last executing test programs: 4.326343989s ago: executing program 0 (id=4821): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0x0, 0xc844, &(0x7f0000000180)={0x2, 0x4620, @remote}, 0x10) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)) sendto$inet(r0, &(0x7f0000000100)="ff", 0x1, 0x24008400, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r2, 0xffffffffffffffff, 0x0) 4.259499094s ago: executing program 0 (id=4822): r0 = socket$inet6(0xa, 0x3, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@local, @in=@loopback, 0x4e23, 0x56, 0x2, 0x0, 0x2, 0x0, 0x0, 0x67}, {0x0, 0x0, 0x0, 0x4, 0xfffffffffffffff6, 0x2000000, 0x1, 0x1}, {0x7, 0x3, 0x4}, 0x3, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x6c}, 0xa, @in=@loopback, 0x3507, 0x4, 0x0, 0x0, 0xffffffff, 0x8, 0x9}}, 0xe8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c) 4.259277204s ago: executing program 0 (id=4823): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'}) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'geneve0\x00'}) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.994104258s ago: executing program 4 (id=4837): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES64=0x0, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=") r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) fallocate(r0, 0x0, 0x0, 0x1000f4) 1.781781245s ago: executing program 3 (id=4839): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r0, r2, 0x25, 0x0, @val=@tcx}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "45208e", 0x8, 0x3a, 0x1, @dev={0xfe, 0x80, '\x00', 0x34}, @mcast2, {[], @echo_request={0x80, 0x0, 0x0, 0x94, 0x9}}}}}}, 0x0) 1.698582682s ago: executing program 3 (id=4840): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) 1.615507399s ago: executing program 3 (id=4842): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) 1.533453376s ago: executing program 3 (id=4844): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000e, 0x204031, 0xffffffffffffffff, 0x2fe000) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0) ioctl$TCSETSW2(r1, 0x5453, 0x0) 1.484603549s ago: executing program 2 (id=4845): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0) read(r1, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x3}, 0x52}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f00000000c0)={0x3, 0x1, 'client1\x00', 0x0, "81cbf3dc07ade253", "c2382b4c6bb074dcb971c144adc7e6576c93d30263c40dbdd1b75d7917ca30cb", 0x5, 0x800}) tkill(r0, 0x7) 1.443401033s ago: executing program 3 (id=4846): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file1', [{}]}, 0xc) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 1.394896477s ago: executing program 1 (id=4848): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x9, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="85"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94) syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh") mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x800000009) 1.267407857s ago: executing program 3 (id=4849): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e85000000070000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x18) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {0xffffffffffffffff, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @empty}}}, 0x118) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x121602, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc8f}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}}, 0x20004000) socket$inet6_tcp(0xa, 0x1, 0x0) 1.267285147s ago: executing program 1 (id=4850): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)={0x40, 0x19, 0xa01, 0x600, 0x0, {0x4}, [@nested={0x2b, 0x11, 0x0, 0x1, [@generic="cd8a699c3b019b79dc5d1257ed902e57866ebcfc12d22f1cb33f59d76320d8de85a7d14f2868e9"]}]}, 0x40}, 0x1, 0x0, 0x0, 0x200080c1}, 0x8000) 1.267208307s ago: executing program 1 (id=4851): r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f0000000700)={0xa, 0x4e22, 0x0, @loopback, 0x4}, 0x1c) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x37, 0x0, 0x9}]}, 0x10) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) 1.260623358s ago: executing program 2 (id=4852): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2804458, &(0x7f0000003b80), 0x1, 0x502, &(0x7f0000000240)="$eJzs3d9rY1kdAPDvvW26nZmuyaoP64K7i7vSWXSSduruFh92VxB9WlDX91rbtJSmTWnSdVoG7eAfIIio4JNPvgj+AYLMnyDCgL6LiiI6o4/OXElyq9M2aTPbtJlJPx+4zTn31/ecS3Pur0NOAJfWqxHxXkSMRcQbEVHM56f5tNDK7HfWe3D/9lJrSiLLPvhHEkk+72Bfrfx4RFzrbBKTEfGNr0Z8Ozket7G7t75Yq1W383ylubFVaezu3VjbWFytrlY35+Zm35p/e/7N+Zksd6Z6liLinS//5cc/+MVX3vnN57/zx4W/Xf9uq1hZsVPuiFg6U4AeOvsutI/FgdYx2j6PYEMwltenMDbskgAA0I/WNf7HI+Iz7ev/Yoy1r+YAAACAUZK9OxX/SSIyAAAAYGSlETEVSVrO+wJMRZqWy50+vJ+Mq2mt3mh+bqW+s7ncWhZRikK6slarzuR9hUtRSFr52byP7UH+5pH8XES8EBE/Kl5p58tL9drysB9+AAAAwCVx7ZXD9///LqbtNAAAADBiSj0zAAAAwKhwyw8AAACjz/0/AAAAjLSvvf9+a8oOxvFe/nB3Z73+4Y3lamO9vLGzVF6qb2+VV+v11fZv9m2ctr9avb71hdjcuVVpVhvNSmN3b2GjvrPZXFg7NAQ2AAAAcIFeeOXuH5KI2P/ilfYU+e8AAhzy52EXABiksWEXABia8X5XTM63HMDFK5y6Rt8tBPCMOu303rPzzm8HXxYAAOB8TH/q+Pv/iXzZ6c8GgGeZvj4AcPl4uweXV+HUHoA6/sCo+1jn47ley8/+/j/LnrhQAADAQE21pyQt5+8CpyJNy+WI59vDAhSSlbVadSa/P/h9sfBcKz/b3jLxZAAAAAAAAAAAAAAAAAAAAAAAAAAA+pRlSWQAAADASItI/5rko/xNF1+f6jwVeJiP1XVk1K+fffCTW4vN5vZsxETyz2Jr1kRENH/amb9zMzMkAAAAADwF2vfvN/PP2WGXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBR8+D+7aWD6SLj/v1LEVHqFn88Jtufk1GIiKv/SmL8se2SiBgbQPz9OxHxYrf4STzKsqyUl6Jb/CvnHL/UPjTd46cRcW0A8eEyu9tqf97r9v1L49X2Z/fv33g+nVXv9i/9X/s31qP9eb7PGC/d+1WlZ/w7ES+Nd29/DuInnfhJHIn/Wp/xv/XNvb1ey7KfR0x3Pf8kh2JVmhtblcbu3o21jcXV6mp1c25u9q35t+ffnJ+prKzVqvnfrjF++OlfPzqp/ld7xC8drv+x4/96n/V/eO/W/U90koVu8a+/1v38+2KP+Gl+7vtsnm4tnz5I73fSj3v5l797+aT6L/eo/+Qp9b/eZ/3f+Pr3/9TnqgDABWjs7q0v1mrV7RMSk32sc8GJd5+OYkgMKpF9r/P/eLb9nHHzY4nsLJuPxwCKMfEE39PBJobZKgEAAOfh/xf9wy4JAAAAAAAAAAAAAAAAAAAAXF4f8RfCJiOi75WPxtwfTlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE703wAAAP//jl/Y1w==") llistxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=""/157, 0x9d) 1.240994259s ago: executing program 1 (id=4853): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='module_request\x00', r0}, 0x10) r2 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r2, r1, 0x0, 0x1, 0xfffffffffffffffe}, 0x42) 1.202574712s ago: executing program 1 (id=4854): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) futex(&(0x7f0000000180), 0x5, 0x0, 0x0, &(0x7f0000000000), 0xaffffffa) sched_setscheduler(0x0, 0x1, 0x0) r0 = socket(0x10, 0x3, 0x0) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfe, 0x800}, 0xa) lseek(0xffffffffffffffff, 0xcbe, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x3, &(0x7f0000000a40), 0x1, 0x51b, &(0x7f0000001240)="$eJzs3U9vI2cZAPBnnDhkd1OSAoeyUrcVLcpWsHbS0Dbi0C4SglMloNyXkDhRFCeOYqfdRFWVFR8ACSGoxIkTFyQ+ABJaiS+AKlWCO+Kv+LMLB4SAQTO2s5usHWe7drzr/H7S7Lwz83qe53Xs2XlnXo0DOLeej4jrETEWES9FxHRrfaE13b4SEQfNenfvvLucTUmk6Vt/SyJprWvvK2nNLzVfEpMR8Y2vRnw7eTBufW9/Y6larey0lsuNze1yfW//2vrm0lplrbK1sDD/6uJri68sznVO/L2//vvyQ7Qza9frX/7DD777k6+8/ovPv/PbG3+++l6W1lRr+/3t6Kdm04v5e9E2HhE7gwg2BGOt9hSHnQgAAKeSneN/IiI+k5//T8dYfjYHAAAAjJL0jan4TxKRpml6Kz3ij+0qAAAAwJOtkI+BTQql1liAqSgUSqXmGN5PxcVCtVZvfG61tru10hwrOxPFwup6tTLXGlM7E8UkW57Py/eWXz62vBART0fE96cv5Mul5Vp1ZcjXPgAAAOC8uHSs///P6Wb/HwAAABgxM8NOAAAAABg4/X8AAAAYffr/AAAAMNK+9uab2ZS2f/965e293Y3a29dWKvWN0ubucmm5trNdWqvV1vJn9m322l+1Vtv+Qmzt3iw3KvVGub63f2OztrvVuLF+5CewAQAAgDP09HO3f5NExMEXL+RTZqK1LTleeeKsswMGqfAwlX8/uDyAszc27ASAoRkfdgLA0BSHnQAwdA9c6zum6+CdX/U/FwAAYDBmP939/r9rAzDaHur+PzBS3P+H88v9fzi/is4A4Nz7eI/tj37/P0177gsAABioqXxKCqXWvcCpKBRKpYin8p8FKCar69XKXKt/8Ovp4sey5fn8lUnPMcMAAAAAAAAAAAAAAAAAAAAAAAAAQFOaJpECAAAAIy2i8Kckf5p/xOz0i1PHrw9MJP+abhWTd3701g9vLjUaO/PZ+r/n6yciovF+a/3LZ375AgAAADh0cFhq99Pb/XgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ke7d95dbk89qj7Xz7h/+VJEzHSKPx6T+XwyihFx8R9JjN/3uiQixvoQ/+BWRDzTKX4SM2NZas0sOsW/MOj4+Vsz+Wyapg/Ez9p+qQ/x4Ty7nR1/rnf6/hXi+Xze+fs/3poeVffjX+Hw+DfW5fjz1CljXP7wZ+Wu8W9FXB7vfPxpx0+6xH/hlPG/9c39/W7b0h9HzHb8/yc5Eqvc2Nwu1/f2r61vLq1V1ipbCwvzry6+tvjK4lx5db1ayf69HnMdY3zv2Z//76T2XzwSPzmMPNOj/S9mhWLv9v/3w5t3PtksFo/tIo9/9YXOf/9nToiffSY+m9dq7mi2XT7Iy0eyuvLTD66c1P6VLu9/r7//1V4Nf6M5e+nr3/ldr6oAwNmp7+1vLFWrlZ1+FD44qc77aZo+Soj2WVl/Uh14YeLJSfX+Qvtz8bjk87gVsnPsxyCNM/wkAAAAo+LeSf+wMwEAAAAAAAAAAAAAAAAAAIDz69TPA/vlR3+c2PGYB8NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4fAAD//+GSy20=") 1.201821353s ago: executing program 0 (id=4855): r0 = socket$inet6(0xa, 0x80002, 0x0) unshare(0x600) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @empty}, 0x10) 1.147488927s ago: executing program 2 (id=4856): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041) write$sndseq(r0, &(0x7f0000000080)=[{0x2, 0xc, 0x0, 0xfd, @time={0x5, 0x7fff}, {}, {0xe}, @note={0xff, 0xfe, 0x5, 0x1, 0x7}}], 0x1c) 1.147363067s ago: executing program 2 (id=4857): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) inotify_init1(0x0) 803.798085ms ago: executing program 4 (id=4858): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) r2 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0) 745.08518ms ago: executing program 0 (id=4859): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3}) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0x1f, 0x4) 671.327296ms ago: executing program 0 (id=4860): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) bind$bt_hci(r0, &(0x7f0000000040), 0x6) ioctl$sock_bt_hci(r0, 0x400448e7, 0x0) 545.482126ms ago: executing program 4 (id=4861): r0 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000400)={0x1, 0x1, {0x2000, 0x7, 0x1, 0x13, 0x2, 0x4f5c, 0x2, 0x5e}}) 487.4126ms ago: executing program 1 (id=4862): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000057c0)=""/4057, 0xfd9}, {&(0x7f00000037c0)=""/4073, 0xfe9}, {&(0x7f0000000b00)=""/244, 0xf4}, {&(0x7f00000006c0)=""/123, 0x7b}, {&(0x7f0000000180)=""/45, 0x2d}, {&(0x7f0000000080)=""/145, 0x91}], 0x6}, 0x40002100) sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e513aeac9bf2bee150d5", 0x5a}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000) 487.293481ms ago: executing program 4 (id=4863): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote, 0xe, 0x2, 0x2, 0xd, 0x9}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000100)=""/57, 0x39}], 0x1, 0x407, 0x0) 487.08855ms ago: executing program 4 (id=4864): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='module_request\x00', r0}, 0x10) r2 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r2, r1, 0x0, 0x1, 0xfffffffffffffffe}, 0x42) 486.90801ms ago: executing program 4 (id=4865): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xd}, {0x6, 0xfff1}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x884) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) sched_setscheduler(r4, 0x1, &(0x7f0000000300)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) socket$packet(0x11, 0x0, 0x300) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(r1, 0x0, 0xffffffffffffff18, 0x20080081, &(0x7f0000000080)={0xa, 0x4e22, 0x10004, @mcast2, 0x4}, 0x1c) recvmsg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3e}, 0x40002102) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x94) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0x2}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4080}, 0x0) 80.873803ms ago: executing program 2 (id=4866): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/igmp\x00') pread64(r0, &(0x7f0000002380)=""/253, 0xfd, 0x4eb) 0s ago: executing program 2 (id=4867): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x4e22, @broadcast}, 0xb, &(0x7f0000000140)=[{&(0x7f00000002c0)='\b', 0x1}, {&(0x7f0000000040)="000000070020ac", 0x7}], 0x2}, 0x0) kernel console output (not intermixed with test programs): ][T14756] usb usb8: usbfs: process 14756 (syz.1.3324) did not claim interface 0 before use [ 341.811107][ T2955] usb 5-1: new low-speed USB device number 3 using vhci_hcd [ 341.819964][T14756] netlink: 'syz.1.3324': attribute type 2 has an invalid length. [ 341.825049][T14729] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 341.832592][T14756] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3324'. [ 341.859652][T14729] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 341.893849][T14732] vhci_hcd: connection reset by peer [ 341.899462][T14737] vhci_hcd: connection closed [ 341.899601][T14753] vhci_hcd: connection closed [ 341.901024][T14746] vhci_hcd: connection closed [ 341.904330][T14744] vhci_hcd: connection closed [ 341.921663][ T37] vhci_hcd: stop threads [ 341.930654][ T37] vhci_hcd: release socket [ 341.935078][ T37] vhci_hcd: disconnect device [ 341.999073][T14763] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3325'. [ 342.008196][ T37] vhci_hcd: stop threads [ 342.011466][T14763] macvtap6: entered promiscuous mode [ 342.012527][ T37] vhci_hcd: release socket [ 342.012619][ T37] vhci_hcd: disconnect device [ 342.027181][T14763] macvtap6: entered allmulticast mode [ 342.032587][T14763] team0: entered allmulticast mode [ 342.037718][T14763] team_slave_0: entered allmulticast mode [ 342.043543][T14763] team_slave_1: entered allmulticast mode [ 342.049891][ T37] vhci_hcd: stop threads [ 342.052595][T14763] 8021q: adding VLAN 0 to HW filter on device macvtap6 [ 342.054178][ T37] vhci_hcd: release socket [ 342.054193][ T37] vhci_hcd: disconnect device [ 342.069164][ T37] vhci_hcd: stop threads [ 342.074541][ T37] vhci_hcd: release socket [ 342.079091][ T37] vhci_hcd: disconnect device [ 342.086253][ T37] vhci_hcd: stop threads [ 342.090549][ T37] vhci_hcd: release socket [ 342.090991][T14743] Set syz1 is full, maxelem 65536 reached [ 342.094994][ T37] vhci_hcd: disconnect device [ 342.311295][T14770] Set syz1 is full, maxelem 65536 reached [ 342.830329][T14781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3332'. [ 342.842917][T14781] bridge_slave_1: left allmulticast mode [ 342.848590][T14781] bridge_slave_1: left promiscuous mode [ 342.854472][T14781] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.864291][T14781] bridge_slave_0: left allmulticast mode [ 342.870091][T14781] bridge_slave_0: left promiscuous mode [ 342.876019][T14781] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.930856][T14785] tipc: Enabled bearer , priority 0 [ 342.938074][T14785] syzkaller0: entered promiscuous mode [ 342.943553][T14785] syzkaller0: entered allmulticast mode [ 342.951903][T14784] tipc: Resetting bearer [ 342.958943][T14784] tipc: Disabling bearer [ 343.083702][T14795] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3339'. [ 343.123963][T14797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3340'. [ 343.132988][T14797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3340'. [ 343.183528][T14805] netlink: 'syz.0.3344': attribute type 10 has an invalid length. [ 343.224670][T14805] 8021q: adding VLAN 0 to HW filter on device team0 [ 343.235967][T14805] bond0: (slave team0): Enslaving as an active interface with an up link [ 343.246542][T14805] netlink: 'syz.0.3344': attribute type 10 has an