last executing test programs: 1.050598574s ago: executing program 1 (id=9765): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000d00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto, @ptr]}}, &(0x7f0000000140)=""/227, 0x32, 0xe3, 0x1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000000b5c0)={0x8, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x7, 0x94, &(0x7f00000000c0)=""/148}, 0x80) 990.677715ms ago: executing program 1 (id=9769): r0 = socket(0x10, 0x803, 0x0) getsockopt$sock_int(r0, 0x1, 0xc, 0x0, &(0x7f0000000280)) 898.979667ms ago: executing program 1 (id=9776): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x70bd26, 0x6, {0xa, 0x14, 0x80, 0x0, 0xfe, 0x0, 0x0, 0x2, 0xb00}}, 0x1c}, 0x1, 0x0, 0x0, 0x20044080}, 0x40000d0) 831.879587ms ago: executing program 1 (id=9780): r0 = socket$can_raw(0x1d, 0x3, 0x1) recvfrom(r0, 0x0, 0x0, 0x10040, 0x0, 0x0) 790.192048ms ago: executing program 1 (id=9785): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) getxattr(&(0x7f0000000300)='./file0\x00', &(0x7f00000004c0)=@known='security.selinux\x00', &(0x7f0000000500)=""/1, 0x1a) 709.217609ms ago: executing program 1 (id=9791): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) syz_usb_connect$uac1(0x5, 0x93, &(0x7f0000000180)=ANY=[@ANYBLOB="12010002000000086b1d01014000010203010902810005010750350904000000010100000a24010000090201020b24080409000738f7800209040101010102000008240201070217f709050109ff0303800907250183050180090402000001"], 0x0) 327.204786ms ago: executing program 2 (id=9815): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xc, 0x0, 0x7ffc1ffb}]}) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) 327.136655ms ago: executing program 3 (id=9816): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x24, 0x1, 0x4, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_NLBUFSIZ={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800e}, 0x400c800) 316.956866ms ago: executing program 0 (id=9817): r0 = open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0) fcntl$setlease(r0, 0x400, 0x1000000) 311.333726ms ago: executing program 2 (id=9818): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002440)={0x0, 0x0, &(0x7f0000002400)={&(0x7f0000002380)=@ipv6_deladdr={0x2c, 0x15, 0x1, 0x70bd28, 0x25dfdbfb, {0xa, 0x18, 0xa}, [@IFA_CACHEINFO={0xfffffffffffffe55, 0x6, {0x3, 0x385fd33a, 0x5, 0x3}}]}, 0x2c}}, 0x4008080) 298.184136ms ago: executing program 4 (id=9819): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x52, 0x1, 0x70bd25, 0x0, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @uid}]}, 0x1c}}, 0x0) 247.569316ms ago: executing program 0 (id=9820): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffe}}) 243.088867ms ago: executing program 0 (id=9830): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x4a, 0xffffffffffffffff, &(0x7f0000000040)) 242.942197ms ago: executing program 3 (id=9821): r0 = socket$nl_route(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="240000005800410f9c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24) 242.625697ms ago: executing program 4 (id=9822): r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040), 0x80800, 0x0) read$usbmon(r0, 0x0, 0x0) 208.083987ms ago: executing program 4 (id=9823): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x0) 207.608087ms ago: executing program 2 (id=9824): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x25dfdbfc, {0x5}}, 0x14}}, 0x0) 190.403348ms ago: executing program 0 (id=9825): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000007c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0x80605414, 0x0) 188.857348ms ago: executing program 3 (id=9826): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000001600)=[{{&(0x7f0000000080)={0xa, 0x4e22, 0x9, @mcast2, 0x80000000}, 0x1c, 0x0, 0x0, &(0x7f0000000280)=[@rthdr={{0x28, 0x29, 0x39, {0x2c, 0x2, 0x2, 0x1, 0x2fc, [@private2]}}}], 0x28}}], 0x1, 0x20000000) 151.835468ms ago: executing program 4 (id=9827): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FIGETBSZ(r0, 0x2, 0x0) 151.113748ms ago: executing program 2 (id=9838): r0 = socket$nl_route(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="240000005800410f9c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24) 108.111029ms ago: executing program 3 (id=9828): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000015a6000003"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) 107.647139ms ago: executing program 2 (id=9829): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42005}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0) 106.886199ms ago: executing program 0 (id=9841): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x12) 77.419809ms ago: executing program 4 (id=9831): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffe}}) 76.823829ms ago: executing program 3 (id=9843): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x25dfdbfc, {0x5}}, 0x14}}, 0x0) 14.87709ms ago: executing program 4 (id=9832): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000001280)={{r0}}) 11.12044ms ago: executing program 0 (id=9833): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x36, &(0x7f00000011c0)=[{&(0x7f00000000c0)={0x1c, 0x76, 0x1, 0x4, 0x1, "", [@nested={0xc, 0xcb, 0x0, 0x1, [@typed={0x8, 0x2f, 0x0, 0x0, @ipv4=@private=0xa010100}]}]}, 0x1c}], 0x1}, 0x4044070) 452.52µs ago: executing program 3 (id=9834): r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) mmap(&(0x7f0000ff0000/0xd000)=nil, 0xd000, 0x400001b, 0x28011, r0, 0xe7ce3000) 0s ago: executing program 2 (id=9847): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x12) kernel console output (not intermixed with test programs): b 5-1: USB disconnect, device number 91 [ 210.598946][T11480] netlink: 'syz.3.5396': attribute type 5 has an invalid length. [ 210.831776][T11526] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 210.993287][T11558] Zero length message leads to an empty skb [ 211.430114][T11634] xt_hashlimit: invalid interval [ 211.460800][T11638] netlink: 'syz.2.5473': attribute type 49 has an invalid length. [ 211.507717][T11644] x_tables: duplicate underflow at hook 3 [ 211.821981][T11696] loop3: detected capacity change from 0 to 8192 [ 211.849740][T11696] loop3: p2 p3 p4 [ 211.856481][T11696] loop3: p2 size 64053 extends beyond EOD, truncated [ 211.877227][T11696] loop3: p3 start 65280 is beyond EOD, truncated [ 211.894039][T11696] loop3: p4 size 50331904 extends beyond EOD, truncated [ 211.906453][ T868] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 211.918740][ T868] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 211.940855][ T868] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 212.005255][T11731] Driver unsupported XDP return value 0 on prog (id 427) dev N/A, expect packet loss! [ 212.053208][ T868] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 212.053841][T11338] udevd[11338]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 212.072188][T11196] udevd[11196]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 212.200315][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 212.270017][T11770] loop2: detected capacity change from 0 to 128 [ 212.278681][T11771] device bridge3 entered promiscuous mode [ 212.366330][T11785] TCP: TCP_TX_DELAY enabled [ 212.521381][T11815] 8021q: VLANs not supported on lo [ 212.601517][ T461] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 212.669019][T11838] loop3: detected capacity change from 0 to 256 [ 212.814919][T11868] x_tables: duplicate underflow at hook 2 [ 212.958656][ T468] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 213.436291][T11989] xt_hashlimit: Unknown mode mask 100000, kernel too old? [ 213.631863][T12025] x_tables: ip_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 213.784381][T12056] netlink: 'syz.4.5681': attribute type 15 has an invalid length. [ 213.813778][T12060] device veth1_to_team left promiscuous mode [ 213.845109][T12060] device vlan0 left promiscuous mode [ 213.853164][T12060] device vti0 left promiscuous mode [ 213.865231][T12060] device ip6gretap2 left promiscuous mode [ 213.946005][T12076] xt_l2tp: missing protocol rule (udp|l2tpip) [ 213.985423][T12081] __nla_validate_parse: 12 callbacks suppressed [ 213.985445][T12081] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5694'. [ 214.440674][T12179] netlink: 'syz.4.5740': attribute type 12 has an invalid length. [ 214.485792][T12189] xt_TPROXY: Can be used only with -p tcp or -p udp [ 214.510483][T12193] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5747'. [ 214.724201][T12235] xt_TPROXY: Can be used only with -p tcp or -p udp [ 214.751934][ T28] kauditd_printk_skb: 79 callbacks suppressed [ 214.751951][ T28] audit: type=1400 audit(2000000000.267:1924): avc: denied { mac_admin } for pid=12241 comm="syz.0.5772" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 214.779773][T12242] SELinux: Context c *:* w is not valid (left unmapped). [ 214.922910][ T28] audit: type=1400 audit(2000000000.424:1925): avc: denied { write } for pid=12263 comm="syz.3.5785" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 214.973053][ T28] audit: type=1400 audit(2000000000.461:1926): avc: denied { write } for pid=12270 comm="syz.4.5787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 214.997023][T12275] xt_TCPMSS: Only works on TCP SYN packets [ 215.046497][ T28] audit: type=1400 audit(2000000000.535:1927): avc: denied { create } for pid=12282 comm="syz.4.5793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 215.092302][T12289] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5795'. [ 215.101866][ T28] audit: type=1400 audit(2000000000.563:1928): avc: denied { setopt } for pid=12282 comm="syz.4.5793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 215.159908][ T28] audit: type=1400 audit(2000000000.563:1929): avc: denied { create } for pid=12286 comm="syz.1.5794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 215.196699][ T28] audit: type=1400 audit(2000000000.563:1930): avc: denied { ioctl } for pid=12286 comm="syz.1.5794" path="socket:[52107]" dev="sockfs" ino=52107 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 215.219681][T12307] device bridge_slave_0 left promiscuous mode [ 215.249858][T12307] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.255116][ T28] audit: type=1326 audit(2000000000.673:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12303 comm="syz.0.5803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 215.282011][ T28] audit: type=1326 audit(2000000000.673:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12303 comm="syz.0.5803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 215.282095][T12307] device bridge_slave_1 left promiscuous mode [ 215.307437][ T28] audit: type=1326 audit(2000000000.673:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12303 comm="syz.0.5803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 215.330308][T12307] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.362331][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.376960][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.386101][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.396934][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.405976][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.419259][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.433587][T12311] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5805'. [ 215.450528][ T461] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 215.570988][T12351] netlink: 'syz.0.5827': attribute type 3 has an invalid length. [ 215.614330][T12360] bridge0: port 3(veth1_macvtap) entered blocking state [ 215.639530][T12360] bridge0: port 3(veth1_macvtap) entered disabled state [ 215.656339][ T461] usb 4-1: Using ep0 maxpacket: 32 [ 215.662739][ T461] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.695973][ T461] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.718435][ T461] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 215.748945][ T461] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 215.779551][ T461] usb 4-1: Product: syz [ 215.783794][ T461] usb 4-1: Manufacturer: syz [ 215.803131][ T461] hub 4-1:4.0: USB hub found [ 215.834750][T12396] xt_ecn: cannot match TCP bits for non-tcp packets [ 216.021079][ T461] hub 4-1:4.0: 9 ports detected [ 216.029910][ T461] hub 4-1:4.0: insufficient power available to use all downstream ports [ 216.053994][T12439] xt_ecn: cannot match TCP bits for non-tcp packets [ 216.238302][ T461] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 216.245605][ T461] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 216.306959][ T461] usb 4-1: USB disconnect, device number 88 [ 216.436399][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 216.683815][T12557] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 216.691314][T12559] loop1: detected capacity change from 0 to 256 [ 216.727002][T12563] xt_CT: No such helper "snmp" [ 216.738277][T12559] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 217.213278][T12653] xt_NFQUEUE: number of total queues is 0 [ 217.671212][T12745] SELinux: security_context_str_to_sid (defcontext) failed with errno=-22 [ 217.686943][T12751] IPv6: NLM_F_CREATE should be specified when creating new route [ 217.719772][T12757] netlink: 'syz.4.6026': attribute type 9 has an invalid length. [ 217.956371][T12806] netlink: 'syz.3.6050': attribute type 5 has an invalid length. [ 217.996617][ T868] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 218.203321][T12857] xt_connbytes: Forcing CT accounting to be enabled [ 218.203616][ T868] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 218.257241][ T868] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 218.291008][ T868] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 218.308865][ T868] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 218.321527][ T868] usb 3-1: SerialNumber: syz [ 218.477488][T12905] xt_CT: You must specify a L4 protocol and not use inversions on it [ 218.566839][ T868] usb 3-1: 0:2 : does not exist [ 218.582846][ T868] usb 3-1: USB disconnect, device number 88 [ 218.606076][T12931] netlink: 'syz.0.6112': attribute type 3 has an invalid length. [ 218.739219][T12952] xt_TCPMSS: Only works on TCP SYN packets [ 218.842376][T11196] udevd[11196]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 