last executing test programs:

773.115217ms ago: executing program 3 (id=461):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video2', 0x2, 0x0)

750.980769ms ago: executing program 3 (id=468):
socket$inet_mptcp(0x2, 0x1, 0x106)

740.77946ms ago: executing program 3 (id=473):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/create', 0x2, 0x0)

722.776001ms ago: executing program 3 (id=478):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

706.484472ms ago: executing program 3 (id=485):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video1', 0x2, 0x0)

705.667993ms ago: executing program 3 (id=490):
pause()

528.808198ms ago: executing program 0 (id=539):
sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0)

528.181988ms ago: executing program 0 (id=544):
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)

510.497689ms ago: executing program 0 (id=552):
syz_open_dev$loop(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$loop(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$loop(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$loop(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$loop(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$loop(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$loop(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$loop(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$loop(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$loop(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$loop(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$loop(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$loop(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$loop(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$loop(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$loop(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$loop(&(0x7f0000000500), 0x4, 0x800)

495.90817ms ago: executing program 0 (id=558):
flock(0xffffffffffffffff, 0x0)

495.61695ms ago: executing program 0 (id=561):
socket$inet_sctp(0x2, 0x1, 0x84)

470.324292ms ago: executing program 0 (id=562):
rt_sigreturn()

399.933308ms ago: executing program 4 (id=594):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/member', 0x2, 0x0)

375.61131ms ago: executing program 4 (id=597):
get_thread_area(&(0x7f0000000000))

375.32265ms ago: executing program 1 (id=599):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb1', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb1', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb1', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb1', 0x800, 0x0)

375.02971ms ago: executing program 4 (id=601):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pmem0', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pmem0', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/pmem0', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pmem0', 0x800, 0x0)

374.93328ms ago: executing program 1 (id=602):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill', 0x800, 0x0)

374.84771ms ago: executing program 2 (id=603):
rmdir(&(0x7f0000000000))

348.052262ms ago: executing program 4 (id=604):
socket$nl_netfilter(0x10, 0x3, 0xc)

347.903752ms ago: executing program 2 (id=605):
setgroups(0x0, &(0x7f0000000000))

347.795882ms ago: executing program 2 (id=606):
set_robust_list(&(0x7f0000000000), 0x0)

347.742982ms ago: executing program 1 (id=607):
listxattr(&(0x7f0000000000), &(0x7f0000000000), 0x0)

347.690502ms ago: executing program 2 (id=608):
setpgid(0x0, 0x0)

347.644722ms ago: executing program 2 (id=609):
timer_create(0x0, &(0x7f0000000000), &(0x7f0000000000))

347.554652ms ago: executing program 4 (id=610):
mq_notify(0xffffffffffffffff, &(0x7f0000000000))

347.513412ms ago: executing program 1 (id=611):
move_mount(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffffff, &(0x7f0000000000), 0x0)

304.052836ms ago: executing program 2 (id=612):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0', 0x800, 0x0)

303.941115ms ago: executing program 1 (id=613):
socket$bt_hidp(0x1f, 0x3, 0x6)

183.755856ms ago: executing program 1 (id=615):
mmap(&(0x7efffffff000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000000)=nil, 0x1000000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0001000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)

0s ago: executing program 4 (id=614):
mmap(&(0x7efffffff000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000000)=nil, 0x1000000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0001000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