invalid length. [ 343.263397][T14805] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 343.300787][T14805] 8021q: adding VLAN 0 to HW filter on device bond1 [ 343.330355][T14807] Set syz1 is full, maxelem 65536 reached [ 343.703644][T14821] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.710905][T14821] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.818270][T14821] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.852951][T14821] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 343.934214][T14821] veth0_virt_wifi: left promiscuous mode [ 343.972470][T10694] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.998976][T10694] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.042688][T10694] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.092385][T14832] tipc: Enabled bearer , priority 0 [ 344.099380][T14832] syzkaller0: entered promiscuous mode [ 344.104946][T14832] syzkaller0: entered allmulticast mode [ 344.117898][T10694] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.131197][T14831] tipc: Resetting bearer [ 344.138119][T14831] tipc: Disabling bearer [ 344.447709][ T29] audit: type=1400 audit(1127.607:7669): avc: denied { mounton } for pid=14851 comm="syz.4.3354" path="/42/bus" dev="tmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 344.585830][ T29] audit: type=1400 audit(1127.754:7670): avc: denied { create } for pid=14861 comm="syz.0.3356" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 344.827078][T14885] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3355'. [ 344.889001][T14885] wireguard0: entered promiscuous mode [ 344.894534][T14885] wireguard0: entered allmulticast mode [ 345.376667][T14898] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 345.386360][T14898] batadv_slave_1: left promiscuous mode [ 345.391939][T14898] batadv_slave_1: left allmulticast mode [ 345.429417][T10705] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.444618][T10705] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.454180][T10705] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.464910][T10705] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.489032][T14903] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3364'. [ 345.540294][T14910] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3366'. [ 345.878191][T14933] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3372'. [ 345.887641][T14930] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3372'. [ 345.939610][T14935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3374'. [ 345.996877][T14943] loop3: detected capacity change from 0 to 1024 [ 346.176744][T14943] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 346.255155][T14951] pim6reg: entered allmulticast mode [ 346.278885][T14951] pim6reg: left allmulticast mode [ 346.285855][T14943] support for cryptoloop has been removed. Use dm-crypt instead. [ 346.376896][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.604363][ T29] audit: type=1400 audit(1129.875:7671): avc: denied { getopt } for pid=14967 comm="syz.3.3386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 346.642596][ T2955] usb 5-1: enqueue for inactive port 0 [ 346.655867][ T2955] usb 5-1: enqueue for inactive port 0 [ 346.668091][T14976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.722595][T14976] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 346.740547][ T2955] vhci_hcd: vhci_device speed not set [ 346.933059][T14976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.942268][T14976] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 347.758257][T15007] loop3: detected capacity change from 0 to 1024 [ 347.786798][T15007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.098591][T15007] support for cryptoloop has been removed. Use dm-crypt instead. [ 348.129149][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.302519][T15035] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3410'. [ 348.354072][T15041] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.361591][T15041] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.409977][T15041] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.421123][T15041] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.453480][T10691] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.474903][T10691] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.488216][T10691] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.498924][T10691] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.224951][T15079] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3428'. [ 349.278242][T15084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3431'. [ 349.298936][T15079] bridge1: port 1(veth3) entered blocking state [ 349.305345][T15079] bridge1: port 1(veth3) entered disabled state [ 349.316063][T15079] veth3: entered allmulticast mode [ 349.325918][T15079] veth3: entered promiscuous mode [ 349.336551][T15079] bridge1: port 2(veth0_to_bond) entered blocking state [ 349.343596][T15079] bridge1: port 2(veth0_to_bond) entered disabled state [ 349.351225][T15079] veth0_to_bond: entered allmulticast mode [ 349.358880][T15079] veth0_to_bond: entered promiscuous mode [ 349.743748][T15117] syzkaller0: entered promiscuous mode [ 349.749377][T15117] syzkaller0: entered allmulticast mode [ 350.202264][T15145] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3456'. [ 350.587471][T15151] syzkaller0: entered promiscuous mode [ 350.593021][T15151] syzkaller0: entered allmulticast mode [ 351.425155][T15213] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3484'. [ 351.741770][T15229] netlink: 380 bytes leftover after parsing attributes in process `syz.3.3491'. [ 351.831816][T15234] loop1: detected capacity change from 0 to 1024 [ 351.941740][T15234] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.022649][T15234] support for cryptoloop has been removed. Use dm-crypt instead. [ 352.065005][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.292490][T15265] loop3: detected capacity change from 0 to 1024 [ 352.346434][T15265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 352.402894][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.792894][T15317] netlink: 'syz.3.3527': attribute type 4 has an invalid length. [ 352.835447][T15321] loop3: detected capacity change from 0 to 1024 [ 352.853203][T15321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.913798][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.517403][T15341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3536'. [ 353.555283][T15345] loop4: detected capacity change from 0 to 128 [ 353.945747][T15351] netlink: 'syz.0.3541': attribute type 10 has an invalid length. [ 354.093146][T15351] 8021q: adding VLAN 0 to HW filter on device bond2 [ 354.199317][T15361] loop1: detected capacity change from 0 to 1024 [ 354.219378][T15361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.281461][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.420673][T15375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3549'. [ 354.451077][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3550'. [ 354.460436][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3550'. [ 354.851947][T15392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3557'. [ 354.868485][T15397] loop3: detected capacity change from 0 to 128 [ 356.443244][T15476] loop2: detected capacity change from 0 to 1024 [ 356.468371][T15476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.206616][T15504] netlink: 'syz.3.3604': attribute type 1 has an invalid length. [ 357.246878][T15504] 8021q: adding VLAN 0 to HW filter on device bond2 [ 357.268412][T15504] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3604'. [ 357.294649][T15510] loop1: detected capacity change from 0 to 1024 [ 357.339553][T15510] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 357.405847][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.711322][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.182014][T15483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3595'. [ 358.902855][ T29] audit: type=1400 audit(1142.789:7672): avc: denied { read } for pid=15565 comm="syz.0.3629" path="socket:[61099]" dev="sockfs" ino=61099 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 359.101174][T15585] IPVS: length: 139 != 8 [ 359.101351][ T29] audit: type=1400 audit(1142.999:7673): avc: denied { getopt } for pid=15583 comm="syz.1.3637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 360.210823][T15641] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3663'. [ 360.298242][T15641] bridge1: port 1(veth3) entered blocking state [ 360.304790][T15641] bridge1: port 1(veth3) entered disabled state [ 360.316711][T15641] veth3: entered allmulticast mode [ 360.323118][T15641] veth3: entered promiscuous mode [ 360.334609][T15650] vlan2: entered allmulticast mode [ 360.339874][T15650] veth0_to_hsr: entered allmulticast mode [ 360.346040][T15650] bridge1: port 2(vlan2) entered blocking state [ 360.352365][T15650] bridge1: port 2(vlan2) entered disabled state [ 360.389786][T15650] vlan2: entered promiscuous mode [ 360.395199][T15650] veth0_to_hsr: entered promiscuous mode [ 360.456266][T15664] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3672'. [ 360.639314][T15673] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15673 comm=syz.4.3675 [ 361.086291][T15691] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3682'. [ 361.142975][T15691] bridge1: port 1(veth3) entered blocking state [ 361.149527][T15691] bridge1: port 1(veth3) entered disabled state [ 361.156358][T15691] veth3: entered allmulticast mode [ 361.162736][T15691] veth3: entered promiscuous mode [ 361.173102][T15697] vlan2: entered allmulticast mode [ 361.178382][T15697] veth0_to_hsr: entered allmulticast mode [ 361.206897][T15697] bridge1: port 2(vlan2) entered blocking state [ 361.213372][T15697] bridge1: port 2(vlan2) entered disabled state [ 361.235379][T15697] vlan2: entered promiscuous mode [ 361.240504][T15697] veth0_to_hsr: entered promiscuous mode [ 361.325842][T15705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15705 comm=syz.3.3687 [ 361.633198][T15712] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3690'. [ 361.653546][T15711] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3690'. [ 362.300731][T15735] tipc: Started in network mode [ 362.305787][T15735] tipc: Node identity 4, cluster identity 4711 [ 362.312108][T15735] tipc: Node number set to 4 [ 362.320329][T15738] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3701'. [ 362.342563][T15738] bridge0: port 1(veth3) entered blocking state [ 362.348937][T15738] bridge0: port 1(veth3) entered disabled state [ 362.358136][T15738] veth3: entered allmulticast mode [ 362.373412][T15738] veth3: entered promiscuous mode [ 362.384155][T15738] vlan2: entered allmulticast mode [ 362.389368][T15738] veth0_to_hsr: entered allmulticast mode [ 362.399073][T15743] netlink: 'syz.0.3702': attribute type 10 has an invalid length. [ 362.404858][T15738] bridge0: port 2(vlan2) entered blocking state [ 362.413198][T15738] bridge0: port 2(vlan2) entered disabled state [ 362.422910][T15738] vlan2: entered promiscuous mode [ 362.428254][T15738] veth0_to_hsr: entered promiscuous mode [ 362.454356][T15743] 8021q: adding VLAN 0 to HW filter on device bond3 [ 362.534504][T15748] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3704'. [ 362.563957][T15747] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3704'. [ 362.620346][T15752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 362.645716][T15752] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 363.263368][T15778] netlink: 'syz.1.3716': attribute type 10 has an invalid length. [ 363.283963][T15778] 8021q: adding VLAN 0 to HW filter on device bond2 [ 363.373463][T15785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 363.383032][T15785] 8021q: adding VLAN 0 to HW filter on device team0 [ 363.394491][T15785] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 363.501805][T15785] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3718'. [ 363.510890][T15785] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3718'. [ 363.594903][T15799] netlink: 'syz.0.3724': attribute type 1 has an invalid length. [ 363.602694][T15799] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3724'. [ 364.812903][T15830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3733'. [ 364.910304][T15841] bond0: (slave syz_tun): Releasing backup interface [ 365.084795][ T29] audit: type=1326 audit(1149.277:7674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39984febe9 code=0x7ffc0000 [ 365.107925][ T29] audit: type=1326 audit(1149.277:7675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.130897][ T29] audit: type=1326 audit(1149.277:7676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39984febe9 code=0x7ffc0000 [ 365.319194][ T29] audit: type=1326 audit(1149.277:7677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.342140][ T29] audit: type=1326 audit(1149.277:7678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.365400][ T29] audit: type=1326 audit(1149.277:7679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.388308][ T29] audit: type=1326 audit(1149.277:7680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.411304][ T29] audit: type=1326 audit(1149.277:7681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.434466][ T29] audit: type=1326 audit(1149.277:7682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 365.457465][ T29] audit: type=1326 audit(1149.277:7683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15846 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f399849ade9 code=0x7ffc0000 [ 366.025117][T15865] netlink: 'syz.0.3746': attribute type 3 has an invalid length. [ 366.044437][T15865] netlink: 'syz.0.3746': attribute type 3 has an invalid length. [ 366.230232][T15871] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3748'. [ 366.247309][T15877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3747'. [ 366.402245][T15877] bond0: (slave syz_tun): Releasing backup interface [ 368.279365][T15915] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3760'. [ 368.598584][T15919] loop2: detected capacity change from 0 to 128 [ 369.478639][T15946] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61 sclass=netlink_route_socket pid=15946 comm=syz.0.3772 [ 369.541264][T15950] 9pnet_virtio: no channels available for device syz [ 369.697770][T15954] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3773'. [ 369.721657][T15955] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3774'. [ 369.747741][T15953] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3774'. [ 369.896229][T15957] netlink: 'syz.2.3775': attribute type 10 has an invalid length. [ 369.976085][T15958] 8021q: adding VLAN 0 to HW filter on device bond3 [ 370.000009][T15957] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 370.016036][T15957] bond1: (slave macvlan3): Enslaving