219.042677][T13014] xt_hashlimit: max too large, truncated to 1048576 [ 219.049899][T13014] xt_hashlimit: overflow, try lower: 0/0 [ 219.082089][T13020] xt_TPROXY: Can be used only with -p tcp or -p udp [ 219.154495][T13033] xt_TCPMSS: Only works on TCP SYN packets [ 219.262456][T13053] xt_SECMARK: invalid security context 'unconfined' [ 219.444465][T13096] __nla_validate_parse: 39 callbacks suppressed [ 219.444487][T13096] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6194'. [ 219.511634][T13103] loop1: detected capacity change from 0 to 512 [ 219.565271][T13108] loop2: detected capacity change from 0 to 2048 [ 219.579729][T13103] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 219.601349][T13125] tc_dump_action: action bad kind [ 219.610768][T13103] ext4 filesystem being mounted at /1282/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 219.620677][T13108] loop2: p1 < > p3 [ 219.628860][T13108] loop2: p3 size 134217728 extends beyond EOD, truncated [ 219.709517][ T285] EXT4-fs (loop1): unmounting filesystem. [ 219.726426][ T283] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 219.733710][T11196] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 219.743343][T12471] I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 219.772629][T12471] I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.781118][T11196] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.816943][T12471] Buffer I/O error on dev loop2p3, logical block 8, async page read [ 219.822291][T11196] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 219.825032][T12471] I/O error, dev loop2, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.850916][T11196] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.903430][T12471] Buffer I/O error on dev loop2p3, logical block 9, async page read [ 219.906410][T11196] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 219.936498][T12471] I/O error, dev loop2, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.959104][T12471] Buffer I/O error on dev loop2p3, logical block 10, async page read [ 219.972494][T11196] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.997086][T13163] device bridge3 entered promiscuous mode [ 220.006866][T12471] I/O error, dev loop2, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 220.014773][T11196] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 220.029091][T12471] Buffer I/O error on dev loop2p3, logical block 11, async page read [ 220.038056][T13167] netlink: 76 bytes leftover after parsing attributes in process `syz.4.6226'. [ 220.048864][T11196] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 220.058297][T13167] netlink: 72 bytes leftover after parsing attributes in process `syz.4.6226'. [ 220.076043][T12471] Buffer I/O error on dev loop2p3, logical block 12, async page read [ 220.087683][T11196] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 220.097476][T12471] Buffer I/O error on dev loop2p3, logical block 13, async page read [ 220.109582][T13167] netlink: 'syz.4.6226': attribute type 3 has an invalid length. [ 220.141744][T13167] netlink: 11 bytes leftover after parsing attributes in process `syz.4.6226'. [ 220.166801][T12471] udevd[12471]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 220.169521][T11196] udevd[11196]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 220.202728][T13188] loop3: detected capacity change from 0 to 512 [ 220.253934][T13188] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 220.267057][T11261] udevd[11261]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 220.287878][T13202] xt_connbytes: Forcing CT accounting to be enabled [ 220.288567][T11196] udevd[11196]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 220.295276][T13202] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat' [ 220.321367][T11261] udevd[11261]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 220.338658][T13206] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6249'. [ 220.349763][T11196] udevd[11196]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 220.366620][T11261] udevd[11261]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 220.403293][T11196] udevd[11196]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 220.453201][T11261] udevd[11261]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 220.499549][T13227] netlink: 'syz.2.6257': attribute type 5 has an invalid length. [ 220.660399][T13259] xt_bpf: check failed: parse error [ 220.695207][ T28] kauditd_printk_skb: 63 callbacks suppressed [ 220.695223][ T28] audit: type=1326 audit(2000000005.752:1997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13268 comm="syz.0.6279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 220.727144][T13267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6278'. [ 220.747599][ T28] audit: type=1326 audit(2000000005.798:1998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13268 comm="syz.0.6279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 220.748380][T13267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6278'. [ 220.771613][ T28] audit: type=1326 audit(2000000005.798:1999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13268 comm="syz.0.6279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 220.797948][T13267] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 220.810652][ T28] audit: type=1326 audit(2000000005.798:2000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13268 comm="syz.0.6279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 220.819044][T13267] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 220.849731][ T28] audit: type=1326 audit(2000000005.798:2001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13268 comm="syz.0.6279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85918e929 code=0x7ffc0000 [ 220.860205][T13278] bridge0: port 3(veth0_vlan) entered blocking state [ 220.912812][T13287] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1006 sclass=netlink_audit_socket pid=13287 comm=syz.0.6287 [ 220.927726][T13278] bridge0: port 3(veth0_vlan) entered disabled state [ 220.950030][T13278] bridge0: port 3(veth0_vlan) entered blocking state [ 220.956824][T13278] bridge0: port 3(veth0_vlan) entered forwarding state [ 220.999139][T13299] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 221.015578][T13301] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6294'. [ 221.062859][T13312] xt_l2tp: invalid flags combination: c [ 221.073001][T13314] loop2: detected capacity change from 0 to 256 [ 221.091544][T13314] exfat: Deprecated parameter 'namecase' [ 221.112787][T13314] exfat: Deprecated parameter 'utf8' [ 221.119953][T13320] xt_TCPMSS: Only works on TCP SYN packets [ 221.120956][T13314] exfat: Deprecated parameter 'namecase' [ 221.140297][T13314] exfat: Deprecated parameter 'utf8' [ 221.148176][T13314] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 221.166110][T13324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6306'. [ 221.197331][T13324] device vlan0 entered promiscuous mode [ 221.205355][T13324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6306'. [ 221.213205][ T28] audit: type=1400 audit(2000000006.222:2002): avc: denied { write } for pid=13313 comm="syz.2.6300" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 221.300440][ T28] audit: type=1400 audit(2000000006.259:2003): avc: denied { add_name } for pid=13313 comm="syz.2.6300" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 221.352767][ T28] audit: type=1400 audit(2000000006.259:2004): avc: denied { create } for pid=13313 comm="syz.2.6300" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 221.378997][T13354] device batadv_slave_0 entered promiscuous mode [ 221.417559][T13354] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 221.420609][ T28] audit: type=1400 audit(2000000006.259:2005): avc: denied { associate } for pid=13313 comm="syz.2.6300" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 221.549219][ T28] audit: type=1400 audit(2000000006.278:2006): avc: denied { sqpoll } for pid=13335 comm="syz.1.6311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 222.133988][T13484] netlink: 'syz.2.6385': attribute type 7 has an invalid length. [ 222.161100][T13484] netlink: 'syz.2.6385': attribute type 5 has an invalid length. [ 222.180949][T13490] netlink: 'syz.4.6388': attribute type 12 has an invalid length. [ 222.215863][T13499] loop1: detected capacity change from 0 to 256 [ 222.699631][T13591] ip_tunnel: non-ECT from 10.1.1.1 with TOS=0x9a [ 223.016149][T13659] xt_TCPMSS: Only works on TCP SYN packets [ 223.112452][T13677] xt_hashlimit: overflow, try lower: 9223372036854775807/9 [ 223.196227][T13693] loop1: detected capacity change from 0 to 256 [ 223.228858][T13693] exfat: Deprecated parameter 'namecase' [ 223.261952][T13693] exfat: Deprecated parameter 'utf8' [ 223.272068][T13693] exfat: Deprecated parameter 'namecase' [ 223.286130][T13693] exfat: Deprecated parameter 'utf8' [ 223.313898][T13693] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 223.327439][T13708] netlink: 'syz.3.6497': attribute type 16 has an invalid length. [ 223.391005][T13716] netlink: 'syz.4.6500': attribute type 5 has an invalid length. [ 223.506231][T13729] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 223.562009][T13731] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 223.660916][T13744] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 223.705191][T13744] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 223.753088][T13744] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 223.927530][T13770] x_tables: duplicate entry at hook 2 [ 223.933320][T13769] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=13769 comm=syz.2.6524 [ 224.399180][T13811] loop1: detected capacity change from 0 to 4096 [ 224.452996][T13811] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 224.616309][ T285] EXT4-fs (loop1): unmounting filesystem. [ 225.278134][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 225.495471][T13917] loop2: detected capacity change from 0 to 512 [ 225.519208][T13917] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 225.560767][T13917] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 225.576567][T13917] System zones: 1-12 [ 225.583126][T13917] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 225.597354][T13917] EXT4-fs (loop2): 1 truncate cleaned up [ 225.603045][T13917] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 225.612068][T13928] netlink: 'syz.1.6603': attribute type 5 has an invalid length. [ 225.635256][ T283] EXT4-fs (loop2): unmounting filesystem. [ 225.814299][T13946] netlink: 'syz.1.6613': attribute type 9 has an invalid length. [ 225.832149][T13946] netlink: 'syz.1.6613': attribute type 6 has an invalid length. [ 225.840054][T13946] netlink: 'syz.1.6613': attribute type 7 has an invalid length. [ 225.858009][T13946] netlink: 'syz.1.6613': attribute type 8 has an invalid length. [ 225.927908][T13960] __nla_validate_parse: 11 callbacks suppressed [ 225.927932][T13960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6618'. [ 225.987499][T13960] bridge0: port 3(veth0_vlan) entered disabled state [ 226.009470][T13960] device bridge_slave_1 left promiscuous mode [ 226.016224][T13960] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.038492][T13960] device bridge_slave_0 left promiscuous mode [ 226.045214][T13960] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.148469][T13977] bridge0: port 3(veth0_to_bridge) entered blocking state [ 226.155665][T13977] bridge0: port 3(veth0_to_bridge) entered disabled state [ 226.161757][ T28] kauditd_printk_skb: 411 callbacks suppressed [ 226.161777][ T28] audit: type=1400 audit(2000000010.791:2418): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 226.194733][T13977] device veth0_to_bridge entered promiscuous mode [ 226.201346][T13978] xt_limit: Overflow, try lower: 65536/2147483648 [ 226.205563][ T28] audit: type=1400 audit(2000000010.827:2419): avc: denied { read write } for pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 226.261849][ T28] audit: type=1400 audit(2000000010.827:2420): avc: denied { open } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 226.291755][T13964] loop2: detected capacity change from 0 to 40427 [ 226.333231][T13964] F2FS-fs (loop2): Image doesn't support compression [ 226.352667][ T28] audit: type=1400 audit(2000000010.827:2421): avc: denied { ioctl } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 226.394059][T13964] F2FS-fs (loop2): invalid crc value [ 226.444797][ T28] audit: type=1326 audit(2000000010.864:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13980 comm="syz.1.6631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f558e929 code=0x7ffc0000 [ 226.473866][T13964] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 226.494756][ T28] audit: type=1326 audit(2000000010.864:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13980 comm="syz.1.6631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f22f558e929 code=0x7ffc0000 [ 226.548352][ T28] audit: type=1326 audit(2000000010.864:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13980 comm="syz.1.6631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f558e929 code=0x7ffc0000 [ 226.574135][ T28] audit: type=1326 audit(2000000010.864:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13980 comm="syz.1.6631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f558e929 code=0x7ffc0000 [ 226.613645][T13964] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 226.619178][ T28] audit: type=1400 audit(2000000010.874:2426): avc: denied { read write } for pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 226.693586][ T28] audit: type=1400 audit(2000000010.874:2427): avc: denied { read write open } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 226.730949][T14022] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6650'. [ 227.056807][T14055] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6665'. [ 227.198332][T14075] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 227.599080][T14126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6700'. [ 227.661221][T14134] loop3: detected capacity change from 0 to 256 [ 227.706143][T14134] FAT-fs (loop3): Directory bread(block 64) failed [ 227.713908][T14134] FAT-fs (loop3): Directory bread(block 65) failed [ 