mode [ 70.525799][ T4663] syzkaller1: entered allmulticast mode [ 70.585528][ T4663] loop1: detected capacity change from 0 to 1024 [ 70.605218][ T4663] EXT4-fs: Ignoring removed orlov option [ 70.627948][ T4663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.680322][ T4668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.366'. [ 70.689286][ T4668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.366'. [ 70.754755][ T4673] loop4: detected capacity change from 0 to 512 [ 70.914471][ T4683] loop0: detected capacity change from 0 to 512 [ 70.938392][ T4683] EXT4-fs: Ignoring removed nomblk_io_submit option [ 70.945269][ T4683] EXT4-fs: Ignoring removed bh option [ 70.971609][ T4683] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 71.002318][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.035211][ T4683] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 71.050183][ T4683] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #11: comm syz.0.372: corrupted inode contents [ 71.062867][ T4683] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #11: comm syz.0.372: mark_inode_dirty error [ 71.074859][ T4683] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.372: invalid indirect mapped block 1 (level 1) [ 71.101002][ T4683] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #11: comm syz.0.372: corrupted inode contents [ 71.114156][ T4683] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 71.130731][ T4697] netlink: 'syz.3.377': attribute type 1 has an invalid length. [ 71.139118][ T4697] netlink: 154788 bytes leftover after parsing attributes in process `syz.3.377'. [ 71.158919][ T4683] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #11: comm syz.0.372: corrupted inode contents [ 71.209479][ T4683] EXT4-fs error (device loop0): ext4_truncate:4666: inode #11: comm syz.0.372: mark_inode_dirty error [ 71.222926][ T4697] loop3: detected capacity change from 0 to 512 [ 71.250751][ T4683] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 71.261656][ T4697] EXT4-fs (loop3): orphan cleanup on readonly fs [ 71.271743][ T4683] EXT4-fs (loop0): 1 truncate cleaned up [ 71.293182][ T4683] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.294565][ T4697] EXT4-fs warning (device loop3): ext4_xattr_inode_get:556: inode #11: comm syz.3.377: EA inode hash validation failed [ 71.311067][ T4683] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz.0.372: path /92/file0: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 71.321994][ T4697] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 71.353567][ T4697] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.377: corrupted inode contents [ 71.354117][ T29] kauditd_printk_skb: 446 callbacks suppressed [ 71.354134][ T29] audit: type=1400 audit(1759177357.413:1082): avc: denied { read append } for pid=4689 comm="syz.1.375" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 71.365806][ T4697] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.377: mark_inode_dirty error [ 71.371951][ T29] audit: type=1400 audit(1759177357.413:1083): avc: denied { open } for pid=4689 comm="syz.1.375" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 71.397601][ T4697] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.377: corrupted inode contents [ 71.406909][ T29] audit: type=1400 audit(1759177357.413:1084): avc: denied { write } for pid=4689 comm="syz.1.375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 71.465886][ T4701] lo speed is unknown, defaulting to 1000 [ 71.465897][ T4697] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.377: mark_inode_dirty error [ 71.472004][ T4701] lo speed is unknown, defaulting to 1000 [ 71.472256][ T4701] lo speed is unknown, defaulting to 1000 [ 71.497138][ T4697] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.377: mark inode dirty (error -117) [ 71.517309][ T4697] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 71.527076][ T4701] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 71.534622][ T4701] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98 [ 71.546590][ T4683] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.557159][ T4701] lo speed is unknown, defaulting to 1000 [ 71.565097][ T4697] EXT4-fs (loop3): 1 orphan inode deleted [ 71.573292][ T4701] lo speed is unknown, defaulting to 1000 [ 71.597410][ T4697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 71.616512][ T4701] lo speed is unknown, defaulting to 1000 [ 71.634674][ T4709] loop2: detected capacity change from 0 to 8192 [ 71.664393][ T4701] lo speed is unknown, defaulting to 1000 [ 71.724128][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.735787][ T4701] lo speed is unknown, defaulting to 1000 [ 71.771312][ T29] audit: type=1326 audit(1759177357.833:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 71.795029][ T29] audit: type=1326 audit(1759177357.833:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 71.855822][ T29] audit: type=1326 audit(1759177357.893:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 71.879382][ T29] audit: type=1326 audit(1759177357.893:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 71.903215][ T29] audit: type=1326 audit(1759177357.893:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 71.927459][ T29] audit: type=1326 audit(1759177357.893:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 71.944021][ T4728] openvswitch: netlink: Message has 6 unknown bytes. [ 71.951075][ T29] audit: type=1326 audit(1759177357.893:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.4.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 72.073536][ T4740] loop0: detected capacity change from 0 to 8192 [ 72.432140][ T4792] loop3: detected capacity change from 0 to 512 [ 72.702113][ T4836] openvswitch: netlink: Message has 6 unknown bytes. [ 72.738582][ T4830] loop4: detected capacity change from 0 to 8192 [ 72.821755][ T4848] loop4: detected capacity change from 0 to 2048 [ 72.877996][ T4848] loop4: p1 p3 p4 [ 72.893015][ T4848] loop4: p4 size 589824 extends beyond EOD, truncated [ 72.964414][ T4866] openvswitch: netlink: Message has 6 unknown bytes. [ 73.038571][ T4867] loop0: detected capacity change from 0 to 8192 [ 73.066096][ T4881] __nla_validate_parse: 5 callbacks suppressed [ 73.066115][ T4881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.463'. [ 73.085586][ T4880] Illegal XDP return value 4294967274 on prog (id 165) dev N/A, expect packet loss! [ 73.174413][ T4890] loop0: detected capacity change from 0 to 2048 [ 73.215777][ T4887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.463'. [ 73.238000][ T4890] loop0: p1 p3 p4 [ 73.244851][ T4890] loop0: p4 size 589824 extends beyond EOD, truncated [ 73.309861][ T4911] netlink: 4 bytes leftover after parsing attributes in process `syz.4.476'. [ 73.343884][ T4909] loop1: detected capacity change from 0 to 8192 [ 73.364261][ T4907] syzkaller1: entered promiscuous mode [ 73.370118][ T4907] syzkaller1: entered allmulticast mode [ 73.383584][ T4907] loop0: detected capacity change from 0 to 1024 [ 73.393096][ T4907] EXT4-fs: Ignoring removed orlov option [ 73.395262][ T4916] loop4: detected capacity change from 0 to 128 [ 73.412311][ T4907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.426476][ T4916] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 73.451314][ T4916] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.580662][ T3303] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.684678][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.750324][ T4934] loop1: detected capacity change from 0 to 128 [ 73.935802][ T4939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.488'. [ 74.080430][ T4952] openvswitch: netlink: Message has 6 unknown bytes. [ 74.141345][ T4957] loop4: detected capacity change from 0 to 1024 [ 74.188772][ T4960] loop3: detected capacity change from 0 to 2048 [ 74.194644][ T4957] EXT4-fs: Ignoring removed orlov option [ 74.249355][ T4960] loop3: p1 p3 p4 [ 74.255275][ T4960] loop3: p4 size 589824 extends beyond EOD, truncated [ 74.278152][ T4957] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.440741][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.767786][ T5014] loop2: detected capacity change from 0 to 1024 [ 74.784762][ T5014] EXT4-fs: Ignoring removed orlov option [ 74.807108][ T5018] loop4: detected capacity change from 0 to 128 [ 74.826127][ T5014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.071014][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.170881][ T5047] loop3: detected capacity change from 0 to 764 [ 75.212416][ T5047] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 75.223211][ T5047] netlink: 100 bytes leftover after parsing attributes in process `syz.3.534'. [ 75.425819][ T5068] loop2: detected capacity change from 0 to 512 [ 75.609251][ T5076] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'. [ 75.984659][ T5092] loop1: detected capacity change from 0 to 1024 [ 76.000359][ T5094] loop3: detected capacity change from 0 to 512 [ 76.002302][ T5092] EXT4-fs: Ignoring removed orlov option [ 76.116418][ T5097] openvswitch: netlink: Message has 6 unknown bytes. [ 76.132155][ T5092] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.222062][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.356586][ T29] kauditd_printk_skb: 830 callbacks suppressed [ 76.356603][ T29] audit: type=1326 audit(1759177362.423:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5118 comm="syz.4.