as a backup interface with an up link [ 370.234246][T15987] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3785'. [ 370.291182][T15991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3788'. [ 370.300178][T15991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3788'. [ 370.314299][T15998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 370.356558][T15998] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 370.378212][T16004] raw_sendmsg: syz.4.3792 forgot to set AF_INET. Fix it! [ 370.394727][T16004] netlink: 'syz.4.3792': attribute type 4 has an invalid length. [ 370.421006][T16011] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3795'. [ 370.429482][ T29] kauditd_printk_skb: 1987 callbacks suppressed [ 370.429498][ T29] audit: type=1400 audit(1154.873:9671): avc: denied { name_connect } for pid=16012 comm="syz.0.3796" dest=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 370.494280][T16019] tipc: Started in network mode [ 370.499266][T16019] tipc: Node identity 9e0365f7f069, cluster identity 4711 [ 370.506562][T16019] tipc: Enabled bearer , priority 0 [ 370.514569][T16023] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3801'. [ 370.524226][T16018] tipc: Disabling bearer [ 370.536821][T16025] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3802'. [ 370.604597][T16035] netlink: 'syz.0.3808': attribute type 4 has an invalid length. [ 370.638205][ T29] audit: type=1400 audit(1155.104:9672): avc: denied { mounton } for pid=16038 comm="syz.0.3809" path="/proc/239/task" dev="proc" ino=62789 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 370.683806][T16046] bond0: (slave syz_tun): Releasing backup interface [ 370.692213][T16046] bond0: (slave team0): Releasing backup interface [ 370.706973][T16046] bond0: (slave bond_slave_0): Releasing backup interface [ 370.715756][T16046] bond0: (slave bond_slave_1): Releasing backup interface [ 370.724781][T16046] team0: Port device team_slave_0 removed [ 370.732096][T16046] team0: Port device team_slave_1 removed [ 370.738145][T16046] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 370.749025][T16046] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 370.757115][T16046] veth3: left allmulticast mode [ 370.762080][T16046] veth3: left promiscuous mode [ 370.767111][T16046] bridge0: port 1(veth3) entered disabled state [ 370.774344][T16046] vlan2: left promiscuous mode [ 370.779190][T16046] veth0_to_hsr: left promiscuous mode [ 370.784810][T16046] bridge0: port 2(vlan2) entered disabled state [ 370.908998][T16065] sctp: [Deprecated]: syz.3.3821 (pid 16065) Use of struct sctp_assoc_value in delayed_ack socket option. [ 370.908998][T16065] Use struct sctp_sack_info instead [ 373.175406][ T29] audit: type=1400 audit(1157.761:9673): avc: denied { relabelfrom } for pid=16155 comm="syz.2.3854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 373.195037][ T29] audit: type=1400 audit(1157.761:9674): avc: denied { relabelto } for pid=16155 comm="syz.2.3854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 373.323660][T16165] tipc: Enabled bearer , priority 0 [ 373.366584][T16167] netlink: 'syz.0.3859': attribute type 4 has an invalid length. [ 373.425056][T16164] tipc: Disabling bearer [ 373.717523][ T29] audit: type=1400 audit(1158.338:9675): avc: denied { unmount } for pid=13109 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 373.748212][T16195] __nla_validate_parse: 4 callbacks suppressed [ 373.748229][T16195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3870'. [ 373.758967][T16203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3873'. [ 373.811163][T16205] tipc: Enabled bearer , priority 0 [ 373.819072][T16204] tipc: Disabling bearer [ 373.848457][T16212] vlan2: entered allmulticast mode [ 373.853712][T16212] veth0_to_hsr: entered allmulticast mode [ 373.862069][T16214] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3878'. [ 373.871128][T16214] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3878'. [ 373.955174][T16231] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3886'. [ 373.977295][T16234] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3884'. [ 374.004699][T16224] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3884'. [ 374.115191][T16253] tipc: Enabled bearer , priority 0 [ 374.143847][T16264] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3900'. [ 374.161350][T16252] tipc: Disabling bearer [ 374.184687][T16269] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3903'. [ 374.247471][T16277] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3902'. [ 374.450525][T16299] tipc: Enabled bearer , priority 0 [ 374.459377][T16298] tipc: Disabling bearer [ 374.812403][ T29] audit: type=1400 audit(1159.482:9676): avc: denied { write } for pid=16318 comm="syz.1.3924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 374.980884][ T29] audit: type=1400 audit(1159.661:9677): avc: denied { sqpoll } for pid=16333 comm="syz.0.3930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 375.160327][T16346] vlan2: entered allmulticast mode [ 375.222318][T16357] netlink: 'syz.4.3939': attribute type 4 has an invalid length. [ 375.444930][T16364] 9pnet_virtio: no channels available for device syz [ 375.727895][T16364] bio_check_eod: 14 callbacks suppressed [ 375.727969][T16364] syz.3.3940: attempt to access beyond end of device [ 375.727969][T16364] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 375.886948][T16366] bond0: (slave syz_tun): Releasing backup interface [ 375.896809][T16366] bond0: (slave batadv0): Releasing backup interface [ 375.910602][T16366] bridge_slave_0: left allmulticast mode [ 375.916372][T16366] bridge_slave_0: left promiscuous mode [ 375.922212][T16366] bridge0: port 1(bridge_slave_0) entered disabled state [ 375.931546][T16366] bridge_slave_1: left allmulticast mode [ 375.937221][T16366] bridge_slave_1: left promiscuous mode [ 375.943076][T16366] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.968858][T16366] bond0: (slave bond_slave_0): Releasing backup interface [ 375.988786][T16366] bond0: (slave bond_slave_1): Releasing backup interface [ 376.004385][T16366] team_slave_0: left promiscuous mode [ 376.009978][T16366] team_slave_0: left allmulticast mode [ 376.020048][T16366] team0: Port device team_slave_0 removed [ 376.026711][T16366] team_slave_1: left promiscuous mode [ 376.032344][T16366] team_slave_1: left allmulticast mode [ 376.038394][T16366] team0: Port device team_slave_1 removed [ 376.045900][T16366] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 376.055630][T16366] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 376.073878][T16366] veth3: left allmulticast mode [ 376.078768][T16366] veth3: left promiscuous mode [ 376.083683][T16366] bridge1: port 1(veth3) entered disabled state [ 376.093133][T16366] vlan2: left promiscuous mode [ 376.097923][T16366] veth0_to_hsr: left promiscuous mode [ 376.103573][T16366] bridge1: port 2(vlan2) entered disabled state [ 376.122743][T16371] team0: Mode changed to "broadcast" [ 376.134288][T16374] vlan0: entered promiscuous mode [ 376.153328][T16382] tipc: Enabled bearer , priority 0 [ 376.437038][T16411] loop4: detected capacity change from 0 to 1024 [ 376.625368][T16411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 377.285756][T16425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 377.320145][T16425] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 377.325529][ T2955] tipc: Node number set to 1451642732 [ 377.464089][T16429] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 377.862341][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 377.970661][T16440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.000922][T16440] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.836186][T16465] __nla_validate_parse: 11 callbacks suppressed [ 378.836205][T16465] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3979'. [ 379.864110][T16495] syzkaller0: entered promiscuous mode [ 379.869622][T16495] syzkaller0: entered allmulticast mode [ 380.033795][T16501] tipc: Enabling of bearer rejected, failed to enable media [ 380.520707][T16520] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4001'. [ 380.579351][ T29] audit: type=1400 audit(1165.540:9678): avc: denied { write } for pid=16522 comm="syz.0.4002" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 380.933525][T16540] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 381.052982][T16546] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4012'. [ 381.168461][ T36] IPVS: starting estimator thread 0... [ 381.253475][T16551] IPVS: using max 2592 ests per chain, 129600 per kthread [ 381.266239][T16555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.307262][T16559] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.311752][T16555] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 381.330050][T16559] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 381.393293][T16563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.403742][T16563] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 381.510194][ T29] audit: type=1326 audit(1166.517:9679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16566 comm="syz.4.4021" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2f8bcebe9 code=0x0 [ 381.799396][T16570] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4022'. [ 381.836567][T16577] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4024'. [ 381.899742][T16581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.909185][T16583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.918787][T16581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 381.928854][T16587] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 381.938607][T16587] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 381.948261][T16583] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 382.131170][T16581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 382.139788][T16581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 382.626063][T16581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 382.637977][T16581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.064326][T16605] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4035'. [ 383.191706][T16609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.206709][T16609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.221990][T16611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.230450][T16609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.231840][T16611] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.251790][T16611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.271078][T16611] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.272997][T16609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.316743][T16609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.341055][T16609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.369214][T16609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.378096][T16609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.456393][T16617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.481013][T16617] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.488115][T16621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.498240][T16621] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.595921][T16609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.606704][T16609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.617014][T16623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.626106][T16623] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.698942][T16621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.707751][T16621] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.716258][T16621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.724759][T16621] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.017409][T16623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.027296][T16623] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.038982][T16621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.088882][T16621] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.164099][T16633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.209758][T16633] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.254542][T16637] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.267081][T16637] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.643127][T16643] netlink: 'syz.0.4053': attribute type 10 has an invalid length. [ 384.656737][T16643] 8021q: adding VLAN 0 to HW filter on device bond4 [ 384.806736][T16650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.815189][T16650] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 384.853834][T16654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 384.879564][T16654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 385.017502][T16654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 385.027136][T16654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 385.036556][T16654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 385.053152][T16654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 385.076205][T16654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 385.093384][T16654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 385.197486][T16654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 385.206484][T16654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 385.728725][T16678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 385.746585][T16678] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 385.783303][T16685] syzkaller0: entered promiscuous mode [ 385.788975][T16685] syzkaller0: entered allmulticast mode [ 385.948077][T16678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 385.969257][T16678] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 386.314756][T16694] netlink: 'syz.0.4071': attribute type 10 has an invalid length. [ 386.328527][T16694] 8021q: adding VLAN 0 to HW filter on device bond5 [ 386.568518][T16702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 386.577168][T16702] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 386.764073][T16710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 386.780097][T16710] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 387.095944][T16734] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4087'. [ 387.109031][T16734] bridge2: port 1(veth0_to_bond) entered blocking state [ 387.116235][T16734] bridge2: port 1(veth0_to_bond) entered disabled state [ 387.124251][T16734] veth0_to_bond: entered allmulticast mode [ 387.130961][T16734] veth0_to_bond: entered promiscuous mode [ 387.595093][T16745] loop4: detected capacity change from 0 to 512 [ 387.653751][T16745] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.4090: invalid block [ 387.669084][T16745] EXT4-fs (loop4): Remounting filesystem read-only [ 387.676792][T16745] EXT4-fs (loop4): 2 truncates cleaned up [ 