last executing test programs: 1m7.387824034s ago: executing program 4 (id=3240): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) 1m7.036672199s ago: executing program 4 (id=3250): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r0}, 0x18) r1 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106) recvmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100) 1m6.962786496s ago: executing program 4 (id=3252): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000180)="14d576ea", 0x4}], 0x1) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r2, 0x0) 1m6.851350978s ago: executing program 4 (id=3256): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0xb101e, 0x0) mount$nfs4(0x0, &(0x7f0000000540)='./file0/file0\x00', 0x0, 0x20000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x2125099, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x89901) 1m6.794155923s ago: executing program 4 (id=3258): r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8) 1m6.339995138s ago: executing program 4 (id=3283): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x18d6, &(0x7f0000000440)={0x0, 0x5352, 0x80, 0x2000, 0xfffffffc}, &(0x7f0000ffe000), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r2, 0x2, &(0x7f0000000180), 0xfe) 1m6.288680983s ago: executing program 32 (id=3283): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x18d6, &(0x7f0000000440)={0x0, 0x5352, 0x80, 0x2000, 0xfffffffc}, &(0x7f0000ffe000), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r2, 0x2, &(0x7f0000000180), 0xfe) 42.688650532s ago: executing program 5 (id=4611): r0 = fsopen(&(0x7f0000000240)='gadgetfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x87) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r2, 0xfffffffffffffffd, 0x58) 42.661190045s ago: executing program 5 (id=4612): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r0, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2, 0x0, 0x8}, 0x18) sendmsg$inet6(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000600)="e5f1fddfe175759743a2d6055bef6ad67f4806ff6a", 0x15}], 0x1}, 0x20000044) 42.660684595s ago: executing program 5 (id=4614): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) getresuid(&(0x7f0000000080), &(0x7f00000002c0), &(0x7f0000000300)) 42.604836451s ago: executing program 5 (id=4616): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b) creat(&(0x7f0000000380)='./bus\x00', 0x4) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40403, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x402, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4, 0x5]}) 42.459994595s ago: executing program 5 (id=4627): socket$packet(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x13) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffff5a, &(0x7f0000000200)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 42.341239947s ago: executing program 5 (id=4632): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000540)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain) add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, r2) 42.328851358s ago: executing program 33 (id=4632): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000540)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain) add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, r2) 10.175047127s ago: executing program 1 (id=6347): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x28, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3ff, 0x4}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x0) write$tun(r0, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x1400, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef) 10.078749207s ago: executing program 1 (id=6352): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x1e}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000040000000400000004"], 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0xc, 0x42, 0x40, 0x42}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1f, 0x17, &(0x7f0000000080)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x5, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xb8}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x56, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000400)={r3, r2}, 0xc) 10.036094651s ago: executing program 1 (id=6356): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0) 9.968806787s ago: executing program 1 (id=6360): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==") creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) 9.887428895s ago: executing program 1 (id=6368): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='sched_kthread_work_queue_work\x00', r1}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) 9.690999675s ago: executing program 1 (id=6376): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000007240)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x6, @mcast2, 0x7}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f00000012c0)="1ce02c7a", 0xfe60}], 0x1}}, {{0x0, 0x0, &(0x7f0000000000), 0x1}}], 0x3, 0x1c000) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) sendto$inet(r0, &(0x7f0000000400)="8dbaad2e57f9ece64a37949bb34286aa172dd1ebd9dabceb72cdeb153d17ae948f170f0024f64334d517b7eb233eeb3ae31f5bb0ee383981fbd22837c679e7ef6aeaf42915db74c51a520673b32461", 0x4f, 0x880, 0x0, 0x0) 9.673837366s ago: executing program 34 (id=6376): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) r1 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000007240)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x6, @mcast2, 0x7}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f00000012c0)="1ce02c7a", 0xfe60}], 0x1}}, {{0x0, 0x0, &(0x7f0000000000), 0x1}}], 0x3, 0x1c000) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) sendto$inet(r0, &(0x7f0000000400)="8dbaad2e57f9ece64a37949bb34286aa172dd1ebd9dabceb72cdeb153d17ae948f170f0024f64334d517b7eb233eeb3ae31f5bb0ee383981fbd22837c679e7ef6aeaf42915db74c51a520673b32461", 0x4f, 0x880, 0x0, 0x0) 6.01749665s ago: executing program 7 (id=6379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) readahead(r2, 0x0, 0x0) 5.039399978s ago: executing program 7 (id=6379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) readahead(r2, 0x0, 0x0) 3.835579248s ago: executing program 7 (id=6379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) readahead(r2, 0x0, 0x0) 2.751627126s ago: executing program 7 (id=6379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) readahead(r2, 0x0, 0x0) 1.620791418s ago: executing program 6 (id=6524): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x3, 0x0, 0x7ffc1ffb}]}) process_mrelease(0xffffffffffffffff, 0x0) 1.513161169s ago: executing program 6 (id=6529): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) timer_create(0x0, 0x0, &(0x7f0000000000)) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10) timer_settime(0x0, 0x1, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 1.512608879s ago: executing program 6 (id=6531): perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2b, 0x1, 0x0) close(r0) r1 = socket$kcm(0xa, 0x2, 0x73) sendmsg$inet(r1, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x8, &(0x7f0000001d00)=ANY=[@ANYBLOB="1400000000000000010000002500000002010000000000004800000000000000080000000797dbc64107b42c556567f2219787566400007300000000000000000000000008000000ef3820f3439cb150a3651e799ef4dca1e3c32158996e4b2abde5f2ba8b679121ac0b0ad62ade31fb2c47f0bbf781eb8bd1e3064141e90e9eac25b189c0da98b676571bbeefba392c3e15a10e03dee4ae1dfe99793e51ec0c6bb5fa6d7b357d249502f5919ef251e5d0e5bed378265b8bd55fde4689cb509b14fa754813a27e72d175e8d677420e10d65108006e2ab8168b1d633b1bb9a7d4d59ebdc7083d93d35cd469deb0d81d7adee2ef7c2f058c2c262b97ecbfb32fe3e3ffcdf7b5c24d0ab0a7ae9e6be6c115c5663dd864d655a7babdcf8315dc29b6f18539abf1422502d7d53ce861d8a07dbb00c5a94e0186689f988628a0986d8f0419924348a32be8950099b4718e6109b9eed9e5b3e8ff86d22cf39479b26cc3e977df19f757432bf055090461", @ANYRES32=0x0, @ANYBLOB="e1212f0409000000e70bcf35ac837225dd355ad309a5ec6096633ba38e1ef5baf006020e5f45c993cb5680017c6720bea9b7c451516a8cff7f00000000000019f20b784b2336d43c8a0f7347801a596dfb0b078a967980ccec1d115c7a0000000000000000000000fed6260fdf140498f1274bc569d0d87656d0d18d903580f0ec0915e89bd286b2c25165043f6a001d53f84eaabf01cc310ff28c7c76867ce1a2c9c91b1db7295614e2a4f8711ec37ae999180cb5bbb9c5382120076e117539d423a2ec0f468db35960831f5f883472327697495b8e8ba8e2f3defbe93e1fc733b06dfc74890a3f63b154e9681d69cdd9894c914ee45c286462888ff84e401a6d8895ffda88a171b7359f815d7b6f7562fba1bbff4cba08f7a3f582d7c604013317281c5e9a8e88b66a4717b3c318f85aecbe8b5f3485f8d31bf5a57b9dd53b382ec017a33d1fabe09daf76b3b0"], 0x6b}, 0x0) close(r0) 1.468105283s ago: executing program 6 (id=6534): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18) sendmmsg$inet(r0, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000002640)="ef0ba606342672dabc", 0x9}], 0x1}}], 0x1, 0x20000010) recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0) 1.435101437s ago: executing program 2 (id=6536): setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000140)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x5, 0x0, &(0x7f0000000040)=0x1) 1.431671587s ago: executing program 3 (id=6537): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x100}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) fsync(r1) 1.368583484s ago: executing program 2 (id=6538): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x2a, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) statx(0xffffffffffffffff, &(0x7f0000000c80)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', 0x6000, 0x10, 0x0) 1.368315344s ago: executing program 7 (id=6379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) readahead(r2, 0x0, 0x0) 1.367856444s ago: executing program 3 (id=6540): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r2, &(0x7f0000000200)={0x27}, 0x6) 1.367678323s ago: executing program 2 (id=6541): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10) sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040016000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0) 274.175712ms ago: executing program 0 (id=6542): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000200)=0x8, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\re5', 0x14, 0x6, 0x0, @empty, @local, {[], {{0x4e24, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0) 273.826942ms ago: executing program 2 (id=6543): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) 273.564612ms ago: executing program 3 (id=6544): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e) renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0) 273.384882ms ago: executing program 6 (id=6545): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0x8) fcntl$setlease(r1, 0x400, 0x0) close(r1) 230.445587ms ago: executing program 0 (id=6546): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000800), 0x2000, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000840)={{0x1, 0x1, 0x1018}, './file1\x00'}) 230.169047ms ago: executing program 3 (id=6547): r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'hsr0\x00', 0x4}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000003c0)={0x1, 'batadv_slave_0\x00', 0x2}, 0x18) 229.966627ms ago: executing program 6 (id=6548): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd3a, 0x0, 0x0, 0x0, 0x100}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid}]}}) 179.989822ms ago: executing program 2 (id=6549): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a9c000000060a010400000000000000000a0000010900010073797a31000000005c000480580001800b0001007461726765740000480002802c0003009ac420002e2e00b9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000240000000000e00010049444c4554494d45520000000900020073797a32"], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) 135.382826ms ago: executing program 3 (id=6550): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 135.005026ms ago: executing program 0 (id=6551): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0) 67.881613ms ago: executing program 3 (id=6552): socket$nl_route(0x10, 0x3, 0x0) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x2c, r0, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 59.640134ms ago: executing program 0 (id=6553): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xeb, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='signal_generate\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='signal_generate\x00', r1}, 0x18) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 660.75µs ago: executing program 0 (id=6554): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='rss_stat\x00', r1, 0x0, 0x6}, 0x18) r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0) mount_setattr(0xffffffffffffff9c, 0x0, 0x8000, &(0x7f0000001dc0)={0xb, 0x0, 0x100000}, 0x20) 209.489µs ago: executing program 2 (id=6555): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 78.379µs ago: executing program 7 (id=6379): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) readahead(r2, 0x0, 0x0) 0s ago: executing program 0 (id=6556): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000010c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e3, &(0x7f0000001340)="$eJzs3c9vVNUeAPDvnf6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJo45k7vLZ32TkunP27hfj7J0HPPmdtzLtNvz5nTc+4EUFmD6T+1iP0RMZ1E9Cfzi2WdkRUOLjzvwZ8fnU0fSdTrr/2eRJLl5c9Psq992ck9EfHjD0ns61hZ78zctYvjU1OTV7Pj4dlL08Mzc9cOX7g0fn7y/OTl0RdGTxw/dvzEyJG2rut6Qd7pm+++3//J2JvffPVXMvLtL2NJnIyXsycuvY7NMhiDjf+TZGVR34nNrqwkHdnPydKXOOkssUGsS/76dUXE/6I/OuLhi9cfH79SauOALVVPIupARSXiHyoqHwfk7+2Xvw+ulTIqAbbD/VMLEwAr479zYW4wehpzA7sfJLF0WieJiPZm5prtiYi7d8ZunrszdjO2aB4OKDZ/IyL+XxT/SSP+B6InBhrxX2uK/3RccCb7mua/2mb9y6eKxT9sn4X471k1/qNF/L+1JP7fbrP+wYfJd3qb4r+33UsCAAAAAACAyrp9KiKeL/r7f21x/U8UrP/pi4iTm1D/4LLjlX//r93bhGqAAvdPRbxUuP63lq/+HejIUv9qrAfoSs5dmJo8EhH/johD0bUrPR5ZpY7Dn+77slXZYLb+L3+k9d/N1gJm7bjXuav5nInx2fGNXjcQcf9GxFOF63+Txf4/Kej/098H049Yx75nb51pVbZ2/ANbpf51xMHC/v/hXSuS1e/PMdwYDwzno4KVnv7ws+9a1d9u/LvFBGxc2v/vXj3+B5Kl9+uZWX8dR+c6663K2h3/dyevN245053lfTA+O3t1JKI7Od2R5jblj66/zfAkyuMhj5c0/g89s/r8X9H4vzci5pd97+SP5j3Fuf/+3fdrq/YY/0N50vifWFf/v/7E6K2B71vV/2j9/7FGX38oyzH/Bwu+yMO0uzm/IBw7i4q2u70AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CSoRcSeSGpDi+labWgooi8i/hO7a1NXZmafO3flvcsTaVnj8/9r+Sf99i8cJ/nn/w8sOR5ddnw0IvZGxOcdvY3jobNXpibKvngAAAAAAAAAAAAAAAAAAADYIfpa7P9P/dZRduuALddZdgOA0hTE/09ltAPYfvp/qC7xD9Ul/qG6xD9Ul/iH6hL/UF3iH6pL/AMAAAAAwBNl74HbPycRMf9ib+OR6s7KukptGbDVamU3ACiNW/xAdVn6A9XlPT6QrFHe0/Kktc5czfTZDZwMAAAAAAAAAAAAAJVzcL/9/1BV9v9Dddn/D9WV7/8/UHI7gO3nPT4Qa+zkL9z/v+ZZAAAAAAAAAAAAAMBmmpm7dnF8amry6uOf6I6NfZ83dsRVbGuiXq9fT38Kdkp7HvNEvhR+p7RnWSLf6/doZ5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//8BUj8w==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) kernel console output (not intermixed with test programs): 3.636846][ T29] audit: type=1400 audit(1763409615.255:3266): avc: denied { read write } for pid=9938 comm="syz.2.2823" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 93.660416][ T29] audit: type=1400 audit(1763409615.255:3267): avc: denied { open } for pid=9938 comm="syz.2.2823" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 93.684162][ T9937] netlink: 'syz.1.2820': attribute type 22 has an invalid length. [ 93.692082][ T9937] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2820'. [ 93.732569][ T9943] atomic_op ffff888123004128 conn xmit_atomic 0000000000000000 [ 93.780814][ T29] audit: type=1326 audit(1763409615.405:3268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9948 comm="syz.0.2828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 93.804290][ T29] audit: type=1326 audit(1763409615.405:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9948 comm="syz.0.2828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 93.831354][ T29] audit: type=1326 audit(1763409615.455:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9948 