last executing test programs: 8.520134805s ago: executing program 3 (id=1833): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, 0x0, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000180)='i=Ov:cb2e\xdf\xff\xff\x04\x00\xff\xff\xff') getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)={0x0, @remote, @multicast1}, &(0x7f0000000040)=0xc) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) 5.620192081s ago: executing program 3 (id=1843): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]}) ppoll(&(0x7f0000000c80)=[{}], 0x1, &(0x7f0000000cc0)={0x0, 0x989680}, 0x0, 0x0) 5.539857963s ago: executing program 3 (id=1847): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x2) symlink(0x0, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') link(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0) 5.389720145s ago: executing program 3 (id=1854): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) 5.333305147s ago: executing program 3 (id=1858): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r0 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) open(&(0x7f0000000380)='./file0\x00', 0x80ff, 0x29c) r3 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f00000002c0)=[@in6={0xa, 0x4e21, 0x0, @mcast1, 0x8d43}], 0x1c) r4 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setlease(r4, 0x400, 0x1) openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1300, 0x1d) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) fcntl$setlease(r4, 0x400, 0x300000000000000) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x1b}) io_uring_enter(r0, 0x47f6, 0x0, 0x24, 0x0, 0x0) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040090}, 0x2400c8c1) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r6, 0x40086602, &(0x7f0000000000)) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1/file4/file5\x00', 0x1c6) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) 5.211354699s ago: executing program 3 (id=1859): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001280)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='9p_client_res\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18) clock_gettime(0x0, 0x0) futimesat(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) 2.159859638s ago: executing program 0 (id=1901): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_usb_disconnect(0xffffffffffffffff) pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18060b00000000a4af000000000000001801000020207013abfa9a685c61c1cd2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b7030000000000008dbde98e88129a07eac6"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc8c025a09d4f7bb6, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @value=r2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x3b) fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d) close_range(r4, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.421370903s ago: executing program 4 (id=1919): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0xffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = io_uring_setup(0x7cac, &(0x7f00000000c0)={0x0, 0x753a, 0x8, 0x3, 0x1fd}) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0683, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 1.388170964s ago: executing program 0 (id=1920): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r0, 0x0, 0x1000}, 0x18) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = socket(0x10, 0x803, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x50, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r5, {0xfff2, 0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054) 1.099888249s ago: executing program 0 (id=1922): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) 977.334981ms ago: executing program 0 (id=1924): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/18, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r4 = add_key$keyring(&(0x7f0000000080), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000180)='i=Ov:cb2e\xdf\xff\xff\x04\x00\xff\xff\xff') 764.241445ms ago: executing program 2 (id=1927): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0) ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1) ioctl$PPPIOCGFLAGS1(r1, 0x8004745a, &(0x7f00000001c0)) 745.155515ms ago: executing program 0 (id=1928): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x18) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x58, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xfff2, 0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_EMATCHES={0x24, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054) 700.921006ms ago: executing program 1 (id=1929): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r1, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd, &(0x7f0000000540)=[{}, {}], 0x10, 0x10, &(0x7f00000006c0), &(0x7f00000007c0), 0x8, 0x81, 0x8, 0x8, &(0x7f0000000800)}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r5, &(0x7f0000000180), 0x40010) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r7, 0x0, 0xffffffffffffffff}, 0x18) set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f00000005c0)=ANY=[@ANYBLOB="180800001bc81a000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608fcff00000101180000000000000000000000000000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94) r8 = io_uring_setup(0x7d1, &(0x7f0000000580)={0x0, 0xddf9, 0x2, 0xfffffffe, 0x183}) io_setup(0x1, &(0x7f00000004c0)=0x0) close_range(r8, r8, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x7, 0x80}, 0x0, 0x10000, 0x0, 0x8, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r11, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x14, 0x19, {0xffff8000, 0x4, 0x0, 0x2}}}}, 0x30}}, 0x2c040090) r12 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000000000000000031d0851000000600000018040000", @ANYRES32, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b502000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x2, &(0x7f0000000340)=""/206}, 0x90) syz_emit_ethernet(0x4e, &(0x7f0000000400)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x18, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x20}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x2}, @generic={0xfe, 0x2}]}}}}}}}}, 0x0) setsockopt$inet_int(r12, 0x0, 0x3, &(0x7f0000000180)=0x4, 0x4) connect$inet(r12, &(0x7f0000000080)={0x2, 0x4e22, @loopback}, 0x10) io_submit(r9, 0x1, &(0x7f0000000700)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r8, 0x0, 0x20}]) 620.565628ms ago: executing program 0 (id=1930): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_usb_disconnect(0xffffffffffffffff) pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18060b00000000a4af000000000000001801000020207013abfa9a685c61c1cd2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b7030000000000008dbde98e88129a07eac6"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc8c025a09d4f7bb6, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @value=r2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x3b) fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d) close_range(r4, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 620.257368ms ago: executing program 2 (id=1931): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000500)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x200}, &(0x7f00000000c0)=0x8) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = io_uring_setup(0x2625, &(0x7f0000000240)={0x0, 0xfffffffd, 0x40, 0x1, 0x4000159}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='net/sockstat\x00') close_range(r3, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4c}, 0x94) 528.57134ms ago: executing program 2 (id=1932): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000440)='mm_page_free\x00', r0, 0x0, 0x1000}, 0x18) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = socket(0x10, 0x803, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x50, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r5, {0xfff2, 0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054) 528.21145ms ago: executing program 4 (id=1933): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) sendmmsg$inet(r0, &(0x7f0000001480)=[{{&(0x7f0000000100)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r0, 0x0, 0x0, 0x1200001c, 0x0, 0x0) 456.312701ms ago: executing program 4 (id=1934): r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pread64(r0, &(0x7f00000004c0)=""/62, 0x3e, 0x6) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, r1, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffc, 0xfffffffb}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18) r4 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xac, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r5, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8, 0xb, 0xe}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x1]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xac}}, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f00000000c0), 0x10) r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r7) sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0136e6000000000000000300000008000134a732a9d7a5c08556c384a1205f55d57b15788bd2b47b149a91c0bc29bcfb927735bc3c13551927a5b1a291d13e65a2ae7c2c1c13ebd39686d25c1413bfaac89cbc47a8c40ee06e10eda8a31e1a87dfb37653cdfcd2a6bed9b181e6fe23bd2bf2ce173acc3e62d707f241fd9282aca7b6a800e8b5b8d09c4c5b035fdfedfb567e26e0e0399ef291a5a36789658021b6ce0839b0f0f5f6ec1cb4fe4c6c0f4312182fb14553bfa6a60e6f07330a7614"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x0) add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff) 455.727302ms ago: executing program 4 (id=1935): perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb376}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x34000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x2}, 0x0, 0xc8, 0xfffffffe, 0x2, 0x9, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x58, 0x4, 0x5}, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000280)={0x1, 0x1f, "10527c404886dc89a3382b064c3862007d6ba12c9993543a17baba0d5bbd28"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[], 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x3, 0x7ffc0001}]}) alarm(0x9) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x25, 0x2000, @fd, 0xb, 0x5, 0x8020, 0x7, 0x1, {0x2}}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000003000200000200000089000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000004401050000000000000000000000000000000000000000003200000000000000ac090000000000000000000000000000000000000000ff000000000000000000fdfffffffc02000000000000000000000000000000000000320000000000000000000000000000000000ffffac1414bb000000000000000000000000000000000000000000000000000000000000000000000001000000003c0000000200000000000000000000000000000000000000000000000103400000000000000000000000000000000000000000000000000000000000000000002b00000002000000ac141400000000000000000000000000ffffffff0000000000000000000000000000000020010000000000000000000000000001000000803c00000003000000fe88000000000000000000000000fd0100000000040200000000000000000000000000006d7f470bc36f7020a8da20b7ca4eecbc198dee75574ae7909bd576c7074e236f5839a4f90035aff143dd31e99df0d96d244a72dbb97a82de554897a9d5ffa1fac8286f9239e494f6effa6d26da962f8f"], 0x1fc}}, 0x0) unshare(0x66000080) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0x503, 0x0, 0x0, {}, [{0x8, 0x1, 0x2}]}, 0x20}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) creat(&(0x7f00000000c0)='./file0\x00', 0x0) r6 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x20, 0x0, 0x40000334}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x104, &(0x7f0000000180), 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x8, 0x0, @fd=r3, 0x6, 0x0, 0x0, 0x11}) io_uring_enter(r6, 0x847ba, 0x0, 0xe, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18) socket$inet6_mptcp(0xa, 0x1, 0x106) 421.937042ms ago: executing program 1 (id=1936): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000040)=""/32) 420.937232ms ago: executing program 2 (id=1937): r0 = socket$inet(0x2, 0xa, 0x2) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x4e21, @multicast2}, {0x2, 0x4e24, @private=0xa010102}, {0x2, 0x4e20, @broadcast}, 0x29, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1ff, 0x3, 0x1}) 394.084413ms ago: executing program 1 (id=1938): mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) lstat(&(0x7f0000000440)='./file0\x00', 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000140)={0x3ff, 0x0, &(0x7f00000000c0)=[r2]}, 0x1) 388.038383ms ago: executing program 2 (id=1939): r0 = socket(0x10, 0x80002, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v'], 0x1c}}, 0x0) ioctl$sock_SIOCBRDELBR(r1, 0x89a2, &(0x7f0000000000)='bridge0\x00') sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002000)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=") r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) sendfile(r5, r5, 0x0, 0x800000009) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r7, &(0x7f0000000080)={0x0, 0xf0, &(0x7f0000000000)=[{&(0x7f00000001c0)="8f00000014006b05c84e21000ab16d8b230675f802000000440002005817530461bc24eeb556a705251e6182149a36c23d3b48dfd8cd81bf9367b098fa51f60a64c9f4080000000000b6c0504bb9189d9193e9bd1c1b7376dc5214168eab57c736b13ae90298536c3aa6b230606b45823c8f8e9616afbb519374c3e3875b0f3252fc5dfbc28369efcd300a95fcfcda", 0x8f}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8094) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="8f00000015006b05c84e21000ab16d8b230675f802000000440002005805530461bc24eeb556a705251e6182149a36c23d1b48dfd8cd81bf9367b098fa51f60a64c9f4080000000000b6c0504bb9189d9193e9bd1c1b7376dc5214168eab57c736b13ae90298536c3aa6b230606b45823c8f8e9616afbb519374c3e3875b0f3252fc5dfbc28369efcd300a95fcfcda", 0x8f}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8094) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0x8001, &(0x7f00000000c0)={[0x80000001]}, 0x7) r11 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000300240248ff050005001200", 0x2e}], 0x1}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 376.232263ms ago: executing program 1 (id=1940): mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x80, 0x0, 0x300, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x4048800) 269.895545ms ago: executing program 4 (id=1941): munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) (async) r0 = shmget$private(0x0, 0x4000, 0xa0, &(0x7f0000321000/0x4000)=nil) (async) syz_emit_ethernet(0x18a, &(0x7f0000000680)=ANY=[@ANYBLOB="ffffffffffff00000000000088a80000810000000800463e01740064000008119078ac1414aaffffffff890fd518af52a0da17ed5686a41cf3071737e00000010a010101e0000001ac1e01016401010144145de1ac1414bb00000000ac14142700010001443471130a01010200000007ac1414bb00000000ffffffff000000056401010000000009e000000100000005ac1e00010000000644208ab000000002fffffffe800000000000000800000fff000000ff00007fff8634000000010612a29bd36d75037d5ee95302a7f041083802020108923bb802e456020b6aed55b85f6a2672bb0607ca6bc79d4a00004e214e23009c90780100000001000000f0bd242e439533007ff6de24aa5485a56ab0fbb1efa3a7ee6e4c63d3e4507407fc773f482f9fae83ffb1eea2fe21974045e8d01426143593764fa01139e0addf4d45ebac2f8cf63d9ef74c2282ddcb7d771530da95ec52e51870fcfc6725d3c7cc3316a1e2d43018a5844a87cdfdbc89246a4c9e2219ff2f68853810803b8d99ba8842f2f7acf855f05cda10a0140b0a457d3623e1f1"], 