387.688158][T16745] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.730570][ T29] audit: type=1400 audit(1173.026:9680): avc: denied { create } for pid=16744 comm="syz.4.4090" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 387.794831][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.104184][T16755] loop4: detected capacity change from 0 to 1024 [ 388.162646][T16755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 388.272606][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 388.282049][T16766] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4098'. [ 388.346955][ T29] audit: type=1400 audit(1173.698:9681): avc: denied { append } for pid=16770 comm="syz.4.4099" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 388.378738][T16766] bridge2: port 1(veth0_to_bond) entered blocking state [ 388.385744][T16766] bridge2: port 1(veth0_to_bond) entered disabled state [ 388.395917][T16766] veth0_to_bond: entered allmulticast mode [ 388.396474][T16766] veth0_to_bond: entered promiscuous mode [ 388.409168][T16766] vlan2: entered allmulticast mode [ 388.427200][T16766] bridge2: port 2(vlan2) entered blocking state [ 388.433576][T16766] bridge2: port 2(vlan2) entered disabled state [ 388.448876][T16766] vlan2: entered promiscuous mode [ 388.454063][T16766] veth0_to_hsr: entered promiscuous mode [ 388.501718][T16787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 388.514434][ T29] audit: type=1400 audit(1173.866:9682): avc: denied { mount } for pid=16788 comm="syz.0.4108" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 388.515287][T16790] loop0: detected capacity change from 0 to 1764 [ 388.536571][ T29] audit: type=1400 audit(1173.866:9683): avc: denied { search } for pid=16788 comm="syz.0.4108" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 388.549702][T16787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 388.564513][ T29] audit: type=1400 audit(1173.866:9684): avc: denied { search } for pid=16788 comm="syz.0.4108" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 388.578235][T16792] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4106'. [ 388.593535][ T29] audit: type=1400 audit(1173.866:9685): avc: denied { read open } for pid=16788 comm="syz.0.4108" path="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 388.650994][T16794] loop0: detected capacity change from 0 to 128 [ 388.666299][T16787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 388.667931][T16794] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 388.683742][T16796] loop2: detected capacity change from 0 to 2048 [ 388.695036][T16796] EXT4-fs: Ignoring removed nobh option [ 388.702650][T16787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 388.710787][T16794] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 388.723998][T16796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 388.756318][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.771679][T16800] loop0: detected capacity change from 0 to 4096 [ 388.779873][T16800] EXT4-fs: test_dummy_encryption option not supported [ 388.820631][T16802] loop2: detected capacity change from 0 to 1024 [ 388.829481][T16802] EXT4-fs: Ignoring removed nobh option [ 388.835218][T16802] EXT4-fs: Ignoring removed bh option [ 388.851170][T16802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 388.877350][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.904144][T16787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 388.917069][T16787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 388.927802][T16787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 388.938431][T16787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 389.279772][T16818] loop1: detected capacity change from 0 to 128 [ 389.317411][T16818] syz.1.4116: attempt to access beyond end of device [ 389.317411][T16818] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 389.349089][T16820] loop2: detected capacity change from 0 to 512 [ 389.415439][T16820] EXT4-fs: Ignoring removed nomblk_io_submit option [ 389.426473][T16818] syz.1.4116: attempt to access beyond end of device [ 389.426473][T16818] loop1: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 389.440037][T16818] Buffer I/O error on dev loop1, logical block 72, lost async page write [ 389.451489][T16818] syz.1.4116: attempt to access beyond end of device [ 389.451489][T16818] loop1: rw=2049, sector=146, nr_sectors = 104 limit=128 [ 389.465873][T16820] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 389.476729][T16821] syz.1.4116: attempt to access beyond end of device [ 389.476729][T16821] loop1: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 389.490263][T16821] Buffer I/O error on dev loop1, logical block 72, lost async page write [ 389.499858][T16820] EXT4-fs (loop2): 1 truncate cleaned up [ 389.506802][T16820] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 389.562603][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.581604][T16824] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4118'. [ 389.598564][T16824] veth0_to_bond: left allmulticast mode [ 389.604370][T16824] veth0_to_bond: left promiscuous mode [ 389.610308][T16824] bridge1: port 2(veth0_to_bond) entered disabled state [ 389.618798][T16824] bridge2: port 1(veth0_to_bond) entered blocking state [ 389.625858][T16824] bridge2: port 1(veth0_to_bond) entered disabled state [ 389.643737][T16824] veth0_to_bond: entered allmulticast mode [ 389.650646][T16824] veth0_to_bond: entered promiscuous mode [ 389.661851][T16825] vlan2: entered allmulticast mode [ 389.667155][T16825] veth0_to_hsr: entered allmulticast mode [ 389.673155][T16825] bridge2: port 2(vlan2) entered blocking state [ 389.679463][T16825] bridge2: port 2(vlan2) entered disabled state [ 389.686579][T16825] vlan2: entered promiscuous mode [ 389.691613][T16825] veth0_to_hsr: entered promiscuous mode [ 389.826004][ T29] audit: type=1400 audit(1175.242:9686): avc: denied { mount } for pid=16837 comm="syz.0.4123" name="/" dev="hugetlbfs" ino=64434 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 389.864179][T16840] loop0: detected capacity change from 0 to 1024 [ 389.871618][ T29] audit: type=1400 audit(1175.263:9687): avc: denied { unmount } for pid=14424 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 389.898236][T16840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 389.923297][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 389.924323][T16846] syzkaller0: entered promiscuous mode [ 389.937814][T16846] syzkaller0: entered allmulticast mode [ 389.965984][T16848] loop0: detected capacity change from 0 to 512 [ 389.991520][T16848] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.998428][T16850] loop3: detected capacity change from 0 to 2048 [ 390.064918][T16850] Alternate GPT is invalid, using primary GPT. [ 390.071333][T16850] loop3: p1 p2 p3 [ 390.089263][ T2992] Alternate GPT is invalid, using primary GPT. [ 390.095623][ T2992] loop3: p1 p2 p3 [ 390.130249][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.151468][ T3691] udevd[3691]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 390.153471][ T29] audit: type=1326 audit(1175.599:9688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16865 comm="syz.0.4134" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb15ce3ebe9 code=0x0 [ 390.198290][T13870] udevd[13870]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 390.205124][T16869] loop3: detected capacity change from 0 to 1024 [ 390.234766][T13870] udevd[13870]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 390.251504][T13825] udevd[13825]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 390.255573][T16869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 390.320393][T16875] loop1: detected capacity change from 0 to 4096 [ 390.327667][T16875] EXT4-fs: test_dummy_encryption option not supported [ 390.345535][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.378090][T16877] loop1: detected capacity change from 0 to 512 [ 390.386690][T16877] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 390.399575][T16877] EXT4-fs (loop1): 1 truncate cleaned up [ 390.401281][T16880] loop3: detected capacity change from 0 to 256 [ 390.415223][T16877] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 390.428089][T16880] FAT-fs (loop3): codepage cp775 not found [ 390.662987][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.208657][T16902] loop4: detected capacity change from 0 to 512 [ 391.219122][T16902] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 391.230578][T16902] EXT4-fs error (device loop4): xattr_find_entry:333: inode #15: comm syz.4.4148: corrupted xattr entries [ 391.242467][T16902] EXT4-fs (loop4): Remounting filesystem read-only [ 391.249205][T16902] EXT4-fs (loop4): 1 truncate cleaned up [ 391.255210][T16902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.276142][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.322168][T16909] loop3: detected capacity change from 0 to 256 [ 391.356826][ T29] audit: type=1400 audit(1176.858:9689): avc: denied { remount } for pid=16910 comm="syz.3.4152" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 391.402406][T16915] loop4: detected capacity change from 0 to 128 [ 391.411998][T16917] loop3: detected capacity change from 0 to 512 [ 391.429949][T16915] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 391.458557][T16917] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 391.472207][T13754] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 391.500971][T10684] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 391.521594][T10684] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 391.534222][T10684] EXT4-fs (loop3): This should not happen!! Data will be lost [ 391.534222][T10684] [ 391.543979][T10684] EXT4-fs (loop3): Total free blocks count 0 [ 391.550069][T10684] EXT4-fs (loop3): Free/Dirty block details [ 391.556035][T10684] EXT4-fs (loop3): free_blocks=65280 [ 391.561359][T10684] EXT4-fs (loop3): dirty_blocks=1 [ 391.566390][T10684] EXT4-fs (loop3): Block reservation details [ 391.572414][T10684] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 391.588782][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.602520][T16931] loop4: detected capacity change from 0 to 1764 [ 391.773356][T16942] loop4: detected capacity change from 0 to 512 [ 392.289946][T16942] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4164: invalid indirect mapped block 4294967295 (level 1) [ 392.353101][T16942] EXT4-fs (loop4): Remounting filesystem read-only [ 392.377256][T16953] loop0: detected capacity change from 0 to 1024 [ 392.398464][T16942] EXT4-fs (loop4): 2 truncates cleaned up [ 392.408119][T16942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.425901][T16953] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 392.453608][T16956] loop2: detected capacity change from 0 to 512 [ 392.480556][T16953] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.600252][T16956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.631288][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.632531][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.648639][T16962] loop3: detected capacity change from 0 to 128 [ 392.710953][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.733287][T16962] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 392.801979][T16962] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 63: comm syz.3.4170: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 392.821393][T16976] loop4: detected capacity change from 0 to 512 [ 392.829672][T16976] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 392.831285][T16962] EXT4-fs error (device loop3) in do_split:2029: Corrupt filesystem [ 392.855802][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 392.855824][ T29] audit: type=1326 audit(1178.433:9692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.2.4177" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f39984febe9 code=0x0 [ 392.863506][T16962] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 63: comm syz.3.4170: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 392.886105][T16976] EXT4-fs (loop4): 1 truncate cleaned up [ 392.908945][T16962] EXT4-fs error (device loop3) in do_split:2029: Corrupt filesystem [ 392.909009][T16976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.959246][T14017] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 392.972109][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.991822][T16982] loop3: detected capacity change from 0 to 256 [ 393.015022][T16982] FAT-fs (loop3): codepage cp949 not found [ 393.028031][T16985] loop4: detected capacity change from 0 to 128 [ 393.051443][ T29] audit: type=1400 audit(1178.633:9693): avc: denied { mounton } for pid=16984 comm="syz.4.4179" path="/217/file0/file0" dev="loop4" ino=283 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 393.127790][T16989] netlink: 'syz.4.4181': attribute type 10 has an invalid length. [ 393.136912][T16989] 8021q: adding VLAN 0 to HW filter on device team0 [ 393.146310][T16989] bond0: (slave team0): Enslaving as an active interface with an up link [ 393.164089][T16989] 8021q: adding VLAN 0 to HW filter on device bond2 [ 393.180099][T16989] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 393.188807][T16989] bond1: (slave macvlan3): Enslaving as a backup interface with an up link [ 393.231988][T16993] loop4: detected capacity change from 0 to 1024 [ 393.242924][T16993] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 393.274616][T16993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 393.306578][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.534974][T17010] loop4: detected capacity change from 0 to 1024 [ 393.553902][T17008] loop0: detected capacity change from 0 to 4096 [ 393.569796][T17008] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 393.588382][T17010] EXT4-fs: Ignoring removed nobh option [ 393.593998][T17010] EXT4-fs: Ignoring removed bh option [ 393.637206][T17010] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 393.714664][T17015] netlink: 'syz.2.4190': attribute type 4 has an invalid length. [ 393.742350][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.753859][T17018] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4192'. [ 393.794424][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.832528][T17020] loop0: detected capacity change from 0 to 1764 [ 393.865446][T17026] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4195'. [ 394.076151][T17049] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4205'. [ 394.115923][T17051] loop0: detected capacity change from 0 to 1764 [ 394.149070][T17055] loop2: detected capacity change from 0 to 1024 [ 394.182082][T17057] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4209'. [ 394.185901][T17055] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 394.261815][T17066] loop0: detected capacity change from 0 to 512 [ 