comm="syz.0.2828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 94.012196][ T9972] vhci_hcd: invalid port number 96 [ 94.017341][ T9972] vhci_hcd: default hub control req: 2000 vfffc i0060 l7 [ 94.028100][ T9977] loop9: detected capacity change from 0 to 7 [ 94.035062][ T9977] Buffer I/O error on dev loop9, logical block 0, async page read [ 94.036349][ T9978] atomic_op ffff888123005d28 conn xmit_atomic 0000000000000000 [ 94.051176][ T9977] Buffer I/O error on dev loop9, logical block 0, async page read [ 94.058990][ T9977] loop9: unable to read partition table [ 94.068390][ T9977] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 94.068390][ T9977] ) failed (rc=-5) [ 94.330089][T10014] netdevsim netdevsim0: Direct firmware load for $ failed with error -2 [ 94.375451][T10018] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10018 comm=syz.1.2856 [ 94.433709][T10020] netlink: 'syz.0.2857': attribute type 1 has an invalid length. [ 94.441584][T10020] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2857'. [ 94.658800][T10043] vlan2: entered allmulticast mode [ 95.063197][T10070] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2880'. [ 95.150100][T10084] atomic_op ffff888121f1a528 conn xmit_atomic 0000000000000000 [ 95.183081][T10086] serio: Serial port ttyS3 [ 95.518589][T10129] netlink: 'syz.4.2904': attribute type 22 has an invalid length. [ 95.526487][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2904'. [ 95.541598][T10129] netlink: 'syz.4.2904': attribute type 22 has an invalid length. [ 95.861151][T10156] vhci_hcd: invalid port number 96 [ 95.866287][T10156] vhci_hcd: default hub control req: 2000 vfffc i0060 l7 [ 95.893997][T10155] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.901270][T10155] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.037242][T10155] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.065644][T10155] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.136821][T10155] bond0: left promiscuous mode [ 96.141687][T10155] bond_slave_0: left promiscuous mode [ 96.147147][T10155] bond_slave_1: left promiscuous mode [ 96.168999][T10181] loop9: detected capacity change from 0 to 7 [ 96.184517][T10181] Buffer I/O error on dev loop9, logical block 0, async page read [ 96.200435][ T9266] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 2816 - 0 [ 96.209371][ T9266] netdevsim netdevsim1 netdevsim0: unset [0, 1] type 1 family 0 port 8472 - 0 [ 96.218270][ T9266] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.234495][T10181] Buffer I/O error on dev loop9, logical block 0, async page read [ 96.242438][T10181] loop9: unable to read partition table [ 96.270044][T10181] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 96.270044][T10181] ) failed (rc=-5) [ 96.285365][ T9266] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 2816 - 0 [ 96.294367][ T9266] netdevsim netdevsim1 netdevsim1: unset [0, 1] type 1 family 0 port 8472 - 0 [ 96.303309][ T9266] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.336106][ T9266] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 2816 - 0 [ 96.345068][ T9266] netdevsim netdevsim1 netdevsim2: unset [0, 1] type 1 family 0 port 8472 - 0 [ 96.354305][ T9266] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.376206][ T9266] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 2816 - 0 [ 96.385214][ T9266] netdevsim netdevsim1 netdevsim3: unset [0, 1] type 1 family 0 port 8472 - 0 [ 96.394111][ T9266] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.504030][T10192] vhci_hcd: invalid port number 96 [ 96.509179][T10192] vhci_hcd: default hub control req: 2000 vfffc i0060 l7 [ 96.606472][T10199] netlink: 'syz.2.2937': attribute type 1 has an invalid length. [ 96.847794][ T9253] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 96.963135][T10252] loop9: detected capacity change from 0 to 7 [ 96.996247][T10252] Buffer I/O error on dev loop9, logical block 0, async page read [ 97.011974][T10252] Buffer I/O error on dev loop9, logical block 0, async page read [ 97.019833][T10252] loop9: unable to read partition table [ 97.027079][T10252] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 97.027079][T10252] ) failed (rc=-5) [ 97.167580][T10267] netlink: 'syz.2.2965': attribute type 10 has an invalid length. [ 97.218923][T10272] netlink: 'syz.2.2965': attribute type 10 has an invalid length. [ 97.229618][T10267] team0: Port device dummy0 added [ 97.237319][T10272] team0: Port device dummy0 removed [ 97.256751][T10272] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 97.324013][T10289] __nla_validate_parse: 4 callbacks suppressed [ 97.324026][T10289] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2975'. [ 97.359725][T10289] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 97.370869][T10289] bond1: (slave wireguard0): Error -95 calling set_mac_address [ 97.457260][T10303] 9pnet_fd: Insufficient options for proto=fd [ 97.814559][T10342] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2999'. [ 97.957756][T10367] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3011'. [ 97.991609][T10367] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 98.009021][T10367] bond1: (slave wireguard0): Error -95 calling set_mac_address [ 98.050915][T10381] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3017'. [ 98.108420][T10395] netlink: 'syz.4.3022': attribute type 10 has an invalid length. [ 98.130378][T10395] team0: Port device dummy0 added [ 98.139172][T10395] netlink: 'syz.4.3022': attribute type 10 has an invalid length. [ 98.157224][T10395] team0: Port device dummy0 removed [ 98.172528][T10395] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 98.188431][T10400] lo speed is unknown, defaulting to 1000 [ 98.210542][T10400] lo speed is unknown, defaulting to 1000 [ 98.216551][T10400] lo speed is unknown, defaulting to 1000 [ 98.243668][T10400] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 98.251490][T10400] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -2 [ 98.259329][T10414] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3032'. [ 98.275874][T10400] lo speed is unknown, defaulting to 1000 [ 98.282019][T10400] lo speed is unknown, defaulting to 1000 [ 98.288140][T10400] lo speed is unknown, defaulting to 1000 [ 98.308326][T10400] lo speed is unknown, defaulting to 1000 [ 98.315874][T10400] lo speed is unknown, defaulting to 1000 [ 98.359589][T10432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3036'. [ 98.406223][T10432] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 98.468085][T10432] bond1: (slave wireguard0): Error -95 calling set_mac_address [ 98.631263][ T29] kauditd_printk_skb: 277 callbacks suppressed [ 98.631275][ T29] audit: type=1326 audit(1763409620.255:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10462 comm="syz.0.3053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 98.668306][T10457] SELinux: failed to load policy [ 98.755352][ T29] audit: type=1326 audit(1763409620.285:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10462 comm="syz.0.3053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 98.778870][ T29] audit: type=1326 audit(1763409620.285:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10462 comm="syz.0.3053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 98.802403][ T29] audit: type=1326 audit(1763409620.285:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10462 comm="syz.0.3053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 98.825941][ T29] audit: type=1400 audit(1763409620.285:3552): avc: denied { load_policy } for pid=10456 comm="syz.4.3051" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 98.846278][ T29] audit: type=1326 audit(1763409620.345:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10462 comm="syz.0.3053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 98.869749][ T29] audit: type=1400 audit(1763409620.345:3554): avc: denied { prog_load } for pid=10462 comm="syz.0.3053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 98.888876][ T29] audit: type=1400 audit(1763409620.345:3555): avc: denied { bpf } for pid=10462 comm="syz.0.3053" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 98.909586][ T29] audit: type=1400 audit(1763409620.345:3556): avc: denied { perfmon } for pid=10462 comm="syz.0.3053" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 98.930571][ T29] audit: type=1400 audit(1763409620.345:3557): avc: denied { prog_run } for pid=10462 comm="syz.0.3053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 98.952692][T10478] netlink: 168 bytes leftover after parsing attributes in process `syz.2.3060'. [ 98.961800][T10478] tipc: Started in network mode [ 98.966744][T10478] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711 [ 98.975638][T10478] tipc: Enabling of bearer rejected, failed to enable media [ 98.984066][T10472] vhci_hcd: invalid port number 121 [ 98.989289][T10472] vhci_hcd: default hub control req: 4000 v0051 i0079 l0 [ 99.109968][T10502] smc: net device bond0 applied user defined pnetid SYZ0 [ 99.118418][T10502] smc: net device bond0 erased user defined pnetid SYZ0 [ 99.213947][T10520] siw: device registration error -23 [ 99.268824][T10522] SELinux: failed to load policy [ 99.348445][T10534] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 99.374843][T10536] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3088'. [ 99.383888][T10536] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3088'. [ 100.178832][T10581] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3109'. [ 100.353864][T10596] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 100.634791][T10618] netlink: 'syz.0.3127': attribute type 27 has an invalid length. [ 100.665026][T10618] ip6gre1: left allmulticast mode [ 100.670193][T10618] bridge1: left promiscuous mode [ 101.652550][T10700] tipc: Started in network mode [ 101.657441][T10700] tipc: Node identity ac14140f, cluster identity 4711 [ 101.677098][T10700] tipc: Enabling of bearer rejected, failed to enable media [ 101.734245][T10708] xt_l2tp: wrong L2TP version: 1 [ 101.970704][T10738] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 101.978916][T10738] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 102.047211][T10750] program syz.0.3188 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 102.058807][T10746] team0: Caught tx_queue_len zero misconfig [ 102.185835][T10762] SELinux: failed to load policy [ 102.351267][T10790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.363504][T10790] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 102.943114][ T36] hid_parser_main: 28 callbacks suppressed [ 102.943132][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 102.956458][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 102.963884][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 102.971307][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 102.978677][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 102.986149][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 102.993560][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 103.001194][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 103.008702][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 103.016153][ T36] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 103.056686][ T36] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [sy] on syz0 [ 103.471262][T10859] macvtap0: refused to change device tx_queue_len [ 103.743880][ T29] kauditd_printk_skb: 554 callbacks suppressed [ 103.743894][ T29] audit: type=1400 audit(1763409625.365:4112): avc: denied { create } for pid=10880 comm="syz.0.3248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 103.771115][ T29] audit: type=1400 audit(1763409625.385:4113): avc: denied { setopt } for pid=10880 comm="syz.0.3248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 103.836181][ T29] audit: type=1400 audit(1763409625.445:4114): avc: denied { create } for pid=10884 comm="syz.4.3250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 103.855947][ T29] audit: type=1400 audit(1763409625.445:4115): avc: denied { write } for pid=10884 comm="syz.4.3250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 103.875575][ T29] audit: type=1400 audit(1763409625.445:4116): avc: denied { read } for pid=10884 comm="syz.4.3250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 103.912306][ T29] audit: type=1400 audit(1763409625.535:4117): avc: denied { create } for pid=10882 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 103.931549][ T29] audit: type=1400 audit(1763409625.535:4118): avc: denied { setopt } for pid=10882 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 104.005497][ T29] audit: type=1400 audit(1763409625.625:4119): avc: denied { mounton } for pid=10896 comm="syz.4.3256" path="/663/file0" dev="tmpfs" ino=3419 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 104.044477][ T29] audit: type=1400 audit(1763409625.665:4120): avc: denied { unmount } for pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 104.076541][ T29] audit: type=1400 audit(1763409625.685:4121): avc: denied { ioctl } for pid=10900 comm="syz.1.3259" path="socket:[27648]" dev="sockfs" ino=27648 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 104.352462][T10938] __nla_validate_parse: 8 callbacks suppressed [ 104.352479][T10938] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3277'. [ 104.395948][T10938] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3277'. [ 104.693298][ T9243] bridge_slave_1: left allmulticast mode [ 104.699122][ T9243] bridge_slave_1: left promiscuous mode [ 104.704897][ T9243] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.733355][ T9243] bridge_slave_0: left allmulticast mode [ 104.739023][ T9243] bridge_slave_0: left promiscuous mode [ 104.744833][ T9243] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.934551][ T9243] bridge0 (unregistering): left allmulticast mode [ 105.008243][ T9243] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 105.023214][ T9243] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 105.035943][ T9243] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 105.057972][ T9243] bond0 (unregistering): Released all slaves [ 105.072397][T10997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3303'. [ 105.075435][ T9243] bond1 (unregistering): Released all slaves [ 105.095154][T10997] hsr_slave_1 (unregistering): left promiscuous mode [ 105.120180][T10961] Failed to initialize the IGMP autojoin socket (err -2) [ 105.180063][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3306'. [ 105.211654][ T9243] hsr_slave_0: left promiscuous mode [ 105.217925][ T9243] hsr_slave_1: left promiscuous mode [ 105.223679][ T9243] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.247070][T11016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.250672][ T9243] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.255633][T11016] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.271501][ T9243] pim6reg (unregistering): left allmulticast mode [ 105.305233][ T9243] team0 (unregistering): Port device team_slave_1 removed [ 105.315735][ T9243] team0 (unregistering): Port device team_slave_0 removed [ 105.324728][ T9266] smc: removing ib device syz! [ 105.355470][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3306'. [ 105.402791][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3306'. [ 105.420741][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3306'. [ 105.429660][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3306'. [ 105.484567][T10961] chnl_net:caif_netlink_parms(): no params data found [ 105.556719][T10961] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.563835][T10961] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.577366][T10961] bridge_slave_0: entered allmulticast mode [ 105.584122][T10961] bridge_slave_0: entered promiscuous mode [ 105.594472][T11040] netlink: 'syz.2.3321': attribute type 13 has an invalid length. [ 105.602489][T11040] netlink: 'syz.2.3321': attribute type 13 has an invalid length. [ 105.610655][T10961] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.617715][T10961] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.624992][T10961] bridge_slave_1: entered allmulticast mode [ 105.631819][T10961] bridge_slave_1: entered promiscuous mode [ 105.664716][ T9243] IPVS: stop unused estimator thread 0... [ 105.675325][T10961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.697268][T10961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.725217][T10961] team0: Port device team_slave_0 added [ 105.733703][T10961] team0: Port device team_slave_1 added [ 105.750500][T10961] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.757678][T10961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.783678][T10961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.794994][T10961] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.802002][T10961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.827941][T10961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.839290][T11055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3326'. [ 105.868981][T10961] hsr_slave_0: entered promiscuous mode [ 105.879085][T10961] hsr_slave_1: entered promiscuous mode [ 105.975118][T10961] netdevsim netdevsim5 netdevsim0: renamed from eth5 [ 105.986275][T10961] netdevsim netdevsim5 netdevsim1: renamed from eth6 [ 106.006069][T10961] netdevsim netdevsim5 netdevsim2: renamed from eth7 [ 106.016607][T10961] netdevsim netdevsim5 netdevsim3: renamed from eth8 [ 106.089195][T11089] block device autoloading is deprecated and will be removed. [ 106.130810][T10961] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.162693][ T9266] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.169821][ T9266] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.186527][ T9266] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.193610][ T9266] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.327314][T10961] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.527796][T10961] veth0_vlan: entered promiscuous mode [ 106.536278][T10961] veth1_vlan: entered promiscuous mode [ 106.577151][T10961] veth0_macvtap: entered promiscuous mode [ 106.587172][T10961] veth1_macvtap: entered promiscuous mode [ 106.623228][T10961] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.660784][T10961] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.668304][T11148] netlink: 'syz.0.3356': attribute type 14 has an invalid length. [ 106.676209][T11148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3356'. [ 106.700497][T11148] netlink: 'syz.0.3356': attribute type 14 has an invalid length. [ 106.722809][T10961] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 106.759574][ T9243] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.768153][ T9243] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.777334][T10961] wireguard: wg0: Could not create IPv4 socket [ 106.784950][T10961] wireguard: wg1: Could not create IPv4 socket [ 106.794426][ T9243] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.806688][T10961] wireguard: wg2: Could not create IPv4 socket [ 106.813406][ T9243] netdevsim netdevsim4 eth4: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.830813][ T9243] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.856190][ T9243] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.874329][ T9243] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.892449][ T9243] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.525783][T11246] netem: incorrect gi model size [ 107.530868][T11246] netem: change failed [ 107.979014][T11304] wireguard: wg0: Could not create IPv4 socket [ 108.220473][T11355] ALSA: seq fatal error: cannot create timer (-19) [ 108.256300][T11363] block device autoloading is deprecated and will be removed. [ 108.378686][T11387] loop9: detected capacity change from 0 to 7 [ 108.387394][T11387] Buffer I/O error on dev loop9, logical block 0, async page read [ 108.398364][T11387] Buffer I/O error on dev loop9, logical block 0, async page read [ 108.406292][T11387] loop9: unable to read partition table [ 108.412962][T11354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 108.422353][T11354] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 108.434636][T11387] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 108.434636][T11387] ) failed (rc=-5) [ 108.517412][T11401] loop2: detected capacity change from 0 to 512 [ 108.527148][T11401] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 108.550715][T11401] EXT4-fs (loop2): 1 truncate cleaned up [ 108.557803][T11401] EXT4-fs mount: 30 callbacks suppressed [ 108.557887][T11401] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.589391][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.647973][T11426] netlink: 'syz.5.3480': attribute type 6 has an invalid length. [ 108.681648][T11432] $H: renamed from bond0 [ 108.687893][T11432] $H: entered promiscuous mode [ 108.692993][T11432] bond_slave_0: entered promiscuous mode [ 108.698718][T11432] bond_slave_1: entered promiscuous mode [ 108.787404][ T29] kauditd_printk_skb: 317 callbacks suppressed [ 108.787420][ T29] audit: type=1400 audit(1763409630.405:4439): avc: denied { create } for pid=11447 comm="syz.2.3491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 108.841349][ T29] audit: type=1326 audit(1763409630.435:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 108.864871][ T29] audit: type=1326 audit(1763409630.435:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 108.888407][ T29] audit: type=1326 audit(1763409630.435:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 108.911924][ T29] audit: type=1326 audit(1763409630.435:4443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 108.935425][ T29] audit: type=1326 audit(1763409630.435:4444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 108.958979][ T29] audit: type=1326 audit(1763409630.435:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 108.982495][ T29] audit: type=1326 audit(1763409630.435:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 109.006063][ T29] audit: type=1326 audit(1763409630.435:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 109.029607][ T29] audit: type=1326 audit(1763409630.435:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11451 comm="syz.0.3493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 109.122324][T11463] loop2: detected capacity change from 0 to 128 [ 109.143486][T11463] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 109.179213][T11463] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.394117][T11520] netlink: 'syz.5.3522': attribute type 12 has an invalid length. [ 109.429088][T11524] bridge0: port 3(batadv0) entered blocking state [ 109.435727][T11524] bridge0: port 3(batadv0) entered disabled state [ 109.454142][T11524] batadv0: entered allmulticast mode [ 109.460715][T11524] batadv0: entered promiscuous mode [ 109.494162][T11536] Failed to initialize the IGMP autojoin socket (err -2) [ 109.683617][T11586] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 109.696015][T11586] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 109.709214][T11586] bond0: (slave ipvlan2): Error -95 calling set_mac_address [ 109.892658][T11623] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 109.930535][ T9266] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 109.939757][ T9266] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 110.051013][T11640] SELinux: failed to load policy [ 110.092352][T11642] block device autoloading is deprecated and will be removed. [ 110.340408][T11699] $H: renamed from ip_vti0 (while UP) [ 110.349487][T11699] $H: entered promiscuous mode [ 110.571345][T11738] $H: renamed from bond0 [ 110.582205][T11738] $H: entered promiscuous mode [ 110.587377][T11738] bond_slave_0: entered promiscuous mode [ 110.593191][T11738] bond_slave_1: entered promiscuous mode [ 110.601375][T11738] dummy0: entered promiscuous mode [ 110.757772][T11771] SELinux: failed to load policy [ 110.784502][T11782] $H: renamed from bond0 [ 110.794088][T11782] $H: entered promiscuous mode [ 110.799142][T11782] bond_slave_0: entered promiscuous mode [ 110.804979][T11782] bond_slave_1: entered promiscuous mode [ 110.848862][T11794] netlink: 'syz.3.3638': attribute type 27 has an invalid length. [ 110.858091][T11794] $H: left promiscuous mode [ 110.862944][T11794] bond_slave_0: left promiscuous mode [ 110.868439][T11794] bond_slave_1: left promiscuous mode [ 110.875258][T11792] __nla_validate_parse: 10 callbacks suppressed [ 110.875287][T11792] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3637'. [ 110.890566][T11792] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3637'. [ 110.899929][T11792] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3637'. [ 110.900307][T11794] 8021q: adding VLAN 0 to HW filter on device $H [ 110.919291][T11794] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 111.039901][T11815] Failed to initialize the IGMP autojoin socket (err -2) [ 111.074984][T11820] loop1: detected capacity change from 0 to 2048 [ 111.106102][T11820] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback. [ 111.576573][T11859] loop5: detected capacity change from 0 to 128 [ 111.672658][T11886] loop5: detected capacity change from 0 to 512 [ 111.679761][T11886] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 111.692964][T11886] EXT4-fs (loop5): 1 truncate cleaned up [ 111.698949][T11886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.730688][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.793516][T11905] tipc: Started in network mode [ 111.798419][T11905] tipc: Node identity ac14140f, cluster identity 4711 [ 111.805711][T11905] tipc: Enabling of bearer rejected, failed to enable media [ 111.918239][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 112.167751][T11974] loop1: detected capacity change from 0 to 512 [ 112.174933][T11974] EXT4-fs: Ignoring removed i_version option [ 112.181046][T11974] EXT4-fs: Ignoring removed bh option [ 112.372199][T11974] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.399592][T11974] ext4 filesystem being mounted at /656/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 112.423305][T11974] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 112.464497][T11986] rdma_op ffff8881243bb980 conn xmit_rdma 0000000000000000 [ 112.506877][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.522396][T11990] smc: net device bond0 applied user defined pnetid S [ 112.529359][T11990] smc: net device bond0 erased user defined pnetid S [ 112.585787][T11999] netlink: 'syz.0.3714': attribute type 29 has an invalid length. [ 112.616521][T11999] netlink: 'syz.0.3714': attribute type 29 has an invalid length. [ 112.627149][T12007] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 112.646419][T11999] netlink: 500 bytes leftover after parsing attributes in process `syz.0.3714'. [ 112.667533][T12013] loop5: detected capacity change from 0 to 128 [ 112.683110][T12013] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 112.702794][T12013] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 112.710684][T12013] FAT-fs (loop5): Filesystem has been set read-only [ 112.741300][T12013] syz.5.3723: attempt to access beyond end of device [ 112.741300][T12013] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 112.886718][T12049] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 112.893968][T12049] IPv6: NLM_F_CREATE should be set when creating new route [ 113.107344][T12073] loop5: detected capacity change from 0 to 1024 [ 113.134951][T12079] Failed to initialize the IGMP autojoin socket (err -2) [ 113.151226][T12073] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.189893][T12086] : renamed from wg2 [ 113.215826][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.585179][T12125] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12125 comm=syz.3.3770 [ 113.597869][T12125] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12125 comm=syz.3.3770 [ 113.626834][T12127] IPv6: NLM_F_CREATE should be specified when creating new route [ 113.752916][T12143] syzkaller0: entered promiscuous mode [ 113.758420][T12143] syzkaller0: entered allmulticast mode [ 113.791520][T12151] IPv6: NLM_F_CREATE should be specified when creating new route [ 113.826733][T12155] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3780'. [ 113.835865][T12155] netem: unknown loss type 13 [ 113.840584][T12155] netem: change failed [ 113.921784][ T29] kauditd_printk_skb: 461 callbacks suppressed [ 113.921799][ T29] audit: type=1400 audit(1763409635.545:4910): avc: denied { create } for pid=12166 comm="syz.3.3786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 113.973812][ T29] audit: type=1400 audit(1763409635.545:4911): avc: denied { write } for pid=12166 comm="syz.3.3786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 113.993447][ T29] audit: type=1400 audit(1763409635.545:4912): avc: denied { read } for pid=12166 comm="syz.3.3786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 114.068548][ T29] audit: type=1400 audit(1763409635.595:4913): avc: denied { setopt } for pid=12168 comm="syz.3.3788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 114.088279][ T29] audit: type=1400 audit(1763409635.595:4914): avc: denied { bind } for pid=12168 comm="syz.3.3788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 114.108001][ T29] audit: type=1400 audit(1763409635.595:4915): avc: denied { name_bind } for pid=12168 comm="syz.3.3788" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 114.129931][ T29] audit: type=1400 audit(1763409635.595:4916): avc: denied { node_bind } for pid=12168 comm="syz.3.3788" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 114.151813][ T29] audit: type=1400 audit(1763409635.615:4917): avc: denied { name_connect } for pid=12168 comm="syz.3.3788" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 114.184849][ T29] audit: type=1326 audit(1763409635.805:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.5.3794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 114.208480][ T29] audit: type=1326 audit(1763409635.805:4919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.5.3794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 114.402022][T12224] loop5: detected capacity change from 0 to 1024 [ 114.409060][T12224] EXT4-fs: Ignoring removed bh option [ 114.415790][T12224] EXT4-fs: inline encryption not supported [ 114.436347][T12224] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 114.455482][T12231] SELinux: failed to load policy [ 114.481237][T12224] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 114.495653][T12224] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.3811: lblock 2 mapped to illegal pblock 2 (length 1) [ 114.510247][T12224] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.3811: lblock 0 mapped to illegal pblock 48 (length 1) [ 114.525100][T12224] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3811: Failed to acquire dquot type 0 [ 114.542358][T12224] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 114.554732][T12224] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.3811: mark_inode_dirty error [ 114.566315][T12224] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 114.576799][T12224] EXT4-fs (loop5): 1 orphan inode deleted [ 114.583499][T12224] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.596097][ T9265] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:64: lblock 1 mapped to illegal pblock 1 (length 1) [ 114.611038][ T9265] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:64: Failed to release dquot type 0 [ 114.611816][T12224] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm syz.5.3811: lblock 