0x0) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18) (async) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000000a0a0108000000000000000800000001"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000004) (async) setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_emit_ethernet(0x1000e, 0x0, 0x0) shmat(r0, &(0x7f0000001000/0x4000)=nil, 0x1000) (async) sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b100050400000400000000000700000033", 0xfffffffffffffdfc, 0x0, 0x0, 0x0) (async) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) r4 = shmget$private(0x0, 0x2000, 0x108, &(0x7f0000323000/0x2000)=nil) shmctl$IPC_SET(r4, 0x1, &(0x7f0000000000)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x5f, 0xf0}, 0xfffffffd, 0xff7e, 0x0, 0xffffffffffffffff, 0x2280, 0x0, 0x2}) (async) r5 = socket$inet_sctp(0x2, 0x5, 0x84) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r6, 0x0) (async) close(0x3) (async) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in={{0x2, 0x4e21, @remote}}}, &(0x7f0000000040)=0xcb) getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f00000000c0)={r8, 0x9, 0x2, 0xffffff01, 0x80000000, 0x4}, &(0x7f0000000100)=0x14) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000240)={0xff, 0x0, 0xf, 0x17, r9}, &(0x7f00000002c0)=0x10) (async) setuid(0xee01) shmat(r4, &(0x7f00003e5000/0x1000)=nil, 0x2000) msync(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="796edbe1ff000000000002000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r11, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 269.406875ms ago: executing program 1 (id=1942): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) 268.908415ms ago: executing program 4 (id=1943): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0, 0x0, 0xfffffffffffffffc}, 0x18) r1 = io_uring_setup(0x6dc6, &(0x7f00000001c0)={0x0, 0xcf51, 0x400, 0x2}) r2 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x80050, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8233, 0x2}, 0x0, 0x100000000, 0x9, 0x0, 0x2000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffff9e}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$getregset(0x4204, r3, 0x202, &(0x7f0000000140)={0x0}) capset(&(0x7f00000000c0)={0x19980330, r3}, &(0x7f0000000100)={0x70, 0x5, 0x0, 0x7862, 0x2c}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0xfffffff8, 0x7, 0x4, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, r2, 0x3) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) bind$tipc(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x74, r6, {0xb, 0xffeb}, {0xfff1, 0xfff2}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x20000050) socketpair(0x18, 0x1, 0x3, &(0x7f00000005c0)) close_range(r1, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r7 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r8, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)=""/47, 0x2f}, {&(0x7f0000000480)=""/187, 0xbb}], 0x2, &(0x7f0000000800)=""/203, 0xfffffffffffffd6a}, 0x2}], 0x1, 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0) 208.451596ms ago: executing program 1 (id=1944): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) connect$unix(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x20240, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendfile(r2, r1, 0x0, 0x7ffff000) 0s ago: executing program 2 (id=1945): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x2, 0x18, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x4, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in=@broadcast}}]}, 0x78}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x204000) removexattr(&(0x7f00000004c0)='./file0\x00', 0x0) geteuid() r1 = io_uring_setup(0xfc6, &(0x7f00000002c0)={0x0, 0x6c02, 0x0, 0x0, 0x20000004}) lseek(0xffffffffffffffff, 0x1000000, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r2, 0xfffffffc) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)={0x30, r4, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x40) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x1802, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r6, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000) close_range(r1, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): k. [ 119.589214][ T5907] 9pnet_fd: Insufficient options for proto=fd [ 119.615257][ T5909] loop2: detected capacity change from 0 to 2048 [ 119.633131][ T5911] openvswitch: netlink: Message has 6 unknown bytes. [ 119.642206][ T5909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.699613][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.729596][ T5915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.832'. [ 119.836153][ T5930] netlink: 'syz.2.837': attribute type 39 has an invalid length. [ 119.989030][ T5939] $Hÿ: (slave macvlan1): Releasing backup interface [ 119.999968][ T5939] veth1_vlan: left allmulticast mode [ 120.026743][ T5939] netlink: 'syz.0.841': attribute type 10 has an invalid length. [ 120.034764][ T5939] netlink: 40 bytes leftover after parsing attributes in process `syz.0.841'. [ 120.044684][ T5939] batman_adv: batadv0: Adding interface: veth1_vlan [ 120.051310][ T5939] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.077668][ T5939] batman_adv: batadv0: Interface activated: veth1_vlan [ 120.097627][ T5943] 9pnet_fd: Insufficient options for proto=fd [ 120.168269][ T5958] netlink: 'syz.4.849': attribute type 39 has an invalid length. [ 120.200968][ T5960] loop0: detected capacity change from 0 to 2048 [ 120.230769][ T5968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.853'. [ 120.250688][ T5960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.426240][ T5979] lo speed is unknown, defaulting to 1000 [ 120.629964][ T5984] bond0: (slave dummy0): Releasing backup interface [ 120.692648][ T5985] netlink: 'syz.1.855': attribute type 10 has an invalid length. [ 120.700495][ T5985] netlink: 40 bytes leftover after parsing attributes in process `syz.1.855'. [ 120.800813][ T5984] bridge_slave_0: left allmulticast mode [ 120.806709][ T5984] bridge_slave_0: left promiscuous mode [ 120.812591][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.865110][ T5984] bridge_slave_1: left allmulticast mode [ 120.870821][ T5984] bridge_slave_1: left promiscuous mode [ 120.876703][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.889277][ T5984] bond0: (slave bond_slave_0): Releasing backup interface [ 120.909376][ T5984] bond0: (slave bond_slave_1): Releasing backup interface [ 120.946314][ T5984] team0: Port device team_slave_0 removed [ 120.967011][ T5984] team0: Port device team_slave_1 removed [ 120.985050][ T5984] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 120.992569][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 121.001931][ T5984] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.009419][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.098624][ T5985] batman_adv: batadv0: Adding interface: veth1_vlan [ 121.105318][ T5985] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.176380][ T5985] batman_adv: batadv0: Interface activated: veth1_vlan [ 121.307044][ T6004] netlink: 'syz.1.864': attribute type 39 has an invalid length. [ 121.317555][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.368943][ T6009] openvswitch: netlink: Message has 6 unknown bytes. [ 121.396025][ T6011] 9pnet_fd: Insufficient options for proto=fd [ 121.423200][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.867'. [ 121.698282][ T6019] loop2: detected capacity change from 0 to 2048 [ 121.716419][ T6019] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.891925][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.975837][ T6033] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 121.982996][ T6033] batman_adv: batadv0: Removing interface: veth1_vlan [ 122.032865][ T6033] netlink: 'syz.4.873': attribute type 10 has an invalid length. [ 122.040714][ T6033] netlink: 40 bytes leftover after parsing attributes in process `syz.4.873'. [ 122.051826][ T6039] netlink: 'syz.0.876': attribute type 39 has an invalid length. [ 122.076817][ T6033] batman_adv: batadv0: Adding interface: veth1_vlan [ 122.083498][ T6033] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 122.124696][ T6033] batman_adv: batadv0: Interface activated: veth1_vlan [ 122.243031][ T6053] loop3: detected capacity change from 0 to 2048 [ 122.257097][ T6053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.349196][ T6065] lo speed is unknown, defaulting to 1000 [ 122.429302][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.509962][ T6072] netlink: 4 bytes leftover after parsing attributes in process `syz.1.887'. [ 122.543683][ T29] kauditd_printk_skb: 164 callbacks suppressed [ 122.543700][ T29] audit: type=1326 audit(1757027499.648:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.654660][ T6078] netlink: 'syz.4.889': attribute type 39 has an invalid length. [ 122.665811][ T29] audit: type=1326 audit(1757027499.678:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.689337][ T29] audit: type=1326 audit(1757027499.678:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.713160][ T29] audit: type=1326 audit(1757027499.678:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.736690][ T29] audit: type=1326 audit(1757027499.678:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.760023][ T29] audit: type=1326 audit(1757027499.678:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.783674][ T29] audit: type=1326 audit(1757027499.678:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.807231][ T29] audit: type=1326 audit(1757027499.678:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.830579][ T29] audit: type=1326 audit(1757027499.678:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 122.854380][ T29] audit: type=1326 audit(1757027499.678:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6073 comm="syz.4.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 123.127722][ T6085] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 123.135418][ T6085] batman_adv: batadv0: Removing interface: veth1_vlan [ 123.165720][ T6085] netlink: 40 bytes leftover after parsing attributes in process `syz.1.891'. [ 123.176646][ T6085] batman_adv: batadv0: Adding interface: veth1_vlan [ 123.183763][ T6085] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.210686][ T6085] batman_adv: batadv0: Interface activated: veth1_vlan [ 123.470262][ T6094] openvswitch: netlink: Message has 6 unknown bytes. [ 123.719365][ T6104] loop3: detected capacity change from 0 to 2048 [ 123.736056][ T6104] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.764728][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.810398][ T6118] validate_nla: 1 callbacks suppressed [ 123.810417][ T6118] netlink: 'syz.3.901': attribute type 39 has an invalid length. [ 123.817008][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.902'. [ 123.856116][ T6121] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 123.863213][ T6121] batman_adv: batadv0: Removing interface: veth1_vlan [ 123.878541][ T6125] netlink: 'syz.0.904': attribute type 10 has an invalid length. [ 123.886514][ T6125] netlink: 40 bytes leftover after parsing attributes in process `syz.0.904'. [ 123.897043][ T6125] batman_adv: batadv0: Adding interface: veth1_vlan [ 123.903757][ T6125] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.931740][ T6125] batman_adv: batadv0: Interface activated: veth1_vlan [ 124.246199][ T6144] lo speed is unknown, defaulting to 1000 [ 124.397406][ T6147] loop4: detected capacity change from 0 to 2048 [ 124.440932][ T6147] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.874149][ T6170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.917'. [ 124.921069][ T6173] netlink: 'syz.2.918': attribute type 39 has an invalid length. [ 125.010089][ T6179] netlink: 'syz.2.919': attribute type 10 has an invalid length. [ 125.017978][ T6179] netlink: 40 bytes leftover after parsing attributes in process `syz.2.919'. [ 125.057575][ T6179] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 125.100151][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.169582][ T6187] openvswitch: netlink: Message has 6 unknown bytes. [ 125.306350][ T6195] netlink: 'syz.2.929': attribute type 39 has an invalid length. [ 125.431230][ T6200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.931'. [ 125.650145][ T6214] loop3: detected capacity change from 0 to 2048 [ 125.666101][ T6214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.692894][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.759896][ T6221] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 125.767193][ T6221] batman_adv: batadv0: Removing interface: veth1_vlan [ 125.784228][ T3399] lo speed is unknown, defaulting to 1000 [ 125.822757][ T6221] netlink: 'syz.3.936': attribute type 10 has an invalid length. [ 125.830758][ T6221] netlink: 40 bytes leftover after parsing attributes in process `syz.3.936'. [ 125.861552][ T6226] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 125.868649][ T6226] batman_adv: batadv0: Removing interface: veth1_vlan [ 125.889149][ T6227] netlink: 'syz.4.938': attribute type 10 has an invalid length. [ 125.897000][ T6227] netlink: 40 bytes leftover after parsing attributes in process `syz.4.938'. [ 125.898519][ T6221] batman_adv: batadv0: Adding interface: veth1_vlan [ 125.913025][ T6221] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 125.944562][ T6221] batman_adv: batadv0: Interface activated: veth1_vlan [ 125.954225][ T6227] batman_adv: batadv0: Adding interface: veth1_vlan [ 125.960972][ T6227] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 125.988596][ T6227] batman_adv: batadv0: Interface activated: veth1_vlan [ 125.996699][ T6231] netlink: 'syz.0.940': attribute type 39 has an invalid length. [ 126.140002][ T6248] netlink: 4 bytes leftover after parsing attributes in process `syz.4.948'. [ 126.160445][ T6253] loop0: detected capacity change from 0 to 2048 [ 126.175494][ T6253] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.252926][ T6258] lo speed is unknown, defaulting to 1000 [ 126.478179][ T6263] 9pnet: Could not find request transport: fd0x0000000000000004 [ 126.578654][ T6271] openvswitch: netlink: Message has 6 unknown bytes. [ 126.671466][ T6273] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 126.678739][ T6273] batman_adv: batadv0: Removing interface: veth1_vlan [ 126.736244][ T6274] netlink: 'syz.4.953': attribute type 10 has an invalid length. [ 126.795547][ T6274] batman_adv: batadv0: Adding interface: veth1_vlan [ 126.802241][ T6274] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.925927][ T6274] batman_adv: batadv0: Interface activated: veth1_vlan [ 126.945556][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.217908][ T6289] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 127.225168][ T6289] batman_adv: batadv0: Removing interface: veth1_vlan [ 127.247087][ T6295] netlink: 'syz.0.954': attribute type 39 has an invalid length. [ 127.681697][ T6296] batman_adv: batadv0: Adding interface: veth1_vlan [ 127.688423][ T6296] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.715181][ T6296] batman_adv: batadv0: Interface activated: veth1_vlan [ 127.758106][ T6312] 9pnet: Could not find request transport: fd0x0000000000000004 [ 127.788285][ T29] kauditd_printk_skb: 199 callbacks suppressed [ 127.788302][ T29] audit: type=1326 audit(1757027504.888:1997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.810961][ T6320] loop4: detected capacity change from 0 to 2048 [ 127.818814][ T29] audit: type=1326 audit(1757027504.888:1998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.830824][ T6318] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 127.856471][ T6318] batman_adv: batadv0: Removing interface: veth1_vlan [ 127.870434][ T29] audit: type=1326 audit(1757027504.968:1999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.894290][ T29] audit: type=1326 audit(1757027504.968:2000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.918097][ T29] audit: type=1326 audit(1757027504.968:2001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.941645][ T29] audit: type=1326 audit(1757027504.968:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.966696][ T29] audit: type=1326 audit(1757027504.968:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 127.991271][ T29] audit: type=1326 audit(1757027504.968:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 128.015541][ T29] audit: type=1326 audit(1757027504.968:2005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 128.038993][ T29] audit: type=1326 audit(1757027504.968:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.2.