394.306473][T17066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.331416][T17066] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 394.353949][T17080] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4217'. [ 394.363352][T17066] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28 [ 394.363750][T17055] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 394.375813][T17066] EXT4-fs (loop0): This should not happen!! Data will be lost [ 394.375813][T17066] [ 394.395143][T17081] loop3: detected capacity change from 0 to 512 [ 394.397617][T17066] EXT4-fs (loop0): Total free blocks count 0 [ 394.409965][T17066] EXT4-fs (loop0): Free/Dirty block details [ 394.415905][T17066] EXT4-fs (loop0): free_blocks=65280 [ 394.421267][T17066] EXT4-fs (loop0): dirty_blocks=1 [ 394.424886][T17083] loop1: detected capacity change from 0 to 128 [ 394.426433][T17066] EXT4-fs (loop0): Block reservation details [ 394.426449][T17066] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 394.449300][T17081] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.4216: invalid block [ 394.461981][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.491852][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.500999][T17081] EXT4-fs (loop3): Remounting filesystem read-only [ 394.526070][T17081] EXT4-fs (loop3): 2 truncates cleaned up [ 394.532200][T17081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.569873][T17088] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4221'. [ 394.607913][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.744199][T17106] loop3: detected capacity change from 0 to 128 [ 394.801197][T17106] syz.3.4226: attempt to access beyond end of device [ 394.801197][T17106] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 394.817785][T17106] syz.3.4226: attempt to access beyond end of device [ 394.817785][T17106] loop3: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 394.831342][T17106] Buffer I/O error on dev loop3, logical block 72, lost async page write [ 395.342540][T17111] netlink: 'syz.1.4227': attribute type 4 has an invalid length. [ 395.408446][T17114] loop2: detected capacity change from 0 to 128 [ 395.442544][T17114] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 395.555137][T17121] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4231'. [ 395.580594][ T29] audit: type=1400 audit(1181.279:9694): avc: denied { setattr } for pid=17112 comm="syz.2.4228" path="/228/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 395.649121][T17126] loop0: detected capacity change from 0 to 512 [ 395.676420][T17125] tipc: Enabling of bearer rejected, failed to enable media [ 395.695187][T13109] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 395.695953][T17125] syzkaller0: entered promiscuous mode [ 395.709825][T17125] syzkaller0: entered allmulticast mode [ 395.724579][T17128] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4234'. [ 395.735849][T17126] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4233: invalid indirect mapped block 4294967295 (level 1) [ 395.756164][T17134] loop2: detected capacity change from 0 to 128 [ 395.776995][T17126] EXT4-fs (loop0): Remounting filesystem read-only [ 395.789397][T17134] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 395.794323][T17126] EXT4-fs (loop0): 2 truncates cleaned up [ 395.807693][T17126] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.829238][T17141] loop1: detected capacity change from 0 to 256 [ 395.851304][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.861108][T13109] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 396.056577][T17160] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4247'. [ 396.344926][T17172] loop4: detected capacity change from 0 to 1764 [ 396.384469][T17174] loop0: detected capacity change from 0 to 512 [ 396.430779][T17174] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.4250: invalid block [ 396.449362][T17177] loop4: detected capacity change from 0 to 512 [ 396.460109][T17177] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4251: iget: bad i_size value: 38620345925642 [ 396.473325][T17174] EXT4-fs (loop0): Remounting filesystem read-only [ 396.481949][T17174] EXT4-fs (loop0): 2 truncates cleaned up [ 396.488520][T17174] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.503417][T17177] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4251: couldn't read orphan inode 15 (err -117) [ 396.534149][T17177] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.567120][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.581124][T17177] EXT4-fs error (device loop4): empty_inline_dir:1760: inode #12: block 7: comm syz.4.4251: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 396.583035][ T29] audit: type=1400 audit(1182.339:9695): avc: denied { add_name } for pid=17175 comm="syz.4.4251" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 396.619964][ T29] audit: type=1400 audit(1182.339:9696): avc: denied { remove_name } for pid=17175 comm="syz.4.4251" name="file0" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 396.623451][T17181] loop0: detected capacity change from 0 to 256 [ 396.642001][ T29] audit: type=1400 audit(1182.339:9697): avc: denied { rename } for pid=17175 comm="syz.4.4251" name="file0" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 396.659663][T17177] EXT4-fs warning (device loop4): empty_inline_dir:1767: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 396.669742][ T29] audit: type=1400 audit(1182.339:9698): avc: denied { reparent } for pid=17175 comm="syz.4.4251" name="file0" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 396.772661][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.788345][T17188] loop0: detected capacity change from 0 to 512 [ 396.808746][T17188] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.840427][T17193] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4254'. [ 396.888108][T17203] loop3: detected capacity change from 0 to 128 [ 396.893430][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.936175][T17206] loop1: detected capacity change from 0 to 256 [ 396.953686][T17205] loop2: detected capacity change from 0 to 4096 [ 396.973164][T17205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 397.000105][T17212] loop0: detected capacity change from 0 to 4096 [ 397.028925][T17212] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 397.076144][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.091447][T17221] loop4: detected capacity change from 0 to 256 [ 397.093643][T17223] loop3: detected capacity change from 0 to 128 [ 397.142649][T17223] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 397.170962][T17221] FAT-fs (loop4): codepage cp862 not found [ 397.280384][T17240] loop0: detected capacity change from 0 to 1024 [ 397.343605][T10703] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: comm kworker/u8:22: lblock 0 mapped to illegal pblock 0 (length 5) [ 397.358834][T10703] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117 [ 397.371198][T10703] EXT4-fs (loop0): This should not happen!! Data will be lost [ 397.371198][T10703] [ 397.399221][T17246] loop4: detected capacity change from 0 to 1024 [ 397.412166][T17246] EXT4-fs: Ignoring removed nobh option [ 397.417873][T17246] EXT4-fs: Ignoring removed bh option [ 397.491189][T17251] loop1: detected capacity change from 0 to 128 [ 397.564682][T17255] loop3: detected capacity change from 0 to 128 [ 397.679908][T17263] loop1: detected capacity change from 0 to 128 [ 397.715181][T17263] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 397.730274][T17263] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 397.762467][ T29] audit: type=1326 audit(1183.588:9699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17265 comm="syz.3.4284" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d8a9debe9 code=0x0 [ 397.803488][ T29] audit: type=1400 audit(1183.620:9700): avc: denied { remount } for pid=17262 comm="syz.1.4283" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 397.858955][T17272] loop4: detected capacity change from 0 to 1024 [ 397.884870][T17272] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 397.946068][T17280] loop1: detected capacity change from 0 to 512 [ 397.962358][T17280] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 397.988693][T17282] loop2: detected capacity change from 0 to 128 [ 397.999529][T17282] FAT-fs (loop2): Directory bread(block 524322) failed [ 398.011290][T17282] FAT-fs (loop2): Directory bread(block 524323) failed [ 398.018443][T17282] FAT-fs (loop2): Directory bread(block 524324) failed [ 398.025406][T17282] FAT-fs (loop2): Directory bread(block 524325) failed [ 398.032962][T17282] FAT-fs (loop2): Directory bread(block 524326) failed [ 398.040079][T17282] FAT-fs (loop2): Directory bread(block 524327) failed [ 398.047417][T17282] FAT-fs (loop2): Directory bread(block 524328) failed [ 398.054486][T17282] FAT-fs (loop2): Directory bread(block 524329) failed [ 398.077920][T17282] FAT-fs (loop2): Directory bread(block 524322) failed [ 398.094214][T17285] loop4: detected capacity change from 0 to 128 [ 398.102491][T17280] EXT4-fs (loop1): 1 truncate cleaned up [ 398.129250][T17282] FAT-fs (loop2): Directory bread(block 524323) failed [ 398.293712][T17294] loop1: detected capacity change from 0 to 512 [ 398.301921][T17294] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 398.352960][T17294] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 398.362685][T17294] System zones: 0-2, 18-18, 34-34 [ 398.367771][T17301] loop4: detected capacity change from 0 to 1024 [ 398.371128][T17294] EXT4-fs (loop1): shut down requested (2) [ 398.374885][T17301] EXT4-fs: Ignoring removed nobh option [ 398.385818][T17301] EXT4-fs: Ignoring removed bh option [ 398.391531][ T29] audit: type=1400 audit(1184.239:9701): avc: denied { read } for pid=2974 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 398.413560][ T29] audit: type=1400 audit(1184.239:9702): avc: denied { search } for pid=2974 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 398.434834][ T29] audit: type=1400 audit(1184.239:9703): avc: denied { search } for pid=2974 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 398.455285][T17301] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.4295: Allocating blocks 497-513 which overlap fs metadata [ 398.455932][ T29] audit: type=1400 audit(1184.239:9704): avc: denied { add_name } for pid=2974 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 398.471740][T17301] EXT4-fs (loop4): pa ffff8881055295b0: logic 624, phys. 113, len 25 [ 398.490101][ T29] audit: type=1400 audit(1184.239:9705): avc: denied { create } for pid=2974 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 398.490131][ T29] audit: type=1400 audit(1184.239:9706): avc: denied { append open } for pid=2974 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 398.498285][T17301] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, [ 398.518473][ T29] audit: type=1400 audit(1184.239:9707): avc: denied { getattr } for pid=2974 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 398.541137][T17301] free 24, pa_free 25 [ 398.549530][ T29] audit: type=1400 audit(1184.239:9708): avc: denied { map } for pid=17293 comm="syz.1.4290" path="/308/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 398.625995][T17305] __nla_validate_parse: 6 callbacks suppressed [ 398.626012][T17305] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4297'. [ 398.824574][T17309] loop3: detected capacity change from 0 to 4096 [ 398.846332][T17315] loop4: detected capacity change from 0 to 1024 [ 398.967420][T17322] tipc: Enabling of bearer rejected, failed to enable media [ 398.989659][T17322] syzkaller0: entered promiscuous mode [ 398.995201][T17322] syzkaller0: entered allmulticast mode [ 399.043193][T17326] loop1: detected capacity change from 0 to 1764 [ 399.101166][T17330] loop1: detected capacity change from 0 to 128 [ 399.133761][T17332] loop0: detected capacity change from 0 to 1024 [ 399.166397][T17338] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4310'. [ 399.178471][T17330] EXT4-fs error (device loop1): dx_make_map:1296: inode #2: block 20: comm syz.1.4308: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 399.219206][T17343] loop4: detected capacity change from 0 to 512 [ 399.226404][T17332] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 399.234528][T17330] EXT4-fs error (device loop1) in do_split:2029: Corrupt filesystem [ 399.235868][T17343] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 399.262586][T17343] EXT4-fs (loop4): 1 truncate cleaned up [ 399.311627][T17353] loop1: detected capacity change from 0 to 128 [ 399.390963][T17359] loop2: detected capacity change from 0 to 1024 [ 399.407291][T17357] loop4: detected capacity change from 0 to 1764 [ 399.462548][T17363] tipc: Enabling of bearer rejected, failed to enable media [ 399.478462][T17359] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm syz.2.4319: lblock 0 mapped to illegal pblock 0 (length 1) [ 399.508129][T17363] syzkaller0: entered promiscuous mode [ 399.509968][T17359] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 399.513884][T17363] syzkaller0: entered allmulticast mode [ 399.526169][T17359] EXT4-fs (loop2): This should not happen!! Data will be lost [ 399.526169][T17359] [ 399.544783][T17367] loop0: detected capacity change from 0 to 128 [ 399.622057][T17375] netlink: 'syz.4.4324': attribute type 4 has an invalid length. [ 399.641752][T17378] loop1: detected capacity change from 0 to 1024 [ 399.651886][T17379] loop0: detected capacity change from 0 to 128 [ 399.666885][T17378] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 399.702798][T17379] syz.0.4325: attempt to access beyond end of device [ 399.702798][T17379] loop0: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 399.766207][T17379] syz.0.4325: attempt to access beyond end of device [ 399.766207][T17379] loop0: rw=2049, sector=146, nr_sectors = 8 limit=128 [ 399.804409][T17379] syz.0.4325: attempt to access beyond end of device [ 399.804409][T17379] loop0: rw=2049, sector=152, nr_sectors = 2 limit=128 [ 399.817902][T17379] Buffer I/O error on dev loop0, logical block 76, lost async page write [ 399.830726][T17379] syz.0.4325: attempt to access beyond end of device [ 399.830726][T17379] loop0: rw=2049, sector=170, nr_sectors = 8 limit=128 [ 399.844786][T17379] syz.0.4325: attempt to access beyond end of device [ 399.844786][T17379] loop0: rw=2049, sector=176, nr_sectors = 2 limit=128 [ 399.858316][T17379] Buffer I/O error on dev loop0, logical block 88, lost async page write [ 399.944662][T17392] loop4: detected capacity change from 0 to 1024 [ 399.951353][T17379] syz.0.4325: attempt to access beyond end of device [ 399.951353][T17379] loop0: rw=2049, sector=178, nr_sectors = 8 limit=128 [ 399.977363][T17379] syz.0.4325: attempt to access beyond end of device [ 399.977363][T17379] loop0: rw=2049, sector=184, nr_sectors = 2 