1 mapped to illegal pblock 1 (length 1) [ 114.671514][T12255] netlink: 'syz.1.3820': attribute type 1 has an invalid length. [ 114.686348][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.695946][T10961] EXT4-fs error (device loop5): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 114.709561][T10961] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 114.726831][T12255] bond2: entered promiscuous mode [ 114.738169][T10961] EXT4-fs error (device loop5): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error [ 114.749662][T12255] 8021q: adding VLAN 0 to HW filter on device bond2 [ 114.798811][T12260] 8021q: adding VLAN 0 to HW filter on device bond3 [ 114.817644][T12260] bond2: (slave bond3): making interface the new active one [ 114.825024][T12260] bond3: entered promiscuous mode [ 114.830985][T12260] bond2: (slave bond3): Enslaving as an active interface with an up link [ 115.010526][T12374] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3843'. [ 115.144113][T12410] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.3857'. [ 115.168716][T12414] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3859'. [ 115.221995][T12424] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 115.221995][T12424] program syz.1.3864 not setting count and/or reply_len properly [ 115.343283][T12446] loop5: detected capacity change from 0 to 128 [ 115.359689][T12446] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 115.374937][T12446] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 115.409739][T12446] EXT4-fs (loop5): shut down requested (0) [ 115.559333][T10961] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 115.616894][T12481] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3887'. [ 116.116212][T12547] lo: Caught tx_queue_len zero misconfig [ 116.122714][T12547] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 116.171588][T12559] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3916'. [ 116.180842][T12559] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3916'. [ 116.189957][T12559] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3916'. [ 116.246966][T12572] debugfs: 'ptm1' already exists in 'caif_serial' [ 116.295953][T12596] macvtap0: refused to change device tx_queue_len [ 116.705151][T12646] netlink: 'syz.1.3942': attribute type 4 has an invalid length. [ 116.717354][T12648] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3943'. [ 116.726370][T12648] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3943'. [ 116.733377][T12646] netlink: 'syz.1.3942': attribute type 4 has an invalid length. [ 116.778709][T12652] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3945'. [ 116.797378][T12652] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3945'. [ 116.903539][T12681] sch_fq: defrate 4294967295 ignored. [ 117.016638][T12709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3970'. [ 117.197925][T12739] netlink: 'syz.1.3983': attribute type 3 has an invalid length. [ 117.370649][T12785] netlink: 'syz.3.3997': attribute type 4 has an invalid length. [ 117.378394][T12785] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3997'. [ 117.402848][T12785] .`: renamed from $H (while UP) [ 117.422331][T12795] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4001'. [ 117.480213][T12805] loop1: detected capacity change from 0 to 1024 [ 117.490561][T12805] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 117.509559][T12805] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 117.518276][T12805] EXT4-fs (loop1): orphan cleanup on readonly fs [ 117.525586][T12805] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.4003: Freeing blocks not in datazone - block = 0, count = 4096 [ 117.539356][T12805] EXT4-fs (loop1): 1 orphan inode deleted [ 117.545483][T12805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 117.571025][T12825] pim6reg: entered allmulticast mode [ 117.577622][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.581642][T12825] pim6reg: left allmulticast mode [ 117.827590][T12870] loop5: detected capacity change from 0 to 512 [ 117.842113][T12870] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.855157][T12870] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.870664][T12870] EXT4-fs error (device loop5): ext4_add_entry:2417: inode #12: comm syz.5.4021: Directory hole found for htree leaf block 0 [ 117.894984][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.970257][T12891] netlink: 'syz.5.4028': attribute type 21 has an invalid length. [ 118.011628][T12905] loop1: detected capacity change from 0 to 1024 [ 118.018348][T12905] EXT4-fs: Ignoring removed orlov option [ 118.026121][T12905] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.232796][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.316486][T12928] netlink: 'syz.3.4041': attribute type 1 has an invalid length. [ 118.420232][ T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 118.500157][T12929] loop5: detected capacity change from 0 to 32768 [ 118.520070][T12949] loop1: detected capacity change from 0 to 512 [ 118.532595][T12949] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 118.557394][T12949] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters [ 118.572279][T12949] EXT4-fs (loop1): 1 truncate cleaned up [ 118.578401][T12949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.611179][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.694847][T12972] SELinux: failed to load policy [ 118.889033][T13013] : renamed from vlan1 [ 119.077574][ T29] kauditd_printk_skb: 409 callbacks suppressed [ 119.077589][ T29] audit: type=1326 audit(1763409640.695:5325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13035 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 119.132298][ T29] audit: type=1326 audit(1763409640.695:5326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13035 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 119.156283][ T29] audit: type=1326 audit(1763409640.695:5327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13035 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 119.179873][ T29] audit: type=1326 audit(1763409640.705:5328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13035 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 119.203788][ T29] audit: type=1326 audit(1763409640.795:5329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 119.227372][ T29] audit: type=1326 audit(1763409640.795:5330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 119.251033][ T29] audit: type=1326 audit(1763409640.795:5331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 119.274651][ T29] audit: type=1326 audit(1763409640.795:5332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 119.298215][ T29] audit: type=1326 audit(1763409640.795:5333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 119.322573][ T29] audit: type=1326 audit(1763409640.795:5334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13042 comm="syz.5.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4da1f6c9 code=0x7ffc0000 [ 119.351260][T13046] : renamed from vlan1 [ 119.606681][T13084] pim6reg: entered allmulticast mode [ 119.622733][T13084] pim6reg: left allmulticast mode [ 119.822254][T13112] netlink: 'syz.2.4123': attribute type 1 has an invalid length. [ 119.913509][T13123] vlan0: entered allmulticast mode [ 119.950154][T13132] dummy0: Caught tx_queue_len zero misconfig [ 119.956516][T13132] netem: unknown loss type 13 [ 119.961529][T13132] netem: change failed [ 120.191859][T13154] netlink: 'syz.2.4141': attribute type 29 has an invalid length. [ 120.200797][T13154] netlink: 'syz.2.4141': attribute type 29 has an invalid length. [ 120.245957][T13158] IPv6: NLM_F_CREATE should be specified when creating new route [ 120.317447][ T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1) [ 120.358576][T13134] Set syz1 is full, maxelem 65536 reached [ 120.433077][T13182] netlink: 'syz.1.4154': attribute type 29 has an invalid length. [ 120.446240][T13182] netlink: 'syz.1.4154': attribute type 29 has an invalid length. [ 120.525402][T13203] loop1: detected capacity change from 0 to 256 [ 120.918380][T13253] SELinux: failed to load policy [ 121.020064][T13272] netlink: 'syz.5.4190': attribute type 2 has an invalid length. [ 121.064604][T13268] syzkaller0: entered promiscuous mode [ 121.070109][T13268] syzkaller0: entered allmulticast mode [ 121.290033][T13320] netlink: 'syz.5.4206': attribute type 1 has an invalid length. [ 121.318279][T13320] bond1: entered promiscuous mode [ 121.333725][T13320] 8021q: adding VLAN 0 to HW filter on device bond1 [ 121.362215][T13320] 8021q: adding VLAN 0 to HW filter on device bond2 [ 121.371269][T13320] bond1: (slave bond2): making interface the new active one [ 121.378659][T13320] bond2: entered promiscuous mode [ 121.385056][T13320] bond1: (slave bond2): Enslaving as an active interface with an up link [ 121.593745][T13413] loop5: detected capacity change from 0 to 2048 [ 121.605995][T13413] EXT4-fs: Ignoring removed bh option [ 121.623660][T13413] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.651902][T13413] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 121.686256][T13413] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 28 [ 121.698672][T13413] EXT4-fs (loop5): This should not happen!! Data will be lost [ 121.698672][T13413] [ 121.708320][T13413] EXT4-fs (loop5): Total free blocks count 0 [ 121.714309][T13413] EXT4-fs (loop5): Free/Dirty block details [ 121.720187][T13413] EXT4-fs (loop5): free_blocks=2415919104 [ 121.725954][T13413] EXT4-fs (loop5): dirty_blocks=32 [ 121.731078][T13413] EXT4-fs (loop5): Block reservation details [ 121.737044][T13413] EXT4-fs (loop5): i_reserved_data_blocks=2 [ 121.756858][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.796688][T13433] program syz.5.4223 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 121.806632][T13433] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 121.933718][T13451] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 121.933718][T13451] program syz.2.4240 not setting count and/or reply_len properly [ 122.033862][T13455] __nla_validate_parse: 12 callbacks suppressed [ 122.033879][T13455] netlink: 9286 bytes leftover after parsing attributes in process `syz.5.4231'. [ 122.117895][T13479] netlink: 'syz.3.4238': attribute type 1 has an invalid length. [ 122.140636][T13479] bond0: entered promiscuous mode [ 122.145851][T13479] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.178193][T13479] 8021q: adding VLAN 0 to HW filter on device bond2 [ 122.193894][T13479] bond0: (slave bond2): making interface the new active one [ 122.201306][T13479] bond2: entered promiscuous mode [ 122.234089][T13550] loop1: detected capacity change from 0 to 2048 [ 122.240773][T13550] EXT4-fs: Ignoring removed bh option [ 122.247116][T13479] bond0: (slave bond2): Enslaving as an active interface with an up link [ 122.283034][T13555] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 122.283034][T13555] program syz.3.4243 not setting count and/or reply_len properly [ 122.318822][T13560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4245'. [ 122.328844][T13550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.347904][T13550] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 122.363223][T13550] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 28 [ 122.375663][T13550] EXT4-fs (loop1): This should not happen!! Data will be lost [ 122.375663][T13550] [ 122.385305][T13550] EXT4-fs (loop1): Total free blocks count 0 [ 122.391399][T13550] EXT4-fs (loop1): Free/Dirty block details [ 122.397292][T13550] EXT4-fs (loop1): free_blocks=2415919104 [ 122.403031][T13550] EXT4-fs (loop1): dirty_blocks=32 [ 122.408133][T13550] EXT4-fs (loop1): Block reservation details [ 122.414123][T13550] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 122.556794][T13461] Set syz1 is full, maxelem 65536 reached [ 122.561416][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.733461][T13608] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4258'. [ 123.039299][T13641] hub 9-0:1.0: USB hub found [ 123.045744][T13641] hub 9-0:1.0: 8 ports detected [ 123.089034][T13651] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4279'. [ 123.297214][T13681] hub 9-0:1.0: USB hub found [ 123.311185][T13681] hub 9-0:1.0: 8 ports detected [ 123.414395][T13691] vhci_hcd: invalid port number 96 [ 123.419546][T13691] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 123.992837][T13742] vhci_hcd: invalid port number 96 [ 123.997985][T13742] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 124.080537][ T29] kauditd_printk_skb: 242 callbacks suppressed [ 124.080588][ T29] audit: type=1326 audit(1763409645.705:5577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13747 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.123637][ T29] audit: type=1326 audit(1763409645.735:5578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13747 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.147191][ T29] audit: type=1326 audit(1763409645.735:5579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13747 comm="syz.2.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.173079][ T29] audit: type=1326 audit(1763409645.745:5580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.196589][ T29] audit: type=1326 audit(1763409645.745:5581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.220121][ T29] audit: type=1326 audit(1763409645.795:5582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.243765][ T29] audit: type=1326 audit(1763409645.795:5583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.267301][ T29] audit: type=1326 audit(1763409645.795:5584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.302478][ T29] audit: type=1326 audit(1763409645.795:5585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.326106][ T29] audit: type=1326 audit(1763409645.865:5586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13749 comm="syz.2.