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 128.073776][ T6320] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.167340][ T6337] openvswitch: netlink: Message has 6 unknown bytes. [ 128.384232][ T6342] lo speed is unknown, defaulting to 1000 [ 128.722756][ T6351] __nla_validate_parse: 3 callbacks suppressed [ 128.722777][ T6351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.977'. [ 128.754517][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.100768][ T6359] 9pnet: Could not find request transport: fd0x0000000000000004 [ 129.200055][ T6364] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 129.207499][ T6364] batman_adv: batadv0: Removing interface: veth1_vlan [ 129.403481][ T6381] loop3: detected capacity change from 0 to 2048 [ 129.437498][ T6381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.462761][ T6385] validate_nla: 2 callbacks suppressed [ 129.462779][ T6385] netlink: 'syz.4.988': attribute type 39 has an invalid length. [ 129.520011][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.556206][ T6387] openvswitch: netlink: Message has 6 unknown bytes. [ 129.658000][ T6390] 9pnet_fd: Insufficient options for proto=fd [ 129.702772][ T6392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.992'. [ 129.877762][ T6403] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 129.885234][ T6403] batman_adv: batadv0: Removing interface: veth1_vlan [ 129.951908][ T6412] netlink: 'syz.1.998': attribute type 10 has an invalid length. [ 129.959919][ T6412] netlink: 40 bytes leftover after parsing attributes in process `syz.1.998'. [ 129.971741][ T6412] batman_adv: batadv0: Adding interface: veth1_vlan [ 129.978526][ T6412] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.006617][ T6412] batman_adv: batadv0: Interface activated: veth1_vlan [ 130.041051][ T6418] loop1: detected capacity change from 0 to 2048 [ 130.056191][ T6418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.092314][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.109753][ T6423] netlink: 'syz.3.1001': attribute type 39 has an invalid length. [ 130.229750][ T6430] 9pnet_fd: Insufficient options for proto=fd [ 130.333802][ T6438] lo speed is unknown, defaulting to 1000 [ 130.606254][ T6451] netlink: 'syz.4.1011': attribute type 10 has an invalid length. [ 130.614383][ T6451] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1011'. [ 130.741909][ T6454] loop1: detected capacity change from 0 to 2048 [ 130.772647][ T6450] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 130.779765][ T6450] batman_adv: batadv0: Removing interface: veth1_vlan [ 130.830358][ T6454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.860270][ T6467] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1014'. [ 130.900056][ T6451] batman_adv: batadv0: Adding interface: veth1_vlan [ 130.906766][ T6451] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.994217][ T6451] batman_adv: batadv0: Interface activated: veth1_vlan [ 131.035332][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.249025][ T6480] netlink: 'syz.1.1015': attribute type 39 has an invalid length. [ 131.344285][ T6486] 9pnet_fd: Insufficient options for proto=fd [ 131.396816][ T6488] openvswitch: netlink: Message has 6 unknown bytes. [ 131.613055][ T6497] loop3: detected capacity change from 0 to 2048 [ 131.636772][ T6497] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.681398][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.716232][ T6501] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1027'. [ 131.816301][ T6514] netlink: 'syz.0.1031': attribute type 39 has an invalid length. [ 131.847598][ T6518] 9pnet_fd: Insufficient options for proto=fd [ 131.864006][ T6513] netlink: 'syz.3.1030': attribute type 10 has an invalid length. [ 131.871996][ T6513] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1030'. [ 131.891881][ T6513] batman_adv: batadv0: Adding interface: veth1_vlan [ 131.898687][ T6513] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.925011][ T6513] batman_adv: batadv0: Interface activated: veth1_vlan [ 132.140864][ T6540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1042'. [ 132.171358][ T6543] loop4: detected capacity change from 0 to 2048 [ 132.215156][ T6546] lo speed is unknown, defaulting to 1000 [ 132.396246][ T6543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.428099][ T6558] 9pnet_fd: Insufficient options for proto=fd [ 132.559468][ T6562] netlink: 'syz.3.1046': attribute type 39 has an invalid length. [ 132.750894][ T6569] netlink: 'syz.3.1048': attribute type 10 has an invalid length. [ 132.758919][ T6569] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1048'. [ 132.815391][ T6567] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 132.822554][ T6567] batman_adv: batadv0: Removing interface: veth1_vlan [ 132.901401][ T6569] batman_adv: batadv0: Adding interface: veth1_vlan [ 132.908131][ T6569] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.938823][ T6569] batman_adv: batadv0: Interface activated: veth1_vlan [ 132.987644][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.213141][ T6585] openvswitch: netlink: Message has 6 unknown bytes. [ 133.260867][ T6587] 9pnet_fd: Insufficient options for proto=fd [ 133.327900][ T6591] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1058'. [ 133.608447][ T6598] netlink: 'syz.0.1059': attribute type 39 has an invalid length. [ 133.723585][ T6606] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 133.730936][ T6606] batman_adv: batadv0: Removing interface: veth1_vlan [ 133.754171][ T6612] loop0: detected capacity change from 0 to 2048 [ 133.762365][ T6606] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1063'. [ 133.772835][ T6606] batman_adv: batadv0: Adding interface: veth1_vlan [ 133.779604][ T6606] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.805696][ T6606] batman_adv: batadv0: Interface activated: veth1_vlan [ 133.813753][ T6612] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.850189][ T29] kauditd_printk_skb: 114 callbacks suppressed [ 133.850206][ T29] audit: type=1400 audit(1757027510.948:2121): avc: denied { mount } for pid=6620 comm="syz.3.1068" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 133.892101][ T29] audit: type=1400 audit(1757027510.988:2122): avc: denied { unmount } for pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 134.102847][ T6635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1074'. [ 134.177926][ T6639] lo speed is unknown, defaulting to 1000 [ 134.572003][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.991834][ T6659] validate_nla: 2 callbacks suppressed [ 134.991855][ T6659] netlink: 'syz.2.1081': attribute type 10 has an invalid length. [ 135.005408][ T6659] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1081'. [ 135.019586][ T6659] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 135.057173][ T6661] netlink: 'syz.2.1082': attribute type 39 has an invalid length. [ 135.171044][ T6667] openvswitch: netlink: Message has 6 unknown bytes. [ 135.683143][ T6670] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 135.690574][ T6670] batman_adv: batadv0: Removing interface: veth1_vlan [ 135.715647][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1089'. [ 135.756472][ T6682] loop3: detected capacity change from 0 to 2048 [ 135.775931][ T6682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.804759][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.885921][ T6696] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 135.893029][ T6696] batman_adv: batadv0: Removing interface: veth1_vlan [ 135.918226][ T6696] netlink: 'syz.1.1093': attribute type 10 has an invalid length. [ 135.926162][ T6696] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1093'. [ 135.938039][ T6696] batman_adv: batadv0: Adding interface: veth1_vlan [ 135.944834][ T6696] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.971055][ T6696] batman_adv: batadv0: Interface activated: veth1_vlan [ 136.121666][ T6711] netlink: 'syz.2.1098': attribute type 39 has an invalid length. [ 136.134207][ T29] audit: type=1326 audit(1757027513.238:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6712 comm="syz.3.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 136.158500][ T29] audit: type=1326 audit(1757027513.258:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6712 comm="syz.3.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 136.182256][ T29] audit: type=1326 audit(1757027513.288:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6712 comm="syz.3.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 136.229231][ T6716] lo speed is unknown, defaulting to 1000 [ 136.283392][ T29] audit: type=1326 audit(1757027513.378:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6712 comm="syz.3.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 136.437977][ T6724] loop3: detected capacity change from 0 to 2048 [ 136.458843][ T6724] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.895274][ T6731] netlink: 'syz.1.1106': attribute type 10 has an invalid length. [ 136.903143][ T6731] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1106'. [ 137.132677][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.561262][ T6734] openvswitch: netlink: Message has 6 unknown bytes. [ 137.603353][ T6730] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 137.610561][ T6730] batman_adv: batadv0: Removing interface: veth1_vlan [ 137.627965][ T6731] batman_adv: batadv0: Adding interface: veth1_vlan [ 137.634874][ T6731] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.684045][ T6731] batman_adv: batadv0: Interface activated: veth1_vlan [ 137.745169][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1108'. [ 137.776750][ T6750] netlink: 'syz.1.1110': attribute type 39 has an invalid length. [ 137.852398][ T6760] loop3: detected capacity change from 0 to 2048 [ 137.865406][ T6760] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.893154][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.087707][ T6771] lo speed is unknown, defaulting to 1000 [ 138.381259][ T6778] netlink: 'syz.3.1120': attribute type 10 has an invalid length. [ 138.390238][ T6778] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1120'. [ 138.442603][ T6778] batman_adv: batadv0: Adding interface: veth1_vlan [ 138.449401][ T6778] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.509767][ T29] audit: type=1326 audit(1757027515.608:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6782 comm="syz.4.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 138.533554][ T29] audit: type=1326 audit(1757027515.608:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6782 comm="syz.4.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 138.557415][ T29] audit: type=1326 audit(1757027515.608:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6782 comm="syz.4.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 138.654422][ T6778] batman_adv: batadv0: Interface activated: veth1_vlan [ 138.750903][ T6789] netlink: 'syz.4.1125': attribute type 39 has an invalid length. [ 138.829337][ T6791] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1124'. [ 138.982683][ T29] audit: type=1326 audit(1757027515.688:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6782 comm="syz.4.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 139.007377][ T29] audit: type=1326 audit(1757027515.688:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6782 comm="syz.4.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 139.099232][ T6803] loop1: detected capacity change from 0 to 2048 [ 139.156308][ T6807] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 139.163415][ T6807] batman_adv: batadv0: Removing interface: veth1_vlan [ 139.190962][ T6803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.263154][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.374994][ T29] audit: type=1326 audit(1757027516.478:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6822 comm="syz.0.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 139.400172][ T29] audit: type=1326 audit(1757027516.498:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6822 comm="syz.0.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 139.433729][ T29] audit: type=1326 audit(1757027516.528:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6822 comm="syz.0.