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 76.380287][ T5132] loop2: detected capacity change from 0 to 128 [ 76.396283][ T5127] loop0: detected capacity change from 0 to 512 [ 76.403880][ T29] audit: type=1326 audit(1759177362.463:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5118 comm="syz.4.567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 76.427720][ T29] audit: type=1326 audit(1759177362.463:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 76.452710][ T29] audit: type=1326 audit(1759177362.463:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 76.482783][ T29] audit: type=1326 audit(1759177362.543:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 76.506262][ T29] audit: type=1326 audit(1759177362.543:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdf2b9e5d67 code=0x7ffc0000 [ 76.529830][ T29] audit: type=1326 audit(1759177362.543:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf2b98af79 code=0x7ffc0000 [ 76.553405][ T29] audit: type=1326 audit(1759177362.543:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdf2b9e5d67 code=0x7ffc0000 [ 76.557234][ T5135] random: crng reseeded on system resumption [ 76.576987][ T29] audit: type=1326 audit(1759177362.543:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf2b98af79 code=0x7ffc0000 [ 76.606349][ T29] audit: type=1326 audit(1759177362.543:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5128 comm="syz.3.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdf2b9e5d67 code=0x7ffc0000 [ 76.763075][ T5143] openvswitch: netlink: Message has 6 unknown bytes. [ 77.005595][ T5169] openvswitch: netlink: Message has 6 unknown bytes. [ 77.131096][ T5185] syzkaller1: entered promiscuous mode [ 77.137050][ T5185] syzkaller1: entered allmulticast mode [ 77.162517][ T5185] loop0: detected capacity change from 0 to 1024 [ 77.170545][ T5185] EXT4-fs: Ignoring removed orlov option [ 77.210226][ T5185] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.311404][ T5204] loop4: detected capacity change from 0 to 512 [ 77.321481][ T5205] random: crng reseeded on system resumption [ 77.487345][ T5217] loop3: detected capacity change from 0 to 2048 [ 77.569084][ T5217] loop3: p1 p3 p4 [ 77.581014][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.583059][ T5217] loop3: p4 size 589824 extends beyond EOD, truncated [ 77.668238][ T5233] random: crng reseeded on system resumption [ 77.747421][ T5236] usb usb8: usbfs: process 5236 (syz.1.610) did not claim interface 0 before use [ 77.769495][ T5238] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 77.848651][ T5238] SELinux: failed to load policy [ 78.573642][ T5252] netlink: 4 bytes leftover after parsing attributes in process `syz.4.622'. [ 78.663373][ T5258] loop4: detected capacity change from 0 to 128 [ 78.754540][ T5258] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 78.777724][ T5263] loop2: detected capacity change from 0 to 128 [ 78.860745][ T5258] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.071417][ T5276] random: crng reseeded on system resumption [ 79.210718][ T3303] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 79.459250][ T5293] loop1: detected capacity change from 0 to 128 [ 79.490642][ T5297] loop0: detected capacity change from 0 to 2048 [ 79.586836][ T5300] usb usb8: usbfs: process 5300 (syz.3.634) did not claim interface 0 before use [ 79.618163][ T5297] loop0: p1 p3 p4 [ 79.627395][ T5297] loop0: p4 size 589824 extends beyond EOD, truncated [ 79.897809][ T5310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.644'. [ 79.984950][ T5324] loop2: detected capacity change from 0 to 512 [ 80.006381][ T5320] random: crng reseeded on system resumption [ 80.017639][ T5326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.652'. [ 80.161372][ T5331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.652'. [ 80.268247][ T5353] loop4: detected capacity change from 0 to 128 [ 80.341601][ T5361] netlink: 4 bytes leftover after parsing attributes in process `syz.0.668'. [ 80.556703][ T5374] usb usb8: usbfs: process 5374 (syz.4.667) did not claim interface 0 before use [ 80.872803][ T5385] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 80.980599][ T5385] SELinux: failed to load policy [ 81.098646][ T5405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.683'. [ 81.110801][ T5407] loop3: detected capacity change from 0 to 128 [ 81.213655][ T5416] random: crng reseeded on system resumption [ 81.336648][ T5427] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 81.346394][ T5427] SELinux: failed to load policy [ 81.487253][ T5449] netlink: 4 bytes leftover after parsing attributes in process `syz.1.703'. [ 81.534669][ T5456] loop4: detected capacity change from 0 to 128 [ 81.618462][ T5459] usb usb8: usbfs: process 5459 (syz.2.699) did not claim interface 0 before use [ 81.668365][ T5456] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 81.703217][ T5456] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.017493][ T3303] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.081299][ T5484] loop4: detected capacity change from 0 to 512 [ 82.090213][ T5476] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 82.099344][ T5476] SELinux: failed to load policy [ 82.108016][ T5484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.121249][ T5484] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.167821][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.200376][ T5493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.717'. [ 82.254847][ T29] kauditd_printk_skb: 956 callbacks suppressed [ 82.254912][ T29] audit: type=1326 audit(1759177368.313:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.292961][ T29] audit: type=1326 audit(1759177368.343:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.316914][ T29] audit: type=1326 audit(1759177368.353:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.340872][ T29] audit: type=1326 audit(1759177368.353:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.364505][ T29] audit: type=1326 audit(1759177368.353:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.388362][ T29] audit: type=1326 audit(1759177368.353:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.412537][ T29] audit: type=1326 audit(1759177368.353:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.436078][ T29] audit: type=1326 audit(1759177368.353:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.459458][ T29] audit: type=1326 audit(1759177368.353:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.483023][ T29] audit: type=1326 audit(1759177368.353:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.3.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 82.535528][ T5514] loop2: detected capacity change from 0 to 512 [ 82.552244][ T5510] netlink: 4 bytes leftover after parsing attributes in process `syz.4.724'. [ 82.631453][ T5519] random: crng reseeded on system resumption [ 82.672473][ T5527] loop2: detected capacity change from 0 to 512 [ 82.690490][ T5527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.704248][ T5527] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.738179][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.977572][ T5552] loop3: detected capacity change from 0 to 512 [ 82.996690][ T5531] usb usb8: usbfs: process 5531 (syz.1.735) did not claim interface 0 before use [ 83.438114][ T5587] loop4: detected capacity change from 0 to 128 [ 83.447236][ T5582] random: crng reseeded on system resumption [ 83.479344][ T5589] loop1: detected capacity change from 0 to 2048 [ 83.520409][ T5590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.758'. [ 83.527172][ T5589] loop1: p1 p3 p4 [ 83.552340][ T5596] loop4: detected capacity change from 0 to 128 [ 83.586962][ T5589] loop1: p4 size 589824 extends beyond EOD, truncated [ 83.767932][ T5612] usb usb8: usbfs: process 5612 (syz.0.762) did not claim interface 0 before use [ 84.069630][ T5622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.773'. [ 84.220242][ T5628] random: crng reseeded on system resumption [ 84.252693][ T5630] loop1: detected capacity change from 0 to 1024 [ 84.259708][ T5630] EXT4-fs: Ignoring removed orlov option [ 84.280190][ T5630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.292536][ T5634] loop2: detected capacity change from 0 to 2048 [ 84.386799][ T5634] loop2: p1 p3 p4 [ 84.403282][ T5634] loop2: p4 size 589824 extends beyond EOD, truncated [ 84.437375][ T5643] loop3: detected capacity change from 0 to 2048 [ 84.445679][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.468758][ T5643] loop3: p1 p3 p4 [ 84.478088][ T5643] loop3: p4 size 589824 extends beyond EOD, truncated [ 84.502760][ T5662] loop1: detected capacity change from 0 to 128 [ 84.656699][ T5683] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 84.723699][ T5690] loop0: detected capacity change from 0 to 128 [ 84.817046][ T5693] usb usb8: usbfs: process 5693 (syz.1.794) did not claim interface 0 before use [ 84.888315][ T5696] loop2: detected capacity change from 0 to 128 [ 84.909083][ T5696] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 84.987708][ T5696] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.045736][ T5702] loop0: detected capacity change from 0 to 128 [ 85.082595][ T3306] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 85.280090][ T5704] loop0: detected capacity change from 0 to 512 [ 85.407504][ T5717] loop3: detected capacity change from 0 to 128 [ 85.420072][ T5710] random: crng reseeded on system resumption [ 85.532948][ T5726] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 85.547770][ T5730] loop1: detected capacity change from 0 to 128 [ 85.666326][ T5730] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 85.680544][ T5730] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.680862][ T5746] loop4: detected capacity change from 0 to 128 [ 85.806718][ T5749] usb usb8: usbfs: process 5749 (syz.0.820) did not claim interface 0 before use [ 85.851983][ T5751] loop3: detected capacity change from 0 to 512 [ 85.971342][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 86.161932][ T5762] random: crng reseeded on system resumption [ 86.310160][ T5778] netlink: 16 bytes leftover after parsing attributes in process `syz.4.841'. [ 86.861881][ T5800] loop4: detected capacity change from 0 to 1024 [ 86.869904][ T5800] EXT4-fs: Ignoring removed orlov option [ 86.902901][ T5800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.916151][ T5805] random: crng reseeded on system resumption [ 86.967247][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.990887][ T5809] loop4: detected capacity change from 0 to 512 [ 87.019298][ T5809] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.032223][ T5809] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.048515][ T5815] loop1: detected capacity change from 0 to 512 [ 87.058814][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.140622][ T5827] loop1: detected capacity change from 0 to 128 [ 87.258603][ T29] kauditd_printk_skb: 744 callbacks suppressed [ 87.258621][ T29] audit: type=1326 audit(1759177373.323:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.290500][ T29] audit: type=1326 audit(1759177373.343:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.314006][ T29] audit: type=1326 audit(1759177373.343:3644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.337920][ T29] audit: type=1326 audit(1759177373.353:3645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.361571][ T29] audit: type=1326 audit(1759177373.353:3646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.369512][ T5840] loop3: detected capacity change from 0 to 512 [ 87.385199][ T29] audit: type=1326 audit(1759177373.353:3647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.391995][ T5839] usb usb8: usbfs: process 5839 (syz.2.859) did not claim interface 0 before use [ 87.415278][ T29] audit: type=1326 audit(1759177373.353:3648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.448027][ T29] audit: type=1326 audit(1759177373.353:3649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.454855][ T5842] loop1: detected capacity change from 0 to 512 [ 87.471745][ T29] audit: type=1326 audit(1759177373.353:3650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.501767][ T29] audit: type=1326 audit(1759177373.353:3651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.4.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 87.509551][ T5840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.546048][ T5840] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.590458][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.613247][ T5853] netlink: 40 bytes leftover after parsing attributes in process `syz.0.871'. [ 87.620069][ T5855] loop3: detected capacity change from 0 to 512 [ 87.664359][ T36] lo speed is unknown, defaulting to 1000 [ 87.687355][ T5860] loop0: detected capacity change from 0 to 2048 [ 87.716454][ T5860] loop0: p1 p3 p4 [ 87.722494][ T5860] loop0: p4 size 589824 extends beyond EOD, truncated [ 87.898664][ T5871] loop3: detected capacity change from 0 to 512 [ 87.919610][ T5871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.932699][ T5871] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.956993][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.501652][ T5887] netlink: 40 bytes leftover after parsing attributes in process `syz.3.883'. [ 88.543600][ T5889] loop1: detected capacity change from 0 to 512 [ 88.624307][ T5891] random: crng reseeded on system resumption [ 88.670363][ T5893] netlink: 4 bytes leftover after parsing attributes in process `syz.3.886'. [ 89.117013][ T5924] loop1: detected capacity change from 0 to 128 [ 89.128152][ T5927] loop0: detected capacity change from 0 to 128 [ 89.136588][ T5924] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 89.175529][ T5924] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.262124][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 89.334939][ T5949] loop0: detected capacity change from 0 to 1024 [ 89.343184][ T5945] loop1: detected capacity change from 0 to 1024 [ 89.350803][ T5945] EXT4-fs: Ignoring removed orlov option [ 89.357205][ T5949] EXT4-fs: Ignoring removed orlov option [ 89.368213][ T5949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.384345][ T5945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.411526][ T5955] random: crng reseeded on system resumption [ 89.450461][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.479341][ T5961] loop2: detected capacity change from 0 to 128 [ 89.521042][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.536733][ T5965] loop0: detected capacity change from 0 to 512 [ 89.630946][ T5981] loop1: detected capacity change from 0 to 512 [ 89.671059][ T5985] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 89.680519][ T5985] SELinux: failed to load policy [ 89.747303][ T6001] loop1: detected capacity change from 0 to 512 [ 89.763898][ T5999] loop0: detected capacity change from 0 to 512 [ 89.787856][ T6001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.804276][ T6001] ext4 filesystem being mounted at /194/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 89.846337][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.855787][ T6010] loop2: detected capacity change from 0 to 2048 [ 89.877046][ T6010] loop2: p1 p3 p4 [ 89.884725][ T6010] loop2: p4 size 589824 extends beyond EOD, truncated [ 89.959220][ T6021] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 89.968421][ T6021] SELinux: failed to load policy [ 90.176861][ T6037] usb usb8: usbfs: process 6037 (syz.2.945) did not claim interface 0 before use [ 90.282524][ T6043] loop1: detected capacity change from 0 to 512 [ 90.324140][ T6045] loop0: detected capacity change from 0 to 512 [ 90.374890][ T6045] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.449707][ T6045] ext4 filesystem being mounted at /209/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.495762][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.511353][ T6054] loop1: detected capacity change from 0 to 128 [ 90.632300][ T6075] netlink: 8 bytes leftover after parsing attributes in process `syz.3.964'. [ 90.701709][ T6079] loop3: detected capacity change from 0 to 1024 [ 90.717688][ T6079] EXT4-fs: Ignoring removed orlov option [ 90.731380][ T6079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.856224][ T6090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.968'. [ 90.949375][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.987579][ T6106] loop3: detected capacity change from 0 to 512 [ 91.026937][ T6108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.977'. [ 91.288967][ T6127] loop3: detected capacity change from 0 to 1024 [ 91.295611][ T6127] EXT4-fs: Ignoring removed orlov option [ 91.308810][ T6127] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.438248][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.462568][ T6131] loop3: detected capacity change from 0 to 2048 [ 91.496160][ T6131] loop3: p1 p3 p4 [ 91.500959][ T6131] loop3: p4 size 589824 extends