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 124.376293][T13760] netlink: 'syz.2.4325': attribute type 1 has an invalid length. [ 124.393138][T13760] bond0: entered promiscuous mode [ 124.398519][T13760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 124.434267][T13760] 8021q: adding VLAN 0 to HW filter on device bond1 [ 124.447308][T13760] bond0: (slave bond1): making interface the new active one [ 124.454835][T13760] bond1: entered promiscuous mode [ 124.465320][T13760] bond0: (slave bond1): Enslaving as an active interface with an up link [ 124.485522][T13840] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4331'. [ 124.494546][T13840] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4331'. [ 124.650361][T13866] netlink: 'syz.2.4339': attribute type 4 has an invalid length. [ 124.672463][T13866] netlink: 'syz.2.4339': attribute type 4 has an invalid length. [ 124.755401][T13886] netlink: 444 bytes leftover after parsing attributes in process `syz.3.4350'. [ 124.845144][T13900] netlink: 'syz.3.4356': attribute type 4 has an invalid length. [ 124.866513][T13900] netlink: 'syz.3.4356': attribute type 4 has an invalid length. [ 124.890319][T13909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4368'. [ 125.050633][T13937] netlink: 'syz.5.4372': attribute type 4 has an invalid length. [ 125.084311][T13937] netlink: 'syz.5.4372': attribute type 4 has an invalid length. [ 125.180825][T13950] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4377'. [ 125.285718][T13972] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4383'. [ 125.511141][T14001] loop5: detected capacity change from 0 to 1024 [ 125.519459][T14001] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 125.530462][T14001] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 125.538536][T14001] EXT4-fs (loop5): orphan cleanup on readonly fs [ 125.545396][T14001] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.4396: Freeing blocks not in datazone - block = 0, count = 4096 [ 125.559249][T14001] EXT4-fs (loop5): 1 orphan inode deleted [ 125.572204][T14001] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 125.596695][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.731530][T14034] IPv6: Can't replace route, no match found [ 125.843969][T14056] SELinux: policydb version 431990519 does not match my version range 15-35 [ 125.854654][T14056] SELinux: failed to load policy [ 126.138466][T14123] netlink: 'syz.0.4439': attribute type 3 has an invalid length. [ 126.160955][T14135] bond0: Caught tx_queue_len zero misconfig [ 126.253423][T14155] loop5: detected capacity change from 0 to 2048 [ 126.289844][T14155] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.311506][T14155] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 126.364077][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.601833][T14227] Invalid ELF header magic: != ELF [ 126.717074][T14260] SELinux: policydb table sizes (133,1) do not match mine (8,7) [ 126.725146][T14260] SELinux: failed to load policy [ 126.897972][T14298] Invalid ELF header magic: != ELF [ 126.949270][T14308] SELinux: Context system_u:object_r:hald_sonypic_exec_t:s0 is not valid (left unmapped). [ 127.069746][T14332] ip6gre1: entered promiscuous mode [ 127.075086][T14332] ip6gre1: entered allmulticast mode [ 127.103891][T14341] SELinux: policydb table sizes (133,1) do not match mine (8,7) [ 127.112015][T14332] syz.5.4528 (14332) used greatest stack depth: 9432 bytes left [ 127.112668][T14341] SELinux: failed to load policy [ 127.131719][T14346] netlink: 'syz.2.4533': attribute type 1 has an invalid length. [ 127.177058][T14355] loop5: detected capacity change from 0 to 1024 [ 127.184223][T14355] EXT4-fs: Ignoring removed orlov option [ 127.191995][T14355] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.537598][T10961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.669341][T14445] netlink: 'syz.5.4571': attribute type 1 has an invalid length. [ 127.773463][T14459] vhci_hcd: invalid port number 96 [ 127.778624][T14459] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 127.842210][T14485] __nla_validate_parse: 6 callbacks suppressed [ 127.842225][T14485] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 127.842616][T14483] Failed to initialize the IGMP autojoin socket (err -2) [ 127.926730][ T9243] Bluetooth: hci0: Frame reassembly failed (-84) [ 128.070189][T14536] bridge0: entered allmulticast mode [ 128.076597][T14536] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4604'. [ 128.196986][T14570] loop5: detected capacity change from 0 to 128 [ 128.221077][T14570] loop5: detected capacity change from 128 to 0 [ 128.359740][T10961] FAT-fs (loop5): Directory bread(block 3) failed [ 128.369312][T10961] FAT-fs (loop5): Directory bread(block 4) failed [ 128.389479][T10961] FAT-fs (loop5): unable to read boot sector to mark fs as dirty [ 128.640077][T14618] Failed to initialize the IGMP autojoin socket (err -2) [ 128.706577][T14640] bridge0: entered allmulticast mode [ 128.712336][T14640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4642'. [ 128.721298][T14640] bridge_slave_1: left allmulticast mode [ 128.726940][T14640] bridge_slave_1: left promiscuous mode [ 128.732626][T14640] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.740663][T14640] bridge_slave_0: left promiscuous mode [ 128.746401][T14640] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.755606][T14640] bridge0 (unregistering): left allmulticast mode [ 128.768491][T14644] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14644 comm=syz.3.4644 [ 128.806852][T14646] bridge0: port 3(batadv1) entered blocking state [ 128.813471][T14646] bridge0: port 3(batadv1) entered disabled state [ 128.820212][T14646] batadv1: entered allmulticast mode [ 128.826030][T14646] batadv1: entered promiscuous mode [ 128.895537][T14682] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4648'. [ 128.904640][T14682] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4648'. [ 128.952554][ T9266] netdevsim netdevsim6 eth5: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.976125][ T9198] netdevsim netdevsim6 eth6: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.000728][ T9266] netdevsim netdevsim6 eth7: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.020551][ T9266] netdevsim netdevsim6 eth8: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.211386][T14726] bridge0: entered allmulticast mode [ 129.224460][T14726] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4658'. [ 129.236367][T14728] loop1: detected capacity change from 0 to 512 [ 129.244961][T14726] bridge_slave_1: left allmulticast mode [ 129.250654][T14726] bridge_slave_1: left promiscuous mode [ 129.256452][T14726] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.266848][T14728] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 129.275969][T14726] bridge_slave_0: left allmulticast mode [ 129.281790][T14726] bridge_slave_0: left promiscuous mode [ 129.287439][T14726] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.296256][T14726] bridge0 (unregistering): left allmulticast mode [ 129.307297][T14728] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.320653][ T9253] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 129.329876][ T9253] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 129.339151][T14728] ext4 filesystem being mounted at /861/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 129.355524][ T29] kauditd_printk_skb: 377 callbacks suppressed [ 129.355575][ T29] audit: type=1400 audit(1763409650.975:5964): avc: denied { append } for pid=14725 comm="syz.1.4659" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 129.438350][ T29] audit: type=1400 audit(1763409651.055:5965): avc: denied { ioctl } for pid=14725 comm="syz.1.4659" path="/861/bus/file1" dev="loop1" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 129.511010][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.541897][T14765] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4665'. [ 129.551102][T14618] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 129.576800][T14618] wireguard: wg0: Could not create IPv4 socket [ 129.592759][ T29] audit: type=1400 audit(1763409651.215:5966): avc: denied { bind } for pid=14762 comm="syz.1.4665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 129.614373][T14618] wireguard: wg1: Could not create IPv4 socket [ 129.622378][T14618] wireguard: wg2: Could not create IPv4 socket [ 129.632321][ T29] audit: type=1400 audit(1763409651.255:5967): avc: denied { mounton } for pid=14618 comm="syz-executor" path="/root/syzkaller.qThS51/syz-tmp" dev="sda1" ino=2049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 129.656922][ T29] audit: type=1400 audit(1763409651.255:5968): avc: denied { mount } for pid=14618 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 129.683062][ T29] audit: type=1400 audit(1763409651.255:5969): avc: denied { mounton } for pid=14618 comm="syz-executor" path="/root/syzkaller.qThS51/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 129.696324][T14775] loop1: detected capacity change from 0 to 1024 [ 129.709982][ T29] audit: type=1400 audit(1763409651.255:5970): avc: denied { mounton } for pid=14618 comm="syz-executor" path="/root/syzkaller.qThS51/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=39154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 129.721611][T14775] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 129.743846][ T29] audit: type=1400 audit(1763409651.305:5971): avc: denied { mounton } for pid=14618 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 129.780454][T14775] System zones: 0-1, 3-36 [ 129.796797][T14775] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.821508][ T29] audit: type=1400 audit(1763409651.335:5972): avc: denied { add_name } for pid=14618 comm="syz-executor" name="syz6" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 129.846272][ T29] audit: type=1400 audit(1763409651.335:5973): avc: denied { create } for pid=14618 comm="syz-executor" name="syz6" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 129.905442][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.920890][T14792] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4673'. [ 129.929883][T14792] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4673'. [ 129.950377][ T3714] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 129.950622][ T4411] Bluetooth: hci0: command 0x1003 tx timeout [ 129.964263][T14798] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 129.974034][T14796] netlink: 'syz.1.4674': attribute type 1 has an invalid length. [ 130.069652][T14816] bond3: Unable to set down delay as MII monitoring is disabled [ 130.084191][T14816] bond3 (unregistering): Released all slaves [ 131.189233][T14941] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4702'. [ 131.371471][T14991] netlink: 'syz.3.4718': attribute type 1 has an invalid length. [ 131.811632][T15029] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 131.864655][T15031] netlink: 'syz.6.4736': attribute type 10 has an invalid length. [ 131.875002][T15031] team_slave_0: entered allmulticast mode [ 131.899247][T15031] team0: Port device team_slave_0 removed [ 132.992992][T15222] netlink: 'syz.3.4813': attribute type 1 has an invalid length. [ 133.000873][T15222] __nla_validate_parse: 12 callbacks suppressed [ 133.000889][T15222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4813'. [ 133.016917][T15222] netlink: 'syz.3.4813': attribute type 1 has an invalid length. [ 133.024699][T15222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4813'. [ 133.084472][T15232] netlink: 'syz.2.4817': attribute type 2 has an invalid length. [ 133.092283][T15232] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4817'. [ 133.190873][T15240] vhci_hcd: invalid port number 96 [ 133.196032][T15240] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 133.378879][T15274] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.388140][T15274] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.776966][T15321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4854'. [ 133.816765][T15327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4856'. [ 133.921704][T15351] SELinux: policydb version 1320 does not match my version range 15-35 [ 133.946668][T15351] SELinux: failed to load policy [ 134.030094][T15367] netlink: 'syz.6.4877': attribute type 2 has an invalid length. [ 134.038066][T15367] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4877'. [ 134.065968][T15373] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4880'. [ 134.212932][T15396] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 134.257116][T15403] netlink: 'syz.0.4893': attribute type 1 has an invalid length. [ 134.264912][T15403] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4893'. [ 134.281618][T15404] vhci_hcd: invalid port number 96 [ 134.286784][T15404] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 134.294271][T15403] netlink: 'syz.0.4893': attribute type 1 has an invalid length. [ 134.302109][T15403] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4893'. [ 134.316446][T15410] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4896'. [ 134.330081][T15410] IPVS: Error during creation of socket; terminating [ 134.428865][ T29] kauditd_printk_skb: 267 callbacks suppressed [ 134.428879][ T29] audit: type=1326 audit(1763409656.045:6241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.6.4909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.479212][ T29] audit: type=1326 audit(1763409656.045:6242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.6.4909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.502879][ T29] audit: type=1326 audit(1763409656.045:6243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.6.4909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.526417][ T29] audit: type=1326 audit(1763409656.055:6244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15435 comm="syz.6.4909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.583976][ T29] audit: type=1400 audit(1763409656.205:6245): avc: denied { create } for pid=15455 comm="syz.1.4915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 134.613253][ T29] audit: type=1400 audit(1763409656.225:6246): avc: denied { write } for pid=15455 comm="syz.1.4915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 134.644207][ T29] audit: type=1326 audit(1763409656.255:6247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15458 comm="syz.6.4918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.667861][ T29] audit: type=1326 audit(1763409656.255:6248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15458 comm="syz.6.4918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.691518][ T29] audit: type=1326 audit(1763409656.255:6249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15458 comm="syz.6.4918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.715441][ T29] audit: type=1326 audit(1763409656.265:6250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15458 comm="syz.6.4918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 134.823303][T15483] SELinux: policydb version 1320 does not match my version range 15-35 [ 134.831806][T15483] SELinux: failed to load policy [ 134.842818][T15485] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 134.892430][ T42] Bluetooth: hci0: Frame reassembly failed (-84) [ 135.119412][T15543] serio: Serial port ttyS3 [ 135.295150][T15567] SELinux: failed to load policy [ 135.577703][T15625] netlink: 'syz.1.4988': attribute type 12 has an invalid length. [ 135.771115][T15657] netlink: 'syz.3.5002': attribute type 10 has an invalid length. [ 135.780982][T15657] batadv1: left allmulticast mode [ 135.786039][T15657] batadv1: left promiscuous mode [ 135.791472][T15657] bridge0: port 3(batadv1) entered disabled state [ 135.799256][T15657] bridge_slave_1: left allmulticast mode [ 135.804950][T15657] bridge_slave_1: left promiscuous mode [ 135.810719][T15657] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.818675][T15657] bridge_slave_0: left promiscuous mode [ 135.824624][T15657] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.359452][T15730] serio: Serial port ttyS3 [ 136.382666][T15735] netlink: 'syz.2.5036': attribute type 12 has an invalid length. [ 136.482100][T15747] SELinux: failed to load policy [ 136.573193][T15767] block device autoloading is deprecated and will be removed. [ 136.657931][T15781] serio: Serial port ttyS3 [ 136.678007][T15779] SELinux: failed to load policy [ 136.795337][T15815] loop3: detected capacity change from 0 to 1024 [ 136.825128][T15815] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.898525][T15815] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.5068: Allocating blocks 497-513 which overlap fs metadata [ 136.912492][ T3714] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 136.931045][T15836] EXT4-fs (loop3): pa ffff8881006c7620: logic 48, phys. 177, len 21 [ 136.939213][T15836] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1 [ 137.125338][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.304721][T15898] loop1: detected capacity change from 0 to 1024 [ 137.311509][T15901] loop3: detected capacity change from 0 to 512 [ 137.329516][T15898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.353450][T15901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.367832][T15901] ext4 filesystem being mounted at /1056/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.396353][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.406268][T15917] netlink: '+}[@': attribute type 10 has an invalid length. [ 137.414053][T15917] veth1_vlan: left promiscuous mode [ 137.420912][T15917] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 