227.729069][T14134] FAT-fs (loop3): Directory bread(block 66) failed [ 227.748108][T14134] FAT-fs (loop3): Directory bread(block 67) failed [ 227.779643][T14134] FAT-fs (loop3): Directory bread(block 68) failed [ 227.798464][T14134] FAT-fs (loop3): Directory bread(block 69) failed [ 227.812806][T14134] FAT-fs (loop3): Directory bread(block 70) failed [ 227.836910][T14134] FAT-fs (loop3): Directory bread(block 71) failed [ 227.851755][T14134] FAT-fs (loop3): Directory bread(block 72) failed [ 227.874090][T14134] FAT-fs (loop3): Directory bread(block 73) failed [ 228.037239][T14162] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 228.257362][T14186] netlink: 'syz.3.6731': attribute type 6 has an invalid length. [ 228.463802][ T468] usb 5-1: new high-speed USB device number 92 using dummy_hcd [ 228.669736][ T468] usb 5-1: Using ep0 maxpacket: 16 [ 228.677023][ T468] usb 5-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 228.713110][T14250] loop3: detected capacity change from 0 to 256 [ 228.720022][ T468] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 228.725015][T14251] loop2: detected capacity change from 0 to 512 [ 228.741586][T14250] exfat: Deprecated parameter 'utf8' [ 228.744267][T14255] netlink: 'syz.0.6764': attribute type 2 has an invalid length. [ 228.758800][T14251] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 228.781760][ T468] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 228.791476][T14251] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 228.810607][T14251] System zones: 0-2, 18-18, 34-34 [ 228.815934][T14250] exfat: Deprecated parameter 'namecase' [ 228.826690][ T468] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.842627][T14250] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 228.856869][T14251] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 228.889568][ T468] usb 5-1: Product: syz [ 228.894161][T14251] ext4 filesystem being mounted at /1216/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 228.908988][T14261] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 228.934892][ T468] usb 5-1: Manufacturer: syz [ 228.954058][T14272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6771'. [ 228.965780][T14271] syz.3.6770 (14271): /proc/14270/oom_adj is deprecated, please use /proc/14270/oom_score_adj instead. [ 228.979321][ T468] usb 5-1: SerialNumber: syz [ 228.986511][ T283] EXT4-fs (loop2): unmounting filesystem. [ 229.003966][T14274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6772'. [ 229.129476][T14286] netlink: 'syz.3.6778': attribute type 3 has an invalid length. [ 229.164787][T14286] netlink: 'syz.3.6778': attribute type 3 has an invalid length. [ 229.214859][ T468] usb 5-1: 0:2 : does not exist [ 229.219819][ T468] usb 5-1: unit 97 not found! [ 229.245092][ T468] usb 5-1: USB disconnect, device number 92 [ 229.481544][T14324] overlayfs: missing 'lowerdir' [ 229.487242][T11196] udevd[11196]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 229.908270][T14365] 9pnet_fd: Insufficient options for proto=fd [ 229.941873][T14368] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6819'. [ 230.338599][T14421] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6841'. [ 230.530026][T14430] loop1: detected capacity change from 0 to 8192 [ 230.583585][T14449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6856'. [ 230.801393][T14470] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6869'. [ 230.939369][T14483] bridge0: port 4(gretap0) entered blocking state [ 230.952441][T14483] bridge0: port 4(gretap0) entered disabled state [ 230.961416][T14483] device gretap0 entered promiscuous mode [ 231.126076][T14509] binfmt_misc: register: failed to install interpreter file ./file0 [ 231.175590][T14516] xt_socket: unknown flags 0x58 [ 231.219461][T14522] netlink: 'syz.3.6895': attribute type 3 has an invalid length. [ 231.247845][T14524] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 231.269384][T14527] netlink: 'syz.0.6898': attribute type 3 has an invalid length. [ 231.431801][T14548] __nla_validate_parse: 3 callbacks suppressed [ 231.431822][T14548] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6906'. [ 231.560939][T14561] loop1: detected capacity change from 0 to 256 [ 231.587503][T14561] FAT-fs (loop1): Directory bread(block 64) failed [ 231.596477][ T28] kauditd_printk_skb: 1163 callbacks suppressed [ 231.596494][ T28] audit: type=1400 audit(2000000015.811:3567): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 231.602974][T14561] FAT-fs (loop1): Directory bread(block 65) failed [ 231.660204][T14568] xt_CT: You must specify a L4 protocol and not use inversions on it [ 231.705750][ T28] audit: type=1400 audit(2000000015.811:3568): avc: denied { open } for pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 231.730437][T14561] FAT-fs (loop1): Directory bread(block 66) failed [ 231.758629][T14561] FAT-fs (loop1): Directory bread(block 67) failed [ 231.790405][T14561] FAT-fs (loop1): Directory bread(block 68) failed [ 231.826900][T14561] FAT-fs (loop1): Directory bread(block 69) failed [ 231.833734][ T28] audit: type=1400 audit(2000000015.811:3569): avc: denied { ioctl } for pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 231.859393][T14561] FAT-fs (loop1): Directory bread(block 70) failed [ 231.894715][T14561] FAT-fs (loop1): Directory bread(block 71) failed [ 231.930616][T14561] FAT-fs (loop1): Directory bread(block 72) failed [ 231.931651][ T28] audit: type=1400 audit(2000000015.811:3570): avc: denied { setopt } for pid=14562 comm="syz.3.6917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 231.963917][T14561] FAT-fs (loop1): Directory bread(block 73) failed [ 232.002248][T14595] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6931'. [ 232.036931][ T28] audit: type=1400 audit(2000000015.866:3571): avc: denied { read write } for pid=284 comm="syz-executor" name="loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 232.045932][T14595] tc_dump_action: action bad kind [ 232.064337][ T28] audit: type=1400 audit(2000000015.866:3572): avc: denied { open } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 232.094662][T14601] netlink: 'syz.2.6934': attribute type 1 has an invalid length. [ 232.097441][ T28] audit: type=1400 audit(2000000015.866:3573): avc: denied { ioctl } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 232.128066][ T28] audit: type=1400 audit(2000000015.885:3574): avc: denied { read write } for pid=283 comm="syz-executor" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 232.152254][ T28] audit: type=1400 audit(2000000015.885:3575): avc: denied { open } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 232.183049][ T28] audit: type=1400 audit(2000000015.885:3576): avc: denied { ioctl } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 232.660679][T14660] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6962'. [ 232.683130][T14662] netlink: 'syz.0.6963': attribute type 23 has an invalid length. [ 232.910604][T14683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6974'. [ 232.925542][T14642] loop3: detected capacity change from 0 to 40427 [ 232.948263][T14642] F2FS-fs (loop3): fault_injection options not supported [ 232.996136][T14642] F2FS-fs (loop3): Image doesn't support compression [ 233.036616][T14642] F2FS-fs (loop3): invalid crc value [ 233.057620][T14642] F2FS-fs (loop3): Found nat_bits in checkpoint [ 233.160799][T14642] F2FS-fs (loop3): Start checkpoint disabled! [ 233.196140][T14642] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 233.517417][T14734] loop3: detected capacity change from 0 to 512 [ 233.585232][T14741] x_tables: unsorted underflow at hook 2 [ 233.611009][T14734] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 233.641817][T14734] ext4 filesystem being mounted at /1306/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 233.708818][T14734] EXT4-fs error (device loop3): ext4_empty_dir:3139: inode #12: comm syz.3.6992: Directory hole found for htree leaf block 0 [ 233.722886][T14734] EXT4-fs (loop3): Remounting filesystem read-only [ 233.768792][ T284] EXT4-fs (loop3): unmounting filesystem. [ 233.907957][T14771] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7015'. [ 234.003269][T14771] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7015'. [ 234.067848][T14771] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7015'. [ 234.341108][T14797] xt_CT: You must specify a L4 protocol and not use inversions on it [ 234.498335][T14814] xt_hashlimit: size too large, truncated to 1048576 [ 234.605893][T14822] device veth3 entered promiscuous mode [ 234.643509][T14826] device bridge3 left promiscuous mode [ 234.672896][ T468] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 234.791649][T14838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7050'. [ 235.075691][T14869] xt_bpf: check failed: parse error [ 235.435648][T14907] netlink: 'syz.0.7084': attribute type 32 has an invalid length. [ 235.523747][T14913] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7088'. [ 235.593866][ T468] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 235.637573][T14765] loop2: detected capacity change from 0 to 131072 [ 235.659332][T14765] F2FS-fs (loop2): invalid crc value [ 235.714010][T14765] F2FS-fs (loop2): Found nat_bits in checkpoint [ 235.861900][T14765] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 235.873268][T14945] netlink: 'syz.1.7100': attribute type 1 has an invalid length. [ 235.969956][T14765] F2FS-fs (loop2): Corrupted max_depth of 3: 16842753 [ 235.991711][T14765] F2FS-fs (loop2): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0 [ 236.128663][T14969] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14969 comm=syz.1.7114 [ 236.200677][T14969] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=14969 comm=syz.1.7114 [ 236.355061][T14991] xt_policy: output policy not valid in PREROUTING and INPUT [ 236.519683][T15011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7134'. [ 236.822610][T15052] loop1: detected capacity change from 0 to 256 [ 236.859302][T15052] exfat: Deprecated parameter 'utf8' [ 236.879424][T15052] exfat: Deprecated parameter 'namecase' [ 236.921365][T15052] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 236.971688][T15064] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7162'. [ 237.031289][ T28] kauditd_printk_skb: 946 callbacks suppressed [ 237.031305][ T28] audit: type=1400 audit(2000000020.822:4523): avc: denied { unmount } for pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 237.138808][ T28] audit: type=1400 audit(2000000020.822:4524): avc: denied { read write } for pid=287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 237.225036][ T28] audit: type=1400 audit(2000000020.822:4525): avc: denied { open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 237.291941][ T28] audit: type=1400 audit(2000000020.822:4526): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 237.337752][ T28] audit: type=1400 audit(2000000020.859:4527): avc: denied { bpf } for pid=15069 comm="syz.4.7164" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 237.388314][ T284] audit: audit_backlog=65 > audit_backlog_limit=64 [ 237.389899][ T28] audit: type=1400 audit(2000000020.859:4528): avc: denied { prog_load } for pid=15069 comm="syz.4.7164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 237.415528][ T28] audit: type=1400 audit(2000000020.859:4529): avc: denied { bpf } for pid=15069 comm="syz.4.7164" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 237.435336][ T284] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64 [ 237.438422][ T285] audit: audit_backlog=65 > audit_backlog_limit=64 [ 237.451524][T15105] SELinux: failed to load policy [ 237.511105][T15115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7184'. [ 237.673737][T15128] device ip6tnl1 entered promiscuous mode [ 237.884152][T15154] loop1: detected capacity change from 0 to 512 [ 237.950831][T15154] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 237.999648][T15154] ext4 filesystem being mounted at /1516/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 238.171726][ T285] EXT4-fs (loop1): unmounting filesystem. [ 238.247264][T15193] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7219'. [ 238.378300][T15208] 9pnet_fd: Insufficient options for proto=fd [ 238.391243][T15207] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7228'. [ 238.505143][T15218] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 238.608654][T15227] device bridge6 entered promiscuous mode [ 238.897666][T15254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7254'. [ 239.316414][T15300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7276'. [ 239.629104][T15327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7289'. [ 239.777514][T15335] IPv6: NLM_F_CREATE should be specified when creating new route [ 239.819629][T15335] IPv6: Can't replace route, no match found [ 240.179003][T15328] loop3: detected capacity change from 0 to 40427 [ 240.209755][T15328] F2FS-fs (loop3): Image doesn't support compression [ 240.260673][T15328] F2FS-fs (loop3): invalid crc value [ 240.299760][T15367] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 240.325195][T15328] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 240.434631][T15328] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 240.524266][T15381] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7315'. [ 240.696968][T15389] xt_l2tp: v2 doesn't support IP mode [ 240.884030][T15400] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7324'. [ 240.927864][T15403] netlink: 'syz.1.7326': attribute type 27 has an invalid length. [ 240.982496][T15407] netlink: 5 bytes leftover after parsing attributes in process `syz.3.7327'. [ 241.494950][T15460] loop2: detected capacity change from 0 to 512 [ 241.548239][T15460] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 241.557643][T15460] ext4 filesystem being mounted at /1330/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 241.577040][T15460] EXT4-fs error (device loop2): ext4_acquire_dquot:6801: comm syz.2.7355: Failed to acquire dquot type 0 [ 241.614281][ T283] EXT4-fs (loop2): unmounting filesystem. [ 241.886492][T15511] loop2: detected capacity change from 0 to 256 [ 242.400096][T15579] loop1: detected capacity change from 0 to 256 [ 242.459925][ T28] kauditd_printk_skb: 990 callbacks suppressed [ 242.459952][ T28] audit: type=1400 audit(2000000025.833:5512): avc: denied { read write } for pid=284 comm="syz-executor" name="loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 242.511822][T15579] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 242.561046][ T28] audit: type=1400 audit(2000000025.843:5513): avc: denied { read write } for pid=287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 242.614170][T15579] exFAT-fs (loop1): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 242.648169][ T28] audit: type=1400 audit(2000000025.843:5514): avc: denied { read write open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 242.659081][T15579] exFAT-fs (loop1): Filesystem has been set read-only [ 242.736473][ T28] audit: type=1400 audit(2000000025.843:5515): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 242.845350][ T28] audit: type=1400 audit(2000000025.870:5516): avc: denied { read write open } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 242.873668][ T284] audit: audit_backlog=65 > audit_backlog_limit=64 [ 242.898896][ T285] audit: audit_backlog=65 > audit_backlog_limit=64 [ 242.908258][ T283] audit: audit_backlog=65 > audit_backlog_limit=64 [ 242.914811][ T283] audit: audit_lost=12 audit_rate_limit=0 audit_backlog_limit=64 [ 242.922632][ T284] audit: audit_lost=13 audit_rate_limit=0 audit_backlog_limit=64 [ 243.062502][T15639] loop1: detected capacity change from 0 to 512 [ 243.098204][T15639] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 243.145202][T15648] __nla_validate_parse: 1 callbacks suppressed [ 243.145224][T15648] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7445'. [ 243.178044][T15639] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 243.184741][T15648] device gretap0 left promiscuous mode [ 243.192371][T15648] bridge0: port 4(gretap0) entered disabled state [ 243.195262][T15639] System zones: 1-12 [ 243.203330][T15648] device veth0_to_bridge left promiscuous mode [ 243.210487][T15639] EXT4-fs (loop1): 1 truncate cleaned up [ 243.217556][T15639] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 243.226786][T15648] bridge0: port 3(veth0_to_bridge) entered disabled state [ 243.248916][T15648] device bridge_slave_1 left promiscuous mode [ 243.268150][T15648] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.277730][ T285] EXT4-fs (loop1): unmounting filesystem. [ 243.288290][T15648] device bridge_slave_0 left promiscuous mode [ 243.308527][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 243.310465][T15648] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.383382][T15651] device ip6tnl2 entered promiscuous mode [ 243.556750][T15679] device gre1 entered promiscuous mode [ 244.096828][T15747] xt_bpf: check failed: parse error [ 244.266214][T15767] netlink: 104 bytes leftover after parsing attributes in process `syz.2.7505'. [ 244.431384][T15775] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 244.440349][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 244.464675][T15775] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 244.486222][T15775] device ip6tnl1 left promiscuous mode [ 244.501011][T15775] device bridge6 left promiscuous mode [ 244.515075][T15775] device ip6tnl2 left promiscuous mode [ 244.531783][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 244.541881][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 244.556511][T15795] netlink: 'syz.2.7518': attribute type 32 has an invalid length. [ 244.565026][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 244.573927][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 244.585965][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 244.602129][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 244.618377][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 244.628667][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 244.645515][T15779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7511'. [ 244.658488][T15779] netlink: 3 bytes leftover after parsing attributes in process `syz.4.7511'. [ 244.986430][T15850] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7544'. [ 245.099181][T15859] loop3: detected capacity change from 0 to 256 [ 245.147021][T15859] FAT-fs (loop3): Directory bread(block 64) failed [ 245.170708][T15859] FAT-fs (loop3): Directory bread(block 65) failed [ 245.193974][T15859] FAT-fs (loop3): Directory bread(block 66) failed [ 245.220554][T15859] FAT-fs (loop3): Directory bread(block 67) failed [ 245.245719][T15859] FAT-fs (loop3): Directory bread(block 68) failed [ 245.261494][T15859] FAT-fs (loop3): Directory bread(block 69) failed [ 245.279091][T15859] FAT-fs (loop3): Directory bread(block 70) failed [ 245.301711][T15859] FAT-fs (loop3): Directory bread(block 71) failed [ 245.308582][ T868] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 245.327676][T15859] FAT-fs (loop3): Directory bread(block 72) failed [ 245.349436][T15859] FAT-fs (loop3): Directory bread(block 73) failed [ 245.358226][T15877] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 245.424827][T15877] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 245.444955][T15877] device bridge_slave_0 left promiscuous mode [ 245.503469][T15877] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.528695][T15877] device bridge_slave_1 left promiscuous mode [ 245.566418][T15877] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.567792][T15895] new mount options do not match the existing superblock, will be ignored [ 245.660695][T15904] ÿ: renamed from bond_slave_0 [ 245.794640][T15919] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7590'. [ 245.968633][T15939] loop1: detected capacity change from 0 to 512 [ 245.984827][T15938] netlink: 'syz.0.7588': attribute type 6 has an invalid length. [ 245.996568][T15939] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 246.075934][T15939] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 246.099782][T15939] System zones: 0-2, 18-18, 34-34 [ 246.126507][T15939] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 246.136528][T15939] ext4 filesystem being mounted at /1612/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 246.213967][ T285] EXT4-fs (loop1): unmounting filesystem. [ 246.906886][T16040] IPv6: NLM_F_CREATE should be specified when creating new route [ 246.928496][T16042] cgroup: noprefix used incorrectly [ 246.972961][T16047] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7643'. [ 247.020605][T16047] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7643'. [ 247.068143][T16047] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7643'. [ 247.086180][T16056] netlink: 10 bytes leftover after parsing attributes in process `syz.4.7648'. [ 247.880158][T16152] loop2: detected capacity change from 0 to 256 [ 247.888701][ T28] kauditd_printk_skb: 1094 callbacks suppressed [ 247.888719][ T28] audit: type=1400 audit(2000000002.888:6583): avc: denied { create } for pid=16153 comm="syz.0.7696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 247.933862][ T28] audit: type=1400 audit(2000000002.916:6584): avc: denied { read write } for pid=284 comm="syz-executor" name="loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.006243][ T28] audit: type=1400 audit(2000000002.916:6585): avc: denied { mounton } for pid=16151 comm="syz.2.7705" path="/1388/file1" dev="tmpfs" ino=7038 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 248.075620][ T28] audit: type=1400 audit(2000000002.916:6586): avc: denied { open } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.127443][ T28] audit: type=1400 audit(2000000002.916:6587): avc: denied { ioctl } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.163784][ T28] audit: type=1400 audit(2000000002.925:6588): avc: denied { mount } for pid=16151 comm="syz.2.7705" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 248.184122][T16173] block device autoloading is deprecated and will be removed. [ 248.231104][ T28] audit: type=1400 audit(2000000002.925:6589): avc: denied { ioctl } for pid=16153 comm="syz.0.7696" path="socket:[65622]" dev="sockfs" ino=65622 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 248.311675][ T284] audit: audit_backlog=65 > audit_backlog_limit=64 [ 248.321775][ T28] audit: type=1400 audit(2000000002.925:6590): avc: denied { read write } for pid=16151 comm="syz.2.7705" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.336977][ T286] audit: audit_backlog=65 > audit_backlog_limit=64 [ 248.658399][T16229] __nla_validate_parse: 77 callbacks suppressed [ 248.658423][T16229] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7734'. [ 248.700037][T16229] bridge7: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 248.728679][T16239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7739'. [ 248.954103][T16267] bridge0: port 1(gretap0) entered blocking state [ 248.967931][T16267] bridge0: port 1(gretap0) entered disabled state [ 248.976233][T16267] device gretap0 entered promiscuous mode [ 248.996259][T16267] bridge0: port 1(gretap0) entered blocking state [ 249.002826][T16267] bridge0: port 1(gretap0) entered forwarding state [ 249.075650][T16278] netlink: 'syz.3.7758': attribute type 3 has an invalid length. [ 249.162221][T16290] IPv6: NLM_F_CREATE should be specified when creating new route [ 249.170369][T16290] IPv6: Can't replace route, no match found [ 249.209886][T16296] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7766'. [ 249.334124][T16310] binfmt_misc: register: failed to install interpreter file ./file0 [ 249.403399][T16320] netlink: 5 bytes leftover after parsing attributes in process `syz.0.7778'. [ 249.480449][T16332] netlink: 'syz.0.7783': attribute type 27 has an invalid length. [ 250.025174][T16380] netlink: 'syz.0.7809': attribute type 1 has an invalid length. [ 250.374612][T16408] xt_policy: output policy not valid in PREROUTING and INPUT [ 250.455317][T16414] netlink: 68 bytes leftover after parsing attributes in process `syz.0.7826'. [ 250.723353][T16439] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7836'. [ 250.944142][T16461] netlink: 'syz.0.7849': attribute type 13 has an invalid length. [ 250.993699][T16323] loop2: detected capacity change from 0 to 131072 [ 251.004945][T16461] gretap0: refused to change device tx_queue_len [ 251.032500][T16461] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 251.056968][T16323] F2FS-fs (loop2): Found nat_bits in checkpoint [ 251.263661][T16323] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 251.370909][T16323] F2FS-fs (loop2): access invalid blkaddr:3075201482 [ 251.377658][T16323] CPU: 1 PID: 16323 Comm: syz.2.7779 Not tainted 6.1.141-syzkaller-00034-g1bf1aa362e6b #0 [ 251.387585][T16323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 251.397693][T16323] Call Trace: [ 251.401041][T16323] [ 251.404008][T16323] __dump_stack+0x21/0x24 [ 251.408403][T16323] dump_stack_lvl+0xee/0x150 [ 251.413048][T16323] ? __cfi_dump_stack_lvl+0x8/0x8 [ 251.418125][T16323] ? __cfi_f2fs_get_dnode_of_data+0x10/0x10 [ 251.424065][T16323] dump_stack+0x15/0x24 [ 251.428284][T16323] __f2fs_is_valid_blkaddr+0xda6/0x1460 [ 251.433900][T16323] f2fs_is_valid_blkaddr+0x23/0x30 [ 251.439055][T16323] f2fs_get_read_data_page+0x4e2/0x840 [ 251.444572][T16323] ? __cfi_f2fs_get_read_data_page+0x10/0x10 [ 251.450608][T16323] ? kasan_set_track+0x60/0x70 [ 251.455418][T16323] ? kasan_set_track+0x4b/0x70 [ 251.460223][T16323] ? kasan_save_alloc_info+0x25/0x30 [ 251.465555][T16323] f2fs_find_data_page+0x198/0x3a0 [ 251.470713][T16323] __f2fs_find_entry+0x6d0/0xd70 [ 251.475698][T16323] ? __cfi___f2fs_find_entry+0x10/0x10 [ 251.480439][T16513] loop1: detected capacity change from 0 to 512 [ 251.481204][T16323] ? generic_set_encrypted_ci_d_ops+0xce/0x100 [ 251.493613][T16323] f2fs_lookup+0x19b/0xab0 [ 251.498066][T16323] ? __cfi_f2fs_lookup+0x10/0x10 [ 251.503045][T16323] ? _raw_spin_lock+0x8e/0xe0 [ 251.507788][T16323] ? __cfi__raw_spin_lock+0x10/0x10 [ 251.513037][T16323] ? _raw_spin_unlock+0x4c/0x70 [ 251.517942][T16323] ? d_alloc+0x199/0x1d0 [ 251.522224][T16323] lookup_one_qstr_excl+0x125/0x270 [ 251.527470][T16323] filename_create+0x219/0x450 [ 251.532257][T16323] ? kasan_save_alloc_info+0x25/0x30 [ 251.537571][T16323] ? kern_path_create+0x1b0/0x1b0 [ 251.542619][T16323] do_mkdirat+0x5c/0x4c0 [ 251.546884][T16323] ? getname_flags+0x206/0x500 [ 251.551670][T16323] __x64_sys_mkdirat+0x89/0xa0 [ 251.556459][T16323] x64_sys_call+0x73d/0x9a0 [ 251.560989][T16323] do_syscall_64+0x4c/0xa0 [ 251.565424][T16323] ? clear_bhb_loop+0x30/0x80 [ 251.570124][T16323] ? clear_bhb_loop+0x30/0x80 [ 251.574823][T16323] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 251.580743][T16323] RIP: 0033:0x7fb8add8e929 [ 251.585184][T16323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.604812][T16323] RSP: 002b:00007fb8aeb34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 251.613255][T16323] RAX: ffffffffffffffda RBX: 00007fb8adfb5fa0 RCX: 00007fb8add8e929 [ 251.621263][T16323] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 251.629265][T16323] RBP: 00007fb8ade10b39 R08: 0000000000000000 R09: 0000000000000000 [ 251.637257][T16323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.645243][T16323] R13: 0000000000000000 R14: 00007fb8adfb5fa0 R15: 00007ffea93aa6a8 [ 251.653243][T16323] [ 251.745943][T16513] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 251.755267][T16513] ext4 filesystem being mounted at /1656/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.883535][T16513] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz.1.7870: Directory hole found for htree leaf block 0 [ 251.932617][T16513] EXT4-fs (loop1): Remounting filesystem read-only [ 251.968045][ T285] EXT4-fs (loop1): unmounting filesystem. [ 252.036890][T16544] xt_CT: You must specify a L4 protocol and not use inversions on it [ 252.247876][T16562] loop3: detected capacity change from 0 to 256 [ 252.303022][T16566] device ip6tnl4 entered promiscuous mode [ 252.308562][T16562] FAT-fs (loop3): Directory bread(block 64) failed [ 252.347222][T16562] FAT-fs (loop3): Directory bread(block 65) failed [ 252.358524][T16562] FAT-fs (loop3): Directory bread(block 66) failed [ 252.365115][T16562] FAT-fs (loop3): Directory bread(block 67) failed [ 252.428735][T16562] FAT-fs (loop3): Directory bread(block 68) failed [ 252.443630][T16562] FAT-fs (loop3): Directory bread(block 69) failed [ 252.504664][T16562] FAT-fs (loop3): Directory bread(block 70) failed [ 252.539704][T16562] FAT-fs (loop3): Directory bread(block 71) failed [ 252.546322][T16562] FAT-fs (loop3): Directory bread(block 72) failed [ 252.582660][T16562] FAT-fs (loop3): Directory bread(block 73) failed [ 252.637336][T16600] xt_limit: Overflow, try lower: 2147483649/3300 [ 252.751973][T16612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7920'. [ 252.789320][T16612] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7920'. [ 252.816093][T16612] tc_dump_action: action bad kind [ 252.821526][T16616] netlink: 116 bytes leftover after parsing attributes in process `syz.1.7924'. [ 253.284319][T16672] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7949'. [ 253.322467][ T28] kauditd_printk_skb: 1017 callbacks suppressed [ 253.322486][ T28] audit: type=1400 audit(2000000007.906:7577): avc: denied { bpf } for pid=16677 comm="syz.4.7953" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 253.401346][ T28] audit: type=1400 audit(2000000007.906:7578): avc: denied { read write } for pid=283 comm="syz-executor" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 253.480824][ T28] audit: type=1400 audit(2000000007.906:7579): avc: denied { open } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 253.526129][ T28] audit: type=1400 audit(2000000007.906:7580): avc: denied { ioctl } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 253.555730][T16697] device sit0 left promiscuous mode [ 253.594759][ T28] audit: type=1400 audit(2000000007.934:7581): avc: denied { read write } for pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 253.600757][T16697] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 253.619523][ T28] audit: type=1400 audit(2000000007.934:7582): avc: denied { read write open } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 253.637609][T16697] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 253.656767][ T28] audit: type=1400 audit(2000000007.934:7583): avc: denied { ioctl } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 253.673630][T16697] device vlan0 left promiscuous mode [ 253.685430][ T28] audit: type=1400 audit(2000000007.934:7584): avc: denied { prog_load } for pid=16677 comm="syz.4.7953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 253.695808][T16697] device wireguard0 left promiscuous mode [ 253.714986][ T28] audit: type=1400 audit(2000000007.934:7585): avc: denied { bpf } for pid=16677 comm="syz.4.7953" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 253.717466][T16697] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 253.735804][ T28] audit: type=1400 audit(2000000007.934:7586): avc: denied { perfmon } for pid=16677 comm="syz.4.7953" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 253.744468][T16697] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 253.773161][T16697] device bridge2 left promiscuous mode [ 253.779599][T16697] device bridge3 left promiscuous mode [ 253.796951][T16697] device gre1 left promiscuous mode [ 253.803598][T16697] device ip6tnl4 left promiscuous mode [ 253.813276][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 253.823005][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 253.838824][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 253.855354][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 253.864304][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 253.873152][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 253.883562][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 253.892012][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 253.945506][T16713] device bridge8 entered promiscuous mode [ 254.144469][T16738] netlink: 'syz.4.7984': attribute type 1 has an invalid length. [ 254.192572][T16745] __nla_validate_parse: 2 callbacks suppressed [ 254.192595][T16745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7986'. [ 254.340158][T16762] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7996'. [ 254.598250][T16794] loop1: detected capacity change from 0 to 256 [ 254.660582][T16802] netlink: 'syz.2.8017': attribute type 9 has an invalid length. [ 254.792855][ T468] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 254.892738][T16828] cgroup: Invalid name [ 255.000881][ T468] usb 5-1: unable to get BOS descriptor or descriptor too short [ 255.013577][ T468] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 255.016979][T16844] SELinux: Context system_u:object_r:inetd_log_t:s0 is not valid (left unmapped). [ 255.059326][ T468] usb 5-1: config 1 interface 0 has no altsetting 0 [ 255.083521][ T468] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 255.118314][ T468] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.145044][ T468] usb 5-1: Product: syz [ 255.161601][ T468] usb 5-1: Manufacturer: syz [ 255.166260][ T468] usb 5-1: SerialNumber: syz [ 255.355571][T16879] loop1: detected capacity change from 0 to 256 [ 255.392191][T16879] FAT-fs (loop1): Directory bread(block 64) failed [ 255.399730][T16879] FAT-fs (loop1): Directory bread(block 65) failed [ 255.406356][T16879] FAT-fs (loop1): Directory bread(block 66) failed [ 255.408989][T16881] new mount options do not match the existing superblock, will be ignored [ 255.436934][ T468] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 93 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 255.452308][T16879] FAT-fs (loop1): Directory bread(block 67) failed [ 255.460471][ T468] usb 5-1: USB disconnect, device number 93 [ 255.467684][T16879] FAT-fs (loop1): Directory bread(block 68) failed [ 255.475840][ T468] usblp0: removed [ 255.484777][T16879] FAT-fs (loop1): Directory bread(block 69) failed [ 255.492004][T16879] FAT-fs (loop1): Directory bread(block 70) failed [ 255.499051][T16879] FAT-fs (loop1): Directory bread(block 71) failed [ 255.505926][T16879] FAT-fs (loop1): Directory bread(block 72) failed [ 255.513200][T16879] FAT-fs (loop1): Directory bread(block 73) failed [ 255.773258][T16902] device vlan0 entered promiscuous mode [ 256.254820][T16957] netlink: 'syz.1.8093': attribute type 10 has an invalid length. [ 256.301751][T16961] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8095'. [ 256.331273][ T468] usb 1-1: new full-speed USB device number 86 using dummy_hcd [ 256.479020][T16983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8105'. [ 256.538368][ T468] usb 1-1: config 0 has an invalid interface number: 234 but max is 0 [ 256.546647][ T468] usb 1-1: config 0 has no interface number 0 [ 256.575981][ T468] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=b7.44 [ 256.599941][ T468] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.645537][ T468] usb 1-1: Product: syz [ 256.649757][ T468] usb 1-1: Manufacturer: syz [ 256.654361][ T468] usb 1-1: SerialNumber: syz [ 256.696706][ T468] usb 1-1: config 0 descriptor?? [ 256.722778][ T468] usb 1-1: bad CDC descriptors [ 256.732358][ T468] usb 1-1: unsupported MDLM descriptors [ 256.788055][T17012] netlink: 80 bytes leftover after parsing attributes in process `syz.1.8119'. [ 256.902994][T17025] loop3: detected capacity change from 0 to 512 [ 256.960630][ T4848] usb 1-1: USB disconnect, device number 86 [ 256.980317][T17035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8131'. [ 257.027534][T17025] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 257.043401][T17025] ext4 filesystem being mounted at /1530/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 257.098557][ T284] EXT4-fs (loop3): unmounting filesystem. [ 257.360873][T17069] cgroup: noprefix used incorrectly [ 257.577079][T17089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8159'. [ 257.692945][T17099] netlink: 80 bytes leftover after parsing attributes in process `syz.4.8163'. [ 257.712485][T17102] loop3: detected capacity change from 0 to 256 [ 257.954205][T17125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8174'. [ 257.980350][T17129] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 258.068752][T17141] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 258.075573][ T468] usb 2-1: new high-speed USB device number 88 using dummy_hcd [ 258.128887][T17146] netlink: 172 bytes leftover after parsing attributes in process `syz.2.8184'. [ 258.140608][ T868] usb 4-1: new full-speed USB device number 89 using dummy_hcd [ 258.281461][ T468] usb 2-1: Using ep0 maxpacket: 16 [ 258.288826][ T468] usb 2-1: config 0 has no interfaces? [ 258.300004][ T468] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 258.314255][ T468] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.314636][T17164] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 258.335572][ T468] usb 2-1: Product: syz [ 258.341515][ T468] usb 2-1: Manufacturer: syz [ 258.346171][ T468] usb 2-1: SerialNumber: syz [ 258.348066][ T868] usb 4-1: config 0 has an invalid interface number: 234 but max is 0 [ 258.358841][ T468] r8152-cfgselector 2-1: config 0 descriptor?? [ 258.368223][ T868] usb 4-1: config 0 has no interface number 0 [ 258.381464][ T868] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=b7.44 [ 258.406466][ T868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.410645][T17168] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 258.420862][ T868] usb 4-1: Product: syz [ 258.433128][ T868] usb 4-1: Manufacturer: syz [ 258.437784][ T868] usb 4-1: SerialNumber: syz [ 258.470756][ T868] usb 4-1: config 0 descriptor?? [ 258.484640][ T868] usb 4-1: bad CDC descriptors [ 258.493660][ T868] usb 4-1: unsupported MDLM descriptors [ 258.556059][T17181] xt_CT: You must specify a L4 protocol and not use inversions on it [ 258.611135][ T304] usb 2-1: config 0 descriptor?? [ 258.719110][ T6] usb 4-1: USB disconnect, device number 89 [ 258.755887][ T28] kauditd_printk_skb: 1002 callbacks suppressed [ 258.755905][ T28] audit: type=1400 audit(2000000012.918:8589): avc: denied { read write } for pid=287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 258.819805][ T28] audit: type=1400 audit(2000000012.927:8590): avc: denied { read write } for pid=283 comm="syz-executor" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 258.842879][ T461] usb 2-1: USB disconnect, device number 88 [ 258.845236][ T304] usb 2-1: can't set config #0, error -71 [ 258.880896][ T28] audit: type=1400 audit(2000000012.927:8591): avc: denied { open } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 258.952595][ T28] audit: type=1400 audit(2000000012.927:8592): avc: denied { ioctl } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 258.992808][ T28] audit: type=1400 audit(2000000012.955:8593): avc: denied { read write open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.020802][T17220] netlink: 'syz.4.8222': attribute type 27 has an invalid length. [ 259.025802][ T28] audit: type=1400 audit(2000000012.955:8594): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.074052][ T28] audit: type=1400 audit(2000000012.955:8595): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.119711][ T28] audit: type=1400 audit(2000000012.955:8596): avc: denied { open } for pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.158374][ T28] audit: type=1400 audit(2000000012.955:8597): avc: denied { ioctl } for pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.226411][ T28] audit: type=1400 audit(2000000012.973:8598): avc: denied { read write } for pid=283 comm="syz-executor" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 259.374305][T17253] bridge0: port 1(gretap0) entered blocking state [ 259.381229][T17253] bridge0: port 1(gretap0) entered disabled state [ 259.388841][T17253] device gretap0 entered promiscuous mode [ 259.397974][T17253] bridge0: port 1(gretap0) entered blocking state [ 259.404447][T17253] bridge0: port 1(gretap0) entered forwarding state [ 259.495984][T17264] IPv6: NLM_F_CREATE should be specified when creating new route [ 259.533532][T17264] IPv6: Can't replace route, no match found [ 260.038353][T17328] netlink: 'syz.1.8285': attribute type 13 has an invalid length. [ 260.069850][T17328] gretap0: refused to change device tx_queue_len [ 260.098802][T17328] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 260.284967][T17361] __nla_validate_parse: 5 callbacks suppressed [ 260.284991][T17361] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8288'. [ 260.588738][T17395] bridge0: port 3(gretap0) entered blocking state [ 260.618418][T17395] bridge0: port 3(gretap0) entered disabled state [ 260.629823][T17395] device gretap0 entered promiscuous mode [ 260.779949][T17415] loop3: detected capacity change from 0 to 256 [ 261.215821][T17423] loop1: detected capacity change from 0 to 131072 [ 261.232055][T17423] F2FS-fs (loop1): Found nat_bits in checkpoint [ 261.271284][T17423] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 261.296393][T17423] F2FS-fs (loop1): access invalid blkaddr:3075201482 [ 261.303132][T17423] CPU: 0 PID: 17423 Comm: syz.1.8320 Not tainted 6.1.141-syzkaller-00034-g1bf1aa362e6b #0 [ 261.313039][T17423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 261.323096][T17423] Call Trace: [ 261.326376][T17423] [ 261.329319][T17423] __dump_stack+0x21/0x24 [ 261.333659][T17423] dump_stack_lvl+0xee/0x150 [ 261.338253][T17423] ? __cfi_dump_stack_lvl+0x8/0x8 [ 261.343283][T17423] ? __cfi_f2fs_get_dnode_of_data+0x10/0x10 [ 261.349176][T17423] dump_stack+0x15/0x24 [ 261.353338][T17423] __f2fs_is_valid_blkaddr+0xda6/0x1460 [ 261.358900][T17423] f2fs_is_valid_blkaddr+0x23/0x30 [ 261.364057][T17423] f2fs_get_read_data_page+0x4e2/0x840 [ 261.369529][T17423] ? __cfi_f2fs_get_read_data_page+0x10/0x10 [ 261.375533][T17423] ? kasan_set_track+0x60/0x70 [ 261.380311][T17423] ? kasan_set_track+0x4b/0x70 [ 261.385074][T17423] ? kasan_save_alloc_info+0x25/0x30 [ 261.390369][T17423] f2fs_find_data_page+0x198/0x3a0 [ 261.395510][T17423] __f2fs_find_entry+0x6d0/0xd70 [ 261.400464][T17423] ? __cfi___f2fs_find_entry+0x10/0x10 [ 261.406017][T17423] ? generic_set_encrypted_ci_d_ops+0xce/0x100 [ 261.412177][T17423] f2fs_lookup+0x19b/0xab0 [ 261.416599][T17423] ? __cfi_f2fs_lookup+0x10/0x10 [ 261.421534][T17423] ? _raw_spin_lock+0x8e/0xe0 [ 261.426218][T17423] ? __cfi__raw_spin_lock+0x10/0x10 [ 261.431430][T17423] ? _raw_spin_unlock+0x4c/0x70 [ 261.436289][T17423] ? d_alloc+0x199/0x1d0 [ 