limit=128 [ 399.991095][T17379] Buffer I/O error on dev loop0, logical block 92, lost async page write [ 400.164958][T17379] syz.0.4325: attempt to access beyond end of device [ 400.164958][T17379] loop0: rw=2049, sector=202, nr_sectors = 8 limit=128 [ 400.180210][T17379] syz.0.4325: attempt to access beyond end of device [ 400.180210][T17379] loop0: rw=2049, sector=208, nr_sectors = 2 limit=128 [ 400.193693][T17379] Buffer I/O error on dev loop0, logical block 104, lost async page write [ 400.202582][T17379] syz.0.4325: attempt to access beyond end of device [ 400.202582][T17379] loop0: rw=2049, sector=210, nr_sectors = 8 limit=128 [ 400.205218][T17401] loop3: detected capacity change from 0 to 128 [ 400.216475][T17379] Buffer I/O error on dev loop0, logical block 108, lost async page write [ 400.228359][T17399] loop1: detected capacity change from 0 to 1024 [ 400.241846][T17379] Buffer I/O error on dev loop0, logical block 120, lost async page write [ 400.255687][T17379] Buffer I/O error on dev loop0, logical block 124, lost async page write [ 400.257766][T17399] EXT4-fs: Ignoring removed nobh option [ 400.270267][T17399] EXT4-fs: Ignoring removed bh option [ 400.277020][T17379] Buffer I/O error on dev loop0, logical block 80, lost async page write [ 400.286049][T17379] Buffer I/O error on dev loop0, logical block 84, lost async page write [ 400.305316][T17379] Buffer I/O error on dev loop0, logical block 112, lost async page write [ 400.386680][T17407] loop3: detected capacity change from 0 to 1024 [ 400.429610][T17407] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.4335: lblock 0 mapped to illegal pblock 0 (length 1) [ 400.444244][T17413] loop2: detected capacity change from 0 to 128 [ 400.501716][T17407] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 400.514193][T17407] EXT4-fs (loop3): This should not happen!! Data will be lost [ 400.514193][T17407] [ 400.685792][T17423] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4340'. [ 400.714626][T17423] macvtap7: entered promiscuous mode [ 400.722393][T17423] dummy0: entered promiscuous mode [ 400.727617][T17423] macvtap7: entered allmulticast mode [ 400.735255][T17430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4342'. [ 400.762590][T17434] loop0: detected capacity change from 0 to 128 [ 400.770830][T17423] dummy0: entered allmulticast mode [ 400.885930][T17442] loop3: detected capacity change from 0 to 1024 [ 400.893700][T17444] loop1: detected capacity change from 0 to 128 [ 400.904460][T17446] loop0: detected capacity change from 0 to 128 [ 400.911298][T17442] EXT4-fs: Ignoring removed nobh option [ 400.916981][T17442] EXT4-fs: Ignoring removed bh option [ 400.987951][T17451] loop0: detected capacity change from 0 to 128 [ 401.100217][T17456] loop0: detected capacity change from 0 to 128 [ 401.215368][T17461] loop1: detected capacity change from 0 to 128 [ 401.233599][T17463] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4355'. [ 401.372235][T17472] loop1: detected capacity change from 0 to 128 [ 401.414203][T17473] loop0: detected capacity change from 0 to 1024 [ 401.427608][T17473] EXT4-fs: Ignoring removed nobh option [ 401.433226][T17473] EXT4-fs: Ignoring removed bh option [ 401.782849][T17482] Set syz1 is full, maxelem 65536 reached [ 401.789270][T17495] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4367'. [ 401.814835][T17499] loop0: detected capacity change from 0 to 128 [ 402.371094][T17508] loop3: detected capacity change from 0 to 512 [ 402.392521][T17508] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 402.406233][T17508] EXT4-fs (loop3): 1 truncate cleaned up [ 402.460016][T17512] loop2: detected capacity change from 0 to 4096 [ 402.546576][T17519] syzkaller0: entered promiscuous mode [ 402.552222][T17519] syzkaller0: entered allmulticast mode [ 402.558221][T17522] loop2: detected capacity change from 0 to 128 [ 402.604195][T17526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4378'. [ 402.635712][T17530] loop4: detected capacity change from 0 to 512 [ 402.643996][T17530] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 402.669313][T17530] EXT4-fs (loop4): 1 truncate cleaned up [ 402.726920][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 402.726937][ T29] audit: type=1326 audit(1188.796:9712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd2f8bc5ba7 code=0x7ffc0000 [ 402.819985][T17543] loop4: detected capacity change from 0 to 128 [ 402.837931][ T29] audit: type=1326 audit(1188.796:9713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd2f8b6ade9 code=0x7ffc0000 [ 402.861241][ T29] audit: type=1326 audit(1188.796:9714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd2f8bc5ba7 code=0x7ffc0000 [ 402.884590][ T29] audit: type=1326 audit(1188.827:9715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd2f8b6ade9 code=0x7ffc0000 [ 402.907515][ T29] audit: type=1326 audit(1188.827:9716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2f8bcebe9 code=0x7ffc0000 [ 402.930688][ T29] audit: type=1326 audit(1188.827:9717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd2f8bc5ba7 code=0x7ffc0000 [ 402.953792][ T29] audit: type=1326 audit(1188.827:9718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd2f8b6ade9 code=0x7ffc0000 [ 402.976754][ T29] audit: type=1326 audit(1188.827:9719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd2f8bc5ba7 code=0x7ffc0000 [ 403.000188][ T29] audit: type=1326 audit(1188.827:9720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd2f8b6ade9 code=0x7ffc0000 [ 403.023274][ T29] audit: type=1326 audit(1188.827:9721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17538 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd2f8bc5ba7 code=0x7ffc0000 [ 403.146422][T17537] loop1: detected capacity change from 0 to 1024 [ 403.378716][T17563] syzkaller0: entered promiscuous mode [ 403.384392][T17563] syzkaller0: entered allmulticast mode [ 403.407950][T17565] loop1: detected capacity change from 0 to 512 [ 403.420234][T17565] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 403.513893][T17565] EXT4-fs (loop1): 1 truncate cleaned up [ 403.775017][T17578] loop1: detected capacity change from 0 to 128 [ 403.992264][T17583] loop1: detected capacity change from 0 to 128 [ 404.013354][T17583] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 404.027512][T17583] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 404.049435][T17587] loop4: detected capacity change from 0 to 128 [ 404.094679][T17595] netlink: 'syz.4.4405': attribute type 4 has an invalid length. [ 404.114574][T17592] veth0_to_bond: left allmulticast mode [ 404.119103][T17598] loop0: detected capacity change from 0 to 128 [ 404.120215][T17592] veth0_to_bond: left promiscuous mode [ 404.120381][T17592] bridge2: port 1(veth0_to_bond) entered disabled state [ 404.177985][T17605] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4411'. [ 404.189988][T17605] macvtap8: entered promiscuous mode [ 404.195404][T17605] macvtap8: entered allmulticast mode [ 404.216158][T17610] loop1: detected capacity change from 0 to 512 [ 404.269501][T17618] loop0: detected capacity change from 0 to 1024 [ 404.276982][T17620] loop1: detected capacity change from 0 to 128 [ 404.284466][T17618] EXT4-fs: Ignoring removed nobh option [ 404.286408][T17622] loop4: detected capacity change from 0 to 128 [ 404.290094][T17618] EXT4-fs: Ignoring removed bh option [ 404.308248][T17622] EXT4-fs error (device loop4): dx_make_map:1296: inode #2: block 63: comm syz.4.4417: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 404.329811][T17622] EXT4-fs error (device loop4) in do_split:2029: Corrupt filesystem [ 404.352935][T17628] netlink: 'syz.3.4419': attribute type 4 has an invalid length. [ 404.379460][T17632] loop0: detected capacity change from 0 to 128 [ 404.407456][T17638] loop3: detected capacity change from 0 to 512 [ 404.430897][T17638] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4423: iget: bad i_size value: 38620345925642 [ 404.475922][T17638] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4423: couldn't read orphan inode 15 (err -117) [ 404.564538][T17654] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4429'. [ 404.611619][T17658] loop4: detected capacity change from 0 to 1024 [ 404.613565][T17664] netlink: 'syz.3.4434': attribute type 10 has an invalid length. [ 404.625354][T17666] loop0: detected capacity change from 0 to 512 [ 404.627250][T17664] 8021q: adding VLAN 0 to HW filter on device team0 [ 404.634034][T17666] EXT4-fs: Ignoring removed nomblk_io_submit option [ 404.639978][T17664] bond0: (slave team0): Enslaving as an active interface with an up link [ 404.647135][T17658] EXT4-fs: Ignoring removed nobh option [ 404.659439][T17658] EXT4-fs: Ignoring removed bh option [ 404.661348][T17666] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 404.671732][T17664] 8021q: adding VLAN 0 to HW filter on device bond3 [ 404.676010][T17666] EXT4-fs (loop0): 1 truncate cleaned up [ 404.721490][T17675] loop0: detected capacity change from 0 to 512 [ 404.729122][T17675] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 404.750494][T17675] EXT4-fs (loop0): 1 truncate cleaned up [ 404.776457][T17684] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4441'. [ 404.805536][T17684] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 404.817846][T17684] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 404.931439][T17695] syzkaller0: entered promiscuous mode [ 404.936974][T17695] syzkaller0: entered allmulticast mode [ 404.964221][T17701] loop3: detected capacity change from 0 to 512 [ 404.971080][T17701] EXT4-fs: Ignoring removed nomblk_io_submit option [ 404.977993][T17701] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 404.990491][T17701] EXT4-fs (loop3): 1 truncate cleaned up [ 405.017338][T17708] netlink: 'syz.3.4451': attribute type 10 has an invalid length. [ 405.043211][T17708] 8021q: adding VLAN 0 to HW filter on device bond4 [ 405.048403][T17713] loop4: detected capacity change from 0 to 128 [ 405.069603][T17715] loop0: detected capacity change from 0 to 1764 [ 405.112415][T17720] tipc: Enabled bearer , priority 0 [ 405.125149][T17720] syzkaller0: entered promiscuous mode [ 405.130690][T17720] syzkaller0: entered allmulticast mode [ 405.141487][T17720] tipc: Resetting bearer [ 405.150151][T17719] tipc: Resetting bearer [ 405.160615][T17719] tipc: Disabling bearer [ 405.277702][T17741] loop1: detected capacity change from 0 to 128 [ 405.298866][T17743] loop4: detected capacity change from 0 to 1764 [ 405.312257][ T2955] IPVS: starting estimator thread 0... [ 405.408588][T17747] IPVS: using max 2496 ests per chain, 124800 per kthread [ 405.447224][T17767] loop2: detected capacity change from 0 to 512 [ 405.536928][T17779] loop3: detected capacity change from 0 to 1764 [ 405.592698][T17784] loop3: detected capacity change from 0 to 512 [ 405.612360][T17784] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4483: iget: bad i_size value: 38620345925642 [ 405.636066][T17784] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4483: couldn't read orphan inode 15 (err -117) [ 405.649029][T17784] EXT4-fs mount: 88 callbacks suppressed [ 405.649049][T17784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 405.694658][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.197581][T17801] loop0: detected capacity change from 0 to 1024 [ 406.209445][T17801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 406.235597][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 406.258574][T17805] loop0: detected capacity change from 0 to 512 [ 406.483895][T17819] loop1: detected capacity change from 0 to 1024 [ 406.491099][T17819] EXT4-fs: Ignoring removed nobh option [ 406.496756][T17819] EXT4-fs: Ignoring removed bh option [ 406.518601][T17825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 406.522009][T17826] loop4: detected capacity change from 0 to 512 [ 406.528617][T17819] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 406.546140][T17825] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 406.555611][T17826] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4497: iget: bad i_size value: 38620345925642 [ 406.578493][T17826] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4497: couldn't read orphan inode 15 (err -117) [ 406.591791][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.594467][T17826] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 406.620468][T17834] loop2: detected capacity change from 0 to 512 [ 406.630301][T17834] EXT4-fs: Ignoring removed nomblk_io_submit option [ 406.652773][T17834] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 406.653238][T13754] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.680227][T17834] EXT4-fs (loop2): 1 truncate cleaned up [ 406.681961][T17845] loop4: detected capacity change from 0 to 128 [ 406.692390][T17842] loop3: detected capacity change from 0 to 128 [ 406.693806][T17834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 406.701660][T17845] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 406.724893][T17842] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 406.738215][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.740957][T17842] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 63: comm syz.3.4506: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 406.767035][T17842] EXT4-fs error (device loop3) in do_split:2029: Corrupt filesystem [ 406.786310][T13754] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 406.796735][T14017] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 406.832940][T17855] netlink: 'syz.1.4511': attribute type 4 has an invalid length. [ 406.866112][T17858] loop1: detected capacity change from 0 to 1024 [ 406.873640][T17858] EXT4-fs: Ignoring removed nobh option [ 406.879294][T17858] EXT4-fs: Ignoring removed bh option [ 406.895465][T17858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 406.920382][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.953450][T17868] loop1: detected capacity change from 0 to 128 [ 406.983658][T17873] loop3: detected capacity change from 0 to 128 [ 407.035707][T17880] loop1: detected capacity change from 0 to 128 [ 407.043992][T17880] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 407.069293][T17880] EXT4-fs error (device loop1): dx_make_map:1296: inode #2: block 63: comm syz.1.4519: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 407.088356][T17882] veth0_to_bond: left allmulticast mode [ 407.094083][T17882] veth0_to_bond: left promiscuous mode [ 407.099689][T17882] bridge2: port 1(veth0_to_bond) entered disabled state [ 407.108832][T17880] EXT4-fs error (device loop1) in do_split:2029: Corrupt filesystem [ 407.138762][T13583] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 407.155715][T17891] loop3: detected capacity change from 0 to 128 [ 407.163750][T17891] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 407.180049][T17895] loop0: detected capacity change from 0 to 512 [ 407.197754][T14017] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 407.210185][T17899] loop1: detected capacity change from 0 to 128 [ 407.224514][T17901] loop3: detected capacity change from 0 to 1024 [ 407.250913][T17901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 407.266142][T17901] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.4527: lblock 0 mapped to illegal pblock 0 (length 1) [ 407.287726][T17911] loop1: detected capacity change from 0 to 512 [ 407.297600][T17911] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.4531: iget: bad i_size value: 38620345925642 [ 407.312142][T17911] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4531: couldn't read orphan inode 15 (err -117) [ 407.312144][T17901] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 407.312195][T17901] EXT4-fs (loop3): This should not happen!! Data will be lost [ 407.312195][T17901] [ 407.347685][T17911] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 407.363096][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 407.387437][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.400582][T17919] loop4: detected capacity change from 0 to 128 [ 407.486754][T17924] loop1: detected capacity change from 0 to 128 [ 407.493582][T17924] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 407.505896][T17924] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 407.542943][T17927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 407.552710][T17927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 407.610386][T17933] syzkaller0: entered promiscuous mode [ 407.615894][T17933] syzkaller0: entered allmulticast mode [ 407.622208][T17935] loop2: detected capacity change from 0 to 1764 [ 407.630186][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 407.630200][ T29] audit: type=1400 audit(1193.941:9753): avc: denied { mount } for pid=17934 comm="syz.2.4541" name="/" dev="loop2" ino=1920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 407.659973][ T29] audit: type=1400 audit(1193.972:9754): avc: denied { unmount } for pid=13109 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 407.742280][T17947] loop2: detected capacity change from 0 to 128 [ 407.749040][T17947] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 407.762767][T17947] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 407.788774][T17950] loop2: detected capacity change from 0 to 128 [ 407.812797][ T29] audit: type=1326 audit(1194.129:9755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17951 comm="syz.4.4549" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2f8bcebe9 code=0x0 [ 407.936143][T17956] loop2: detected capacity change from 0 to 128 [ 407.943910][T17956] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 407.965472][T13109] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 407.995545][T17961] loop2: detected capacity change from 0 to 512 [ 408.002410][T17961] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 408.013882][T17961] EXT4-fs (loop2): 1 truncate cleaned up [ 408.020179][T17961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 408.042732][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.108468][T17976] loop0: detected capacity change from 0 to 128 [ 408.112427][T17978] loop1: detected capacity change from 0 to 128 [ 408.117144][T17976] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 408.123096][T17975] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4559'. [ 408.134083][T17976] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 408.209402][T17981] veth0_to_bond: left allmulticast mode [ 408.215141][T17981] veth0_to_bond: left promiscuous mode [ 408.220823][T17981] bridge2: port 1(veth0_to_bond) entered disabled state [ 408.271707][T17989] loop3: detected capacity change from 0 to 512 [ 408.286184][T17987] loop0: detected capacity change from 0 to 1024 [ 408.294931][T17987] EXT4-fs: Ignoring removed nobh option [ 408.300528][T17987] EXT4-fs: Ignoring removed bh option [ 408.305938][T17989] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4564: iget: bad i_size value: 38620345925642 [ 408.306308][T17989] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4564: couldn't read orphan inode 15 (err -117) [ 408.333564][T17989] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 408.334969][T17987] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 408.387492][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.446398][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.469972][T18001] loop2: detected capacity change from 0 to 1024 [ 408.490508][T18001] EXT4-fs: Ignoring removed nobh option [ 408.496250][T18001] EXT4-fs: Ignoring removed bh option [ 408.496778][T18013] loop3: detected capacity change from 0 to 128 [ 408.512963][T18012] loop0: detected capacity change from 0 to 128 [ 408.521118][T18001] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 408.536638][T18012] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 408.549857][T18013] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 408.576721][T18013] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 63: comm syz.3.4573: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 408.598113][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.623703][T14424] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 408.634561][T18021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4576'. [ 408.648562][T18013] EXT4-fs error (device loop3) in do_split:2029: Corrupt filesystem [ 408.671548][T18026] loop0: detected capacity change from 0 to 128 [ 408.689628][T14017] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 408.714048][T18030] loop2: detected capacity change from 0 to 128 [ 408.771485][T18032] loop4: detected capacity change from 0 to 8192 [ 408.827973][T18032] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 409.010527][T18046] loop1: detected capacity change from 0 to 1024 [ 409.017716][T18046] EXT4-fs: Ignoring removed nobh option [ 409.023301][T18046] EXT4-fs: Ignoring removed bh option [ 409.084546][ T29] audit: type=1400 audit(1195.368:9756): avc: denied { listen } for pid=18037 comm="syz.0.4583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 409.223444][T18046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.241840][T18054] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 409.374834][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.416668][T18065] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4592'. [ 409.629966][T18077] loop2: detected capacity change from 0 to 512 [ 409.637357][T18081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4599'. [ 409.649904][T18077] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4596: iget: bad i_size value: 38620345925642 [ 409.692858][T18077] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4596: couldn't read orphan inode 15 (err -117) [ 409.735409][T18077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.845772][T18099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 409.857291][T18099] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 409.867150][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.897713][T18103] loop3: detected capacity change from 0 to 128 [ 410.600724][T18130] loop4: detected capacity change from 0 to 128 [ 410.610287][T18130] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 410.696346][T18132] loop1: detected capacity change from 0 to 1024 [ 410.729100][T18132] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 411.252230][T18142] loop3: detected capacity change from 0 to 512 [ 411.363929][T18142] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 411.409276][ T29] audit: type=1400 audit(1197.909:9757): avc: denied { read } for pid=18139 comm="syz.3.4620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 411.473161][T18153] loop0: detected capacity change from 0 to 512 [ 411.480761][T18153] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 411.494842][T18153] EXT4-fs (loop0): 1 truncate cleaned up [ 411.500876][T18153] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 411.516076][T18153] EXT4-fs error (device loop0): ext4_lookup:1787: inode #16: comm syz.0.4625: iget: bad i_size value: 5497558147880 [ 411.528920][T18153] EXT4-fs (loop0): Remounting filesystem read-only [ 411.550310][T14017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.561437][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.572677][T13754] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 411.977520][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.006346][T18160] loop4: detected capacity change from 0 to 128 [ 412.012885][T18163] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4627'. [ 412.055641][T18165] loop0: detected capacity change from 0 to 512 [ 412.075690][T18165] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 412.113903][T18165] EXT4-fs (loop0): 1 truncate cleaned up [ 412.123247][T18165] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 412.228046][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.331887][T18178] loop2: detected capacity change from 0 to 8192 [ 412.364132][T18178] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 412.402975][T18187] loop0: detected capacity change from 0 to 512 [ 412.426410][T18187] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 412.437745][T18189] loop2: detected capacity change from 0 to 128 [ 412.439996][T18187] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e11c, mo2=0002] [ 412.459200][T18189] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 412.488081][T18187] System zones: 1-12 [ 412.493512][T13109] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 412.516274][T18187] EXT4-fs (loop0): orphan cleanup on readonly fs [ 412.576863][T18187] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4636: bg 0: block 361: padding at end of block bitmap is not set [ 412.610774][T18198] loop1: detected capacity change from 0 to 128 [ 412.622464][T18187] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 412.634500][T18200] loop2: detected capacity change from 0 to 1024 [ 412.634651][T18187] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4636: invalid indirect mapped block 12 (level 1) [ 412.649085][T18200] EXT4-fs: Ignoring removed nobh option [ 412.656230][T18187] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4636: invalid indirect mapped block 2 (level 2) [ 412.659745][T18200] EXT4-fs: Ignoring removed bh option [ 412.674200][T18187] EXT4-fs (loop0): 1 truncate cleaned up [ 412.699158][T18187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 412.713123][T18200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 412.728322][T18204] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4642'. [ 412.760613][T13109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.771436][T14424] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 412.815020][T18208] loop2: detected capacity change from 0 to 128 [ 412.845866][T18208] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 412.895379][T13109] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 412.951657][T18226] netlink: 'syz.2.4650': attribute type 10 has an invalid length. [ 412.975309][T18228] loop4: detected capacity change from 0 to 128 [ 412.984218][T18226] netlink: 'syz.2.4650': attribute type 10 has an invalid length. [ 413.077289][T18230] loop1: detected capacity change from 0 to 1024 [ 413.096589][T18230] EXT4-fs: Ignoring removed nobh option [ 413.102182][T18230] EXT4-fs: Ignoring removed bh option [ 413.112035][T18226] 8021q: adding VLAN 0 to HW filter on device bond4 [ 413.135622][T18230] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 413.176385][T13583] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.509213][T18252] loop2: detected capacity change from 0 to 128 [ 414.571038][T18254] loop4: detected capacity change from 0 to 1024 [ 414.596775][T18252] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 414.634990][T18254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 414.779782][T18267] loop4: detected capacity change from 0 to 128 [ 414.786556][T18267] vfat: Bad value for 'uid' [ 414.791198][T18267] vfat: Bad value for 'uid' [ 414.812297][T18269] netlink: 'syz.4.4665': attribute type 10 has an invalid length. [ 414.823772][T18269] netlink: 'syz.4.4665': attribute type 10 has an invalid length. [ 414.834719][T18269] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 414.851474][T18269] 8021q: adding VLAN 0 to HW filter on device bond4 [ 414.926700][ T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 414.952187][ T36] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 414.998823][T18280] loop3: detected capacity change from 0 to 128 [ 415.005624][T18280] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 415.034142][T18280] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 415.065723][T18288] loop0: detected capacity change from 0 to 128 [ 415.083746][T18293] loop3: detected capacity change from 0 to 128 [ 415.105880][T18295] netlink: 536 bytes leftover after parsing attributes in process `syz.1.4675'. [ 415.112791][T18293] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 20: comm syz.3.4674: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 415.154348][T18293] EXT4-fs error (device loop3) in do_split:2029: Corrupt filesystem [ 415.195162][T18299] netlink: 'syz.1.4677': attribute type 10 has an invalid length. [ 415.203376][T18299] netlink: 'syz.1.4677': attribute type 10 has an invalid length. [ 415.213016][T18299] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 415.228000][T18299] 8021q: adding VLAN 0 to HW filter on device bond3 [ 415.453551][T18305] tipc: Enabling of bearer rejected, failed to enable media [ 415.617457][T18307] loop1: detected capacity change from 0 to 1764 [ 415.806069][T18318] loop1: detected capacity change from 0 to 128 [ 415.833123][T18318] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 415.870553][T18318] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 415.969151][T18325] netlink: 'syz.4.4689': attribute type 10 has an invalid length. [ 415.978560][T18325] netlink: 'syz.4.4689': attribute type 10 has an invalid length. [ 415.994960][T18325] 8021q: adding VLAN 0 to HW filter on device bond5 [ 416.126092][T18333] loop0: detected capacity change from 0 to 128 [ 416.196139][T18335] tipc: Enabling of bearer rejected, failed to enable media [ 416.235052][T18349] loop0: detected capacity change from 0 to 256 [ 416.858304][T18361] loop2: detected capacity change from 0 to 512 [ 416.936486][T18361] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.4703: corrupted in-inode xattr: invalid ea_ino [ 416.988794][T18364] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4704'. [ 417.013607][T18369] loop0: detected capacity change from 0 to 128 [ 417.053228][T18361] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4703: couldn't read orphan inode 15 (err -117) [ 