137.457199][T15898] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.5102: Allocating blocks 497-513 which overlap fs metadata [ 137.472763][T15924] EXT4-fs (loop1): pa ffff8881006c7770: logic 48, phys. 177, len 21 [ 137.480876][T15924] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1 [ 137.594168][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.931914][T15998] macvtap0: entered promiscuous mode [ 137.944312][T15998] macvtap0: left promiscuous mode [ 138.184666][T16040] netlink: 'syz.2.5153': attribute type 10 has an invalid length. [ 138.199915][T16040] team0: Device ipvlan0 failed to register rx_handler [ 138.227789][ T4208] kernel write not supported for file bpf-prog (pid: 4208 comm: kworker/1:4) [ 138.318228][T16069] macvtap0: entered promiscuous mode [ 138.330874][T16069] macvtap0: left promiscuous mode [ 138.347883][T16075] netlink: 'syz.0.5165': attribute type 10 has an invalid length. [ 138.359176][T16075] __nla_validate_parse: 14 callbacks suppressed [ 138.359225][T16075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5165'. [ 138.400673][T16091] netlink: 14 bytes leftover after parsing attributes in process `syz.6.5170'. [ 138.752259][ T10] hid_parser_main: 22 callbacks suppressed [ 138.752356][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.765654][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.773083][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.787548][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.794988][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.802497][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.809887][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.817418][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.824838][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.832421][ T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 138.840654][ T10] hid-generic 0000:0000:0000.000C: hidraw0: HID v8.00 Device [syz0] on syz0 [ 138.886831][T16175] Failed to initialize the IGMP autojoin socket (err -2) [ 138.969648][T16188] netlink: 'syz.3.5206': attribute type 1 has an invalid length. [ 139.017287][T16200] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5213'. [ 139.141558][T16225] netlink: 'syz.0.5222': attribute type 3 has an invalid length. [ 139.177565][T16229] netlink: 'syz.3.5224': attribute type 10 has an invalid length. [ 139.198537][T16229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5224'. [ 139.379175][T16273] netlink: 'syz.0.5243': attribute type 1 has an invalid length. [ 139.467886][T16298] Failed to initialize the IGMP autojoin socket (err -2) [ 139.524238][T16305] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5258'. [ 139.701949][T16330] xt_recent: hitcount (16777216) is larger than allowed maximum (65535) [ 139.715686][T16333] Failed to initialize the IGMP autojoin socket (err -2) [ 139.761706][T16337] bridge0: entered promiscuous mode [ 139.772564][T16337] $H: (slave bridge0): Enslaving as an active interface with an up link [ 139.803281][T16337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5272'. [ 139.817500][T16337] batadv0: left allmulticast mode [ 139.822591][T16337] batadv0: left promiscuous mode [ 139.827747][T16337] bridge0: port 3(batadv0) entered disabled state [ 139.836539][T16337] bridge_slave_1: left allmulticast mode [ 139.842526][T16337] bridge_slave_1: left promiscuous mode [ 139.848468][T16337] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.856333][T16337] bridge_slave_0: left allmulticast mode [ 139.862123][T16337] bridge_slave_0: left promiscuous mode [ 139.867919][T16337] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.877331][T16337] $H: (slave bridge0): Releasing backup interface [ 139.892797][T16337] bridge0 (unregistering): left promiscuous mode [ 139.900966][T16337] bridge0 (unregistering): left allmulticast mode [ 139.961891][T16358] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5281'. [ 139.991843][T16366] Failed to initialize the IGMP autojoin socket (err -2) [ 139.998569][T16355] loop3: detected capacity change from 0 to 8192 [ 140.090589][ T1784] Bluetooth: hci0: Frame reassembly failed (-84) [ 140.098691][ T3714] Bluetooth: hci0: unexpected event 0x0f length: 0 < 4 [ 140.152431][T16385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5290'. [ 140.372876][T16411] wireguard: wireguard0: Could not create IPv4 socket [ 140.379695][T16411] wireguard0: entered promiscuous mode [ 140.385229][T16411] wireguard0: entered allmulticast mode [ 140.714566][T16435] Failed to initialize the IGMP autojoin socket (err -2) [ 140.775454][ T29] kauditd_printk_skb: 241 callbacks suppressed [ 140.775511][ T29] audit: type=1326 audit(1763409662.395:6492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.805801][ T29] audit: type=1326 audit(1763409662.395:6493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.829331][ T29] audit: type=1326 audit(1763409662.395:6494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e8da6df10 code=0x7ffc0000 [ 140.852826][ T29] audit: type=1326 audit(1763409662.395:6495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.876294][ T29] audit: type=1326 audit(1763409662.395:6496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.899784][ T29] audit: type=1326 audit(1763409662.395:6497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.923421][ T29] audit: type=1326 audit(1763409662.395:6498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.946977][ T29] audit: type=1326 audit(1763409662.395:6499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.970562][ T29] audit: type=1326 audit(1763409662.395:6500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 140.994093][ T29] audit: type=1326 audit(1763409662.425:6501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16440 comm="syz.2.5312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 141.935037][T16529] Failed to initialize the IGMP autojoin socket (err -2) [ 141.985992][T16537] SELinux: failed to load policy [ 142.110683][ T4411] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 142.116804][ T3714] Bluetooth: hci0: command 0x1003 tx timeout [ 142.173626][T16552] loop1: detected capacity change from 0 to 32768 [ 142.214294][T16552] loop1: p1 p3 < > [ 142.215820][T16577] SELinux: failed to load policy [ 142.425060][T16630] netlink: 176 bytes leftover after parsing attributes in process `syz.2.5394'. [ 142.457421][T16636] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5389'. [ 142.709307][ T1784] Bluetooth: hci0: Frame reassembly failed (-84) [ 142.722848][T16661] Failed to initialize the IGMP autojoin socket (err -2) [ 142.723491][ T3714] Bluetooth: hci0: unexpected event 0x0f length: 0 < 4 [ 142.827476][T16672] validate_nla: 1 callbacks suppressed [ 142.827490][T16672] netlink: 'syz.1.5405': attribute type 21 has an invalid length. [ 144.207706][T16813] loop1: detected capacity change from 0 to 512 [ 144.214658][T16813] ext2: Unknown parameter 'noacl' [ 144.256662][T16823] __nla_validate_parse: 8 callbacks suppressed [ 144.256678][T16823] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5470'. [ 144.296136][T16828] Failed to initialize the IGMP autojoin socket (err -2) [ 144.345850][ T9201] Bluetooth: hci1: Frame reassembly failed (-84) [ 144.446861][T16863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5483'. [ 144.500680][T16879] Failed to initialize the IGMP autojoin socket (err -2) [ 144.570260][T16892] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 144.751242][ T4411] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 144.752775][T16846] Bluetooth: hci0: command 0x1003 tx timeout [ 144.843050][T16935] netlink: 'syz.6.5518': attribute type 3 has an invalid length. [ 145.232900][T16981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5534'. [ 145.727722][T17022] : renamed from veth0_to_bond [ 145.805426][T17035] loop3: detected capacity change from 0 to 1764 [ 145.832879][ T29] kauditd_printk_skb: 182 callbacks suppressed [ 145.832890][ T29] audit: type=1400 audit(1763409667.455:6684): avc: denied { mount } for pid=17034 comm="syz.3.5557" name="/" dev="loop3" ino=1920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 145.861599][ T29] audit: type=1400 audit(1763409667.455:6685): avc: denied { mounton } for pid=17034 comm="syz.3.5557" path="/1153/file0/file0" dev="loop3" ino=1986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=file permissive=1 [ 145.925600][ T29] audit: type=1400 audit(1763409667.515:6686): avc: denied { unmount } for pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 145.945794][ T29] audit: type=1400 audit(1763409667.535:6687): avc: denied { validate_trans } for pid=17043 comm="syz.3.5559" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 145.966353][ T29] audit: type=1400 audit(1763409667.535:6688): avc: denied { read } for pid=17043 comm="syz.3.5559" dev="nsfs" ino=4026532629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 145.987761][ T29] audit: type=1400 audit(1763409667.535:6689): avc: denied { open } for pid=17043 comm="syz.3.5559" path="net:[4026532629]" dev="nsfs" ino=4026532629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 146.011134][ T29] audit: type=1400 audit(1763409667.535:6690): avc: denied { create } for pid=17043 comm="syz.3.5559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 146.042045][ T29] audit: type=1326 audit(1763409667.595:6691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17045 comm="syz.6.5561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 146.065652][ T29] audit: type=1326 audit(1763409667.595:6692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17045 comm="syz.6.5561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 146.089384][ T29] audit: type=1326 audit(1763409667.595:6693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17045 comm="syz.6.5561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 146.125263][T17055] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5573'. [ 146.134682][T17055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5573'. [ 146.172637][T17065] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 146.195164][T17067] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5569'. [ 146.204129][T17067] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5569'. [ 146.213165][T17067] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5569'. [ 146.222088][T17067] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5569'. [ 146.231797][T17067] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5569'. [ 146.350509][ T3714] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 146.892716][T17095] ip6gre3: entered promiscuous mode [ 146.898105][T17095] ip6gre3: entered allmulticast mode [ 146.965717][T17110] batman_adv: batadv0: Adding interface: dummy0 [ 146.972070][T17110] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 147.008564][T17110] batman_adv: batadv0: Interface activated: dummy0 [ 147.037883][T17110] batadv0: mtu less than device minimum [ 147.043913][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.054887][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.065657][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.076338][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.087562][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.098290][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.109074][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.119944][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.130748][T17110] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 147.201770][T17129] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 147.201770][T17129] program syz.2.5599 not setting count and/or reply_len properly [ 147.418964][T17167] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 147.418964][T17167] program syz.3.5616 not setting count and/or reply_len properly [ 147.463990][T17175] loop3: detected capacity change from 0 to 512 [ 147.471708][T17175] EXT4-fs (loop3): external journal device major/minor numbers have changed [ 147.480605][T17175] EXT4-fs (loop3): failed to open journal device unknown-block(8,3) -6 [ 147.572785][T17192] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 147.633230][T17199] loop1: detected capacity change from 0 to 128 [ 147.817726][T17240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17240 comm=syz.2.5645 [ 147.830440][T17240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17240 comm=syz.2.5645 [ 148.093094][T17258] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.128852][T17258] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.283649][T17311] netlink: 'syz.6.5671': attribute type 3 has an invalid length. [ 148.453560][ T36] kernel write not supported for file bpf-map (pid: 36 comm: kworker/1:1) [ 148.629584][T17354] pim6reg: entered allmulticast mode [ 148.872790][T17399] pim6reg: entered allmulticast mode [ 149.020524][T17429] netlink: 'syz.0.5716': attribute type 1 has an invalid length. [ 149.294285][T17451] netlink: 'syz.3.5735': attribute type 3 has an invalid length. [ 149.302075][T17451] __nla_validate_parse: 11 callbacks suppressed [ 149.302089][T17451] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5735'. [ 149.385035][T17469] $H: renamed from bond0 [ 149.395580][T17469] $H: entered promiscuous mode [ 149.400779][T17469] bond_slave_0: entered promiscuous mode [ 149.406651][T17469] bond_slave_1: entered promiscuous mode [ 149.439350][T17475] macvtap0: refused to change device tx_queue_len [ 149.470178][T17482] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5739'. [ 149.479357][T17482] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5739'. [ 149.510177][T17484] macvtap0: entered promiscuous mode [ 149.515760][T17484] macvtap0: entered allmulticast mode [ 149.538468][T17484] veth1: entered allmulticast mode [ 149.543815][T17484] veth1: entered promiscuous mode [ 149.555770][T17484] team0: Device macvtap0 failed to register rx_handler [ 149.563738][T17484] veth1: left allmulticast mode [ 149.568617][T17484] veth1: left promiscuous mode [ 149.579270][T17489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5742'. [ 149.588297][T17489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5742'. [ 149.597357][T17482] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5739'. [ 149.606353][T17482] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5739'. [ 149.680649][T17489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5742'. [ 149.689635][T17489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5742'. [ 149.701341][T17520] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5752'. [ 149.776453][ T42] Bluetooth: hci0: Frame reassembly failed (-84) [ 150.918403][ T29] kauditd_printk_skb: 280 callbacks suppressed [ 150.918426][ T29] audit: type=1400 audit(1763409672.535:6974): avc: denied { setopt } for pid=17695 comm="syz.6.5820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 151.268319][ T29] audit: type=1400 audit(1763409672.885:6975): avc: denied { create } for pid=17701 comm="syz.6.5824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 151.287941][ T29] audit: type=1400 audit(1763409672.885:6976): avc: denied { write } for pid=17701 comm="syz.6.5824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 151.425600][T17719] netlink: 'syz.1.5827': attribute type 3 has an invalid length. [ 151.459928][ T29] audit: type=1400 audit(1763409673.075:6977): avc: denied { read } for pid=17722 comm="syz.0.5829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 151.511228][T17731] netlink: 'syz.0.5833': attribute type 1 has an invalid length. [ 151.530175][T17733] wireguard: wireguard0: Could not create IPv4 socket [ 151.586728][T17744] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 151.650633][ T29] audit: type=1400 audit(1763409673.275:6978): avc: denied { append } for pid=17748 