261.440549][T17423] lookup_one_qstr_excl+0x125/0x270 [ 261.445767][T17423] filename_create+0x219/0x450 [ 261.450530][T17423] ? kasan_save_alloc_info+0x25/0x30 [ 261.455832][T17423] ? kern_path_create+0x1b0/0x1b0 [ 261.460870][T17423] do_mkdirat+0x5c/0x4c0 [ 261.465129][T17423] ? getname_flags+0x206/0x500 [ 261.469900][T17423] __x64_sys_mkdirat+0x89/0xa0 [ 261.474666][T17423] x64_sys_call+0x73d/0x9a0 [ 261.479174][T17423] do_syscall_64+0x4c/0xa0 [ 261.483589][T17423] ? clear_bhb_loop+0x30/0x80 [ 261.488278][T17423] ? clear_bhb_loop+0x30/0x80 [ 261.492976][T17423] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 261.498875][T17423] RIP: 0033:0x7f22f558e929 [ 261.503291][T17423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.522900][T17423] RSP: 002b:00007f22f6371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 261.531332][T17423] RAX: ffffffffffffffda RBX: 00007f22f57b5fa0 RCX: 00007f22f558e929 [ 261.539343][T17423] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 261.547338][T17423] RBP: 00007f22f5610b39 R08: 0000000000000000 R09: 0000000000000000 [ 261.555364][T17423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.563342][T17423] R13: 0000000000000000 R14: 00007f22f57b5fa0 R15: 00007fffa19ce458 [ 261.571320][T17423] [ 261.860761][T17455] netlink: 'syz.4.8337': attribute type 13 has an invalid length. [ 261.890459][T17455] gretap0: refused to change device tx_queue_len [ 261.911336][T17455] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 262.119103][T17470] bridge0: port 1(gretap0) entered blocking state [ 262.141575][T17470] bridge0: port 1(gretap0) entered disabled state [ 262.148592][T17470] device gretap0 entered promiscuous mode [ 262.273243][T17477] device ip6tnl3 entered promiscuous mode [ 262.847874][T17520] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8368'. [ 262.951053][ T639] usb 5-1: new full-speed USB device number 94 using dummy_hcd [ 263.102572][T17440] loop2: detected capacity change from 0 to 131072 [ 263.139207][T17440] F2FS-fs (loop2): Test dummy encryption mode enabled [ 263.170211][ T639] usb 5-1: config 0 has an invalid interface number: 234 but max is 0 [ 263.189346][ T639] usb 5-1: config 0 has no interface number 0 [ 263.211987][T17440] F2FS-fs (loop2): invalid crc value [ 263.216596][ T639] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=b7.44 [ 263.248410][ T639] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.260455][T17440] F2FS-fs (loop2): Found nat_bits in checkpoint [ 263.268407][ T639] usb 5-1: Product: syz [ 263.274225][ T639] usb 5-1: Manufacturer: syz [ 263.284515][ T639] usb 5-1: SerialNumber: syz [ 263.297930][ T639] usb 5-1: config 0 descriptor?? [ 263.304990][ T639] usb 5-1: bad CDC descriptors [ 263.318027][ T639] usb 5-1: unsupported MDLM descriptors [ 263.342928][T17552] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8382'. [ 263.397167][T17440] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 263.460939][T17557] netlink: 'syz.3.8384': attribute type 13 has an invalid length. [ 263.514718][T17557] gretap0: refused to change device tx_queue_len [ 263.521360][T17557] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 263.550183][ T639] usb 5-1: USB disconnect, device number 94 [ 263.711364][T17568] xt_limit: Overflow, try lower: 2147483649/3300 [ 264.176215][ T28] kauditd_printk_skb: 807 callbacks suppressed [ 264.176235][ T28] audit: type=1400 audit(2000000000.249:9400): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.205408][T17619] loop1: detected capacity change from 0 to 256 [ 264.214557][T17618] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 264.267064][T17618] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 264.281565][T17619] FAT-fs (loop1): Directory bread(block 64) failed [ 264.292303][ T28] audit: type=1400 audit(2000000000.249:9401): avc: denied { read write } for pid=287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.314623][T17619] FAT-fs (loop1): Directory bread(block 65) failed [ 264.323817][T17618] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 264.344150][T17619] FAT-fs (loop1): Directory bread(block 66) failed [ 264.371470][T17619] FAT-fs (loop1): Directory bread(block 67) failed [ 264.375142][ T28] audit: type=1400 audit(2000000000.249:9402): avc: denied { open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.380350][T17619] FAT-fs (loop1): Directory bread(block 68) failed [ 264.410928][T17618] device vlan0 left promiscuous mode [ 264.411254][ T28] audit: type=1400 audit(2000000000.249:9403): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.438472][T17618] device macsec0 left promiscuous mode [ 264.442783][ T28] audit: type=1400 audit(2000000000.249:9404): avc: denied { read write } for pid=17617 comm="syz.1.8416" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.451489][T17619] FAT-fs (loop1): Directory bread(block 69) failed [ 264.478425][ T28] audit: type=1400 audit(2000000000.249:9405): avc: denied { open } for pid=17617 comm="syz.1.8416" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.485281][T17618] device vti0 left promiscuous mode [ 264.503437][ T28] audit: type=1400 audit(2000000000.249:9406): avc: denied { ioctl } for pid=17617 comm="syz.1.8416" path="/dev/loop1" dev="devtmpfs" ino=119 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.509582][T17619] FAT-fs (loop1): Directory bread(block 70) failed [ 264.537179][T17618] device bridge4 left promiscuous mode [ 264.540710][T17619] FAT-fs (loop1): Directory bread(block 71) failed [ 264.548014][ T28] audit: type=1400 audit(2000000000.276:9407): avc: denied { read write } for pid=284 comm="syz-executor" name="loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.553678][T17619] FAT-fs (loop1): Directory bread(block 72) failed [ 264.582936][T17619] FAT-fs (loop1): Directory bread(block 73) failed [ 264.591416][ T28] audit: type=1400 audit(2000000000.276:9408): avc: denied { open } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.618973][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 264.634225][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 264.647450][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 264.656428][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 264.666046][ T28] audit: type=1400 audit(2000000000.276:9409): avc: denied { ioctl } for pid=284 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=121 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 264.692494][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 264.701459][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 264.710571][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 264.720041][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 264.729192][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready [ 264.736988][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready [ 264.825546][ T461] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 264.838741][ T461] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 264.867993][ T461] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 265.071670][T17660] netlink: 36 bytes leftover after parsing attributes in process `syz.0.8436'. [ 265.107058][ T4848] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 265.334732][T17684] loop2: detected capacity change from 0 to 256 [ 265.431880][T17684] FAT-fs (loop2): Directory bread(block 64) failed [ 265.451149][T17684] FAT-fs (loop2): Directory bread(block 65) failed [ 265.459962][ T4848] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 265.475423][T17684] FAT-fs (loop2): Directory bread(block 66) failed [ 265.481998][T17684] FAT-fs (loop2): Directory bread(block 67) failed [ 265.507921][T17684] FAT-fs (loop2): Directory bread(block 68) failed [ 265.525445][T17684] FAT-fs (loop2): Directory bread(block 69) failed [ 265.549683][T17684] FAT-fs (loop2): Directory bread(block 70) failed [ 265.570021][T17684] FAT-fs (loop2): Directory bread(block 71) failed [ 265.583762][T17684] FAT-fs (loop2): Directory bread(block 72) failed [ 265.591253][T17684] FAT-fs (loop2): Directory bread(block 73) failed [ 266.069144][T17643] loop3: detected capacity change from 0 to 131072 [ 266.085185][T17643] F2FS-fs (loop3): Found nat_bits in checkpoint [ 266.140383][T17643] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 266.171703][T17643] F2FS-fs (loop3): access invalid blkaddr:3075201482 [ 266.178459][T17643] CPU: 1 PID: 17643 Comm: syz.3.8424 Not tainted 6.1.141-syzkaller-00034-g1bf1aa362e6b #0 [ 266.188360][T17643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 266.198435][T17643] Call Trace: [ 266.201717][T17643] [ 266.204647][T17643] __dump_stack+0x21/0x24 [ 266.208989][T17643] dump_stack_lvl+0xee/0x150 [ 266.213598][T17643] ? __cfi_dump_stack_lvl+0x8/0x8 [ 266.218636][T17643] ? __cfi_f2fs_get_dnode_of_data+0x10/0x10 [ 266.224544][T17643] dump_stack+0x15/0x24 [ 266.228714][T17643] __f2fs_is_valid_blkaddr+0xda6/0x1460 [ 266.234272][T17643] f2fs_is_valid_blkaddr+0x23/0x30 [ 266.239418][T17643] f2fs_get_read_data_page+0x4e2/0x840 [ 266.244902][T17643] ? __cfi_f2fs_get_read_data_page+0x10/0x10 [ 266.250899][T17643] ? kasan_set_track+0x60/0x70 [ 266.255678][T17643] ? kasan_set_track+0x4b/0x70 [ 266.260449][T17643] ? kasan_save_alloc_info+0x25/0x30 [ 266.265758][T17643] f2fs_find_data_page+0x198/0x3a0 [ 266.270895][T17643] __f2fs_find_entry+0x6d0/0xd70 [ 266.275846][T17643] ? __cfi___f2fs_find_entry+0x10/0x10 [ 266.281319][T17643] ? generic_set_encrypted_ci_d_ops+0xce/0x100 [ 266.287482][T17643] f2fs_lookup+0x19b/0xab0 [ 266.291913][T17643] ? __cfi_f2fs_lookup+0x10/0x10 [ 266.296859][T17643] ? _raw_spin_lock+0x8e/0xe0 [ 266.301553][T17643] ? __cfi__raw_spin_lock+0x10/0x10 [ 266.306761][T17643] ? _raw_spin_unlock+0x4c/0x70 [ 266.311626][T17643] ? d_alloc+0x199/0x1d0 [ 266.315887][T17643] lookup_one_qstr_excl+0x125/0x270 [ 266.321104][T17643] filename_create+0x219/0x450 [ 266.325882][T17643] ? kasan_save_alloc_info+0x25/0x30 [ 266.331181][T17643] ? kern_path_create+0x1b0/0x1b0 [ 266.336233][T17643] do_mkdirat+0x5c/0x4c0 [ 266.340485][T17643] ? getname_flags+0x206/0x500 [ 266.345263][T17643] __x64_sys_mkdirat+0x89/0xa0 [ 266.350034][T17643] x64_sys_call+0x73d/0x9a0 [ 266.354553][T17643] do_syscall_64+0x4c/0xa0 [ 266.358972][T17643] ? clear_bhb_loop+0x30/0x80 [ 266.363657][T17643] ? clear_bhb_loop+0x30/0x80 [ 266.368360][T17643] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 266.374258][T17643] RIP: 0033:0x7fafb5d8e929 [ 266.378676][T17643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.398284][T17643] RSP: 002b:00007fafb6b29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 266.406702][T17643] RAX: ffffffffffffffda RBX: 00007fafb5fb5fa0 RCX: 00007fafb5d8e929 [ 266.414679][T17643] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 266.422654][T17643] RBP: 00007fafb5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 266.430629][T17643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 266.438601][T17643] R13: 0000000000000000 R14: 00007fafb5fb5fa0 R15: 00007ffd61193368 [ 266.446597][T17643] [ 266.849580][T17742] netlink: 'syz.2.8468': attribute type 13 has an invalid length. [ 266.879170][T17742] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 266.954373][T17742] gretap0: refused to change device tx_queue_len [ 266.970975][T17742] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 267.189756][T17773] netlink: 36 bytes leftover after parsing attributes in process `syz.4.8488'. [ 267.220197][T17773] device vlan0 entered promiscuous mode [ 267.417787][T17790] loop2: detected capacity change from 0 to 256 [ 267.427511][T17790] exfat: Deprecated parameter 'utf8' [ 267.432879][T17790] exfat: Deprecated parameter 'namecase' [ 267.492302][T17790] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 267.795007][T17819] loop2: detected capacity change from 0 to 256 [ 267.892922][T17819] FAT-fs (loop2): Directory bread(block 64) failed [ 267.914151][T17819] FAT-fs (loop2): Directory bread(block 65) failed [ 267.947973][T17819] FAT-fs (loop2): Directory bread(block 66) failed [ 267.969866][T17819] FAT-fs (loop2): Directory bread(block 67) failed [ 267.994317][T17819] FAT-fs (loop2): Directory bread(block 68) failed [ 268.009331][T17819] FAT-fs (loop2): Directory bread(block 69) failed [ 268.041809][T17819] FAT-fs (loop2): Directory bread(block 70) failed [ 268.063221][T17819] FAT-fs (loop2): Directory bread(block 71) failed [ 268.077771][T17819] FAT-fs (loop2): Directory bread(block 72) failed [ 268.108918][T17819] FAT-fs (loop2): Directory bread(block 73) failed [ 268.191708][T17844] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8524'. [ 268.320757][T17849] device batadv_slave_0 left promiscuous mode [ 268.366851][T17854] new mount options do not match the existing superblock, will be ignored [ 268.420029][T17849] device bridge3 left promiscuous mode [ 268.452637][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 268.465910][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 268.485183][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 268.498658][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 268.515185][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 268.524298][T17753] loop3: detected capacity change from 0 to 131072 [ 268.544339][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 268.566038][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 268.586133][T17753] F2FS-fs (loop3): Found nat_bits in checkpoint [ 268.628556][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 268.639826][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 268.671731][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 268.685059][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready [ 268.713793][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready [ 268.734784][T17856] netlink: 'syz.4.8529': attribute type 13 has an invalid length. [ 268.747137][T17867] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8534'. [ 268.759514][T17856] gretap0: refused to change device tx_queue_len [ 268.766408][T17856] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 268.782687][T17867] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8534'. [ 268.783386][T17753] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 268.799923][T17867] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8534'. [ 268.850336][T17873] device