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 139.471094][ T6825] netlink: 'syz.0.1137': attribute type 39 has an invalid length. [ 139.491745][ T6828] openvswitch: netlink: Message has 6 unknown bytes. [ 139.538978][ T6830] netlink: 'syz.2.1138': attribute type 10 has an invalid length. [ 139.540732][ T6833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1140'. [ 139.547004][ T6830] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1138'. [ 139.550116][ T6830] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 139.776526][ T6845] loop2: detected capacity change from 0 to 2048 [ 139.805944][ T6845] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.830980][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.941841][ T6853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1146'. [ 140.086488][ T6864] netlink: 'syz.4.1150': attribute type 39 has an invalid length. [ 140.128528][ T29] audit: type=1326 audit(1757027517.228:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6866 comm="syz.4.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 140.190318][ T29] audit: type=1326 audit(1757027517.228:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6866 comm="syz.4.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 140.214094][ T29] audit: type=1326 audit(1757027517.228:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6866 comm="syz.4.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 140.237618][ T29] audit: type=1326 audit(1757027517.238:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6866 comm="syz.4.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 140.261415][ T29] audit: type=1326 audit(1757027517.238:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6866 comm="syz.4.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 140.299948][ T6868] lo speed is unknown, defaulting to 1000 [ 140.486462][ T6872] loop3: detected capacity change from 0 to 2048 [ 140.510450][ T6874] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 140.517829][ T6874] batman_adv: batadv0: Removing interface: veth1_vlan [ 140.538178][ T6872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.558858][ T6884] netlink: 'syz.2.1152': attribute type 10 has an invalid length. [ 140.567114][ T6884] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1152'. [ 141.180133][ T6884] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 141.231567][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.390203][ T6898] netlink: 'syz.4.1162': attribute type 39 has an invalid length. [ 141.414612][ T6900] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1163'. [ 141.440807][ T6902] netlink: 'syz.4.1164': attribute type 4 has an invalid length. [ 141.455643][ T6902] netlink: 'syz.4.1164': attribute type 4 has an invalid length. [ 141.610741][ T6910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1157'. [ 141.644097][ T6913] loop0: detected capacity change from 0 to 2048 [ 141.677664][ T6915] netlink: 'syz.2.1168': attribute type 10 has an invalid length. [ 141.678506][ T6913] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.685772][ T6915] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1168'. [ 141.711179][ T6915] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 141.852562][ T6933] netlink: 'syz.4.1174': attribute type 39 has an invalid length. [ 141.879105][ T6937] netlink: 'syz.4.1176': attribute type 4 has an invalid length. [ 141.895310][ T6937] netlink: 'syz.4.1176': attribute type 4 has an invalid length. [ 141.961135][ T6946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1180'. [ 142.086168][ T6960] netlink: 'syz.2.1184': attribute type 10 has an invalid length. [ 142.094125][ T6960] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1184'. [ 142.104115][ T6960] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 142.361193][ T6990] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 142.368380][ T6990] batman_adv: batadv0: Removing interface: veth1_vlan [ 142.391711][ T6990] batman_adv: batadv0: Adding interface: veth1_vlan [ 142.398526][ T6990] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.433482][ T6990] batman_adv: batadv0: Interface activated: veth1_vlan [ 142.466066][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.643127][ T7025] loop1: detected capacity change from 0 to 2048 [ 142.682741][ T7025] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.686420][ T7028] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 142.753042][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.949366][ T7065] batman_adv: batadv0: Adding interface: veth1_vlan [ 142.956153][ T7065] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.985639][ T7065] batman_adv: batadv0: Interface activated: veth1_vlan [ 143.045319][ T7077] loop4: detected capacity change from 0 to 256 [ 143.071978][ T7080] loop0: detected capacity change from 0 to 2048 [ 143.081609][ T7077] vfat: Bad value for 'utf8' [ 143.111923][ T7080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.182233][ T7098] batman_adv: batadv0: Adding interface: veth1_vlan [ 143.188946][ T7098] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.216355][ T7098] batman_adv: batadv0: Interface activated: veth1_vlan [ 143.294952][ T7114] loop3: detected capacity change from 0 to 256 [ 143.301721][ T7114] vfat: Bad value for 'utf8' [ 143.414022][ T7131] loop3: detected capacity change from 0 to 512 [ 143.420960][ T7131] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 143.438216][ T7131] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 143.489717][ T7138] loop4: detected capacity change from 0 to 256 [ 143.496639][ T7138] vfat: Bad value for 'utf8' [ 143.691676][ T7159] loop4: detected capacity change from 0 to 2048 [ 143.744027][ T7159] loop4: p1 < > p4 [ 143.748337][ T7159] loop4: p4 size 8388608 extends beyond EOD, truncated [ 143.775414][ T7161] loop4: detected capacity change from 0 to 512 [ 143.782114][ T7161] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 143.798427][ T7161] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 143.852593][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.871537][ T7167] loop0: detected capacity change from 0 to 256 [ 143.878613][ T7167] vfat: Bad value for 'utf8' [ 143.886088][ T7167] __nla_validate_parse: 13 callbacks suppressed [ 143.886107][ T7167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1271'. [ 143.979603][ T7181] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1277'. [ 144.018574][ T7185] loop4: detected capacity change from 0 to 512 [ 144.025063][ T7183] loop0: detected capacity change from 0 to 2048 [ 144.028932][ T7185] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 144.064194][ T7183] loop0: p1 < > p4 [ 144.074167][ T7183] loop0: p4 size 8388608 extends beyond EOD, truncated [ 144.084618][ T7185] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 144.096619][ T7191] loop3: detected capacity change from 0 to 2048 [ 144.117924][ T7193] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1283'. [ 144.138270][ T7200] loop1: detected capacity change from 0 to 256 [ 144.146519][ T7200] vfat: Bad value for 'utf8' [ 144.153318][ T7200] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1284'. [ 144.165195][ T7191] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.192362][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.247400][ T7218] openvswitch: netlink: Message has 6 unknown bytes. [ 144.280805][ T7226] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1295'. [ 144.290613][ T7225] loop4: detected capacity change from 0 to 2048 [ 144.314847][ T7230] loop3: detected capacity change from 0 to 512 [ 144.321858][ T7230] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 144.326154][ T7225] loop4: p1 < > p4 [ 144.337716][ T7231] loop1: detected capacity change from 0 to 256 [ 144.344871][ T7231] vfat: Bad value for 'utf8' [ 144.350422][ T7225] loop4: p4 size 8388608 extends beyond EOD, truncated [ 144.352539][ T7231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1298'. [ 144.368012][ T7230] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 144.423171][ T7239] loop3: detected capacity change from 0 to 2048 [ 144.445509][ T7239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.459451][ T7248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1302'. [ 144.490626][ T7255] openvswitch: netlink: Message has 6 unknown bytes. [ 144.499460][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.552123][ T7263] loop0: detected capacity change from 0 to 512 [ 144.559809][ T7263] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 144.581092][ T7263] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 144.606785][ T7268] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1313'. [ 144.632640][ T7270] loop0: detected capacity change from 0 to 2048 [ 144.649156][ T7274] loop4: detected capacity change from 0 to 256 [ 144.656821][ T7274] vfat: Bad value for 'utf8' [ 144.665813][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1316'. [ 144.674203][ T7270] loop0: p1 < > p4 [ 144.689357][ T7270] loop0: p4 size 8388608 extends beyond EOD, truncated [ 144.706649][ T7280] openvswitch: netlink: Message has 6 unknown bytes. [ 144.799247][ T7288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1323'. [ 144.852896][ T7294] loop0: detected capacity change from 0 to 512 [ 144.859904][ T7294] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 144.935205][ T7297] lo speed is unknown, defaulting to 1000 [ 145.072162][ T7294] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 145.253289][ T7305] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 145.260455][ T7305] batman_adv: batadv0: Removing interface: veth1_vlan [ 145.277357][ T7309] loop3: detected capacity change from 0 to 256 [ 145.286004][ T7309] vfat: Bad value for 'utf8' [ 145.461118][ T7315] openvswitch: netlink: Message has 6 unknown bytes. [ 145.592070][ T7297] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 145.629354][ T7322] validate_nla: 25 callbacks suppressed [ 145.629373][ T7322] netlink: 'syz.3.1334': attribute type 39 has an invalid length. [ 145.681555][ T7325] loop1: detected capacity change from 0 to 2048 [ 145.701459][ T7328] loop0: detected capacity change from 0 to 512 [ 145.718637][ T7328] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 145.756279][ T7328] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 145.774270][ T7325] loop1: p1 < > p4 [ 145.784523][ T7325] loop1: p4 size 8388608 extends beyond EOD, truncated [ 145.825125][ T7332] loop3: detected capacity change from 0 to 2048 [ 145.847107][ T7332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.885448][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.924379][ T7344] loop1: detected capacity change from 0 to 256 [ 145.931045][ T7344] vfat: Bad value for 'utf8' [ 146.053955][ T7353] openvswitch: netlink: Message has 6 unknown bytes. [ 146.189677][ T7361] loop0: detected capacity change from 0 to 512 [ 146.196781][ T7361] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 146.217415][ T7361] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 146.435721][ T29] kauditd_printk_skb: 28 callbacks suppressed [ 146.435747][ T29] audit: type=1326 audit(1757027523.528:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7370 comm="syz.0.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 146.462481][ T7373] loop3: detected capacity change from 0 to 2048 [ 146.465599][ T29] audit: type=1326 audit(1757027523.538:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7370 comm="syz.0.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 146.495903][ T29] audit: type=1326 audit(1757027523.568:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7370 comm="syz.0.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 146.519758][ T29] audit: type=1326 audit(1757027523.568:2171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7370 comm="syz.0.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 146.553003][ T7377] loop2: detected capacity change from 0 to 256 [ 146.561172][ T7377] vfat: Bad value for 'utf8' [ 146.575788][ T7373] loop3: p1 < > p4 [ 146.580912][ T7373] loop3: p4 size 8388608 extends beyond EOD, truncated [ 146.822582][ T7390] openvswitch: netlink: Message has 6 unknown bytes. [ 146.857986][ T7392] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 146.865269][ T7392] batman_adv: batadv0: Removing interface: veth1_vlan [ 147.343696][ T7399] lo speed is unknown, defaulting to 1000 [ 147.791876][ T7412] loop3: detected capacity change from 0 to 256 [ 147.831264][ T7412] vfat: Bad value for 'utf8' [ 147.975103][ T7430] netlink: 'syz.1.1375': attribute type 4 has an invalid length. [ 147.997376][ T29] audit: type=1326 audit(1757027525.088:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="syz.0.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 148.022010][ T29] audit: type=1326 audit(1757027525.088:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="syz.0.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 148.045822][ T29] audit: type=1326 audit(1757027525.098:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="syz.0.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 148.074972][ T7430] netlink: 'syz.1.1375': attribute type 4 has an invalid length. [ 148.200377][ T29] audit: type=1326 audit(1757027525.188:2175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="syz.0.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 148.224112][ T29] audit: type=1326 audit(1757027525.188:2176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="syz.0.