comm="syz.6.5840" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 151.676044][ T29] audit: type=1400 audit(1763409673.275:6979): avc: denied { open } for pid=17748 comm="syz.6.5840" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 151.700877][ T29] audit: type=1400 audit(1763409673.275:6980): avc: denied { getopt } for pid=17751 comm="syz.0.5841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 151.724022][ T29] audit: type=1400 audit(1763409673.295:6981): avc: denied { ioctl } for pid=17748 comm="syz.6.5840" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 151.750411][ T29] audit: type=1326 audit(1763409673.345:6982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17754 comm="syz.1.5842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 151.773945][ T29] audit: type=1326 audit(1763409673.345:6983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17754 comm="syz.1.5842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 151.801720][ T3714] Bluetooth: hci0: command 0x1003 tx timeout [ 151.807741][ T4411] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 151.926525][T17789] tunl0: Caught tx_queue_len zero misconfig [ 152.125451][T17838] IPVS: Error during creation of socket; terminating [ 152.310688][T17877] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 152.512530][ T9208] Bluetooth: hci0: Frame reassembly failed (-84) [ 152.651810][T17954] loop3: detected capacity change from 0 to 512 [ 152.660522][T17954] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 152.675124][T17954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.687987][T17954] ext4 filesystem being mounted at /1214/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.691750][T17959] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17959 comm=syz.1.5926 [ 152.710849][T17954] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.711174][T17959] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17959 comm=syz.1.5926 [ 152.843927][T17979] loop3: detected capacity change from 0 to 2048 [ 152.865626][T17979] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 152.882642][T17979] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 152.907077][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.926688][T17990] loop3: detected capacity change from 0 to 128 [ 152.936989][T17990] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 152.949153][T17990] ext4 filesystem being mounted at /1218/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 152.972357][ T3318] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 153.132566][T18020] Failed to initialize the IGMP autojoin socket (err -2) [ 153.356900][T18036] random: crng reseeded on system resumption [ 153.369978][T18039] netlink: 'syz.6.5957': attribute type 1 has an invalid length. [ 153.392047][T18039] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 153.400937][T18039] bond3: (slave batadv1): making interface the new active one [ 153.411246][T18039] bond3: (slave batadv1): Enslaving as an active interface with an up link [ 153.834927][T18159] netlink: 'syz.3.5992': attribute type 39 has an invalid length. [ 154.153248][T18213] loop1: detected capacity change from 0 to 512 [ 154.167345][T18213] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 154.195587][T18213] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 154.250843][T18225] netlink: 'syz.3.6017': attribute type 13 has an invalid length. [ 154.281787][T18225] gretap0: refused to change device tx_queue_len [ 154.296461][T18225] net_ratelimit: 16 callbacks suppressed [ 154.296475][T18225] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 154.298943][T18213] FAT-fs (loop1): FAT read failed (blocknr 128) [ 154.501368][T18247] __nla_validate_parse: 30 callbacks suppressed [ 154.501385][T18247] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6026'. [ 154.520530][T18249] netlink: 'syz.0.6021': attribute type 1 has an invalid length. [ 154.529747][T18247] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6026'. [ 154.586323][T18261] netlink: 'syz.3.6029': attribute type 12 has an invalid length. [ 154.594457][ T3714] Bluetooth: hci0: command 0x1003 tx timeout [ 154.600549][ T4411] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 154.711766][T18286] serio: Serial port ptm1 [ 155.045110][T18355] loop1: detected capacity change from 0 to 2048 [ 155.062630][T18355] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.087937][ T3316] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 155.103194][ T3316] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 155.124851][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.236143][T18396] netlink: 'syz.6.6081': attribute type 29 has an invalid length. [ 155.323181][ T9208] Bluetooth: hci0: Frame reassembly failed (-84) [ 155.931159][ T29] kauditd_printk_skb: 268 callbacks suppressed [ 155.931189][ T29] audit: type=1400 audit(1763409677.545:7252): avc: denied { bind } for pid=18419 comm="syz.0.6089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 155.957161][ T29] audit: type=1400 audit(1763409677.545:7253): avc: denied { name_bind } for pid=18419 comm="syz.0.6089" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 155.978983][ T29] audit: type=1400 audit(1763409677.545:7254): avc: denied { node_bind } for pid=18419 comm="syz.0.6089" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 156.134215][ T29] audit: type=1400 audit(1763409677.745:7255): avc: denied { audit_write } for pid=18436 comm="syz.0.6095" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 156.134273][ T29] audit: type=1107 audit(1763409677.745:7256): pid=18436 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 156.240123][ T29] audit: type=1400 audit(1763409677.845:7257): avc: denied { connect } for pid=18447 comm="syz.1.6101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 156.329348][ T29] audit: type=1326 audit(1763409677.935:7258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18454 comm="syz.0.6104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 156.329374][ T29] audit: type=1326 audit(1763409677.935:7259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18454 comm="syz.0.6104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 156.329393][ T29] audit: type=1326 audit(1763409933.949:7260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18454 comm="syz.0.6104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 156.471955][T18466] ip6tnl0: Caught tx_queue_len zero misconfig [ 156.487055][T18467] loop3: detected capacity change from 0 to 1024 [ 156.494459][T18467] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 156.507251][T18467] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 156.507328][T18467] EXT4-fs (loop3): orphan cleanup on readonly fs [ 156.507491][T18467] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.6107: Freeing blocks not in datazone - block = 0, count = 4096 [ 156.507716][T18467] EXT4-fs (loop3): 1 orphan inode deleted [ 156.508169][T18467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 156.569539][ T29] audit: type=1326 audit(1763409934.179:7261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18476 comm="syz.1.6113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc83fd6f6c9 code=0x7ffc0000 [ 156.646023][ T3423] hid_parser_main: 19 callbacks suppressed [ 156.646037][ T3423] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 156.647460][ T3423] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 156.682944][T18479] Failed to initialize the IGMP autojoin socket (err -2) [ 157.081430][ T10] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x4 [ 157.089121][ T10] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x2 [ 157.097813][ T10] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x3 [ 157.174032][ T10] hid-generic 0000:3000000:0000.000E: hidraw0: HID v0.00 Device [sy] on syz0 [ 157.273095][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.289111][T18538] atomic_op ffff888129103528 conn xmit_atomic 0000000000000000 [ 157.379842][T18552] 9pnet_fd: Insufficient options for proto=fd [ 157.390192][ T3714] Bluetooth: hci0: command 0x1003 tx timeout [ 157.396232][ T4411] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 157.599538][T18587] loop3: detected capacity change from 0 to 2048 [ 157.611513][T18587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.631438][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.931021][T18622] netlink: 'syz.6.6167': attribute type 6 has an invalid length. [ 157.938783][T18622] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6167'. [ 157.959018][T18622] bond4 (unregistering): Released all slaves [ 157.999249][T18697] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6171'. [ 158.187400][T18747] loop1: detected capacity change from 0 to 512 [ 158.194461][T18747] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 158.206036][T18747] EXT4-fs (loop1): 1 truncate cleaned up [ 158.212273][T18747] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.237953][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.343691][T18769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6196'. [ 158.383677][T18777] netlink: 'syz.1.6200': attribute type 1 has an invalid length. [ 158.413409][T18787] netlink: 'syz.1.6204': attribute type 27 has an invalid length. [ 158.425532][T18787] $H: left promiscuous mode [ 158.430394][T18787] bond_slave_0: left promiscuous mode [ 158.436203][T18787] bond_slave_1: left promiscuous mode [ 158.444922][T18787] macvlan2: left promiscuous mode [ 158.450114][T18787] bridge1: left promiscuous mode [ 158.455238][T18787] ip6gre1: left allmulticast mode [ 158.460815][T18787] bond2: left promiscuous mode [ 158.465616][T18787] bond3: left promiscuous mode [ 158.495408][T18790] 8021q: adding VLAN 0 to HW filter on device team0 [ 158.504979][T18790] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 158.525554][T18792] ALSA: seq fatal error: cannot create timer (-16) [ 158.595931][T18811] netlink: 'syz.0.6212': attribute type 13 has an invalid length. [ 158.623751][T18810] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 158.630293][T18810] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 158.638076][T18810] vhci_hcd vhci_hcd.0: Device attached [ 158.654533][T18816] vhci_hcd: connection closed [ 158.657161][ T9208] vhci_hcd: stop threads [ 158.666213][ T9208] vhci_hcd: release socket [ 158.670763][ T9208] vhci_hcd: disconnect device [ 158.833824][T18840] infiniband syz!: set down [ 158.838363][T18840] infiniband syz!: added team_slave_0 [ 158.844456][T18840] syz!: rxe_create_qp: returned err = -2 [ 158.850170][T18840] infiniband syz!: Couldn't create ib_mad QP1 [ 158.857907][T18840] infiniband syz!: Couldn't open port 1 [ 158.881706][T18840] RDS/IB: syz!: added [ 158.882893][T18851] sg_write: data in/out 49276/12 bytes for SCSI command 0x6-- guessing data in; [ 158.882893][T18851] program syz.1.6227 not setting count and/or reply_len properly [ 158.887459][T18840] smc: adding ib device syz! with port count 1 [ 158.916047][T18840] smc: ib device syz! port 1 has no pnetid [ 158.960763][T18862] SELinux: Context system_u:object_r:system_cron_spool_t:s0 is not valid (left unmapped). [ 159.023241][T18870] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6235'. [ 159.178444][T18890] loop2: detected capacity change from 0 to 512 [ 159.226963][T18890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.250407][T18890] ext4 filesystem being mounted at /1240/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 159.295633][T18890] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #12: comm syz.2.6245: invalid size [ 159.348606][T18890] EXT4-fs (loop2): Remounting filesystem read-only [ 159.394641][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.410592][ T42] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 159.640824][T18978] loop1: detected capacity change from 0 to 164 [ 159.648567][T18982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6277'. [ 159.657580][T18982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6277'. [ 159.677554][T18978] Unable to read rock-ridge attributes [ 159.689705][T18978] Unable to read rock-ridge attributes [ 159.740779][T18982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6277'. [ 159.749765][T18982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6277'. [ 159.776552][T19001] ip6gre3: entered promiscuous mode [ 159.781917][T19001] ip6gre3: entered allmulticast mode [ 159.798794][T19001] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 159.809884][ T9250] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 159.817462][ T9250] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 159.834888][ T3423] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 159.850059][T19012] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 159.850059][T19012] program syz.3.6283 not setting count and/or reply_len properly [ 159.882850][T19015] 9pnet_fd: Insufficient options for proto=fd [ 159.900487][ T3423] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 160.034676][T19033] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 160.110265][ T36] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 160.587416][T19139] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6340'. [ 160.605766][T19139] netem: change failed [ 160.634839][T19147] Failed to initialize the IGMP autojoin socket (err -2) [ 160.666287][T19162] syzkaller1: entered promiscuous mode [ 160.671802][T19162] syzkaller1: entered allmulticast mode [ 160.828370][T19197] loop1: detected capacity change from 0 to 128 [ 160.836848][T19197] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 160.900586][T19197] loop1: detected capacity change from 128 to 0 [ 160.905499][T19214] EXT4-fs error (device loop1): __ext4_find_entry:1615: inode #2: comm syz.1.6360: reading directory lblock 0 [ 160.919487][T19214] Buffer I/O error on dev loop1, logical block 1, lost sync page write [ 160.927961][T19214] EXT4-fs (loop1): I/O error while writing superblock [ 160.944844][ T3316] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block [ 160.982534][ T9250] EXT4-fs error (device loop1): __ext4_get_inode_loc_noinmem:4955: inode #12: block 36: comm kworker/u8:49: unable to read itable block [ 160.996792][ T9250] Buffer I/O error on dev loop1, logical block 1, lost sync page write [ 161.005416][ T9250] EXT4-fs (loop1): I/O error while writing superblock [ 161.012861][ T7508] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 161.030521][ T7508] Buffer I/O error on dev loop1, logical block 1, lost sync page write [ 161.038862][ T7508] EXT4-fs (loop1): I/O error while writing superblock [ 161.147194][ T29] kauditd_printk_skb: 587 callbacks suppressed [ 161.147208][ T29] audit: type=1400 audit(417.121:7847): avc: denied { create } for pid=19241 comm="syz.0.6378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 161.180786][ T29] audit: type=1400 audit(417.121:7848): avc: denied { write } for pid=19241 comm="syz.0.6378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 161.239355][ T29] audit: type=1326 audit(417.211:7849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19250 comm="syz.0.6383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 161.262399][ T29] audit: type=1326 audit(417.211:7850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19250 comm="syz.0.6383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 161.285304][ T29] audit: type=1326 audit(417.211:7851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19250 comm="syz.0.6383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 161.308262][ T29] audit: type=1326 audit(417.211:7852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19250 comm="syz.0.6383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 161.331258][ T29] audit: type=1326 audit(417.211:7853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19250 