417.153058][ T29] audit: type=1400 audit(1203.946:9758): avc: denied { ioctl } for pid=18374 comm="syz.1.4707" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 417.157897][T18377] loop3: detected capacity change from 0 to 512 [ 417.185480][T18377] EXT4-fs: Ignoring removed nobh option [ 417.192873][T18361] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz.2.4703: invalid fast symlink length 39 [ 417.210301][T18377] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 417.212513][T18381] loop1: detected capacity change from 0 to 512 [ 417.235051][T18377] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4708: invalid indirect mapped block 256 (level 1) [ 417.250313][T18377] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4708: invalid indirect mapped block 2683928664 (level 1) [ 417.265025][T18377] EXT4-fs (loop3): 1 truncate cleaned up [ 417.274080][T18377] EXT4-fs (loop3): Quota file not on filesystem root. Journaled quota will not work [ 417.283694][ T29] audit: type=1400 audit(1204.072:9759): avc: denied { quotaon } for pid=18376 comm="syz.3.4708" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 417.316622][T18381] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.4710: Unimplemented hash flags: 0x0001 [ 417.328168][T18381] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.4710: Corrupt directory, running e2fsck is recommended [ 417.354866][T18383] loop0: detected capacity change from 0 to 4096 [ 417.368823][T18383] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 417.407585][T18371] loop4: detected capacity change from 0 to 512 [ 417.438047][T18371] EXT4-fs (loop4): blocks per group (7872) and clusters per group (32768) inconsistent [ 417.460593][T18393] loop2: detected capacity change from 0 to 256 [ 417.501936][T18395] tipc: Enabling of bearer rejected, failed to enable media [ 417.584389][T18407] loop4: detected capacity change from 0 to 128 [ 417.594515][T18407] bio_check_eod: 102 callbacks suppressed [ 417.594531][T18407] syz.4.4719: attempt to access beyond end of device [ 417.594531][T18407] loop4: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 417.615568][T18407] syz.4.4719: attempt to access beyond end of device [ 417.615568][T18407] loop4: rw=2049, sector=146, nr_sectors = 8 limit=128 [ 417.709510][T18407] syz.4.4719: attempt to access beyond end of device [ 417.709510][T18407] loop4: rw=2049, sector=152, nr_sectors = 2 limit=128 [ 417.723209][T18407] buffer_io_error: 46 callbacks suppressed [ 417.723223][T18407] Buffer I/O error on dev loop4, logical block 76, lost async page write [ 417.814274][T18407] syz.4.4719: attempt to access beyond end of device [ 417.814274][T18407] loop4: rw=2049, sector=170, nr_sectors = 8 limit=128 [ 417.926546][T18419] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4723'. [ 417.971233][T18407] syz.4.4719: attempt to access beyond end of device [ 417.971233][T18407] loop4: rw=2049, sector=176, nr_sectors = 2 limit=128 [ 417.984803][T18407] Buffer I/O error on dev loop4, logical block 88, lost async page write [ 418.078226][T18407] syz.4.4719: attempt to access beyond end of device [ 418.078226][T18407] loop4: rw=2049, sector=178, nr_sectors = 8 limit=128 [ 418.094979][T18407] syz.4.4719: attempt to access beyond end of device [ 418.094979][T18407] loop4: rw=2049, sector=184, nr_sectors = 2 limit=128 [ 418.108453][T18407] Buffer I/O error on dev loop4, logical block 92, lost async page write [ 418.118502][T18407] syz.4.4719: attempt to access beyond end of device [ 418.118502][T18407] loop4: rw=2049, sector=202, nr_sectors = 8 limit=128 [ 418.148783][T18407] syz.4.4719: attempt to access beyond end of device [ 418.148783][T18407] loop4: rw=2049, sector=208, nr_sectors = 2 limit=128 [ 418.162466][T18407] Buffer I/O error on dev loop4, logical block 104, lost async page write [ 418.182918][T18407] syz.4.4719: attempt to access beyond end of device [ 418.182918][T18407] loop4: rw=2049, sector=210, nr_sectors = 8 limit=128 [ 418.197430][T18407] Buffer I/O error on dev loop4, logical block 108, lost async page write [ 418.216569][T18407] Buffer I/O error on dev loop4, logical block 120, lost async page write [ 418.346261][T18407] Buffer I/O error on dev loop4, logical block 124, lost async page write [ 418.432316][T18407] Buffer I/O error on dev loop4, logical block 80, lost async page write [ 418.449136][T18407] Buffer I/O error on dev loop4, logical block 84, lost async page write [ 418.458468][T18407] Buffer I/O error on dev loop4, logical block 112, lost async page write [ 418.484607][T18442] loop3: detected capacity change from 0 to 128 [ 418.493279][T18442] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 418.506740][T18442] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 418.532941][T18445] tipc: Enabling of bearer rejected, failed to enable media [ 418.680851][ T29] audit: type=1400 audit(1211.546:9760): avc: denied { bind } for pid=18459 comm="syz.2.4737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 418.700378][T18457] loop4: detected capacity change from 0 to 4096 [ 418.730548][ T29] audit: type=1400 audit(1211.578:9761): avc: denied { listen } for pid=18459 comm="syz.2.4737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 418.749897][ T29] audit: type=1400 audit(1211.578:9762): avc: denied { accept } for pid=18459 comm="syz.2.4737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 418.769210][ T29] audit: type=1400 audit(1211.578:9763): avc: denied { read } for pid=18459 comm="syz.2.4737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 418.918350][T18466] loop2: detected capacity change from 0 to 128 [ 419.133209][T18472] loop4: detected capacity change from 0 to 128 [ 419.139830][T18472] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 419.153899][T18472] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 419.610065][T18486] loop1: detected capacity change from 0 to 128 [ 419.647442][T18489] netlink: 'syz.2.4747': attribute type 10 has an invalid length. [ 419.668485][T18489] netlink: 'syz.2.4747': attribute type 10 has an invalid length. [ 419.689667][T18489] 8021q: adding VLAN 0 to HW filter on device bond5 [ 419.717718][T18489] bond1: (slave macvlan4): Error -98 calling set_mac_address [ 419.831549][T18497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 419.843938][T18499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4752'. [ 419.853160][T18497] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 419.868421][T18501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 419.885546][T18501] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 419.902554][T18503] loop3: detected capacity change from 0 to 128 [ 419.909526][T18503] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 419.922786][T18503] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 420.006254][T18511] loop3: detected capacity change from 0 to 128 [ 420.015543][ T29] audit: type=1326 audit(1212.943:9764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18508 comm="syz.2.4756" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f39984febe9 code=0x0 [ 420.091562][T18517] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4758'. [ 420.589788][ T29] audit: type=1400 audit(1213.541:9765): avc: denied { read } for pid=18526 comm="syz.3.4761" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 420.613217][ T29] audit: type=1400 audit(1213.541:9766): avc: denied { open } for pid=18526 comm="syz.3.4761" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 420.636879][ T29] audit: type=1400 audit(1213.541:9767): avc: denied { ioctl } for pid=18526 comm="syz.3.4761" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 420.846404][T18535] loop2: detected capacity change from 0 to 128 [ 420.902434][T18541] loop1: detected capacity change from 0 to 128 [ 420.909386][T18541] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 420.921741][T18541] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 421.609650][T18580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 421.618231][T18580] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 421.673977][T18584] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4785'. [ 421.922052][T18592] tipc: Enabled bearer , priority 0 [ 421.930469][T18592] syzkaller0: entered promiscuous mode [ 421.936071][T18592] syzkaller0: entered allmulticast mode [ 421.952953][T18592] tipc: Resetting bearer [ 421.959801][T18591] tipc: Resetting bearer [ 421.972992][T18591] tipc: Disabling bearer [ 422.164103][T18598] loop1: detected capacity change from 0 to 1024 [ 422.445767][T18605] loop4: detected capacity change from 0 to 2048 [ 422.815851][T18609] loop0: detected capacity change from 0 to 8192 [ 422.846552][T18613] loop3: detected capacity change from 0 to 1024 [ 422.854746][T18613] EXT4-fs: inline encryption not supported [ 422.862192][T18613] EXT4-fs: Ignoring removed bh option [ 423.010563][T18609] loop0: p1 p2 < > p3 p4 < p5 > [ 423.015593][T18609] loop0: partition table partially beyond EOD, truncated [ 423.133926][T18609] loop0: p1 size 100663296 extends beyond EOD, truncated [ 423.276569][T18613] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 423.293160][T18609] loop0: p2 start 591104 is beyond EOD, truncated [ 423.299663][T18609] loop0: p3 start 33572980 is beyond EOD, truncated [ 423.302918][T18613] EXT4-fs (loop3): Remounting filesystem read-only [ 423.307639][T18609] loop0: p5 size 100663296 extends beyond EOD, truncated [ 424.046313][T18641] loop2: detected capacity change from 0 to 512 [ 424.053068][T18641] EXT4-fs: test_dummy_encryption option not supported [ 425.023184][T18651] loop2: detected capacity change from 0 to 256 [ 425.031590][T18651] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 425.044213][T18651] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 425.965670][T18669] loop4: detected capacity change from 0 to 128 [ 426.324015][T18677] loop4: detected capacity change from 0 to 1024 [ 426.359607][T18681] tipc: Enabled bearer , priority 0 [ 426.424683][T18682] syzkaller0: entered promiscuous mode [ 426.430388][T18682] syzkaller0: entered allmulticast mode [ 426.474705][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 426.474721][ T29] audit: type=1400 audit(1219.703:9770): avc: denied { map } for pid=18683 comm="syz.2.4818" path="socket:[70202]" dev="sockfs" ino=70202 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 426.514852][T18681] tipc: Resetting bearer [ 426.522342][T18680] tipc: Resetting bearer [ 426.527858][T18689] loop2: detected capacity change from 0 to 164 [ 426.540176][T18680] tipc: Disabling bearer [ 426.554115][T18691] loop2: detected capacity change from 0 to 128 [ 427.153000][T18715] loop4: detected capacity change from 0 to 1024 [ 428.079641][T18725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 428.108256][T18725] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 428.346677][T18733] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4834'. [ 428.379129][T18733] bridge_slave_0: entered promiscuous mode [ 428.417095][T18733] erspan0: entered promiscuous mode [ 428.457631][T18733] 8021q: adding VLAN 0 to HW filter on device bond0 [ 428.478397][T18733] 8021q: adding VLAN 0 to HW filter on device team0 [ 428.495969][T18733] tipc: Resetting bearer [ 428.510111][T18733] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 429.044265][T18745] loop2: detected capacity change from 0 to 512 [ 429.194315][T18749] loop4: detected capacity change from 0 to 128 [ 429.450753][T18765] loop3: detected capacity change from 0 to 128 [ 429.477778][ T29] audit: type=1400 audit(1222.874:9771): avc: denied { execute } for pid=18763 comm="syz.3.4846" name="file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 429.510635][T18771] loop1: detected capacity change from 0 to 128 [ 429.517322][ T29] audit: type=1400 audit(1222.874:9772): avc: denied { execute_no_trans } for pid=18763 comm="syz.3.4846" path="/349/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 429.630940][T18780] loop2: detected capacity change from 0 to 512 [ 429.638034][T18780] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent [ 429.687826][T18784] futex_wake_op: syz.1.4854 tries to shift op by -1; fix this program [ 429.775194][T18791] loop1: detected capacity change from 0 to 512 [ 429.831877][T18791] EXT4-fs (loop1): blocks per group (7872) and clusters per group (32768) inconsistent [ 430.084342][T18797] netlink: 'syz.4.4858': attribute type 10 has an invalid length. [ 430.161856][T18797] netlink: 'syz.4.4858': attribute type 10 has an invalid length. [ 430.243170][T18802] bond1: (slave macvlan5): Error -98 calling set_mac_address [ 430.611115][T18814] netlink: 'syz.4.4865': attribute type 16 has an invalid length. [ 430.619127][T18814] netlink: 'syz.4.4865': attribute type 17 has an invalid length. [ 430.913500][T13754] ================================================================== [ 430.921654][T13754] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr [ 430.929599][T13754] [ 430.931953][T13754] read-write to 0xffff888119c24b00 of 8 bytes by task 18815 on cpu 0: [ 430.940130][T13754] shmem_add_to_page_cache+0x414/0x530 [ 430.945634][T13754] shmem_get_folio_gfp+0x4e8/0xd60 [ 430.950784][T13754] shmem_write_begin+0xa8/0x190 [ 430.955662][T13754] generic_perform_write+0x184/0x490 [ 430.960967][T13754] shmem_file_write_iter+0xc5/0xf0 [ 430.966101][T13754] __kernel_write_iter+0x2d3/0x540 [ 430.971228][T13754] dump_user_range+0x61e/0x8f0 [ 430.976021][T13754] elf_core_dump+0x1e00/0x1f90 [ 430.980808][T13754] coredump_write+0xb0d/0xe30 [ 430.985511][T13754] vfs_coredump+0x142f/0x20c0 [ 430.990215][T13754] get_signal+0xd85/0xf70 [ 430.994596][T13754] arch_do_signal_or_restart+0x96/0x480 [ 431.000165][T13754] irqentry_exit_to_user_mode+0x5e/0xa0 [ 431.005743][T13754] irqentry_exit+0x12/0x50 [ 431.010183][T13754] asm_exc_page_fault+0x26/0x30 [ 431.015060][T13754] [ 431.017417][T13754] read to 0xffff888119c24b00 of 8 bytes by task 13754 on cpu 1: [ 431.025117][T13754] shmem_getattr+0x68/0x200 [ 431.029654][T13754] vfs_getattr_nosec+0x143/0x1e0 [ 431.034615][T13754] vfs_statx+0x113/0x390 [ 431.038886][T13754] vfs_fstatat+0x115/0x170 [ 431.043332][T13754] __se_sys_newfstatat+0x55/0x260 [ 431.048393][T13754] __x64_sys_newfstatat+0x55/0x70 [ 431.053448][T13754] x64_sys_call+0x135a/0x2ff0 [ 431.058147][T13754] do_syscall_64+0xd2/0x200 [ 431.062681][T13754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.068597][T13754] [ 431.070948][T13754] value changed: 0x00000000000021d7 -> 0x00000000000021da [ 431.078068][T13754] [ 431.080416][T13754] Reported by Kernel Concurrency Sanitizer on: [ 431.086588][T13754] CPU: 1 UID: 0 PID: 13754 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) [ 431.096596][T13754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.106689][T13754] ================================================================== [ 431.486630][T18822] loop4: detected capacity change from 0 to 128