[   17.721123][   T29] audit: type=1400 audit(1723358824.091:81): avc:  denied  { read } for  pid=2942 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Warning: Permanently added '10.128.1.75' (ED25519) to the list of known hosts.
[   20.873709][   T29] audit: type=1400 audit(1723358827.251:82): avc:  denied  { mounton } for  pid=3247 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   20.874681][ T3247] cgroup: Unknown subsys name 'net'
[   20.896407][   T29] audit: type=1400 audit(1723358827.251:83): avc:  denied  { mount } for  pid=3247 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.923745][   T29] audit: type=1400 audit(1723358827.271:84): avc:  denied  { unmount } for  pid=3247 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.065098][ T3247] cgroup: Unknown subsys name 'rlimit'
[   21.187449][   T29] audit: type=1400 audit(1723358827.561:85): avc:  denied  { setattr } for  pid=3247 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.210794][   T29] audit: type=1400 audit(1723358827.561:86): avc:  denied  { create } for  pid=3247 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.231312][   T29] audit: type=1400 audit(1723358827.561:87): avc:  denied  { write } for  pid=3247 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.238848][ T3250] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   21.251676][   T29] audit: type=1400 audit(1723358827.561:88): avc:  denied  { read } for  pid=3247 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.280464][   T29] audit: type=1400 audit(1723358827.561:89): avc:  denied  { mounton } for  pid=3247 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   21.305228][   T29] audit: type=1400 audit(1723358827.561:90): avc:  denied  { mount } for  pid=3247 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   21.328672][   T29] audit: type=1400 audit(1723358827.631:91): avc:  denied  { relabelto } for  pid=3250 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.356784][ T3247] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   22.227405][ T3299] modprobe (3299) used greatest stack depth: 11720 bytes left
[   22.232733][ T3309] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   22.428819][ T3411] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   22.495343][ T3444] mmap: syz.2.176 (3444) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   23.159665][ T3758] syz.0.482 (3758) used greatest stack depth: 11368 bytes left
[   23.954616][ T3904] ==================================================================
[   23.962731][ T3904] BUG: KCSAN: data-race in generic_fillattr / inode_set_ctime_current
[   23.970892][ T3904] 
[   23.973210][ T3904] write to 0xffff888101253830 of 4 bytes by task 3800 on cpu 0:
[   23.980836][ T3904]  inode_set_ctime_current+0x35/0x50
[   23.986125][ T3904]  shmem_mknod+0x117/0x180
[   23.990538][ T3904]  shmem_create+0x34/0x40
[   23.994881][ T3904]  path_openat+0xdbc/0x1f10
[   23.999391][ T3904]  do_filp_open+0xf7/0x200
[   24.003808][ T3904]  do_sys_openat2+0xab/0x120
[   24.008392][ T3904]  __x64_sys_openat+0xf3/0x120
[   24.013157][ T3904]  x64_sys_call+0x1025/0x2d60
[   24.017841][ T3904]  do_syscall_64+0xc9/0x1c0
[   24.022356][ T3904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   24.028251][ T3904] 
[   24.030570][ T3904] read to 0xffff888101253830 of 4 bytes by task 3904 on cpu 1:
[   24.038108][ T3904]  generic_fillattr+0x1dd/0x2f0
[   24.042958][ T3904]  shmem_getattr+0x17b/0x200
[   24.047615][ T3904]  vfs_getattr+0x19b/0x1e0
[   24.052033][ T3904]  vfs_statx+0x134/0x2f0
[   24.056268][ T3904]  vfs_fstatat+0xec/0x110
[   24.060593][ T3904]  __se_sys_newfstatat+0x58/0x260
[   24.065625][ T3904]  __x64_sys_newfstatat+0x55/0x70
[   24.070655][ T3904]  x64_sys_call+0x141f/0x2d60
[   24.075333][ T3904]  do_syscall_64+0xc9/0x1c0
[   24.079844][ T3904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   24.085747][ T3904] 
[   24.088067][ T3904] value changed: 0x13210f8e -> 0x13b9a60e
[   24.093774][ T3904] 
[   24.096083][ T3904] Reported by Kernel Concurrency Sanitizer on:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   24.102226][ T3904] CPU: 1 UID: 0 PID: 3904 Comm: udevd Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0
[   24.112471][ T3904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   24.122537][ T3904] ==================================================================
[   24.494686][   T55] bond0 (unregistering): Released all slaves