beyond EOD, truncated [ 91.531228][ T6133] loop1: detected capacity change from 0 to 512 [ 91.565108][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 91.803276][ T6163] loop3: detected capacity change from 0 to 2048 [ 91.845814][ T6165] random: crng reseeded on system resumption [ 91.852476][ T6163] loop3: p1 p3 p4 [ 91.858691][ T6163] loop3: p4 size 589824 extends beyond EOD, truncated [ 91.902096][ T6167] loop3: detected capacity change from 0 to 512 [ 91.960593][ T6170] loop0: detected capacity change from 0 to 2048 [ 91.996604][ T6170] loop0: p1 p3 p4 [ 92.002917][ T6170] loop0: p4 size 589824 extends beyond EOD, truncated [ 92.029494][ T6177] loop3: detected capacity change from 0 to 1024 [ 92.045343][ T6177] EXT4-fs: Ignoring removed orlov option [ 92.063113][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1005'. [ 92.077288][ T6177] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.137891][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.179091][ T6191] loop3: detected capacity change from 0 to 128 [ 92.221380][ T6193] loop3: detected capacity change from 0 to 2048 [ 92.258032][ T6193] loop3: p1 p3 p4 [ 92.262760][ T6193] loop3: p4 size 589824 extends beyond EOD, truncated [ 92.271499][ T29] kauditd_printk_skb: 999 callbacks suppressed [ 92.271533][ T29] audit: type=1326 audit(1759177378.333:4651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6185 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1d5ebaf79 code=0x7ffc0000 [ 92.302019][ T29] audit: type=1326 audit(1759177378.333:4652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6185 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.326038][ T29] audit: type=1326 audit(1759177378.333:4653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6185 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.356978][ T6196] loop0: detected capacity change from 0 to 512 [ 92.372413][ T29] audit: type=1326 audit(1759177378.433:4654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.396070][ T29] audit: type=1326 audit(1759177378.433:4655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.419909][ T29] audit: type=1326 audit(1759177378.433:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.433572][ T6199] loop3: detected capacity change from 0 to 2048 [ 92.443735][ T29] audit: type=1326 audit(1759177378.433:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.473661][ T29] audit: type=1326 audit(1759177378.433:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.497428][ T29] audit: type=1326 audit(1759177378.433:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.521038][ T29] audit: type=1326 audit(1759177378.433:4660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6194 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 92.736208][ T6210] loop2: detected capacity change from 0 to 1024 [ 92.744638][ T6211] random: crng reseeded on system resumption [ 92.762409][ T6210] EXT4-fs: Ignoring removed orlov option [ 92.800636][ T6210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.916011][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.987626][ T6199] loop3: p1 p3 p4 [ 93.018218][ T6199] loop3: p4 size 589824 extends beyond EOD, truncated [ 93.387566][ T6223] loop4: detected capacity change from 0 to 1024 [ 93.394591][ T6223] EXT4-fs: Ignoring removed orlov option [ 93.418848][ T6229] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1026'. [ 93.440981][ T6223] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.478545][ T6231] loop2: detected capacity change from 0 to 1024 [ 93.489783][ T6231] EXT4-fs: Ignoring removed orlov option [ 93.500500][ T6240] loop0: detected capacity change from 0 to 512 [ 93.530935][ T6244] loop1: detected capacity change from 0 to 2048 [ 93.545445][ T6231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.577590][ T6244] loop1: p1 p3 p4 [ 93.582412][ T6244] loop1: p4 size 589824 extends beyond EOD, truncated [ 93.592466][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.650292][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.708154][ T6265] loop4: detected capacity change from 0 to 512 [ 94.147171][ T6279] loop3: detected capacity change from 0 to 2048 [ 94.200714][ T6285] loop2: detected capacity change from 0 to 1024 [ 94.207637][ T6285] EXT4-fs: Ignoring removed orlov option [ 94.219020][ T6285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.231741][ T6279] loop3: p1 p3 p4 [ 94.236742][ T6279] loop3: p4 size 589824 extends beyond EOD, truncated [ 94.292714][ T6293] loop3: detected capacity change from 0 to 2048 [ 94.301745][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.346896][ T6293] loop3: p1 p3 p4 [ 94.351937][ T6293] loop3: p4 size 589824 extends beyond EOD, truncated [ 94.402706][ T6303] loop3: detected capacity change from 0 to 1024 [ 94.409800][ T6303] EXT4-fs: Ignoring removed orlov option [ 94.438974][ T6303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.478754][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.544349][ T6310] loop3: detected capacity change from 0 to 1024 [ 94.552991][ T6310] EXT4-fs: Ignoring removed orlov option [ 94.569140][ T6310] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.609234][ T6318] loop0: detected capacity change from 0 to 2048 [ 94.627587][ T6318] loop0: p1 p3 p4 [ 94.672672][ T6318] loop0: p4 size 589824 extends beyond EOD, truncated [ 94.684335][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.733858][ T6329] loop0: detected capacity change from 0 to 512 [ 94.752473][ T6330] loop2: detected capacity change from 0 to 2048 [ 94.758066][ T6332] loop3: detected capacity change from 0 to 1024 [ 94.765921][ T6332] EXT4-fs: Ignoring removed orlov option [ 94.777780][ T6332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.800418][ T6336] loop0: detected capacity change from 0 to 512 [ 94.806350][ T6330] loop2: p1 p3 p4 [ 94.812297][ T6330] loop2: p4 size 589824 extends beyond EOD, truncated [ 94.815780][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.830575][ T6336] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.843655][ T6336] ext4 filesystem being mounted at /237/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 94.887536][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.946372][ T6354] loop3: detected capacity change from 0 to 512 [ 95.059476][ T6366] loop0: detected capacity change from 0 to 1024 [ 95.075504][ T6366] EXT4-fs: Ignoring removed orlov option [ 95.110500][ T6370] loop2: detected capacity change from 0 to 2048 [ 95.139432][ T6372] loop1: detected capacity change from 0 to 1024 [ 95.148869][ T6372] EXT4-fs: Ignoring removed orlov option [ 95.167366][ T6366] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.198384][ T6372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.212792][ T6370] loop2: p1 p3 p4 [ 95.221676][ T6370] loop2: p4 size 589824 extends beyond EOD, truncated [ 95.353699][ T6389] loop2: detected capacity change from 0 to 512 [ 95.420884][ T6393] loop2: detected capacity change from 0 to 1024 [ 95.427775][ T6393] EXT4-fs: Ignoring removed orlov option [ 95.484879][ T6405] loop3: detected capacity change from 0 to 1024 [ 95.488819][ T6404] loop0: detected capacity change from 0 to 1024 [ 95.493171][ T6405] EXT4-fs: Ignoring removed orlov option [ 95.498356][ T6404] EXT4-fs: Ignoring removed orlov option [ 95.613487][ T6420] loop0: detected capacity change from 0 to 512 [ 95.929791][ T6450] loop0: detected capacity change from 0 to 512 [ 96.026166][ T6463] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1122'. [ 96.058670][ T6465] loop4: detected capacity change from 0 to 2048 [ 96.096599][ T6465] loop4: p1 p3 p4 [ 96.101423][ T6465] loop4: p4 size 589824 extends beyond EOD, truncated [ 96.205704][ T6476] random: crng reseeded on system resumption [ 96.242302][ T6480] loop4: detected capacity change from 0 to 512 [ 96.306596][ T6482] loop4: detected capacity change from 0 to 1024 [ 96.313774][ T6482] EXT4-fs: Ignoring removed orlov option [ 96.431067][ T6496] loop3: detected capacity change from 0 to 128 [ 96.438302][ T6494] loop4: detected capacity change from 0 to 2048 [ 96.448585][ T6494] loop4: p1 p3 p4 [ 96.453980][ T6494] loop4: p4 size 589824 extends beyond EOD, truncated [ 96.533595][ T6508] loop2: detected capacity change from 0 to 512 [ 96.648285][ T6518] random: crng reseeded on system resumption [ 97.000591][ T6534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1146'. [ 97.419541][ T6549] loop3: detected capacity change from 0 to 512 [ 97.432792][ T6548] loop1: detected capacity change from 0 to 2048 [ 97.442314][ T29] kauditd_printk_skb: 642 callbacks suppressed [ 97.442356][ T29] audit: type=1326 audit(1759177383.503:5303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.502212][ T29] audit: type=1326 audit(1759177383.533:5304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.526180][ T29] audit: type=1326 audit(1759177383.533:5305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.550315][ T29] audit: type=1326 audit(1759177383.533:5306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.574070][ T29] audit: type=1326 audit(1759177383.533:5307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.597854][ T29] audit: type=1326 audit(1759177383.543:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.621466][ T29] audit: type=1326 audit(1759177383.543:5309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.645195][ T29] audit: type=1326 audit(1759177383.543:5310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.668804][ T29] audit: type=1326 audit(1759177383.543:5311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.692734][ T29] audit: type=1326 audit(1759177383.543:5312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6547 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf2b9eeec9 code=0x7ffc0000 [ 97.736908][ T6548] loop1: p1 p3 p4 [ 97.741704][ T6548] loop1: p4 size 589824 extends beyond EOD, truncated [ 97.764982][ T6561] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1159'. [ 97.796722][ T6563] loop0: detected capacity change from 0 to 128 [ 97.801011][ T6565] loop2: detected capacity change from 0 to 512 [ 97.817234][ T6563] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.886849][ T6579] loop1: detected capacity change from 0 to 512 [ 97.945757][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1171'. [ 97.993967][ T6593] loop3: detected capacity change from 0 to 2048 [ 98.021448][ T6595] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1169'. [ 98.029542][ T6599] loop0: detected capacity change from 0 to 2048 [ 98.038036][ T6593] loop3: p1 p3 p4 [ 98.042761][ T6593] loop3: p4 size 589824 extends beyond EOD, truncated [ 98.086129][ T6599] loop0: p1 p3 p4 [ 98.091113][ T6599] loop0: p4 size 589824 extends beyond EOD, truncated [ 98.174955][ T6609] loop0: detected capacity change from 0 to 512 [ 98.208624][ T6615] loop2: detected capacity change from 0 to 1024 [ 98.226403][ T6615] EXT4-fs: Ignoring removed orlov option [ 98.254387][ T6619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1185'. [ 98.314307][ T6625] loop3: detected capacity change from 0 to 1024 [ 98.327918][ T6625] EXT4-fs: Ignoring removed orlov option [ 98.544787][ T6644] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1194'. [ 98.601623][ T6655] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1198'. [ 98.630728][ T6657] loop3: detected capacity change from 0 to 512 [ 98.724993][ T6667] loop2: detected capacity change from 0 to 2048 [ 98.749723][ T6671] loop3: detected capacity change from 0 to 512 [ 98.756427][ T6667] loop2: p1 p3 p4 [ 98.761236][ T6667] loop2: p4 size 589824 extends beyond EOD, truncated [ 98.811753][ T6673] loop2: detected capacity change from 0 to 1024 [ 98.822505][ T6673] EXT4-fs: Ignoring removed orlov option [ 99.041578][ T6684] loop3: detected capacity change from 0 to 1024 [ 99.057202][ T6684] EXT4-fs: Ignoring removed orlov option [ 99.191601][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1212'. [ 99.307397][ T6706] loop0: detected capacity change from 0 to 512 [ 99.671838][ T6735] loop1: detected capacity change from 0 to 512 [ 99.884850][ T6762] loop1: detected capacity change from 0 to 2048 [ 99.900075][ T6766] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1248'. [ 99.947934][ T6762] loop1: p1 p3 p4 [ 99.954795][ T6762] loop1: p4 size 589824 extends beyond EOD, truncated [ 100.108072][ T6781] loop1: detected capacity change from 0 to 764 [ 100.118858][ T6781] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 100.243348][ T6795] FAULT_INJECTION: forcing a failure. [ 100.243348][ T6795] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 100.256594][ T6795] CPU: 1 UID: 0 PID: 6795 Comm: syz.1.1261 Not tainted syzkaller #0 PREEMPT(voluntary) [ 100.256684][ T6795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 100.256701][ T6795] Call Trace: [ 100.256709][ T6795] [ 100.256718][ T6795] __dump_stack+0x1d/0x30 [ 100.256756][ T6795] dump_stack_lvl+0xe8/0x140 [ 100.256841][ T6795] dump_stack+0x15/0x1b [ 100.256863][ T6795] should_fail_ex+0x265/0x280 [ 100.256896][ T6795] should_fail+0xb/0x20 [ 100.256923][ T6795] should_fail_usercopy+0x1a/0x20 [ 100.257010][ T6795] _copy_to_user+0x20/0xa0 [ 100.257053][ T6795] simple_read_from_buffer+0xb5/0x130 [ 100.257121][ T6795] proc_fail_nth_read+0x10e/0x150 [ 100.257158][ T6795] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 100.257213][ T6795] vfs_read+0x1a5/0x770 [ 100.257241][ T6795] ? __rcu_read_unlock+0x4f/0x70 [ 100.257270][ T6795] ? __fget_files+0x184/0x1c0 [ 100.257307][ T6795] ksys_read+0xda/0x1a0 [ 100.257395][ T6795] __x64_sys_read+0x40/0x50 [ 100.257425][ T6795] x64_sys_call+0x27bc/0x2ff0 [ 100.257454][ T6795] do_syscall_64+0xd2/0x200 [ 100.257556][ T6795] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 100.257588][ T6795] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 100.257625][ T6795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.257653][ T6795] RIP: 0033:0x7f7f88b1d8dc [ 100.257673][ T6795] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 100.257750][ T6795] RSP: 002b:00007f7f87587030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 100.257775][ T6795] RAX: ffffffffffffffda RBX: 00007f7f88d75fa0 RCX: 00007f7f88b1d8dc [ 100.257791][ T6795] RDX: 000000000000000f RSI: 00007f7f875870a0 RDI: 0000000000000006 [ 100.257807][ T6795] RBP: 00007f7f87587090 R08: 0000000000000000 R09: 0000000000000000 [ 100.257823][ T6795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.257839][ T6795] R13: 00007f7f88d76038 R14: 00007f7f88d75fa0 R15: 00007ffff5c81c18 [ 100.257865][ T6795] [ 100.494299][ T6814] capability: warning: `syz.1.1268' uses 32-bit capabilities (legacy support in use) [ 100.802837][ T6843] FAULT_INJECTION: forcing a failure. [ 100.802837][ T6843] name failslab, interval 1, probability 0, space 0, times 1 [ 100.815656][ T6843] CPU: 1 UID: 0 PID: 6843 Comm: syz.1.1281 Not tainted syzkaller #0 PREEMPT(voluntary) [ 100.815687][ T6843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 100.815704][ T6843] Call Trace: [ 100.815711][ T6843] [ 100.815749][ T6843] __dump_stack+0x1d/0x30 [ 100.815774][ T6843] dump_stack_lvl+0xe8/0x140 [ 100.815793][ T6843] dump_stack+0x15/0x1b [ 100.815810][ T6843] should_fail_ex+0x265/0x280 [ 100.815892][ T6843] should_failslab+0x8c/0xb0 [ 100.815926][ T6843] kmem_cache_alloc_node_noprof+0x57/0x320 [ 100.816016][ T6843] ? __alloc_skb+0x101/0x320 [ 100.816121][ T6843] __alloc_skb+0x101/0x320 [ 100.816145][ T6843] netlink_alloc_large_skb+0xba/0xf0 [ 100.816173][ T6843] netlink_sendmsg+0x3cf/0x6b0 [ 100.816206][ T6843] ? __pfx_netlink_sendmsg+0x10/0x10 [ 100.816238][ T6843] __sock_sendmsg+0x145/0x180 [ 100.816328][ T6843] ____sys_sendmsg+0x31e/0x4e0 [ 100.816421][ T6843] ___sys_sendmsg+0x17b/0x1d0 [ 100.816490][ T6843] __x64_sys_sendmsg+0xd4/0x160 [ 100.816521][ T6843] x64_sys_call+0x191e/0x2ff0 [ 100.816542][ T6843] do_syscall_64+0xd2/0x200 [ 100.816649][ T6843] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 100.816740][ T6843] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 100.816773][ T6843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.816869][ T6843] RIP: 0033:0x7f7f88b1eec9 [ 100.816889][ T6843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.816921][ T6843] RSP: 002b:00007f7f87587038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 100.817016][ T6843] RAX: ffffffffffffffda RBX: 00007f7f88d75fa0 RCX: 00007f7f88b1eec9 [ 100.817029][ T6843] RDX: 0000000000000800 RSI: 00002000000002c0 RDI: 0000000000000003 [ 100.817042][ T6843] RBP: 00007f7f87587090 R08: 0000000000000000 R09: 0000000000000000 [ 100.817054][ T6843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.817091][ T6843] R13: 00007f7f88d76038 R14: 00007f7f88d75fa0 R15: 00007ffff5c81c18 [ 100.817116][ T6843] [ 101.047880][ T6845] ------------[ cut here ]------------ [ 101.053423][ T6845] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x17, 0x10] s64=[0x17, 0x10] u32=[0x17, 0x10] s32=[0x17, 0x10] var_off=(0x10, 0x0)(1) [ 101.070508][ T6845] WARNING: CPU: 0 PID: 6845 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680 [ 101.081010][ T6845] Modules linked in: [ 101.085031][ T6845] CPU: 0 UID: 0 PID: 6845 Comm: syz.1.1283 Not tainted syzkaller #0 PREEMPT(voluntary) [ 101.094988][ T6845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 101.105241][ T6845] RIP: 0010:reg_bounds_sanity_check+0x673/0x680 [ 101.111646][ T6845] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 22 82 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 [ 101.131415][ T6845] RSP: 0018:ffffc90010a53440 EFLAGS: 00010292 [ 101.137697][ T6845] RAX: 2ef084ecf78bf800 RBX: ffff88811a4b50b8 