vlan0 entered promiscuous mode [ 268.887552][T17753] F2FS-fs (loop3): access invalid blkaddr:3075201482 [ 268.909049][T17753] CPU: 1 PID: 17753 Comm: syz.3.8478 Not tainted 6.1.141-syzkaller-00034-g1bf1aa362e6b #0 [ 268.919009][T17753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 268.929095][T17753] Call Trace: [ 268.932400][T17753] [ 268.935334][T17753] __dump_stack+0x21/0x24 [ 268.939686][T17753] dump_stack_lvl+0xee/0x150 [ 268.944288][T17753] ? __cfi_dump_stack_lvl+0x8/0x8 [ 268.949379][T17753] ? __cfi_f2fs_get_dnode_of_data+0x10/0x10 [ 268.955287][T17753] dump_stack+0x15/0x24 [ 268.959462][T17753] __f2fs_is_valid_blkaddr+0xda6/0x1460 [ 268.965016][T17753] f2fs_is_valid_blkaddr+0x23/0x30 [ 268.970147][T17753] f2fs_get_read_data_page+0x4e2/0x840 [ 268.975631][T17753] ? __cfi_f2fs_get_read_data_page+0x10/0x10 [ 268.981628][T17753] ? kasan_set_track+0x60/0x70 [ 268.986402][T17753] ? kasan_set_track+0x4b/0x70 [ 268.991168][T17753] ? kasan_save_alloc_info+0x25/0x30 [ 268.996466][T17753] f2fs_find_data_page+0x198/0x3a0 [ 269.001602][T17753] __f2fs_find_entry+0x6d0/0xd70 [ 269.006554][T17753] ? __cfi___f2fs_find_entry+0x10/0x10 [ 269.012037][T17753] ? generic_set_encrypted_ci_d_ops+0xce/0x100 [ 269.018198][T17753] f2fs_lookup+0x19b/0xab0 [ 269.022637][T17753] ? __cfi_f2fs_lookup+0x10/0x10 [ 269.027592][T17753] ? _raw_spin_lock+0x8e/0xe0 [ 269.032286][T17753] ? __cfi__raw_spin_lock+0x10/0x10 [ 269.037504][T17753] ? _raw_spin_unlock+0x4c/0x70 [ 269.042366][T17753] ? d_alloc+0x199/0x1d0 [ 269.046622][T17753] lookup_one_qstr_excl+0x125/0x270 [ 269.051839][T17753] filename_create+0x219/0x450 [ 269.056623][T17753] ? kasan_save_alloc_info+0x25/0x30 [ 269.061946][T17753] ? kern_path_create+0x1b0/0x1b0 [ 269.066982][T17753] do_mkdirat+0x5c/0x4c0 [ 269.071239][T17753] ? getname_flags+0x206/0x500 [ 269.076018][T17753] __x64_sys_mkdirat+0x89/0xa0 [ 269.080790][T17753] x64_sys_call+0x73d/0x9a0 [ 269.085305][T17753] do_syscall_64+0x4c/0xa0 [ 269.089727][T17753] ? clear_bhb_loop+0x30/0x80 [ 269.094414][T17753] ? clear_bhb_loop+0x30/0x80 [ 269.099101][T17753] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 269.105002][T17753] RIP: 0033:0x7fafb5d8e929 [ 269.109427][T17753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.129048][T17753] RSP: 002b:00007fafb6b29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 269.137482][T17753] RAX: ffffffffffffffda RBX: 00007fafb5fb5fa0 RCX: 00007fafb5d8e929 [ 269.145466][T17753] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 269.153450][T17753] RBP: 00007fafb5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 269.161461][T17753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.169449][T17753] R13: 0000000000000000 R14: 00007fafb5fb5fa0 R15: 00007ffd61193368 [ 269.177436][T17753] [ 269.180712][ C1] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 269.216072][ T4848] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 269.223663][ T4848] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 269.249295][T17885] loop2: detected capacity change from 0 to 256 [ 269.268039][ T468] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 269.298672][T17885] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 269.344499][T17885] exFAT-fs (loop2): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 269.368756][T17885] exFAT-fs (loop2): Filesystem has been set read-only [ 269.497841][T17903] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8550'. [ 269.519879][T17903] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8550'. [ 269.530069][T17903] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8550'. [ 269.605006][ T28] kauditd_printk_skb: 565 callbacks suppressed [ 269.605024][ T28] audit: type=1400 audit(2000000005.261:9975): avc: denied { module_request } for pid=17913 comm="syz.2.8553" kmod="ipt_SET" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 269.698236][ T28] audit: type=1400 audit(2000000005.288:9976): avc: denied { read write } for pid=283 comm="syz-executor" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 269.758414][T17925] netlink: 'syz.2.8561': attribute type 10 has an invalid length. [ 269.797762][ T28] audit: type=1400 audit(2000000005.288:9977): avc: denied { open } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 269.870180][T17933] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8565'. [ 269.874250][ T28] audit: type=1400 audit(2000000005.288:9978): avc: denied { ioctl } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 269.972048][ T28] audit: type=1400 audit(2000000005.298:9979): avc: denied { read write } for pid=287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 270.070709][ T28] audit: type=1400 audit(2000000005.298:9980): avc: denied { open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 270.145191][ T28] audit: type=1400 audit(2000000005.298:9981): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 270.177525][ T4848] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 270.228376][ T284] audit: audit_backlog=65 > audit_backlog_limit=64 [ 270.239801][ T28] audit: type=1400 audit(2000000005.334:9982): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 270.265489][ T284] audit: audit_lost=36 audit_rate_limit=0 audit_backlog_limit=64 [ 270.351165][ T4848] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 270.882625][T18023] netlink: 128 bytes leftover after parsing attributes in process `syz.4.8607'. [ 271.223856][T18069] netlink: 'syz.3.8631': attribute type 49 has an invalid length. [ 271.266237][T18069] netlink: 'syz.3.8631': attribute type 49 has an invalid length. [ 271.535465][T18103] netlink: 'syz.2.8648': attribute type 49 has an invalid length. [ 271.582650][T18103] netlink: 'syz.2.8648': attribute type 49 has an invalid length. [ 271.880382][T18146] netlink: 'syz.1.8668': attribute type 49 has an invalid length. [ 271.899836][T18146] netlink: 'syz.1.8668': attribute type 49 has an invalid length. [ 272.560620][T18204] device ip6gre1 entered promiscuous mode [ 272.727342][T18220] __nla_validate_parse: 4 callbacks suppressed [ 272.727364][T18220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8706'. [ 272.763511][T18220] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8706'. [ 272.833749][T18228] netlink: 'syz.1.8709': attribute type 3 has an invalid length. [ 272.907688][ T468] usb 1-1: new high-speed USB device number 87 using dummy_hcd [ 273.051518][T18250] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8722'. [ 273.076014][T18250] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8722'. [ 273.118592][ T468] usb 1-1: unable to get BOS descriptor or descriptor too short [ 273.137453][ T468] usb 1-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 273.175748][ T468] usb 1-1: config 1 interface 0 has no altsetting 0 [ 273.245228][ T468] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 273.275013][ T468] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.314366][ T468] usb 1-1: Product: syz [ 273.318610][ T468] usb 1-1: Manufacturer: syz [ 273.339254][ T468] usb 1-1: SerialNumber: syz [ 273.534733][T18293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8740'. [ 273.563339][T18293] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8740'. [ 273.589664][ T468] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 87 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 273.644398][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 273.663137][ T468] usb 1-1: USB disconnect, device number 87 [ 273.685309][ T468] usblp0: removed [ 273.807110][T18314] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8752'. [ 274.020466][T18335] sock: sock_timestamping_bind_phc: sock not bind to device [ 274.582351][T18401] device bridge8 entered promiscuous mode [ 274.856975][T18435] device bridge8 entered promiscuous mode [ 275.031735][ T28] kauditd_printk_skb: 1056 callbacks suppressed [ 275.031752][ T28] audit: type=1400 audit(2000000010.263:11038): avc: denied { open } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 275.176220][ T28] audit: type=1400 audit(2000000010.263:11039): avc: denied { bpf } for pid=18455 comm="syz.2.8821" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 275.269612][ T28] audit: type=1400 audit(2000000010.263:11040): avc: denied { prog_load } for pid=18455 comm="syz.2.8821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 275.340579][ T28] audit: type=1400 audit(2000000010.263:11041): avc: denied { perfmon } for pid=18455 comm="syz.2.8821" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 275.363956][ T283] audit: audit_backlog=65 > audit_backlog_limit=64 [ 275.378388][ T283] audit: audit_lost=37 audit_rate_limit=0 audit_backlog_limit=64 [ 275.386250][ T283] audit: backlog limit exceeded [ 275.392093][ T284] audit: audit_backlog=65 > audit_backlog_limit=64 [ 275.393646][ T285] audit: audit_backlog=65 > audit_backlog_limit=64 [ 275.399378][ T284] audit: audit_lost=38 audit_rate_limit=0 audit_backlog_limit=64 [ 275.486253][ T868] usb 1-1: new high-speed USB device number 88 using dummy_hcd [ 275.553230][T18515] netlink: 308 bytes leftover after parsing attributes in process `syz.2.8850'. [ 275.622721][T18515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8850'. [ 275.691265][T18515] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 275.712381][ T868] usb 1-1: Using ep0 maxpacket: 16 [ 275.723270][T18531] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8859'. [ 275.734170][ T868] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 275.766875][ T868] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 275.793103][ T868] usb 1-1: config 0 has no interface number 0 [ 275.821854][ T868] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 275.853498][ T868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.887862][ T868] usb 1-1: Product: syz [ 275.892091][ T868] usb 1-1: Manufacturer: syz [ 275.918605][ T868] usb 1-1: SerialNumber: syz [ 275.931119][ T868] usb 1-1: config 0 descriptor?? [ 275.963341][ T868] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 275.969760][ T868] usb 1-1: No valid video chain found. [ 276.053522][T18559] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 276.183071][ T868] usb 1-1: USB disconnect, device number 88 [ 276.238570][T18577] device veth1_macvtap left promiscuous mode [ 276.266303][T18577] device macsec0 entered promiscuous mode [ 276.542217][T18611] device veth1_macvtap left promiscuous mode [ 276.551466][T18612] netlink: 'syz.4.8898': attribute type 3 has an invalid length. [ 276.563725][T18611] device macsec0 entered promiscuous mode [ 277.010507][T18665] netlink: 'syz.0.8924': attribute type 3 has an invalid length. [ 277.232408][T18693] netlink: 'syz.2.8937': attribute type 1 has an invalid length. [ 277.599473][T18733] netlink: 'syz.4.8957': attribute type 1 has an invalid length. [ 277.978109][ C1] ip6_tunnel: syztnl1 xmit: Local address not yet configured! [ 277.978547][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 278.857491][T18799] netlink: 'syz.1.8989': attribute type 9 has an invalid length. [ 278.875521][T18803] __nla_validate_parse: 2 callbacks suppressed [ 278.875540][T18803] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8991'. [ 278.913767][T18803] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8991'. [ 278.968318][T18814] netlink: 'syz.2.9006': attribute type 9 has an invalid length. [ 279.127991][T18834] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9007'. [ 279.145280][T18834] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9007'. [ 279.199431][T18842] netlink: 'syz.0.9010': attribute type 9 has an invalid length. [ 279.245738][ T639] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 279.451747][ T639] usb 4-1: Using ep0 maxpacket: 16 [ 279.458802][ T639] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 279.467083][ T639] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 279.477214][ T639] usb 4-1: config 0 has no interface number 0 [ 279.484800][ T639] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 279.493874][ T639] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.501954][ T639] usb 4-1: Product: syz [ 279.506172][ T639] usb 4-1: Manufacturer: syz [ 279.510781][ T639] usb 4-1: SerialNumber: syz [ 279.517070][ T639] usb 4-1: config 0 descriptor?? [ 279.523605][ T639] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 279.530063][ T639] usb 4-1: No valid video chain found. [ 279.746508][ T639] usb 4-1: USB disconnect, device number 90 [ 280.101594][ T4848] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 280.318256][ T4848] usb 1-1: Using ep0 maxpacket: 8 [ 280.331159][T18880] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9023'. [ 280.344989][T18880] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9023'. [ 280.362554][ T4848] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 280.371841][ T4848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.414455][ T4848] usb 1-1: config 0 descriptor?? [ 280.490436][ T28] kauditd_printk_skb: 817 callbacks suppressed [ 280.490453][ T28] audit: type=1400 audit(2000000015.294:11856): avc: denied { read write } for pid=284 comm="syz-executor" name="loop3" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 280.548018][T18894] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9030'. [ 280.551591][ T28] audit: type=1400 audit(2000000015.294:11857): avc: denied { open } for pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 280.582617][ T28] audit: type=1400 audit(2000000015.294:11858): avc: denied { ioctl } for pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 280.611776][T18894] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9030'. [ 280.623680][T18900] x_tables: unsorted entry at hook 2 [ 280.632894][T18894] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9030'. [ 280.651894][ T4848] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 280.673523][ T4848] asix: probe of 1-1:0.0 failed with error -71 [ 280.697490][T18894] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9030'. [ 280.709286][ T28] audit: type=1400 audit(2000000015.312:11859): avc: denied { read } for pid=18891 comm="syz.1.9029" name="usbmon6" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 280.712381][ T4848] usb 1-1: USB disconnect, device number 89 [ 280.810671][ T28] audit: type=1400 audit(2000000015.312:11860): avc: denied { open } for pid=18891 comm="syz.1.9029" path="/dev/usbmon6" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 280.892952][ T28] audit: type=1400 audit(2000000015.321:11861): avc: denied { ioctl } for pid=18891 comm="syz.1.9029" path="/dev/usbmon6" dev="devtmpfs" ino=177 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 280.894008][ T283] audit: audit_backlog=65 > audit_backlog_limit=64 [ 280.927089][ T284] audit: audit_backlog=65 > audit_backlog_limit=64 [ 280.935370][ T285] audit: audit_backlog=65 > audit_backlog_limit=64 [ 280.939647][ T286] audit: audit_backlog=65 > audit_backlog_limit=64 [ 282.831903][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 282.840822][T19166] xt_bpf: check failed: parse error [ 282.858730][T19170] netlink: 'syz.4.9174': attribute type 15 has an invalid length. [ 283.251933][T19226] netlink: 'syz.2.9202': attribute type 15 has an invalid length. [ 283.624948][T19275] tc_dump_action: action bad kind [ 284.469338][T19379] __nla_validate_parse: 18 callbacks suppressed [ 284.469371][T19379] netlink: 188 bytes leftover after parsing attributes in process `syz.4.9277'. [ 284.499506][T19381] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9278'. [ 284.530398][T19381] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9278'. [ 284.572363][T19389] device ip6tnl4 entered promiscuous mode [ 284.657881][T19395] tc_dump_action: action bad kind [ 284.712156][T19400] netlink: 'syz.3.9298': attribute type 3 has an invalid length. [ 284.790379][T19409] netlink: 'syz.2.9292': attribute type 3 has an invalid length. [ 284.860710][T19416] netlink: 188 bytes leftover after parsing attributes in process `syz.2.9293'. [ 285.118937][T19447] netlink: 'syz.4.9319': attribute type 3 has an invalid length. [ 285.259323][T19461] netlink: 'syz.2.9316': attribute type 3 has an invalid length. [ 285.336978][T19477] netlink: 'syz.0.9326': attribute type 3 has an invalid length. [ 285.716178][T19521] loop1: detected capacity change from 0 to 128 [ 285.910462][ T28] kauditd_printk_skb: 1243 callbacks suppressed [ 285.910479][ T28] audit: type=1400 audit(2000000020.306:13073): avc: denied { read write } for pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 285.994530][ T28] audit: type=1400 audit(2000000020.306:13074): avc: denied { read write } for pid=283 comm="syz-executor" name="loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 286.032066][T19555] device vcan0 entered promiscuous mode [ 286.038464][T19555] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check. [ 286.055365][ T28] audit: type=1400 audit(2000000020.306:13075): avc: denied { open } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 286.135244][ T28] audit: type=1400 audit(2000000020.306:13076): avc: denied { ioctl } for pid=283 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 286.217880][T19568] audit: audit_backlog=65 > audit_backlog_limit=64 [ 286.235559][ T28] audit: type=1400 audit(2000000020.333:13077): avc: denied { read write open } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 286.245105][T19572] audit: audit_backlog=65 > audit_backlog_limit=64 [ 286.274659][T19568] audit: audit_lost=52 audit_rate_limit=0 audit_backlog_limit=64 [ 286.282724][ T28] audit: type=1400 audit(2000000020.333:13078): avc: denied { ioctl } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 286.289109][ T283] audit: audit_backlog=65 > audit_backlog_limit=64 [ 286.428616][T19586] netlink: 'syz.1.9383': attribute type 6 has an invalid length. [ 286.573163][T19606] device vcan0 entered promiscuous mode [ 286.594356][T19606] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check. [ 286.926517][T19625] netlink: 'syz.2.9399': attribute type 6 has an invalid length. [ 287.172514][T19660] netlink: 'syz.3.9417': attribute type 6 has an invalid length. [ 288.597384][T19788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9480'. [ 288.764991][T19812] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 289.125503][T19859] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 289.146605][T19861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9516'. [ 289.452016][T19892] netlink: 'syz.3.9530': attribute type 16 has an invalid length. [ 289.997295][T19944] netlink: 80 bytes leftover after parsing attributes in process `syz.4.9557'. [ 290.022165][T19948] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 290.290348][T19981] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 290.585462][T20012] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 290.666143][T20025] usb usb1: usbfs: process 20025 (syz.0.9598) did not claim interface 0 before use [ 291.026227][T20068] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9616'. [ 291.165836][T20085] usb usb1: usbfs: process 20085 (syz.1.9624) did not claim interface 0 before use [ 291.325858][ T468] usb 4-1: new full-speed USB device number 91 using dummy_hcd [ 291.336905][ T28] kauditd_printk_skb: 1152 callbacks suppressed [ 291.336922][ T28] audit: type=1400 audit(2000000025.317:14208): avc: denied { read write } for pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.418695][ T28] audit: type=1400 audit(2000000025.317:14209): avc: denied { open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.448870][ T28] audit: type=1400 audit(2000000025.317:14210): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.476324][ T28] audit: type=1400 audit(2000000025.345:14211): avc: denied { ioctl } for pid=20069 comm="syz.3.9621" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 291.476919][T20117] xt_hashlimit: size too large, truncated to 1048576 [ 291.488109][T20119] usb usb1: usbfs: process 20119 (syz.4.9645) did not claim interface 0 before use [ 291.518551][ T28] audit: type=1400 audit(2000000025.345:14212): avc: denied { read write open } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.544520][T20117] xt_hashlimit: max too large, truncated to 1048576 [ 291.551364][ T28] audit: type=1400 audit(2000000025.345:14213): avc: denied { ioctl } for pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.579136][ T468] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 291.609768][ T468] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 291.624645][ T468] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 291.635668][ T468] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.647396][ T28] audit: type=1400 audit(2000000025.364:14214): avc: denied { read write } for pid=287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.674667][ T468] usb 4-1: config 0 descriptor?? [ 291.685252][ T468] hub 4-1:0.0: USB hub found [ 291.692491][ T28] audit: type=1400 audit(2000000025.364:14215): avc: denied { open } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.717908][ T28] audit: type=1400 audit(2000000025.364:14216): avc: denied { ioctl } for pid=287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.759020][ T28] audit: type=1400 audit(2000000025.364:14217): avc: denied { read write } for pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 291.861661][T20147] x_tables: ip_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT/POSTROUTING [ 291.903843][ T468] hub 4-1:0.0: config failed, hub has too many ports! (err -19) [ 291.921785][ T639] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 292.122087][ T468] usbhid 4-1:0.0: can't add hid device: -71 [ 292.128404][ T468] usbhid: probe of 4-1:0.0 failed with error -71 [ 292.139343][ T639] usb 5-1: Using ep0 maxpacket: 16 [ 292.146296][ T639] usb 5-1: config 1 has an invalid interface number: 105 but max is 0 [ 292.181745][ T639] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 292.200177][ T639] usb 5-1: config 1 has no interface number 0 [ 292.200314][ T468] usb 4-1: USB disconnect, device number 91 [ 292.207741][ T639] usb 5-1: config 1 interface 105 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0 [ 292.262922][ T639] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 0 [ 292.290214][ T639] usb 5-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 292.316287][ T639] usb 5-1: config 1 interface 105 has no altsetting 0 [ 292.356987][ T639] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 292.384463][ T639] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.409302][ T639] usb 5-1: Product: syz [ 292.413536][ T639] usb 5-1: Manufacturer: syz [ 292.426629][ T639] usb 5-1: SerialNumber: syz [ 292.471341][T20207] netlink: 'syz.0.9689': attribute type 1 has an invalid length. [ 292.666071][ T639] aqc111: probe of 5-1:1.105 failed with error -22 [ 292.849154][T20253] netlink: 'syz.1.9711': attribute type 1 has an invalid length. [ 292.897943][ T4848] usb 5-1: USB disconnect, device number 95 [ 293.177363][T20308] loop3: detected capacity change from 0 to 512 [ 293.197074][T20308] EXT4-fs: Ignoring removed oldalloc option [ 293.266944][T20308] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 293.284046][T20308] ext4 filesystem being mounted at /1844/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 293.383746][ T284] EXT4-fs (loop3): unmounting filesystem. [ 293.872586][T20405] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 293.972853][T20417] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9792'. [ 294.079988][T20430] binfmt_misc: register: failed to install interpreter file ./file0/../file0 [ 294.196711][T20448] sock: sock_timestamping_bind_phc: sock not bind to device [ 294.251123][ T468] usb 2-1: new high-speed USB device number 89 using dummy_hcd [ 294.320234][T20468] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9818'. [ 294.456932][ T468] usb 2-1: Using ep0 maxpacket: 8 [ 294.464534][ T468] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 294.502796][ T468] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 5 [ 294.528837][ T468] usb 2-1: config 1 has no interface number 1 [ 294.541729][ T468] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 294.542411][T20495] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 294.562347][ T468] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.606873][ T468] usb 2-1: Product: syz [ 294.615203][ T468] usb 2-1: Manufacturer: syz [ 294.626781][T20502] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9833'. [ 294.635724][ T468] usb 2-1: SerialNumber: syz [ 294.641198][ T2657] ------------[ cut here ]------------ [ 294.646683][ T2657] kernel BUG at fs/buffer.c:2714! [ 294.660181][ T2657] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 294.666318][ T2657] CPU: 1 PID: 2657 Comm: kmmpd-loop0 Not tainted 6.1.141-syzkaller-00034-g1bf1aa362e6b #0 [ 294.676265][ T2657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 294.686347][ T2657] RIP: 0010:submit_bh_wbc+0x4c9/0x4f0 [ 294.691759][ T2657] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 d8 38 e8 ff e9 b0 fe ff ff e8 2e df a3 ff 0f 0b e8 27 df a3 ff <0f> 0b e8 20 df a3 ff 0f 0b e8 19 df a3 ff 0f 0b e8 12 df a3 ff 0f [ 294.711396][ T2657] RSP: 0018:ffffc90000e5fca0 EFLAGS: 00010293 [ 294.717499][ T2657] RAX: ffffffff81cc1849 RBX: 0000000000000000 RCX: ffff88811aff8000 [ 294.725498][ T2657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 294.733498][ T2657] RBP: ffffc90000e5fcf0 R08: dffffc0000000000 R09: ffffed102303b53c [ 294.741502][ T2657] R10: ffffed102303b53c R11: 1ffff1102303b53b R12: 0000000000000000 [ 294.749514][ T2657] R13: 1ffff1102303b53b R14: ffff8881181da9d8 R15: 0000000000003801 [ 294.757524][ T2657] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 294.766490][ T2657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 294.773105][ T2657] CR2: 000055557a9f74a8 CR3: 0000000122ede000 CR4: 00000000003506a0 [ 294.781105][ T2657] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 294.789101][ T2657] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 294.797105][ T2657] Call Trace: [ 294.800415][ T2657] [ 294.803367][ T2657] ? _raw_spin_unlock_irqrestore+0x5a/0x80 [ 294.809222][ T2657] submit_bh+0x1f/0x30 [ 294.813326][ T2657] write_mmp_block_thawed+0x34a/0x4c0 [ 294.818736][ T2657] ? read_mmp_block+0x6d0/0x6d0 [ 294.823622][ T2657] ? __cfi_process_timeout+0x10/0x10 [ 294.828951][ T2657] write_mmp_block+0x138/0x2b0 [ 294.833750][ T2657] kmmpd+0x3ce/0x950 [ 294.837683][ T2657] kthread+0x281/0x320 [ 294.841785][ T2657] ? __cfi_kmmpd+0x10/0x10 [ 294.846237][ T2657] ? __cfi_kthread+0x10/0x10 [ 294.850874][ T2657] ret_from_fork+0x1f/0x30 [ 294.855330][ T2657] [ 294.858379][ T2657] Modules linked in: [ 294.867559][T20519] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9837'. [ 294.882701][ T468] usb 2-1: USB disconnect, device number 89 [ 294.896767][T20520] binfmt_misc: register: failed to install interpreter file ./file0/../file0 [ 294.908902][ T2657] ---[ end trace 0000000000000000 ]--- [ 294.925214][ T2657] RIP: 0010:submit_bh_wbc+0x4c9/0x4f0 [ 294.930723][ T2657] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 d8 38 e8 ff e9 b0 fe ff ff e8 2e df a3 ff 0f 0b e8 27 df a3 ff <0f> 0b e8 20 df a3 ff 0f 0b e8 19 df a3 ff 0f 0b e8 12 df a3 ff 0f [ 294.951303][ T2657] RSP: 0018:ffffc90000e5fca0 EFLAGS: 00010293 [ 294.961672][ T2657] RAX: ffffffff81cc1849 RBX: 0000000000000000 RCX: ffff88811aff8000 [ 294.974118][T20522] loop2: detected capacity change from 0 to 4096 [ 294.978664][ T2657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 294.990688][ T2657] RBP: ffffc90000e5fcf0 R08: dffffc0000000000 R09: ffffed102303b53c [ 295.000218][ T2657] R10: ffffed102303b53c R11: 1ffff1102303b53b R12: 0000000000000000 [ 295.008394][ T2657] R13: 1ffff1102303b53b R14: ffff8881181da9d8 R15: 0000000000003801 [ 295.017245][ T2657] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 295.027608][ T2657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 295.027740][T20522] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 295.043910][ T2657] CR2: 00007fb8add900c0 CR3: 000000015615c000 CR4: 00000000003506a0 [ 295.051930][ T2657] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 295.061706][ T2657] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 295.068085][T20522] EXT4-fs error (device loop2): ext4_get_first_dir_block:3603: inode #12: block 80: comm syz.2.9844: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 295.070444][ T2657] Kernel panic - not syncing: Fatal exception [ 295.090094][ T2657] Kernel Offset: disabled [ 295.100472][ T2657] Rebooting in 86400 seconds..