comm="syz.0.6383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 161.354640][ T29] audit: type=1400 audit(417.211:7854): avc: denied { mounton } for pid=19255 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 161.447023][ T42] netdevsim netdevsim1 eth9: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.464149][ T42] netdevsim netdevsim1 eth10: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.472682][ T42] netdevsim netdevsim1 eth11: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.485284][T19255] Failed to initialize the IGMP autojoin socket (err -2) [ 161.499756][ T9238] netdevsim netdevsim1 eth12: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.505582][ T29] audit: type=1400 audit(417.481:7855): avc: denied { write } for pid=19302 comm="syz.2.6393" name="file0" dev="tmpfs" ino=6468 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 161.530072][ T29] audit: type=1400 audit(417.481:7856): avc: denied { open } for pid=19302 comm="syz.2.6393" path="/1256/file0" dev="tmpfs" ino=6468 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 161.643174][ T1784] $H (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.652866][ T1784] $H (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.662266][ T1784] $H (unregistering): Released all slaves [ 161.670541][ T1784] bond1 (unregistering): Released all slaves [ 161.679201][ T1784] bond2 (unregistering): (slave bond3): Releasing backup interface [ 161.687516][ T1784] bond2 (unregistering): Released all slaves [ 161.694771][T19317] IPv6: NLM_F_CREATE should be specified when creating new route [ 161.695904][ T1784] bond3 (unregistering): Released all slaves [ 161.809856][ T1784] hsr_slave_0: left promiscuous mode [ 161.821300][ T1784] hsr_slave_1: left promiscuous mode [ 161.827294][ T1784] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.844264][ T1784] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 161.899110][ T1784] team0 (unregistering): Port device team_slave_1 removed [ 161.908647][ T1784] team0 (unregistering): Port device team_slave_0 removed [ 162.013337][T19329] Failed to initialize the IGMP autojoin socket (err -2) [ 162.192650][T19398] netlink: 83992 bytes leftover after parsing attributes in process `syz.6.6428'. [ 162.210533][T19387] Failed to initialize the IGMP autojoin socket (err -2) [ 162.212362][T19398] netlink: zone id is out of range [ 162.219018][ T1784] IPVS: stop unused estimator thread 0... [ 162.222706][T19398] netlink: zone id is out of range [ 162.233865][T19398] netlink: zone id is out of range [ 162.239052][T19398] netlink: zone id is out of range [ 162.251737][T19398] netlink: set zone limit has 8 unknown bytes [ 162.330440][T19415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6432'. [ 162.339469][T19415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6432'. [ 162.361347][T19417] Failed to initialize the IGMP autojoin socket (err -2) [ 162.390449][T19415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6432'. [ 162.399390][T19415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6432'. [ 162.427601][T19426] Failed to initialize the IGMP autojoin socket (err -2) [ 162.460487][T19445] loop2: detected capacity change from 0 to 128 [ 162.801163][T19453] syz.2.6435: attempt to access beyond end of device [ 162.801163][T19453] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 162.814601][T19453] Buffer I/O error on dev loop2, logical block 128, lost async page write [ 162.823473][T19445] syz.2.6435: attempt to access beyond end of device [ 162.823473][T19445] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 162.836996][T19445] Buffer I/O error on dev loop2, logical block 128, lost async page write [ 163.059041][T19478] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 163.117212][T19472] Failed to initialize the IGMP autojoin socket (err -2) [ 163.913262][T19506] Failed to initialize the IGMP autojoin socket (err -2) [ 164.746034][T19528] Failed to initialize the IGMP autojoin socket (err -2) [ 165.691326][T19568] macvtap0: entered promiscuous mode [ 165.697222][T19568] macvtap0: left promiscuous mode [ 165.702346][T19566] loop3: detected capacity change from 0 to 2048 [ 165.718450][T19558] Failed to initialize the IGMP autojoin socket (err -2) [ 165.736082][T19566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.804614][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.854373][T19592] loop3: detected capacity change from 0 to 512 [ 165.862394][T19592] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.6480: inode has both inline data and extents flags [ 165.875762][T19592] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.6480: couldn't read orphan inode 15 (err -117) [ 165.888520][T19592] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.998633][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.711132][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 166.711146][ T29] audit: type=1400 audit(422.691:7921): avc: denied { load_policy } for pid=19610 comm="syz.6.6486" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 166.712524][T19611] SELinux: ebitmap: truncated map [ 166.757083][ T29] audit: type=1326 audit(422.731:7922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19619 comm="syz.0.6489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 166.763270][T19611] SELinux: failed to load policy [ 166.780035][ T29] audit: type=1326 audit(422.731:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19619 comm="syz.0.6489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 166.807751][ T29] audit: type=1326 audit(422.731:7924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19619 comm="syz.0.6489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 166.838414][ T29] audit: type=1326 audit(422.791:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19619 comm="syz.0.6489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff36a9ff6c9 code=0x7ffc0000 [ 166.932836][T19616] Failed to initialize the IGMP autojoin socket (err -2) [ 166.944741][T19641] Bluetooth: hci0: Frame reassembly failed (-84) [ 166.954571][ T9238] Bluetooth: hci0: Frame reassembly failed (-84) [ 166.980614][T19656] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 167.945304][T19669] loop3: detected capacity change from 0 to 256 [ 167.970155][T19669] FAT-fs (loop3): bogus number of FAT sectors [ 167.976255][T19669] FAT-fs (loop3): Can't find a valid FAT filesystem [ 168.005592][T19673] Failed to initialize the IGMP autojoin socket (err -2) [ 168.049970][T19699] Failed to initialize the IGMP autojoin socket (err -2) [ 168.058118][T19696] 9pnet_fd: Insufficient options for proto=fd [ 168.990224][ T4411] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 168.990236][ T3714] Bluetooth: hci0: command 0x1003 tx timeout [ 169.111018][ T29] audit: type=1326 audit(425.081:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19712 comm="syz.6.6522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 169.157418][ T29] audit: type=1326 audit(425.081:7927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19712 comm="syz.6.6522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 169.180325][ T29] audit: type=1326 audit(425.111:7928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19712 comm="syz.6.6522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 169.203195][ T29] audit: type=1326 audit(425.111:7929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19712 comm="syz.6.6522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 169.226079][ T29] audit: type=1326 audit(425.111:7930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19712 comm="syz.6.6522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6531d6f6c9 code=0x7ffc0000 [ 169.331735][T19717] Failed to initialize the IGMP autojoin socket (err -2) [ 169.341736][T19748] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6533'. [ 169.350709][T19748] netlink: 108 bytes leftover after parsing attributes in process `syz.2.6533'. [ 169.359952][T19748] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6533'. [ 169.369111][T19748] netlink: 108 bytes leftover after parsing attributes in process `syz.2.6533'. [ 169.378295][T19748] netlink: 84 bytes leftover after parsing attributes in process `syz.2.6533'. [ 169.444098][T19761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6541'. [ 170.661557][T19786] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6549'. [ 170.690315][T19791] vlan0: entered allmulticast mode [ 170.695589][T19791] bridge_slave_0: entered allmulticast mode [ 170.727894][T19779] Failed to initialize the IGMP autojoin socket (err -2) [ 171.170259][T19814] ================================================================== [ 171.178374][T19814] BUG: KCSAN: data-race in touch_atime / touch_atime [ 171.185061][T19814] [ 171.187371][T19814] write to 0xffff8881046cdb18 of 4 bytes by task 19813 on cpu 1: [ 171.195065][T19814] touch_atime+0x1e8/0x340 [ 171.199479][T19814] shmem_file_read_iter+0x477/0x540 [ 171.204671][T19814] copy_splice_read+0x442/0x660 [ 171.209517][T19814] splice_direct_to_actor+0x290/0x680 [ 171.214878][T19814] do_splice_direct+0xda/0x150 [ 171.219638][T19814] do_sendfile+0x380/0x650 [ 171.224140][T19814] __x64_sys_sendfile64+0x105/0x150 [ 171.229341][T19814] x64_sys_call+0x2bb4/0x3000 [ 171.234018][T19814] do_syscall_64+0xd2/0x200 [ 171.238531][T19814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.244424][T19814] [ 171.246735][T19814] read to 0xffff8881046cdb18 of 4 bytes by task 19814 on cpu 0: [ 171.254363][T19814] touch_atime+0x194/0x340 [ 171.258784][T19814] shmem_file_read_iter+0x477/0x540 [ 171.263970][T19814] copy_splice_read+0x442/0x660 [ 171.268814][T19814] splice_direct_to_actor+0x290/0x680 [ 171.274179][T19814] do_splice_direct+0xda/0x150 [ 171.278939][T19814] do_sendfile+0x380/0x650 [ 171.283359][T19814] __x64_sys_sendfile64+0x105/0x150 [ 171.288547][T19814] x64_sys_call+0x2bb4/0x3000 [ 171.293216][T19814] do_syscall_64+0xd2/0x200 [ 171.297715][T19814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.303600][T19814] [ 171.305906][T19814] value changed: 0x087310e8 -> 0x090ba768 [ 171.311603][T19814] [ 171.313911][T19814] Reported by Kernel Concurrency Sanitizer on: [ 171.320054][T19814] CPU: 0 UID: 0 PID: 19814 Comm: syz.0.6556 Not tainted syzkaller #0 PREEMPT(voluntary) [ 171.329851][T19814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 171.339893][T19814] ================================================================== SYZFAIL: failed to send rpc fd=3 want=328 sent=0 n=-1 (errno 32: Broken pipe) [ 172.036470][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 172.036485][ T29] audit: type=1400 audit(428.001:7972): avc: denied { write } for pid=3284 comm="syz-executor" path="pipe:[2447]" dev="pipefs" ino=2447 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 172.128657][ T29] audit: type=1326 audit(428.091:7973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19816 comm="syz.2.6558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 172.151599][ T29] audit: type=1326 audit(428.091:7974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19816 comm="syz.2.6558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 172.174581][ T29] audit: type=1326 audit(428.091:7975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19816 comm="syz.2.6558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 172.197436][ T29] audit: type=1326 audit(428.091:7976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19816 comm="syz.2.6558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 172.220320][ T29] audit: type=1326 audit(428.091:7977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19816 comm="syz.2.6558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e8da6f6c9 code=0x7ffc0000 [ 172.470380][ T9208] netdevsim netdevsim0 eth13: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.479010][ T9208] netdevsim netdevsim0 eth14: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.495371][ T9208] netdevsim netdevsim0 eth15: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.651683][ T42] $H (unregistering): (slave bond_slave_0): Releasing backup interface [ 172.660394][ T42] bond_slave_0: left promiscuous mode [ 172.666344][ T42] $H (unregistering): (slave bond_slave_1): Releasing backup interface [ 172.675104][ T42] bond_slave_1: left promiscuous mode [ 172.680852][ T42] $H (unregistering): Released all slaves [ 172.688442][ T9208] netdevsim netdevsim0 eth16: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.758463][ T42] hsr_slave_0: left promiscuous mode [ 172.764084][ T42] hsr_slave_1: left promiscuous mode [ 172.769992][ T42] pim6reg (unregistering): left allmulticast mode [ 172.806029][ T42] team0 (unregistering): Port device team_slave_1 removed [ 172.814976][ T42] team0 (unregistering): Port device team_slave_0 removed [ 173.335724][ T9208] netdevsim netdevsim2 eth17: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.346601][ T9250] netdevsim netdevsim2 eth18: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.357408][ T1784] netdevsim netdevsim2 eth19: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.368565][ T1784] netdevsim netdevsim2 eth20: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.575432][ T9208] netdevsim netdevsim3 eth21: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.586322][ T1784] netdevsim netdevsim3 eth22: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.597537][ T1784] netdevsim netdevsim3 eth23: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.608538][ T1784] netdevsim netdevsim3 eth24: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.682449][ T42] $H (unregistering): (slave bond_slave_0): Releasing backup interface [ 173.691194][ T42] bond_slave_0: left promiscuous mode [ 173.697139][ T42] $H (unregistering): (slave bond_slave_1): Releasing backup interface [ 173.705992][ T42] bond_slave_1: left promiscuous mode [ 173.711979][ T42] $H (unregistering): (slave dummy0): Releasing backup interface [ 173.720289][ T42] dummy0: left promiscuous mode [ 173.725703][ T42] $H (unregistering): Released all slaves [ 173.733714][ T42] bond0 (unregistering): (slave bond1): Releasing backup interface [ 173.741664][ T42] bond1 (unregistering): left promiscuous mode [ 173.748183][ T42] bond0 (unregistering): Released all slaves [ 173.755921][ T42] bond1 (unregistering): Released all slaves [ 173.778103][ T42] .` (unregistering): (slave bond_slave_0): Releasing backup interface [ 173.787121][ T42] .` (unregistering): (slave bond_slave_1): Releasing backup interface [ 173.795855][ T42] .` (unregistering): Released all slaves [ 173.803949][ T42] bond1 (unregistering): Released all slaves [ 173.812309][ T42] bond0 (unregistering): (slave bond2): Releasing backup interface [ 173.820246][ T42] bond2 (unregistering): left promiscuous mode [ 173.826734][ T42] bond0 (unregistering): Released all slaves [ 173.834687][ T42] bond2 (unregistering): Released all slaves [ 173.864257][ T42] tipc: Left network mode [ 173.868763][ T42] tipc: Left network mode [ 173.899468][ T42] hsr_slave_0: left promiscuous mode [ 173.905125][ T42] hsr_slave_1: left promiscuous mode [ 173.912008][ T42] hsr_slave_0: left promiscuous mode [ 173.917494][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.925027][ T42] batman_adv: batadv0: Interface deactivated: dummy0 [ 173.931731][ T42] batman_adv: batadv0: Removing interface: dummy0 [ 173.941539][ T42] pim6reg (unregistering): left allmulticast mode [ 173.967409][ T42] team0 (unregistering): Port device team_slave_1 removed [ 173.976560][ T42] team0 (unregistering): Port device team_slave_0 removed [ 174.002201][ T42] pim6reg (unregistering): left allmulticast mode [ 174.023634][ T42] team0 (unregistering): Port device team_slave_1 removed [ 174.033158][ T42] team0 (unregistering): Port device team_slave_0 removed [ 174.041372][ T9208] smc: removing ib device syz!