RCX: 0000000000080000 [ 101.145907][ T6845] RDX: ffffc90002143000 RSI: 0000000000008774 RDI: 0000000000008775 [ 101.153903][ T6845] RBP: 0000000000000010 R08: 0001c90010a5327f R09: 0000000000000000 [ 101.161930][ T6845] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a4b5078 [ 101.170054][ T6845] R13: ffff8881249f8000 R14: ffff8881249f8000 R15: ffff88811a4b50b0 [ 101.178201][ T6845] FS: 00007f7f875876c0(0000) GS:ffff8882aee43000(0000) knlGS:0000000000000000 [ 101.187449][ T6845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.194052][ T6845] CR2: 00007f7f87586f98 CR3: 000000012e11c000 CR4: 00000000003506f0 [ 101.202094][ T6845] Call Trace: [ 101.205564][ T6845] [ 101.208549][ T6845] reg_set_min_max+0x1eb/0x260 [ 101.213357][ T6845] check_cond_jmp_op+0x1080/0x16e0 [ 101.218541][ T6845] do_check+0x332a/0x7a10 [ 101.223096][ T6845] do_check_common+0xc3a/0x12a0 [ 101.228021][ T6845] bpf_check+0x942b/0xd9e0 [ 101.232480][ T6845] ? __rcu_read_unlock+0x4f/0x70 [ 101.237636][ T6845] ? __alloc_frozen_pages_noprof+0x188/0x360 [ 101.243708][ T6845] ? alloc_pages_bulk_noprof+0x4b8/0x540 [ 101.249698][ T6845] ? css_rstat_updated+0xb7/0x240 [ 101.254882][ T6845] ? xfd_validate_state+0x45/0xf0 [ 101.256746][ T6848] netlink: zone id is out of range [ 101.260028][ T6845] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 101.265564][ T6848] netlink: zone id is out of range [ 101.271548][ T6845] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 101.276937][ T6848] netlink: zone id is out of range [ 101.283315][ T6845] ? css_rstat_updated+0xb7/0x240 [ 101.288637][ T6848] netlink: zone id is out of range [ 101.293523][ T6845] ? __rcu_read_unlock+0x4f/0x70 [ 101.298812][ T6848] netlink: zone id is out of range [ 101.303814][ T6845] ? pcpu_memcg_post_alloc_hook+0xf1/0x150 [ 101.309009][ T6848] netlink: zone id is out of range [ 101.314809][ T6845] ? should_fail_ex+0x30/0x280 [ 101.320008][ T6848] netlink: zone id is out of range [ 101.324751][ T6845] ? selinux_bpf_prog_load+0x36/0xf0 [ 101.329925][ T6848] netlink: zone id is out of range [ 101.335200][ T6845] ? should_failslab+0x8c/0xb0 [ 101.340404][ T6848] netlink: zone id is out of range [ 101.340414][ T6848] netlink: zone id is out of range [ 101.355542][ T6845] ? __kmalloc_cache_noprof+0x189/0x320 [ 101.361169][ T6845] ? selinux_bpf_prog_load+0xbf/0xf0 [ 101.366506][ T6845] ? security_bpf_prog_load+0x2c/0xa0 [ 101.371930][ T6845] bpf_prog_load+0xedd/0x1070 [ 101.376867][ T6845] ? security_bpf+0x2b/0x90 [ 101.381443][ T6845] __sys_bpf+0x462/0x7b0 [ 101.385763][ T6845] __x64_sys_bpf+0x41/0x50 [ 101.390338][ T6845] x64_sys_call+0x2aea/0x2ff0 [ 101.395089][ T6845] do_syscall_64+0xd2/0x200 [ 101.399733][ T6845] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 101.405940][ T6845] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 101.411740][ T6845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.417712][ T6845] RIP: 0033:0x7f7f88b1eec9 [ 101.422274][ T6845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.423152][ T6856] hub 1-0:1.0: USB hub found [ 101.442277][ T6845] RSP: 002b:00007f7f87587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 101.442311][ T6845] RAX: ffffffffffffffda RBX: 00007f7f88d75fa0 RCX: 00007f7f88b1eec9 [ 101.442329][ T6845] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 101.472023][ T6845] RBP: 00007f7f88ba1f91 R08: 0000000000000000 R09: 0000000000000000 [ 101.480045][ T6845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.488126][ T6845] R13: 00007f7f88d76038 R14: 00007f7f88d75fa0 R15: 00007ffff5c81c18 [ 101.496169][ T6845] [ 101.499293][ T6845] ---[ end trace 0000000000000000 ]--- [ 101.499564][ T6856] hub 1-0:1.0: 8 ports detected [ 101.654831][ T6866] batman_adv: batadv0: Adding interface: dummy0 [ 101.661283][ T6866] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.838391][ T6866] batman_adv: batadv0: Interface activated: dummy0 [ 101.978864][ T6875] __nla_validate_parse: 2 callbacks suppressed [ 101.978882][ T6875] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1288'. [ 101.994692][ T6875] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1288'. [ 102.122834][ T6875] netlink: 712 bytes leftover after parsing attributes in process `syz.0.1288'. [ 102.253415][ T6885] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1294'. [ 102.365963][ T6892] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1297'. [ 102.407628][ T6892] IPVS: Error joining to the multicast group [ 102.451567][ T29] kauditd_printk_skb: 646 callbacks suppressed [ 102.451587][ T29] audit: type=1400 audit(1759177388.513:5959): avc: denied { listen } for pid=6890 comm="syz.1.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 102.605729][ T29] audit: type=1400 audit(1759177388.663:5960): avc: denied { create } for pid=6890 comm="syz.1.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 102.630684][ T6904] loop4: detected capacity change from 0 to 1024 [ 102.641549][ T6907] loop0: detected capacity change from 0 to 1024 [ 102.653962][ T6904] EXT4-fs: Ignoring removed orlov option [ 102.661817][ T6907] EXT4-fs: Ignoring removed orlov option [ 102.684177][ T6914] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1304'. [ 102.727931][ T29] audit: type=1326 audit(1759177388.783:5961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.751995][ T29] audit: type=1326 audit(1759177388.783:5962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.752031][ T6919] loop3: detected capacity change from 0 to 512 [ 102.775791][ T29] audit: type=1326 audit(1759177388.783:5963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.805771][ T29] audit: type=1326 audit(1759177388.783:5964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.829446][ T29] audit: type=1326 audit(1759177388.783:5965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.853614][ T29] audit: type=1326 audit(1759177388.783:5966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.877241][ T29] audit: type=1326 audit(1759177388.783:5967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.901642][ T29] audit: type=1326 audit(1759177388.783:5968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.2.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91411deec9 code=0x7ffc0000 [ 102.963501][ T6933] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1000 sclass=netlink_route_socket pid=6933 comm=syz.2.1311 [ 102.987097][ T6935] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1312'. [ 103.074743][ T6944] SELinux: policydb string length 30837 does not match expected length 8 [ 103.085144][ T6944] SELinux: failed to load policy [ 103.447606][ T6965] loop3: detected capacity change from 0 to 1024 [ 103.454562][ T6965] ext4: Unknown parameter 'pcr' [ 103.545998][ T6969] loop4: detected capacity change from 0 to 512 [ 103.586454][ T6974] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1325'. [ 103.643825][ T6981] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1329'. [ 103.662362][ T6983] loop3: detected capacity change from 0 to 1024 [ 103.670026][ T6983] EXT4-fs: Ignoring removed orlov option [ 103.736518][ T7000] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1335'. [ 103.801310][ T7007] loop3: detected capacity change from 0 to 512 [ 103.861701][ T7014] IPv6: NLM_F_CREATE should be specified when creating new route [ 103.942241][ T7022] loop4: detected capacity change from 0 to 1024 [ 103.949953][ T7022] EXT4-fs: Ignoring removed orlov option [ 104.025160][ T7032] loop1: detected capacity change from 0 to 512 [ 104.036795][ T7032] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 104.048321][ T7032] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e09c, mo2=0002] [ 104.056560][ T7032] EXT4-fs (loop1): orphan cleanup on readonly fs [ 104.063019][ T7032] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1351: bad orphan inode 267 [ 104.208318][ T7016] lo speed is unknown, defaulting to 1000 [ 104.251559][ T7055] loop4: detected capacity change from 0 to 512 [ 104.324115][ T7057] loop2: detected capacity change from 0 to 8192 [ 104.356214][ T7057] loop2: p1 p2 p3 p4 [ 104.360822][ T7057] loop2: p2 start 151000334 is beyond EOD, truncated [ 104.367694][ T7057] loop2: p3 start 331777 is beyond EOD, truncated [ 104.374154][ T7057] loop2: p4 size 263168 extends beyond EOD, truncated [ 104.382557][ T7063] loop3: detected capacity change from 0 to 1024 [ 104.389470][ T7063] EXT4-fs: Ignoring removed orlov option [ 104.413396][ T7063] EXT4-fs mount: 30 callbacks suppressed [ 104.413415][ T7063] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.491313][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.493524][ T7122] FAULT_INJECTION: forcing a failure. [ 105.493524][ T7122] name failslab, interval 1, probability 0, space 0, times 0 [ 105.506343][ T7122] CPU: 1 UID: 0 PID: 7122 Comm: syz.0.1384 