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 148.332930][ T7452] loop2: detected capacity change from 0 to 2048 [ 148.384038][ T7452] loop2: p1 < > p4 [ 148.422243][ T7456] loop1: detected capacity change from 0 to 256 [ 148.435694][ T7456] vfat: Bad value for 'utf8' [ 148.473971][ T7452] loop2: p4 size 8388608 extends beyond EOD, truncated [ 148.504861][ T7462] netlink: 'syz.1.1388': attribute type 39 has an invalid length. [ 148.647447][ T7479] netlink: 'syz.0.1394': attribute type 10 has an invalid length. [ 148.666349][ T7479] batman_adv: batadv0: Adding interface: veth1_vlan [ 148.673352][ T7479] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.702253][ T7479] batman_adv: batadv0: Interface activated: veth1_vlan [ 148.762087][ T7487] netlink: 'syz.4.1398': attribute type 4 has an invalid length. [ 148.781995][ T7487] netlink: 'syz.4.1398': attribute type 4 has an invalid length. [ 148.817511][ T7494] netlink: 'syz.2.1402': attribute type 39 has an invalid length. [ 148.846694][ T7501] openvswitch: netlink: Message has 6 unknown bytes. [ 148.938089][ T7512] __nla_validate_parse: 12 callbacks suppressed [ 148.938159][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1408'. [ 148.963202][ T7512] netlink: 'syz.3.1408': attribute type 10 has an invalid length. [ 148.971150][ T7512] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1408'. [ 148.981059][ T7512] batman_adv: batadv0: Adding interface: veth1_vlan [ 148.987767][ T7512] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.015099][ T7512] batman_adv: batadv0: Interface activated: veth1_vlan [ 149.079772][ T7519] lo speed is unknown, defaulting to 1000 [ 149.160245][ T7523] netlink: 'syz.4.1414': attribute type 4 has an invalid length. [ 149.512052][ T29] audit: type=1326 audit(1757027526.608:2177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7540 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a708eebe9 code=0x7ffc0000 [ 149.765256][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1424'. [ 149.889153][ T7559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1429'. [ 149.911014][ T7559] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1429'. [ 149.932886][ T7559] batman_adv: batadv0: Adding interface: veth1_vlan [ 149.939659][ T7559] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.988687][ T7562] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1430'. [ 149.999026][ T7559] batman_adv: batadv0: Interface activated: veth1_vlan [ 150.328215][ T7599] loop3: detected capacity change from 0 to 256 [ 150.345418][ T7599] vfat: Bad value for 'utf8' [ 150.365098][ T7599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1443'. [ 150.402633][ T7602] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1445'. [ 150.494409][ T7613] loop3: detected capacity change from 0 to 2048 [ 150.524989][ T7613] loop3: p1 < > p4 [ 150.531507][ T7613] loop3: p4 size 8388608 extends beyond EOD, truncated [ 150.736570][ T7650] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1464'. [ 150.768791][ T7657] validate_nla: 2 callbacks suppressed [ 150.768810][ T7657] netlink: 'syz.4.1466': attribute type 4 has an invalid length. [ 150.838551][ T7661] lo speed is unknown, defaulting to 1000 [ 150.910326][ T7660] loop3: detected capacity change from 0 to 512 [ 150.921070][ T7660] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 150.954587][ T7660] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 150.988191][ T7665] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1468'. [ 151.021168][ T7665] netlink: 'syz.2.1468': attribute type 10 has an invalid length. [ 151.060956][ T7665] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 151.148891][ T7671] loop3: detected capacity change from 0 to 2048 [ 151.204339][ T7671] loop3: p1 < > p4 [ 151.215635][ T7671] loop3: p4 size 8388608 extends beyond EOD, truncated [ 151.268328][ T7679] netlink: 'syz.2.1473': attribute type 39 has an invalid length. [ 151.428082][ T7681] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 151.435240][ T7681] batman_adv: batadv0: Removing interface: veth1_vlan [ 151.624697][ T7698] loop4: detected capacity change from 0 to 512 [ 151.631638][ T7698] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 151.664669][ T7698] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 151.801870][ T7715] netlink: 'syz.1.1485': attribute type 39 has an invalid length. [ 151.877193][ T7717] loop4: detected capacity change from 0 to 2048 [ 151.934533][ T7717] loop4: p1 < > p4 [ 151.945494][ T7717] loop4: p4 size 8388608 extends beyond EOD, truncated [ 152.014746][ T7730] loop2: detected capacity change from 0 to 512 [ 152.025738][ T7730] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 152.038926][ T7727] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 152.046040][ T7727] batman_adv: batadv0: Removing interface: veth1_vlan [ 152.062186][ T7730] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 152.233144][ T7743] loop3: detected capacity change from 0 to 2048 [ 152.256504][ T7746] netlink: 'syz.1.1498': attribute type 39 has an invalid length. [ 152.272150][ T7750] loop2: detected capacity change from 0 to 256 [ 152.281819][ T29] kauditd_printk_skb: 220 callbacks suppressed [ 152.281837][ T29] audit: type=1326 audit(1757027529.378:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.311789][ T29] audit: type=1326 audit(1757027529.378:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.340952][ T7750] vfat: Bad value for 'utf8' [ 152.346575][ T29] audit: type=1326 audit(1757027529.378:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.370119][ T29] audit: type=1326 audit(1757027529.378:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.393618][ T29] audit: type=1326 audit(1757027529.378:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.417149][ T29] audit: type=1326 audit(1757027529.438:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.440844][ T29] audit: type=1326 audit(1757027529.438:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.489377][ T7743] loop3: p2 p3 p7 [ 152.493763][ T7761] loop1: detected capacity change from 0 to 2048 [ 152.514653][ T29] audit: type=1326 audit(1757027529.498:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.538393][ T29] audit: type=1326 audit(1757027529.498:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.561950][ T29] audit: type=1326 audit(1757027529.498:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7753 comm="syz.4.1502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 152.596661][ T7766] FAULT_INJECTION: forcing a failure. [ 152.596661][ T7766] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.610021][ T7766] CPU: 0 UID: 0 PID: 7766 Comm: syz.4.1506 Not tainted syzkaller #0 PREEMPT(voluntary) [ 152.610053][ T7766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 152.610090][ T7766] Call Trace: [ 152.610098][ T7766] [ 152.610107][ T7766] __dump_stack+0x1d/0x30 [ 152.610143][ T7766] dump_stack_lvl+0xe8/0x140 [ 152.610167][ T7766] dump_stack+0x15/0x1b [ 152.610185][ T7766] should_fail_ex+0x265/0x280 [ 152.610206][ T7766] should_fail+0xb/0x20 [ 152.610253][ T7766] should_fail_usercopy+0x1a/0x20 [ 152.610282][ T7766] strncpy_from_user+0x25/0x230 [ 152.610384][ T7766] ? __kmalloc_cache_noprof+0x189/0x320 [ 152.610426][ T7766] __se_sys_memfd_create+0x1ff/0x590 [ 152.610456][ T7766] __x64_sys_memfd_create+0x31/0x40 [ 152.610506][ T7766] x64_sys_call+0x2abe/0x2ff0 [ 152.610578][ T7766] do_syscall_64+0xd2/0x200 [ 152.610616][ T7766] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 152.610648][ T7766] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 152.610756][ T7766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.610777][ T7766] RIP: 0033:0x7f429e29ebe9 [ 152.610797][ T7766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.610865][ T7766] RSP: 002b:00007f429ccfed68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 152.610889][ T7766] RAX: ffffffffffffffda RBX: 0000000000000593 RCX: 00007f429e29ebe9 [ 152.610906][ T7766] RDX: 00007f429ccfedec RSI: 0000000000000000 RDI: 00007f429e3227e8 [ 152.610920][ T7766] RBP: 00002000000005c0 R08: 00007f429ccfeb07 R09: 0000000000000000 [ 152.610935][ T7766] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001 [ 152.610950][ T7766] R13: 00007f429ccfedec R14: 00007f429ccfedf0 R15: 00007ffc6e9f2ac8 [ 152.610975][ T7766] [ 152.798433][ T7761] loop1: p1 < > p4 [ 152.802818][ T7761] loop1: p4 size 8388608 extends beyond EOD, truncated [ 152.871673][ T7778] loop1: detected capacity change from 0 to 512 [ 152.898747][ T7778] EXT4-fs: Ignoring removed nobh option [ 152.906900][ T7778] EXT4-fs (loop1): failed to initialize system zone (-117) [ 152.914552][ T7778] EXT4-fs (loop1): mount failed [ 152.956750][ T7788] netlink: 'syz.3.1515': attribute type 39 has an invalid length. [ 152.986819][ T7790] loop3: detected capacity change from 0 to 512 [ 152.993885][ T7790] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 152.997440][ T7792] netlink: 'syz.0.1517': attribute type 10 has an invalid length. [ 153.062309][ T7794] lo speed is unknown, defaulting to 1000 [ 153.121196][ T7790] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 153.291601][ T7806] netlink: 'syz.2.1519': attribute type 4 has an invalid length. [ 153.397871][ T7808] loop0: detected capacity change from 0 to 2048 [ 153.456732][ T7808] loop0: p1 < > p4 [ 153.462063][ T7808] loop0: p4 size 8388608 extends beyond EOD, truncated [ 153.505316][ T7811] loop2: detected capacity change from 0 to 2048 [ 153.557877][ T7811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 153.591331][ T7811] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:169: inode #12: comm syz.2.1522: inline data xattr refers to an external xattr inode [ 153.608194][ T7811] EXT4-fs (loop2): Remounting filesystem read-only [ 153.617749][ T7811] netlink: get zone limit has 8 unknown bytes [ 153.740720][ T7820] loop0: detected capacity change from 0 to 256 [ 153.748291][ T7820] vfat: Bad value for 'utf8' [ 153.825470][ T7824] netlink: 'syz.0.1527': attribute type 39 has an invalid length. [ 153.897929][ T7830] netlink: 'syz.1.1530': attribute type 10 has an invalid length. [ 154.008110][ T7837] loop1: detected capacity change from 0 to 2048 [ 154.059688][ T7843] loop0: detected capacity change from 0 to 256 [ 154.074451][ T7837] loop1: p1 < > p4 [ 154.079064][ T7837] loop1: p4 size 8388608 extends beyond EOD, truncated [ 154.088516][ T7843] vfat: Bad value for 'utf8' [ 154.107319][ T7843] __nla_validate_parse: 10 callbacks suppressed [ 154.107339][ T7843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1536'. [ 154.284806][ T7856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1542'. [ 154.318874][ T7856] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1542'. [ 154.338541][ T7856] batman_adv: batadv0: Adding interface: veth1_vlan [ 154.345447][ T7856] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.402171][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.439696][ T7856] batman_adv: batadv0: Interface activated: veth1_vlan [ 154.494619][ T7877] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1552'. [ 154.526055][ T7879] loop3: detected capacity change from 0 to 2048 [ 154.548555][ T7879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.580011][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.598986][ T7885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1555'. [ 154.638602][ T7897] loop2: detected capacity change from 0 to 512 [ 154.647000][ T7897] EXT4-fs: Ignoring removed nobh option [ 154.654482][ T7897] EXT4-fs (loop2): failed to initialize system zone (-117) [ 154.659499][ T7899] loop3: detected capacity change from 0 to 2048 [ 154.662080][ T7897] EXT4-fs (loop2): mount failed [ 154.694910][ T7899] loop3: p1 < > p4 [ 154.706790][ T7907] loop4: detected capacity change from 0 to 256 [ 154.713749][ T7907] vfat: Bad value for 'utf8' [ 154.720571][ T7907] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1563'. [ 154.798324][ T7899] loop3: p4 size 8388608 extends beyond EOD, truncated [ 154.831374][ T7916] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1567'. [ 154.914150][ T7920] lo speed is unknown, defaulting to 1000 [ 154.971911][ T7918] loop4: detected capacity change from 0 to 2048 [ 155.061711][ T7918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.271793][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1580'. [ 155.317063][ T7935] loop3: detected capacity change from 0 to 2048 [ 155.360912][ T7935] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.587622][ T7946] EXT4-fs (loop3): shut down requested (0) [ 155.629354][ T7950] loop2: detected capacity change from 0 to 256 [ 155.647814][ T7950] vfat: Bad value for 'utf8' [ 155.672570][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1575'. [ 155.698430][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.834748][ T7962] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1577'. [ 156.401649][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.587810][ T7991] loop1: detected capacity change from 0 to 256 [ 156.632405][ T7991] vfat: Bad value for 'utf8' [ 156.707650][ T8001] validate_nla: 3 callbacks suppressed [ 156.707665][ T8001] netlink: 'syz.1.1597': attribute type 10 has an invalid length. [ 156.753052][ T7999] loop3: detected capacity change from 0 to 2048 [ 156.780804][ T7999] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.826028][ T8014] loop1: detected capacity change from 0 to 512 [ 156.834707][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.878591][ T8018] loop3: detected capacity change from 0 to 2048 [ 156.905178][ T8021] netlink: 'syz.4.1605': attribute type 10 has an invalid length. [ 156.913666][ T8021] batman_adv: batadv0: Adding interface: veth1_vlan [ 156.920317][ T8021] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.924029][ T8018] loop3: p1 < > p4 [ 156.949917][ T8026] loop0: detected capacity change from 0 to 256 [ 156.953744][ T8018] loop3: p4 size 8388608 extends beyond EOD, truncated [ 156.956778][ T8026] vfat: Bad value for 'utf8' [ 156.967890][ T8021] batman_adv: batadv0: Interface activated: veth1_vlan [ 157.081228][ T8046] netlink: 'syz.0.1617': attribute type 4 has an invalid length. [ 157.098766][ T8049] loop1: detected capacity change from 0 to 2048 [ 157.116011][ T8049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.198605][ T8061] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 157.206298][ T8061] batman_adv: batadv0: Removing interface: veth1_vlan [ 157.225631][ T8061] netlink: 'syz.4.1622': attribute type 10 has an invalid length. [ 157.235496][ T8061] batman_adv: batadv0: Adding interface: veth1_vlan [ 157.242113][ T8061] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.269077][ T8061] batman_adv: batadv0: Interface activated: veth1_vlan [ 157.300590][ T8066] loop3: detected capacity change from 0 to 256 [ 157.308991][ T8066] vfat: Bad value for 'utf8' [ 157.342830][ T8072] loop3: detected capacity change from 0 to 2048 [ 157.353178][ T29] kauditd_printk_skb: 348 callbacks suppressed [ 157.353195][ T29] audit: type=1326 audit(1757027534.448:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.385824][ T29] audit: type=1326 audit(1757027534.448:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.409307][ T29] audit: type=1326 audit(1757027534.468:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.432778][ T29] audit: type=1326 audit(1757027534.468:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.456234][ T29] audit: type=1326 audit(1757027534.468:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.480083][ T29] audit: type=1326 audit(1757027534.488:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.503715][ T29] audit: type=1326 audit(1757027534.488:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.527629][ T29] audit: type=1326 audit(1757027534.488:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.551117][ T29] audit: type=1326 audit(1757027534.488:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.556017][ T8072] loop3: p1 < > p4 [ 157.574651][ T29] audit: type=1326 audit(1757027534.488:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.4.1627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 157.604502][ T8072] loop3: p4 size 8388608 extends beyond EOD, truncated [ 157.686534][ T8079] C: renamed from team_slave_0 [ 157.695072][ T8079] can0: slcan on ttyS3. [ 157.722407][ T8081] netlink: 'syz.3.1630': attribute type 4 has an invalid length. [ 157.754036][ T8079] can0 (unregistered): slcan off ttyS3. [ 157.766524][ T8087] can0: slcan on ttyS3. [ 157.779428][ T8079] loop4: detected capacity change from 0 to 512 [ 157.786338][ T8079] EXT4-fs: Ignoring removed nomblk_io_submit option [ 157.793468][ T8079] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 157.804141][ T8079] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002] [ 157.812224][ T8079] System zones: 1-12 [ 157.816577][ T8079] EXT4-fs (loop4): orphan cleanup on readonly fs [ 157.823719][ T8079] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1629: bg 0: block 361: padding at end of block bitmap is not set [ 157.838881][ T8079] EXT4-fs (loop4): Remounting filesystem read-only [ 157.845991][ T8079] EXT4-fs (loop4): 1 truncate cleaned up [ 157.852167][ T8079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 157.876869][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.916635][ T8096] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 157.923863][ T8096] batman_adv: batadv0: Removing interface: veth1_vlan [ 157.931392][ T8079] can0 (unregistered): slcan off ttyS3. [ 157.940406][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 157.949239][ T8096] netlink: 'syz.3.1635': attribute type 10 has an invalid length. [ 157.957951][ T8096] batman_adv: batadv0: Adding interface: veth1_vlan [ 157.964623][ T8096] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.991731][ T8096] batman_adv: batadv0: Interface activated: veth1_vlan [ 158.028376][ T8105] netlink: 'syz.0.1638': attribute type 10 has an invalid length. [ 158.145001][ T8124] loop2: detected capacity change from 0 to 2048 [ 158.179786][ T8127] loop1: detected capacity change from 0 to 2048 [ 158.184287][ T8124] loop2: p1 < > p4 [ 158.202061][ T8124] loop2: p4 size 8388608 extends beyond EOD, truncated [ 158.223106][ T8127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.282627][ T8141] netlink: 'syz.3.1652': attribute type 10 has an invalid length. [ 158.331388][ T8137] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 158.338715][ T8137] batman_adv: batadv0: Removing interface: veth1_vlan [ 158.360920][ T8150] netlink: 'syz.3.1654': attribute type 4 has an invalid length. [ 158.384134][ T8137] netlink: 'syz.0.1650': attribute type 10 has an invalid length. [ 158.421468][ T8137] batman_adv: batadv0: Adding interface: veth1_vlan [ 158.428324][ T8137] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.472398][ T8137] batman_adv: batadv0: Interface activated: veth1_vlan [ 158.487569][ T8159] IPv6: Can't replace route, no match found [ 158.503753][ T8131] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 158.591411][ T8167] loop2: detected capacity change from 0 to 256 [ 158.603876][ T8167] vfat: Bad value for 'utf8' [ 158.619432][ T8169] loop3: detected capacity change from 0 to 2048 [ 158.740162][ T8169] loop3: p1 < > p4 [ 158.745250][ T8169] loop3: p4 size 8388608 extends beyond EOD, truncated [ 158.814160][ T8178] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 158.821335][ T8178] batman_adv: batadv0: Removing interface: veth1_vlan [ 158.905735][ T8180] lo speed is unknown, defaulting to 1000 [ 159.017651][ T8178] batman_adv: batadv0: Adding interface: veth1_vlan [ 159.024396][ T8178] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.112823][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.234622][ T8192] __nla_validate_parse: 17 callbacks suppressed [ 159.234639][ T8192] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1670'. [ 159.317404][ T8178] batman_adv: batadv0: Interface activated: veth1_vlan [ 159.792951][ T8208] FAULT_INJECTION: forcing a failure. [ 159.792951][ T8208] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.806455][ T8208] CPU: 0 UID: 0 PID: 8208 Comm: syz.4.1677 Not tainted syzkaller #0 PREEMPT(voluntary) [ 159.806484][ T8208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 159.806500][ T8208] Call Trace: [ 159.806507][ T8208] [ 159.806516][ T8208] __dump_stack+0x1d/0x30 [ 159.806536][ T8208] dump_stack_lvl+0xe8/0x140 [ 159.806622][ T8208] dump_stack+0x15/0x1b [ 159.806642][ T8208] should_fail_ex+0x265/0x280 [ 159.806676][ T8208] should_fail+0xb/0x20 [ 159.806716][ T8208] should_fail_usercopy+0x1a/0x20 [ 159.806737][ T8208] strncpy_from_user+0x25/0x230 [ 159.806776][ T8208] __se_sys_memfd_create+0x1ff/0x590 [ 159.806799][ T8208] __x64_sys_memfd_create+0x31/0x40 [ 159.806865][ T8208] x64_sys_call+0x2abe/0x2ff0 [ 159.806975][ T8208] do_syscall_64+0xd2/0x200 [ 159.807012][ T8208] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 159.807037][ T8208] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 159.807126][ T8208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.807153][ T8208] RIP: 0033:0x7f429e29ebe9 [ 159.807170][ T8208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.807187][ T8208] RSP: 002b:00007f429ccfee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 159.807205][ T8208] RAX: ffffffffffffffda RBX: 000000000000051b RCX: 00007f429e29ebe9 [ 159.807285][ T8208] RDX: 00007f429ccfeef0 RSI: 0000000000000000 RDI: 00007f429e3227e8 [ 159.807301][ T8208] RBP: 0000200000001340 R08: 00007f429ccfebb7 R09: 00007f429ccfee40 [ 159.807317][ T8208] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000200 [ 159.807329][ T8208] R13: 00007f429ccfeef0 R14: 00007f429ccfeeb0 R15: 00002000000006c0 [ 159.807346][ T8208] [ 160.072580][ T8210] loop0: detected capacity change from 0 to 2048 [ 160.218267][ T8215] loop4: detected capacity change from 0 to 2048 [ 160.230600][ T8207] loop3: detected capacity change from 0 to 512 [ 160.245326][ T8210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.265701][ T8207] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 160.284835][ T8215] loop4: p1 < > p4 [ 160.289188][ T8215] loop4: p4 size 8388608 extends beyond EOD, truncated [ 160.304679][ T8207] EXT4-fs (loop3): mount failed [ 160.495916][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.540791][ T8237] loop1: detected capacity change from 0 to 2048 [ 160.553419][ T8241] FAULT_INJECTION: forcing a failure. [ 160.553419][ T8241] name failslab, interval 1, probability 0, space 0, times 0 [ 160.564985][ T8243] loop3: detected capacity change from 0 to 2048 [ 160.566220][ T8241] CPU: 0 UID: 0 PID: 8241 Comm: syz.4.1690 Not tainted syzkaller #0 PREEMPT(voluntary) [ 160.566308][ T8241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 160.566326][ T8241] Call Trace: [ 160.566337][ T8241] [ 160.566347][ T8241] __dump_stack+0x1d/0x30 [ 160.566376][ T8241] dump_stack_lvl+0xe8/0x140 [ 160.566402][ T8241] dump_stack+0x15/0x1b [ 160.566425][ T8241] should_fail_ex+0x265/0x280 [ 160.566454][ T8241] should_failslab+0x8c/0xb0 [ 160.566568][ T8241] kmem_cache_alloc_node_noprof+0x57/0x320 [ 160.566672][ T8241] ? __alloc_skb+0x101/0x320 [ 160.566700][ T8241] __alloc_skb+0x101/0x320 [ 160.566723][ T8241] ? audit_log_start+0x365/0x6c0 [ 160.566843][ T8241] audit_log_start+0x380/0x6c0 [ 160.566887][ T8241] audit_seccomp+0x48/0x100 [ 160.566995][ T8241] ? __seccomp_filter+0x68c/0x10d0 [ 160.567026][ T8241] __seccomp_filter+0x69d/0x10d0 [ 160.567054][ T8241] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 160.567080][ T8241] ? vfs_write+0x7e8/0x960 [ 160.567100][ T8241] ? __rcu_read_unlock+0x4f/0x70 [ 160.567199][ T8241] ? __fget_files+0x184/0x1c0 [ 160.567308][ T8241] __secure_computing+0x82/0x150 [ 160.567390][ T8241] syscall_trace_enter+0xcf/0x1e0 [ 160.567521][ T8241] do_syscall_64+0xac/0x200 [ 160.567591][ T8241] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 160.567624][ T8241] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 160.567670][ T8241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.567788][ T8241] RIP: 0033:0x7f429e29ebe9 [ 160.567809][ T8241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.567891][ T8241] RSP: 002b:00007f429ccff038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 160.567915][ T8241] RAX: ffffffffffffffda RBX: 00007f429e4d5fa0 RCX: 00007f429e29ebe9 [ 160.567933][ T8241] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000008 [ 160.567950][ T8241] RBP: 00007f429ccff090 R08: 0000000000000000 R09: 0000000000000000 [ 160.567967][ T8241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.567983][ T8241] R13: 00007f429e4d6038 R14: 00007f429e4d5fa0 R15: 00007ffc6e9f2ac8 [ 160.568009][ T8241] [ 160.618669][ T8245] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1692'. [ 160.654444][ T8237] loop1: p1 < > p4 [ 160.658602][ T8245] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1692'. [ 160.664220][ T8243] loop3: p1 < > p4 [ 160.667539][ T8245] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 160.671341][ T8237] loop1: p4 size 8388608 extends beyond EOD, [ 160.722432][ T8243] loop3: p4 size 8388608 extends beyond EOD, [ 160.737904][ T8237] truncated [ 160.847307][ T8243] truncated [ 160.851558][ T8252] FAULT_INJECTION: forcing a failure. [ 160.851558][ T8252] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.864889][ T8252] CPU: 0 UID: 0 PID: 8252 Comm: syz.0.1694 Not tainted syzkaller #0 PREEMPT(voluntary) [ 160.864921][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 160.864936][ T8252] Call Trace: [ 160.865016][ T8252] [ 160.865026][ T8252] __dump_stack+0x1d/0x30 [ 160.865052][ T8252] dump_stack_lvl+0xe8/0x140 [ 160.865076][ T8252] dump_stack+0x15/0x1b [ 160.865149][ T8252] should_fail_ex+0x265/0x280 [ 160.865177][ T8252] should_fail+0xb/0x20 [ 160.865199][ T8252] should_fail_usercopy+0x1a/0x20 [ 160.865228][ T8252] _copy_to_user+0x20/0xa0 [ 160.865314][ T8252] simple_read_from_buffer+0xb5/0x130 [ 160.865343][ T8252] proc_fail_nth_read+0x10e/0x150 [ 160.865457][ T8252] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 160.865483][ T8252] vfs_read+0x1a5/0x770 [ 160.865503][ T8252] ? __rcu_read_unlock+0x4f/0x70 [ 160.865524][ T8252] ? __fget_files+0x184/0x1c0 [ 160.865618][ T8252] ksys_read+0xda/0x1a0 [ 160.865651][ T8252] __x64_sys_read+0x40/0x50 [ 160.865678][ T8252] x64_sys_call+0x27bc/0x2ff0 [ 160.865704][ T8252] do_syscall_64+0xd2/0x200 [ 160.865752][ T8252] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 160.865783][ T8252] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 160.865874][ T8252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.865901][ T8252] RIP: 0033:0x7feb28edd5fc [ 160.865918][ T8252] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 160.865936][ T8252] RSP: 002b:00007feb27926030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 160.865963][ T8252] RAX: ffffffffffffffda RBX: 00007feb29116090 RCX: 00007feb28edd5fc [ 160.865975][ T8252] RDX: 000000000000000f RSI: 00007feb279260a0 RDI: 0000000000000004 [ 160.865995][ T8252] RBP: 00007feb27926090 R08: 0000000000000000 R09: 0000000000000000 [ 160.866010][ T8252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.866026][ T8252] R13: 00007feb29116128 R14: 00007feb29116090 R15: 00007ffc4958c778 [ 160.866048][ T8252] [ 161.169146][ T8281] loop1: detected capacity change from 0 to 512 [ 161.176629][ T8281] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 161.200129][ T8281] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 161.220839][ T8283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1707'. [ 161.290850][ T8299] FAULT_INJECTION: forcing a failure. [ 161.290850][ T8299] name failslab, interval 1, probability 0, space 0, times 0 [ 161.303895][ T8299] CPU: 0 UID: 0 PID: 8299 Comm: syz.0.1713 Not tainted syzkaller #0 PREEMPT(voluntary) [ 161.303927][ T8299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 161.303943][ T8299] Call Trace: [ 161.303951][ T8299] [ 161.303961][ T8299] __dump_stack+0x1d/0x30 [ 161.304011][ T8299] dump_stack_lvl+0xe8/0x140 [ 161.304034][ T8299] dump_stack+0x15/0x1b [ 161.304087][ T8299] should_fail_ex+0x265/0x280 [ 161.304110][ T8299] should_failslab+0x8c/0xb0 [ 161.304135][ T8299] kmem_cache_alloc_node_noprof+0x57/0x320 [ 161.304166][ T8299] ? __alloc_skb+0x101/0x320 [ 161.304187][ T8299] __alloc_skb+0x101/0x320 [ 161.304321][ T8299] ? audit_log_start+0x365/0x6c0 [ 161.304353][ T8299] audit_log_start+0x380/0x6c0 [ 161.304422][ T8299] audit_seccomp+0x48/0x100 [ 161.304449][ T8299] ? __seccomp_filter+0x68c/0x10d0 [ 161.304471][ T8299] __seccomp_filter+0x69d/0x10d0 [ 161.304524][ T8299] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 161.304553][ T8299] ? vfs_write+0x7e8/0x960 [ 161.304574][ T8299] ? __rcu_read_unlock+0x4f/0x70 [ 161.304627][ T8299] ? __fget_files+0x184/0x1c0 [ 161.304656][ T8299] __secure_computing+0x82/0x150 [ 161.304677][ T8299] syscall_trace_enter+0xcf/0x1e0 [ 161.304707][ T8299] do_syscall_64+0xac/0x200 [ 161.304861][ T8299] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 161.304885][ T8299] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 161.304912][ T8299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.304934][ T8299] RIP: 0033:0x7feb28edebe9 [ 161.304957][ T8299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.304975][ T8299] RSP: 002b:00007feb27947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 161.305072][ T8299] RAX: ffffffffffffffda RBX: 00007feb29115fa0 RCX: 00007feb28edebe9 [ 161.305085][ T8299] RDX: 0000000000000048 RSI: 0000200000000840 RDI: 0000000000000000 [ 161.305097][ T8299] RBP: 00007feb27947090 R08: 0000000000000000 R09: 0000000000000000 [ 161.305129][ T8299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.305141][ T8299] R13: 00007feb29116038 R14: 00007feb29115fa0 R15: 00007ffc4958c778 [ 161.305160][ T8299] [ 161.311773][ T8297] random: crng reseeded on system resumption [ 161.410385][ T8305] loop0: detected capacity change from 0 to 512 [ 161.543574][ T8305] EXT4-fs: Ignoring removed nobh option [ 161.550407][ T8305] EXT4-fs (loop0): failed to initialize system zone (-117) [ 161.557851][ T8305] EXT4-fs (loop0): mount failed [ 161.587663][ T8309] loop4: detected capacity change from 0 to 2048 [ 161.611701][ T8311] loop3: detected capacity change from 0 to 2048 [ 161.643865][ T8309] loop4: p1 < > p4 [ 161.648372][ T8309] loop4: p4 size 8388608 extends beyond EOD, truncated [ 161.664276][ T8311] loop3: p1 < > p4 [ 161.668969][ T8311] loop3: p4 size 8388608 extends beyond EOD, truncated [ 161.669849][ T8319] SELinux: policydb magic number 0x2 does not match expected magic number 0xf97cff8c [ 161.685797][ T8319] SELinux: failed to load policy [ 161.743078][ T8323] loop4: detected capacity change from 0 to 512 [ 161.749941][ T8323] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 161.767606][ T8323] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 161.789120][ T8325] validate_nla: 6 callbacks suppressed [ 161.789139][ T8325] netlink: 'syz.3.1722': attribute type 4 has an invalid length. [ 161.829049][ T8331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.841034][ T8331] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.853879][ T8333] loop2: detected capacity change from 0 to 512 [ 161.861482][ T8331] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 161.869849][ T8333] EXT4-fs: Ignoring removed nobh option [ 161.886306][ T8335] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1727'. [ 161.886588][ T8333] EXT4-fs (loop2): failed to initialize