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 105.506383][ T7122] Tainted: [W]=WARN [ 105.506389][ T7122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 105.506402][ T7122] Call Trace: [ 105.506407][ T7122] [ 105.506417][ T7122] __dump_stack+0x1d/0x30 [ 105.506519][ T7122] dump_stack_lvl+0xe8/0x140 [ 105.506536][ T7122] dump_stack+0x15/0x1b [ 105.506550][ T7122] should_fail_ex+0x265/0x280 [ 105.506644][ T7122] should_failslab+0x8c/0xb0 [ 105.506666][ T7122] kmem_cache_alloc_noprof+0x50/0x310 [ 105.506730][ T7122] ? alloc_empty_file+0x76/0x200 [ 105.506758][ T7122] alloc_empty_file+0x76/0x200 [ 105.506877][ T7122] alloc_file_pseudo+0xc6/0x160 [ 105.506908][ T7122] anon_inode_getfd+0xc1/0x150 [ 105.506973][ T7122] bpf_map_new_fd+0x52/0x70 [ 105.506991][ T7122] map_create+0xc23/0xca0 [ 105.507015][ T7122] ? security_bpf+0x2b/0x90 [ 105.507114][ T7122] __sys_bpf+0x545/0x7b0 [ 105.507146][ T7122] __x64_sys_bpf+0x41/0x50 [ 105.507168][ T7122] x64_sys_call+0x2aea/0x2ff0 [ 105.507186][ T7122] do_syscall_64+0xd2/0x200 [ 105.507287][ T7122] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 105.507314][ T7122] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 105.507369][ T7122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.507389][ T7122] RIP: 0033:0x7fb1d5f1eec9 [ 105.507402][ T7122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.507417][ T7122] RSP: 002b:00007fb1d497f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 105.507480][ T7122] RAX: ffffffffffffffda RBX: 00007fb1d6175fa0 RCX: 00007fb1d5f1eec9 [ 105.507496][ T7122] RDX: 0000000000000048 RSI: 00002000000009c0 RDI: 0000000000000000 [ 105.507570][ T7122] RBP: 00007fb1d497f090 R08: 0000000000000000 R09: 0000000000000000 [ 105.507585][ T7122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.507598][ T7122] R13: 00007fb1d6176038 R14: 00007fb1d6175fa0 R15: 00007ffdca56ed28 [ 105.507619][ T7122] [ 105.805044][ T7132] loop0: detected capacity change from 0 to 1024 [ 105.812039][ T7132] EXT4-fs: Ignoring removed orlov option [ 105.829743][ T7132] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.856908][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.087219][ T7152] loop3: detected capacity change from 0 to 512 [ 106.093940][ T7152] EXT4-fs: Ignoring removed nomblk_io_submit option [ 106.101092][ T7152] EXT4-fs: Ignoring removed i_version option [ 106.112011][ T7152] EXT4-fs (loop3): 1 orphan inode deleted [ 106.112630][ T7154] vlan2: entered allmulticast mode [ 106.124777][ T7152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.171919][ T7158] loop0: detected capacity change from 0 to 512 [ 106.179152][ T7158] ext4: Unknown parameter 'fowner>00000000000000000000' [ 106.190105][ T7152] hub 8-0:1.0: USB hub found [ 106.194849][ T7152] hub 8-0:1.0: 8 ports detected [ 106.225806][ T7152] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7152 comm=syz.3.1394 [ 106.257885][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.280356][ T7162] FAULT_INJECTION: forcing a failure. [ 106.280356][ T7162] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 106.293803][ T7162] CPU: 0 UID: 0 PID: 7162 Comm: syz.1.1399 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 106.293901][ T7162] Tainted: [W]=WARN [ 106.293910][ T7162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 106.293927][ T7162] Call Trace: [ 106.293934][ T7162] [ 106.293941][ T7162] __dump_stack+0x1d/0x30 [ 106.294006][ T7162] dump_stack_lvl+0xe8/0x140 [ 106.294031][ T7162] dump_stack+0x15/0x1b [ 106.294053][ T7162] should_fail_ex+0x265/0x280 [ 106.294084][ T7162] should_fail+0xb/0x20 [ 106.294105][ T7162] should_fail_usercopy+0x1a/0x20 [ 106.294139][ T7162] _copy_to_user+0x20/0xa0 [ 106.294180][ T7162] simple_read_from_buffer+0xb5/0x130 [ 106.294211][ T7162] proc_fail_nth_read+0x10e/0x150 [ 106.294268][ T7162] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 106.294302][ T7162] vfs_read+0x1a5/0x770 [ 106.294336][ T7162] ? __rcu_read_unlock+0x4f/0x70 [ 106.294365][ T7162] ? __fget_files+0x184/0x1c0 [ 106.294438][ T7162] ksys_read+0xda/0x1a0 [ 106.294466][ T7162] __x64_sys_read+0x40/0x50 [ 106.294496][ T7162] x64_sys_call+0x27bc/0x2ff0 [ 106.294524][ T7162] do_syscall_64+0xd2/0x200 [ 106.294607][ T7162] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 106.294733][ T7162] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 106.294771][ T7162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.294795][ T7162] RIP: 0033:0x7f7f88b1d8dc [ 106.294811][ T7162] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 106.294905][ T7162] RSP: 002b:00007f7f87587030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 106.294926][ T7162] RAX: ffffffffffffffda RBX: 00007f7f88d75fa0 RCX: 00007f7f88b1d8dc [ 106.294942][ T7162] RDX: 000000000000000f RSI: 00007f7f875870a0 RDI: 0000000000000005 [ 106.294959][ T7162] RBP: 00007f7f87587090 R08: 0000000000000000 R09: 0000000000000000 [ 106.294975][ T7162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 106.294991][ T7162] R13: 00007f7f88d76038 R14: 00007f7f88d75fa0 R15: 00007ffff5c81c18 [ 106.295017][ T7162] [ 106.637228][ T7181] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.749643][ T7181] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.823390][ T7181] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.861059][ T7194] FAULT_INJECTION: forcing a failure. [ 106.861059][ T7194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 106.874645][ T7194] CPU: 1 UID: 0 PID: 7194 Comm: syz.0.1411 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 106.874675][ T7194] Tainted: [W]=WARN [ 106.874680][ T7194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 106.874720][ T7194] Call Trace: [ 106.874725][ T7194] [ 106.874731][ T7194] __dump_stack+0x1d/0x30 [ 106.874750][ T7194] dump_stack_lvl+0xe8/0x140 [ 106.874826][ T7194] dump_stack+0x15/0x1b [ 106.874843][ T7194] should_fail_ex+0x265/0x280 [ 106.874873][ T7194] should_fail+0xb/0x20 [ 106.874900][ T7194] should_fail_usercopy+0x1a/0x20 [ 106.874973][ T7194] _copy_from_user+0x1c/0xb0 [ 106.875015][ T7194] memdup_user_nul+0x5f/0xe0 [ 106.875055][ T7194] sel_commit_bools_write+0xd2/0x270 [ 106.875082][ T7194] vfs_writev+0x406/0x8b0 [ 106.875130][ T7194] ? __pfx_sel_commit_bools_write+0x10/0x10 [ 106.875163][ T7194] ? mutex_lock+0xd/0x30 [ 106.875186][ T7194] do_writev+0xe7/0x210 [ 106.875213][ T7194] __x64_sys_writev+0x45/0x50 [ 106.875261][ T7194] x64_sys_call+0x1e9a/0x2ff0 [ 106.875280][ T7194] do_syscall_64+0xd2/0x200 [ 106.875340][ T7194] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 106.875362][ T7194] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 106.875387][ T7194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.875469][ T7194] RIP: 0033:0x7fb1d5f1eec9 [ 106.875513][ T7194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.875528][ T7194] RSP: 002b:00007fb1d497f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 106.875544][ T7194] RAX: ffffffffffffffda RBX: 00007fb1d6175fa0 RCX: 00007fb1d5f1eec9 [ 106.875582][ T7194] RDX: 0000000000000002 RSI: 00002000000025c0 RDI: 0000000000000003 [ 106.875592][ T7194] RBP: 00007fb1d497f090 R08: 0000000000000000 R09: 0000000000000000 [ 106.875602][ T7194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 106.875612][ T7194] R13: 00007fb1d6176038 R14: 00007fb1d6175fa0 R15: 00007ffdca56ed28 [ 106.875685][ T7194] [ 107.106904][ T7181] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.184479][ T4525] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.206629][ T4525] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.220227][ T4525] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.228839][ T4525] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.248447][ T7200] bridge1: entered promiscuous mode [ 107.312009][ T7206] FAULT_INJECTION: forcing a failure. [ 107.312009][ T7206] name failslab, interval 1, probability 0, space 0, times 0 [ 107.324877][ T7206] CPU: 1 UID: 0 PID: 7206 Comm: syz.0.1416 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 107.324907][ T7206] Tainted: [W]=WARN [ 107.324912][ T7206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 107.324923][ T7206] Call Trace: [ 107.324929][ T7206] [ 107.324935][ T7206] __dump_stack+0x1d/0x30 [ 107.324988][ T7206] dump_stack_lvl+0xe8/0x140 [ 107.325015][ T7206] dump_stack+0x15/0x1b [ 107.325034][ T7206] should_fail_ex+0x265/0x280 [ 107.325061][ T7206] should_failslab+0x8c/0xb0 [ 107.325091][ T7206] kmem_cache_alloc_noprof+0x50/0x310 [ 107.325117][ T7206] ? audit_log_start+0x365/0x6c0 [ 107.325223][ T7206] audit_log_start+0x365/0x6c0 [ 107.325254][ T7206] audit_seccomp+0x48/0x100 [ 107.325393][ T7206] ? __seccomp_filter+0x68c/0x10d0 [ 107.325413][ T7206] __seccomp_filter+0x69d/0x10d0 [ 107.325434][ T7206] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 107.325460][ T7206] ? vfs_write+0x7e8/0x960 [ 107.325512][ T7206] ? __rcu_read_unlock+0x4f/0x70 [ 107.325533][ T7206] ? __fget_files+0x184/0x1c0 [ 107.325559][ T7206] __secure_computing+0x82/0x150 [ 107.325579][ T7206] syscall_trace_enter+0xcf/0x1e0 [ 107.325602][ T7206] do_syscall_64+0xac/0x200 [ 107.325673][ T7206] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 107.325702][ T7206] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 107.325740][ T7206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.325829][ T7206] RIP: 0033:0x7fb1d5f1eec9 [ 107.325849][ T7206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.325872][ T7206] RSP: 002b:00007fb1d497f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001f [ 107.325895][ T7206] RAX: ffffffffffffffda RBX: 00007fb1d6175fa0 RCX: 00007fb1d5f1eec9 [ 107.325907][ T7206] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 [ 107.325921][ T7206] RBP: 00007fb1d497f090 R08: 0000000000000000 R09: 0000000000000000 [ 107.325936][ T7206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.325951][ T7206] R13: 00007fb1d6176038 R14: 00007fb1d6175fa0 R15: 00007ffdca56ed28 [ 107.326008][ T7206] [ 107.539509][ T7206] audit_log_lost: 613 callbacks suppressed [ 107.539527][ T7206] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 107.553400][ T7206] audit: out of memory in audit_log_start [ 107.577582][ T29] audit: type=1326 audit(1759177393.643:6582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7205 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fb1d5f1d8dc code=0x7ffc0000 [ 107.600934][ T29] audit: type=1326 audit(1759177393.643:6583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7205 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb1d5f1d97f code=0x7ffc0000 [ 107.624305][ T29] audit: type=1326 audit(1759177393.643:6584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7205 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb1d5f1db2a code=0x7ffc0000 [ 107.647796][ T29] audit: type=1326 audit(1759177393.643:6585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7205 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 107.671389][ T29] audit: type=1326 audit(1759177393.643:6586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7205 comm="syz.0.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1d5f1eec9 code=0x7ffc0000 [ 107.720972][ T29] audit: type=1326 audit(1759177393.773:6587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7213 comm="syz.4.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 107.744772][ T29] audit: type=1326 audit(1759177393.773:6588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7213 comm="syz.4.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1539a8eec9 code=0x7ffc0000 [ 107.768489][ T29] audit: type=1400 audit(1759177393.773:6589): avc: denied { create } for pid=7213 comm="syz.4.1420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 108.160183][ T7236] loop4: detected capacity change from 0 to 1024 [ 108.217164][ T7236] EXT4-fs: Ignoring removed orlov option [ 108.312810][ T7236] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.531325][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.034527][ T7274] loop4: detected capacity change from 0 to 1024 [ 109.046103][ T7268] loop0: detected capacity change from 0 to 2048 [ 109.082901][ T7274] EXT4-fs: Ignoring removed orlov option [ 109.126716][ T7268] loop0: p1 p3 p4 [ 109.152151][ T7268] loop0: p4 size 589824 extends beyond EOD, truncated [ 109.165163][ T7274] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.254701][ T7282] loop1: detected capacity change from 0 to 1024 [ 109.275157][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.336751][ T7282] EXT4-fs: Ignoring removed orlov option [ 109.398671][ T7282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.680246][ T7297] loop4: detected capacity change from 0 to 128 [ 109.688709][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.803605][ T7313] loop0: detected capacity change from 0 to 1024 [ 109.810588][ T7313] EXT4-fs: Ignoring removed orlov option [ 109.829653][ T7313] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.911867][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.036579][ T7337] loop0: detected capacity change from 0 to 1024 [ 110.043422][ T7337] EXT4-fs: Ignoring removed orlov option [ 110.068535][ T7337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.103456][ T7350] loop2: detected capacity change from 0 to 1024 [ 110.110699][ T7350] EXT4-fs: Ignoring removed orlov option [ 110.129439][ T7350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.146916][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.235248][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.679711][ T7386] loop3: detected capacity change from 0 to 1024 [ 110.710774][ T7386] EXT4-fs: Ignoring removed orlov option [ 110.761925][ T7386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.981503][ T7400] loop1: detected capacity change from 0 to 1024 [ 111.023749][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.072601][ T7400] EXT4-fs: Ignoring removed orlov option [ 111.107600][ T7400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.159566][ T7411] loop2: detected capacity change from 0 to 2048 [ 111.215180][ T7411] loop2: p1 p3 p4 [ 111.256263][ T7411] loop2: p4 size 589824 extends beyond EOD, truncated [ 111.340661][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.403565][ T7425] loop1: detected capacity change from 0 to 1024 [ 111.419525][ T7425] EXT4-fs: Ignoring removed orlov option [ 111.448068][ T7425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.601708][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.617651][ T7435] loop0: detected capacity change from 0 to 512 [ 111.652044][ T7435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.680557][ T7435] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 111.772725][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.936343][ T7452] random: crng reseeded on system resumption [ 112.033807][ T7460] SELinux: policydb version -1881874469 does not match my version range 15-35 [ 112.076208][ T7460] SELinux: failed to load policy [ 112.297310][ T7485] __nla_validate_parse: 10 callbacks suppressed [ 112.297329][ T7485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1524'. [ 112.345693][ T7488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1526'. [ 112.389585][ T4570] ================================================================== [ 112.397962][ T4570] BUG: KCSAN: data-race in __bpf_get_stackid / __bpf_get_stackid [ 112.405839][ T4570] [ 112.408267][ T4570] write to 0xffff888109eeb67c of 4 bytes by task 7488 on cpu 0: [ 112.415908][ T4570] __bpf_get_stackid+0x77a/0x800 [ 112.420965][ T4570] bpf_get_stackid+0xee/0x120 [ 112.425672][ T4570] bpf_get_stackid_raw_tp+0xf6/0x120 [ 112.430978][ T4570] bpf_prog_e6fc920cfeff8120+0x2a/0x32 [ 112.436627][ T4570] bpf_trace_run2+0x107/0x1c0 [ 112.441413][ T4570] kfree+0x27b/0x320 [ 112.445344][ T4570] process_bpf_exit_full+0x2da/0x780 [ 112.450676][ T4570] do_check+0x484a/0x7a10 [ 112.455046][ T4570] do_check_common+0xc3a/0x12a0 [ 112.459936][ T4570] bpf_check+0x942b/0xd9e0 [ 112.464506][ T4570] bpf_prog_load+0xedd/0x1070 [ 112.469222][ T4570] __sys_bpf+0x462/0x7b0 [ 112.473583][ T4570] __x64_sys_bpf+0x41/0x50 [ 112.478029][ T4570] x64_sys_call+0x2aea/0x2ff0 [ 112.482740][ T4570] do_syscall_64+0xd2/0x200 [ 112.487280][ T4570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.493227][ T4570] [ 112.495649][ T4570] read to 0xffff888109eeb67c of 4 bytes by task 4570 on cpu 1: [ 112.503393][ T4570] __bpf_get_stackid+0x33a/0x800 [ 112.508448][ T4570] bpf_get_stackid+0xee/0x120 [ 112.513157][ T4570] bpf_get_stackid_raw_tp+0xf6/0x120 [ 112.518555][ T4570] bpf_prog_e6fc920cfeff8120+0x2a/0x32 [ 112.524027][ T4570] bpf_trace_run2+0x107/0x1c0 [ 112.528729][ T4570] kfree+0x27b/0x320 [ 112.532733][ T4570] drain_mem_cache+0x12f/0x300 [ 112.537514][ T4570] bpf_mem_alloc_destroy+0xe5/0x860 [ 112.542921][ T4570] trie_free+0xb8/0xd0 [ 112.547211][ T4570] bpf_map_free_deferred+0xcc/0x160 [ 112.552613][ T4570] process_scheduled_works+0x4ce/0x9d0 [ 112.558197][ T4570] worker_thread+0x582/0x770 [ 112.562912][ T4570] kthread+0x486/0x510 [ 112.567181][ T4570] ret_from_fork+0x11f/0x1b0 [ 112.571899][ T4570] ret_from_fork_asm+0x1a/0x30 [ 112.576950][ T4570] [ 112.579280][ T4570] value changed: 0x0000000d -> 0x0000000e [ 112.585112][ T4570] [ 112.587557][ T4570] Reported by Kernel Concurrency Sanitizer on: [ 112.593933][ T4570] CPU: 1 UID: 0 PID: 4570 Comm: kworker/u8:20 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 112.605922][ T4570] Tainted: [W]=WARN [ 112.609740][ T4570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 112.619920][ T4570] Workqueue: events_unbound bpf_map_free_deferred [ 112.626540][ T4570] ==================================================================