system zone (-117) [ 161.902620][ T8333] EXT4-fs (loop2): mount failed [ 161.913343][ T8333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1726'. [ 161.944635][ T8342] C: renamed from team_slave_0 [ 161.952453][ T8342] can0: slcan on ttyS3. [ 161.993626][ T8342] can0 (unregistered): slcan off ttyS3. [ 162.001599][ T8342] can0: slcan on ttyS3. [ 162.009894][ T8342] loop2: detected capacity change from 0 to 512 [ 162.016610][ T8342] EXT4-fs: Ignoring removed nomblk_io_submit option [ 162.023640][ T8342] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 162.042019][ T8342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002] [ 162.051813][ T8342] System zones: 1-12 [ 162.056674][ T8342] EXT4-fs (loop2): orphan cleanup on readonly fs [ 162.063786][ T8342] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1728: bg 0: block 361: padding at end of block bitmap is not set [ 162.078459][ T8342] EXT4-fs (loop2): Remounting filesystem read-only [ 162.085286][ T8342] EXT4-fs (loop2): 1 truncate cleaned up [ 162.091433][ T8342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 162.173898][ T8342] can0 (unregistered): slcan off ttyS3. [ 162.180335][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 162.239640][ T8358] loop1: detected capacity change from 0 to 512 [ 162.247433][ T8358] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 162.274913][ T8360] loop0: detected capacity change from 0 to 2048 [ 162.282612][ T8358] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 162.302404][ T8364] netlink: 'syz.4.1736': attribute type 4 has an invalid length. [ 162.304217][ T8360] loop0: p1 < > p4 [ 162.317169][ T8360] loop0: p4 size 8388608 extends beyond EOD, truncated [ 162.326701][ T8364] netlink: 'syz.4.1736': attribute type 4 has an invalid length. [ 162.368553][ T8366] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 162.375720][ T8366] batman_adv: batadv0: Removing interface: veth1_vlan [ 162.395080][ T8366] netlink: 'syz.1.1738': attribute type 10 has an invalid length. [ 162.403327][ T8366] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1738'. [ 162.413226][ T8366] batman_adv: batadv0: Adding interface: veth1_vlan [ 162.419984][ T8366] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.447448][ T8366] batman_adv: batadv0: Interface activated: veth1_vlan [ 162.601381][ T29] kauditd_printk_skb: 316 callbacks suppressed [ 162.601397][ T29] audit: type=1326 audit(1757027539.698:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8378 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 162.632958][ T29] audit: type=1326 audit(1757027539.708:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8378 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 162.656471][ T29] audit: type=1326 audit(1757027539.738:3079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8378 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce166debe9 code=0x7ffc0000 [ 163.717528][ T8382] lo speed is unknown, defaulting to 1000 [ 163.766544][ T8383] lo speed is unknown, defaulting to 1000 [ 164.583544][ T8382] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 164.713636][ T8383] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 165.066543][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1747'. [ 165.105735][ T8398] loop0: detected capacity change from 0 to 512 [ 165.116547][ T8398] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 165.144850][ T8398] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 165.186999][ T8402] netlink: 'syz.0.1760': attribute type 10 has an invalid length. [ 165.195021][ T8402] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1760'. [ 165.356570][ T8412] loop1: detected capacity change from 0 to 256 [ 165.366280][ T8412] vfat: Bad value for 'utf8' [ 165.375489][ T8412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1754'. [ 165.390125][ T29] audit: type=1326 audit(1757027542.488:3080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8413 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 165.418288][ T29] audit: type=1326 audit(1757027542.488:3081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8413 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 165.441867][ T29] audit: type=1326 audit(1757027542.488:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8413 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 165.465325][ T29] audit: type=1326 audit(1757027542.488:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8413 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 165.488734][ T29] audit: type=1326 audit(1757027542.488:3084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8413 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f657be8ebe9 code=0x7ffc0000 [ 165.515443][ T29] audit: type=1326 audit(1757027542.548:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8417 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 165.539003][ T29] audit: type=1326 audit(1757027542.548:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8417 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 165.575237][ T8425] loop4: detected capacity change from 0 to 2048 [ 165.604625][ T8425] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.652602][ T8437] netlink: 'syz.2.1762': attribute type 39 has an invalid length. [ 165.656902][ T8427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1761'. [ 165.687009][ T8440] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1763'. [ 165.698350][ T8440] netlink: 'syz.2.1763': attribute type 10 has an invalid length. [ 165.706440][ T8440] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1763'. [ 165.717468][ T8440] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 165.747824][ T8441] lo speed is unknown, defaulting to 1000 [ 166.339616][ T8462] loop1: detected capacity change from 0 to 256 [ 166.356585][ T8462] vfat: Bad value for 'utf8' [ 166.366932][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.378134][ T8462] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1770'. [ 166.426746][ T8466] netlink: 'syz.1.1773': attribute type 39 has an invalid length. [ 166.732411][ T8486] loop4: detected capacity change from 0 to 512 [ 166.792723][ T8491] netlink: 'syz.2.1780': attribute type 10 has an invalid length. [ 166.800674][ T8491] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1780'. [ 166.835909][ T8491] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check. [ 166.898576][ T8495] loop2: detected capacity change from 0 to 256 [ 166.906500][ T8495] vfat: Bad value for 'utf8' [ 166.931401][ T8496] loop4: detected capacity change from 0 to 2048 [ 166.948344][ T8495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1783'. [ 166.960350][ T8498] netlink: 'syz.0.1784': attribute type 4 has an invalid length. [ 166.978200][ T8498] netlink: 'syz.0.1784': attribute type 4 has an invalid length. [ 166.989000][ T8496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.031501][ T8502] netlink: 'syz.2.1785': attribute type 39 has an invalid length. [ 167.169514][ T8520] netlink: 'syz.0.1793': attribute type 10 has an invalid length. [ 167.177623][ T8520] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1793'. [ 167.181375][ T8518] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 167.193973][ T8518] batman_adv: batadv0: Removing interface: veth1_vlan [ 167.243646][ T8525] ref_ctr_offset mismatch. inode: 0x7bd offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6666666666667830 [ 167.279039][ T8525] loop3: detected capacity change from 0 to 128 [ 167.287516][ T8525] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 167.300208][ T8525] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.370830][ T8528] loop1: detected capacity change from 0 to 256 [ 167.377745][ T8528] vfat: Bad value for 'utf8' [ 167.395549][ T3310] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 167.405815][ T8530] netlink: 'syz.1.1798': attribute type 39 has an invalid length. [ 167.470029][ T8532] netlink: 'syz.3.1797': attribute type 10 has an invalid length. [ 167.479433][ T8532] batman_adv: batadv0: Adding interface: veth1_vlan [ 167.486113][ T8532] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.513703][ T8532] batman_adv: batadv0: Interface activated: veth1_vlan [ 167.543092][ T8538] FAULT_INJECTION: forcing a failure. [ 167.543092][ T8538] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.556492][ T8538] CPU: 0 UID: 0 PID: 8538 Comm: syz.3.1800 Not tainted syzkaller #0 PREEMPT(voluntary) [ 167.556527][ T8538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 167.556555][ T8538] Call Trace: [ 167.556631][ T8538] [ 167.556637][ T8538] __dump_stack+0x1d/0x30 [ 167.556659][ T8538] dump_stack_lvl+0xe8/0x140 [ 167.556694][ T8538] dump_stack+0x15/0x1b [ 167.556787][ T8538] should_fail_ex+0x265/0x280 [ 167.556813][ T8538] should_fail+0xb/0x20 [ 167.556836][ T8538] should_fail_usercopy+0x1a/0x20 [ 167.556865][ T8538] strncpy_from_user+0x25/0x230 [ 167.556902][ T8538] ? __kmalloc_cache_noprof+0x189/0x320 [ 167.556971][ T8538] __se_sys_memfd_create+0x1ff/0x590 [ 167.557000][ T8538] __x64_sys_memfd_create+0x31/0x40 [ 167.557028][ T8538] x64_sys_call+0x2abe/0x2ff0 [ 167.557054][ T8538] do_syscall_64+0xd2/0x200 [ 167.557132][ T8538] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 167.557166][ T8538] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 167.557201][ T8538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.557222][ T8538] RIP: 0033:0x7fce166debe9 [ 167.557237][ T8538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.557259][ T8538] RSP: 002b:00007fce1513ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 167.557293][ T8538] RAX: ffffffffffffffda RBX: 00000000000004bf RCX: 00007fce166debe9 [ 167.557309][ T8538] RDX: 00007fce1513eef0 RSI: 0000000000000000 RDI: 00007fce167627e8 [ 167.557324][ T8538] RBP: 00002000000009c0 R08: 00007fce1513ebb7 R09: 00007fce1513ee40 [ 167.557341][ T8538] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000180 [ 167.557420][ T8538] R13: 00007fce1513eef0 R14: 00007fce1513eeb0 R15: 00002000000001c0 [ 167.557440][ T8538] [ 167.653230][ T8539] lo speed is unknown, defaulting to 1000 [ 167.749295][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.762453][ T8542] netlink: 'syz.3.1801': attribute type 29 has an invalid length. [ 167.773790][ T8542] random: crng reseeded on system resumption [ 167.776026][ T29] kauditd_printk_skb: 90 callbacks suppressed [ 167.776045][ T29] audit: type=1400 audit(1757027544.878:3177): avc: denied { write } for pid=8540 comm="syz.3.1801" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 167.889565][ T29] audit: type=1326 audit(1757027544.988:3178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 167.897301][ T8561] loop3: detected capacity change from 0 to 1024 [ 167.922817][ T8561] EXT4-fs: Ignoring removed orlov option [ 167.927511][ T29] audit: type=1326 audit(1757027545.018:3179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 167.931413][ T8561] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.952020][ T29] audit: type=1326 audit(1757027545.018:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 167.952057][ T29] audit: type=1326 audit(1757027545.018:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 168.011506][ T29] audit: type=1326 audit(1757027545.018:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 168.035096][ T29] audit: type=1326 audit(1757027545.018:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 168.059344][ T29] audit: type=1326 audit(1757027545.018:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 168.082903][ T29] audit: type=1326 audit(1757027545.018:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 168.106430][ T29] audit: type=1326 audit(1757027545.018:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8558 comm="syz.4.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f429e29ebe9 code=0x7ffc0000 [ 168.163132][ T8568] netlink: 'syz.0.1812': attribute type 4 has an invalid length. [ 168.178260][ T8568] netlink: 'syz.0.1812': attribute type 4 has an invalid length. [ 168.258353][ T8576] netlink: 'syz.4.1815': attribute type 39 has an invalid length. [ 168.404451][ T8591] openvswitch: netlink: Message has 6 unknown bytes. [ 168.615450][ T8614] loop0: detected capacity change from 0 to 164 [ 168.631351][ T8614] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 168.664816][ T8618] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 168.672621][ T8618] batman_adv: batadv0: Removing interface: veth1_vlan [ 168.681850][ T8614] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 168.871191][ T8619] batman_adv: batadv0: Adding interface: veth1_vlan [ 168.877902][ T8619] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.930001][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.956144][ T8619] batman_adv: batadv0: Interface activated: veth1_vlan [ 168.977164][ T8620] lo speed is unknown, defaulting to 1000 [ 169.959574][ T8631] loop4: detected capacity change from 0 to 2364 [ 171.723826][ T8637] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 171.730953][ T8637] batman_adv: batadv0: Removing interface: veth1_vlan [ 171.739794][ T8642] __nla_validate_parse: 8 callbacks suppressed [ 171.739813][ T8642] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1833'. [ 171.768486][ T8642] batman_adv: batadv0: Adding interface: veth1_vlan [ 171.775312][ T8642] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.815162][ T8642] batman_adv: batadv0: Interface activated: veth1_vlan [ 171.876925][ T8657] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 171.877209][ T8663] loop1: detected capacity change from 0 to 1024 [ 171.884198][ T8657] batman_adv: batadv0: Removing interface: veth1_vlan [ 171.891557][ T8663] EXT4-fs: Ignoring removed orlov option [ 171.903438][ T8664] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1844'. [ 171.936304][ T8664] batman_adv: batadv0: Adding interface: veth1_vlan [ 171.942965][ T8664] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.972278][ T8664] batman_adv: batadv0: Interface activated: veth1_vlan [ 171.972810][ T8663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.047381][ T8677] loop0: detected capacity change from 0 to 512 [ 172.095488][ T8684] validate_nla: 8 callbacks suppressed [ 172.095503][ T8684] netlink: 'syz.2.1853': attribute type 39 has an invalid length. [ 172.138579][ T8694] bridge0: port 1(syz_tun) entered blocking state [ 172.145284][ T8694] bridge0: port 1(syz_tun) entered disabled state [ 172.152213][ T8694] syz_tun: entered allmulticast mode [ 172.159119][ T8694] syz_tun: entered promiscuous mode [ 172.165272][ T8694] bridge0: port 1(syz_tun) entered blocking state [ 172.171811][ T8694] bridge0: port 1(syz_tun) entered forwarding state [ 172.187069][ T8694] syz_tun: left allmulticast mode [ 172.192192][ T8694] syz_tun: left promiscuous mode [ 172.197368][ T8694] bridge0: port 1(syz_tun) entered disabled state [ 172.295176][ T8694] loop2: detected capacity change from 0 to 128 [ 172.330679][ T8694] netlink: 'syz.2.1857': attribute type 2 has an invalid length. [ 172.338532][ T8694] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1857'. [ 172.376622][ T8694] netlink: 'syz.2.1857': attribute type 2 has an invalid length. [ 172.384467][ T8694] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1857'. [ 172.397233][ T8700] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 172.400646][ T8701] netlink: 'syz.4.1861': attribute type 10 has an invalid length. [ 172.404476][ T8700] batman_adv: batadv0: Removing interface: veth1_vlan [ 172.419147][ T8701] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1861'. [ 172.523609][ T8694] $Hÿ: renamed from bond0 (while UP) [ 172.545293][ T8694] $Hÿ: entered promiscuous mode [ 172.552932][ T8701] batman_adv: batadv0: Adding interface: veth1_vlan [ 172.560483][ T8701] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 172.657339][ T8701] batman_adv: batadv0: Interface activated: veth1_vlan [ 172.869363][ T8714] netlink: 'syz.0.1867': attribute type 39 has an invalid length. [ 173.015249][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.033323][ T29] kauditd_printk_skb: 96 callbacks suppressed [ 173.033338][ T29] audit: type=1326 audit(1757027550.128:3283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.063791][ T29] audit: type=1326 audit(1757027550.128:3284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.087418][ T29] audit: type=1326 audit(1757027550.128:3285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.088111][ T8724] loop0: detected capacity change from 0 to 512 [ 173.111496][ T29] audit: type=1326 audit(1757027550.128:3286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.141377][ T29] audit: type=1326 audit(1757027550.128:3287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.142123][ T8724] EXT4-fs: Ignoring removed nobh option [ 173.173092][ T8724] EXT4-fs (loop0): failed to initialize system zone (-117) [ 173.180857][ T8724] EXT4-fs (loop0): mount failed [ 173.187399][ T29] audit: type=1326 audit(1757027550.128:3288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.210905][ T29] audit: type=1326 audit(1757027550.128:3289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.234711][ T29] audit: type=1326 audit(1757027550.138:3290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.258381][ T29] audit: type=1326 audit(1757027550.168:3291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.281763][ T29] audit: type=1326 audit(1757027550.168:3292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8723 comm="syz.0.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb28edebe9 code=0x7ffc0000 [ 173.356704][ T8731] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 173.363945][ T8731] batman_adv: batadv0: Removing interface: veth1_vlan [ 173.387522][ T8733] netlink: 'syz.1.1875': attribute type 10 has an invalid length. [ 173.395435][ T8733] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1875'. [ 173.418735][ T8733] batman_adv: batadv0: Adding interface: veth1_vlan [ 173.425589][ T8733] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.454442][ T8733] batman_adv: batadv0: Interface activated: veth1_vlan [ 173.521347][ T8739] netlink: 'syz.1.1877': attribute type 7 has an invalid length. [ 173.641114][ T8744] netlink: 'syz.1.1879': attribute type 39 has an invalid length. [ 173.710003][ T8747] loop1: detected capacity change from 0 to 2048 [ 173.736842][ T8747] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.776494][ T8752] FAULT_INJECTION: forcing a failure. [ 173.776494][ T8752] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.789620][ T8752] CPU: 0 UID: 0 PID: 8752 Comm: syz.2.1878 Not tainted syzkaller #0 PREEMPT(voluntary) [ 173.789683][ T8752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.789701][ T8752] Call Trace: [ 173.789708][ T8752] [ 173.789718][ T8752] __dump_stack+0x1d/0x30 [ 173.789741][ T8752] dump_stack_lvl+0xe8/0x140 [ 173.789761][ T8752] dump_stack+0x15/0x1b [ 173.789783][ T8752] should_fail_ex+0x265/0x280 [ 173.789811][ T8752] should_fail+0xb/0x20 [ 173.789834][ T8752] should_fail_usercopy+0x1a/0x20 [ 173.789860][ T8752] strncpy_from_user+0x25/0x230 [ 173.789968][ T8752] ? __kmalloc_cache_noprof+0x189/0x320 [ 173.790004][ T8752] __se_sys_memfd_create+0x1ff/0x590 [ 173.790026][ T8752] __x64_sys_memfd_create+0x31/0x40 [ 173.790081][ T8752] x64_sys_call+0x2abe/0x2ff0 [ 173.790110][ T8752] do_syscall_64+0xd2/0x200 [ 173.790142][ T8752] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 173.790166][ T8752] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 173.790199][ T8752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.790265][ T8752] RIP: 0033:0x7f657be8ebe9 [ 173.790285][ T8752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.790308][ T8752] RSP: 002b:00007f657a8ace18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 173.790334][ T8752] RAX: ffffffffffffffda RBX: 0000000000000943 RCX: 00007f657be8ebe9 [ 173.790351][ T8752] RDX: 00007f657a8acef0 RSI: 0000000000000000 RDI: 00007f657bf127e8 [ 173.790367][ T8752] RBP: 0000200000001500 R08: 00007f657a8acbb7 R09: 00007f657a8ace40 [ 173.790380][ T8752] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000980 [ 173.790455][ T8752] R13: 00007f657a8acef0 R14: 00007f657a8aceb0 R15: 0000200000000cc0 [ 173.790475][ T8752] [ 173.976693][ T8754] loop4: detected capacity change from 0 to 512 [ 174.006406][ T8756] loop0: detected capacity change from 0 to 2048 [ 174.016814][ T8754] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 174.036204][ T8756] loop0: p1 < > p4 [ 174.053912][ T8756] loop0: p4 size 8388608 extends beyond EOD, truncated [ 174.110114][ T8754] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 174.457480][ T8767] netlink: 'syz.0.1887': attribute type 10 has an invalid length. [ 174.465511][ T8767] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1887'. [ 174.465588][ T8764] loop4: detected capacity change from 0 to 1024 [ 174.481221][ T8764] EXT4-fs: Ignoring removed orlov option [ 174.488774][ T8764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.493621][ T8766] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 174.508492][ T8766] batman_adv: batadv0: Removing interface: veth1_vlan [ 174.529729][ T8767] batman_adv: batadv0: Adding interface: veth1_vlan [ 174.536438][ T8767] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.623569][ T8767] batman_adv: batadv0: Interface activated: veth1_vlan [ 174.665049][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.710690][ T8772] FAULT_INJECTION: forcing a failure. [ 174.710690][ T8772] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.723964][ T8772] CPU: 1 UID: 0 PID: 8772 Comm: syz.1.1888 Not tainted syzkaller #0 PREEMPT(voluntary) [ 174.724104][ T8772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 174.724119][ T8772] Call Trace: [ 174.724128][ T8772] [ 174.724138][ T8772] __dump_stack+0x1d/0x30 [ 174.724165][ T8772] dump_stack_lvl+0xe8/0x140 [ 174.724194][ T8772] dump_stack+0x15/0x1b [ 174.724209][ T8772] should_fail_ex+0x265/0x280 [ 174.724297][ T8772] should_fail+0xb/0x20 [ 174.724314][ T8772] should_fail_usercopy+0x1a/0x20 [ 174.724335][ T8772] _copy_to_user+0x20/0xa0 [ 174.724426][ T8772] simple_read_from_buffer+0xb5/0x130 [ 174.724469][ T8772] proc_fail_nth_read+0x10e/0x150 [ 174.724498][ T8772] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 174.724523][ T8772] vfs_read+0x1a5/0x770 [ 174.724583][ T8772] ? __cond_resched+0x4e/0x90 [ 174.724606][ T8772] ksys_read+0xda/0x1a0 [ 174.724635][ T8772] __x64_sys_read+0x40/0x50 [ 174.724662][ T8772] x64_sys_call+0x27bc/0x2ff0 [ 174.724747][ T8772] do_syscall_64+0xd2/0x200 [ 174.724825][ T8772] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 174.724853][ T8772] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 174.724900][ T8772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.724948][ T8772] RIP: 0033:0x7f6a708ed5fc [ 174.724962][ T8772] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 174.724985][ T8772] RSP: 002b:00007f6a6f34f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 174.725010][ T8772] RAX: ffffffffffffffda RBX: 00007f6a70b25fa0 RCX: 00007f6a708ed5fc [ 174.725025][ T8772] RDX: 000000000000000f RSI: 00007f6a6f34f0a0 RDI: 0000000000000003 [ 174.725037][ T8772] RBP: 00007f6a6f34f090 R08: 0000000000000000 R09: 0000000000000000 [ 174.725048][ T8772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 174.725059][ T8772] R13: 00007f6a70b26038 R14: 00007f6a70b25fa0 R15: 00007ffc37d51bd8 [ 174.725118][ T8772] [ 174.992087][ T8779] netlink: 'syz.0.1891': attribute type 39 has an invalid length. [ 175.009942][ T8777] loop1: detected capacity change from 0 to 2364 [ 175.085024][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.159040][ T8788] loop0: detected capacity change from 0 to 256 [ 175.165896][ T8788] vfat: Bad value for 'utf8' [ 175.220503][ T8793] loop2: detected capacity change from 0 to 128 [ 175.221031][ T8792] loop0: detected capacity change from 0 to 1024 [ 175.245025][ T8792] EXT4-fs: Ignoring removed orlov option [ 175.260564][ T8792] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.301061][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.496279][ T8819] loop2: detected capacity change from 0 to 256 [ 175.503215][ T8819] vfat: Bad value for 'utf8' [ 175.645618][ T8821] loop4: detected capacity change from 0 to 1024 [ 175.652402][ T8821] EXT4-fs: Ignoring removed orlov option [ 175.663245][ T8821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.674158][ T8827] loop2: detected capacity change from 0 to 512 [ 175.732409][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.855586][ T8832] loop1: detected capacity change from 0 to 1024 [ 175.863726][ T8832] EXT4-fs: dax option not supported [ 175.871074][ T8832] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1913'. [ 175.930615][ T8838] loop4: detected capacity change from 0 to 512 [ 175.937956][ T8838] EXT4-fs: Ignoring removed nobh option [ 175.956146][ T8838] EXT4-fs (loop4): failed to initialize system zone (-117) [ 175.966223][ T8838] EXT4-fs (loop4): mount failed [ 176.249742][ T8853] random: crng reseeded on system resumption [ 176.509715][ T8858] bridge0: port 1(syz_tun) entered blocking state [ 176.517279][ T8858] bridge0: port 1(syz_tun) entered disabled state [ 176.573008][ T8860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1924'. [ 176.579136][ T8858] syz_tun: entered allmulticast mode [ 176.592446][ T8858] syz_tun: entered promiscuous mode [ 176.600070][ T8858] bridge0: port 1(syz_tun) entered blocking state [ 176.606695][ T8858] bridge0: port 1(syz_tun) entered forwarding state [ 176.616020][ T8860] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1924'. [ 176.620979][ T8858] syz_tun: left allmulticast mode [ 176.630159][ T8858] syz_tun: left promiscuous mode [ 176.635422][ T8858] bridge0: port 1(syz_tun) entered disabled state [ 176.662526][ T8858] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 176.669661][ T8858] batman_adv: batadv0: Removing interface: veth1_vlan [ 176.707327][ T8858] loop1: detected capacity change from 0 to 128 [ 176.717893][ T8858] $Hÿ: renamed from bond0 (while UP) [ 176.729385][ T8858] $Hÿ: entered promiscuous mode [ 176.969435][ T8883] __nla_validate_parse: 2 callbacks suppressed [ 176.969453][ T8883] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1934'. [ 177.049917][ T8885] lo speed is unknown, defaulting to 1000 [ 177.105862][ T8895] bridge0: port 1(syz_tun) entered blocking state [ 177.112377][ T8895] bridge0: port 1(syz_tun) entered disabled state [ 177.143215][ T8895] syz_tun: entered allmulticast mode [ 177.167809][ T8895] syz_tun: entered promiscuous mode [ 177.176585][ T8895] bridge0: port 1(syz_tun) entered blocking state [ 177.183188][ T8895] bridge0: port 1(syz_tun) entered forwarding state [ 177.214927][ T8905] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1943'. [ 177.231220][ T8895] syz_tun: left allmulticast mode [ 177.236490][ T8895] syz_tun: left promiscuous mode [ 177.241666][ T8895] bridge0: port 1(syz_tun) entered disabled state [ 177.309279][ T8910] loop2: detected capacity change from 0 to 128 [ 177.362379][ T8908] loop1: detected capacity change from 0 to 1024 [ 177.369207][ T8908] EXT4-fs: Ignoring removed orlov option [ 177.381458][ T8908] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.381661][ T8895] validate_nla: 7 callbacks suppressed [ 177.381677][ T8895] netlink: 'syz.2.1939': attribute type 2 has an invalid length. [ 177.407866][ T8895] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1939'. [ 177.422820][ T8895] netlink: 'syz.2.1939': attribute type 2 has an invalid length. [ 177.430724][ T8895] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1939'. [ 177.480950][ T8913] ================================================================== [ 177.489085][ T8913] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read [ 177.497182][ T8913] [ 177.499531][ T8913] write to 0xffff88810a775a68 of 8 bytes by task 8908 on cpu 1: [ 177.507190][ T8913] filemap_splice_read+0x4f4/0x740 [ 177.512335][ T8913] ext4_file_splice_read+0x8f/0xb0 [ 177.517491][ T8913] splice_direct_to_actor+0x26c/0x680 [ 177.522996][ T8913] do_splice_direct+0xda/0x150 [ 177.527781][ T8913] do_sendfile+0x380/0x650 [ 177.532281][ T8913] __x64_sys_sendfile64+0x105/0x150 [ 177.537510][ T8913] x64_sys_call+0x2bb0/0x2ff0 [ 177.542214][ T8913] do_syscall_64+0xd2/0x200 [ 177.546752][ T8913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.552679][ T8913] [ 177.555022][ T8913] write to 0xffff88810a775a68 of 8 bytes by task 8913 on cpu 0: [ 177.562716][ T8913] filemap_splice_read+0x4f4/0x740 [ 177.567857][ T8913] ext4_file_splice_read+0x8f/0xb0 [ 177.573022][ T8913] splice_direct_to_actor+0x26c/0x680 [ 177.578429][ T8913] do_splice_direct+0xda/0x150 [ 177.583213][ T8913] do_sendfile+0x380/0x650 [ 177.587672][ T8913] __x64_sys_sendfile64+0x105/0x150 [ 177.592919][ T8913] x64_sys_call+0x2bb0/0x2ff0 [ 177.597646][ T8913] do_syscall_64+0xd2/0x200 [ 177.602183][ T8913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.608098][ T8913] [ 177.610429][ T8913] value changed: 0x00000000000000fd -> 0x00000000000000fe [ 177.617548][ T8913] [ 177.619882][ T8913] Reported by Kernel Concurrency Sanitizer on: [ 177.626053][ T8913] CPU: 0 UID: 0 PID: 8913 Comm: syz.1.1944 Not tainted syzkaller #0 PREEMPT(voluntary) [ 177.635799][ T8913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 177.645866][ T8913] ================================================================== [ 177.964853][ C0] vcan0 (unregistered): j1939_tp_rxtimer: 0xffff888119ce8400: rx timeout, send abort [ 178.146938][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.474426][ C0] vcan0 (unregistered): j1939_tp_rxtimer: 0xffff888119ce8400: abort rx timeout. Force session deactivation