[ 35.448697][ T25] audit: type=1800 audit(1572633007.896:25): pid=7055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 35.496137][ T25] audit: type=1800 audit(1572633007.896:26): pid=7055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 35.518121][ T25] audit: type=1800 audit(1572633007.896:27): pid=7055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 36.132053][ T7120] sshd (7120) used greatest stack depth: 10136 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.210' (ECDSA) to the list of known hosts. 2019/11/01 18:30:18 fuzzer started 2019/11/01 18:30:19 dialing manager at 10.128.0.105:41349 2019/11/01 18:30:19 syscalls: 2540 2019/11/01 18:30:19 code coverage: enabled 2019/11/01 18:30:19 comparison tracing: enabled 2019/11/01 18:30:19 extra coverage: extra coverage is not supported by the kernel 2019/11/01 18:30:19 setuid sandbox: enabled 2019/11/01 18:30:19 namespace sandbox: enabled 2019/11/01 18:30:19 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/01 18:30:19 fault injection: enabled 2019/11/01 18:30:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/01 18:30:19 net packet injection: enabled 2019/11/01 18:30:19 net device setup: enabled 2019/11/01 18:30:19 concurrency sanitizer: enabled 2019/11/01 18:30:21 adding functions to KCSAN blacklist: 'pid_update_inode' 'tomoyo_supervisor' '__hrtimer_run_queues' 'tick_do_update_jiffies64' 'ep_poll' 'tcp_add_backlog' 18:30:22 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[]}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f00000004c0)) select(0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) 18:30:23 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) syzkaller login: [ 50.608487][ T7224] IPVS: ftp: loaded support on port[0] = 21 [ 50.785975][ T7224] chnl_net:caif_netlink_parms(): no params data found 18:30:23 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) [ 50.838774][ T7227] IPVS: ftp: loaded support on port[0] = 21 [ 50.845157][ T7224] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.852432][ T7224] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.860372][ T7224] device bridge_slave_0 entered promiscuous mode [ 50.883212][ T7224] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.890510][ T7224] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.912096][ T7224] device bridge_slave_1 entered promiscuous mode [ 50.961621][ T7224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.982671][ T7224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.055870][ T7224] team0: Port device team_slave_0 added [ 51.063732][ T7224] team0: Port device team_slave_1 added [ 51.129507][ T7229] IPVS: ftp: loaded support on port[0] = 21 18:30:23 executing program 3: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) [ 51.225527][ T7224] device hsr_slave_0 entered promiscuous mode [ 51.292251][ T7224] device hsr_slave_1 entered promiscuous mode [ 51.381414][ T7227] chnl_net:caif_netlink_parms(): no params data found [ 51.505788][ T7224] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.512980][ T7224] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.520298][ T7224] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.527493][ T7224] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.669569][ T7233] IPVS: ftp: loaded support on port[0] = 21 [ 51.736900][ T7227] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.751175][ T7227] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.781312][ T7227] device bridge_slave_0 entered promiscuous mode [ 51.813166][ T7227] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.820310][ T7227] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.872965][ T7227] device bridge_slave_1 entered promiscuous mode 18:30:24 executing program 4: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) [ 51.946040][ T2934] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.982376][ T2934] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.070148][ T7224] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.168644][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.182106][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.223197][ T7227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.252918][ T7227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.339426][ T7227] team0: Port device team_slave_0 added [ 52.381783][ T7229] chnl_net:caif_netlink_parms(): no params data found [ 52.414576][ T7224] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.459884][ T7227] team0: Port device team_slave_1 added [ 52.591739][ T7262] IPVS: ftp: loaded support on port[0] = 21 [ 52.611417][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.620476][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.671798][ T3007] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.678878][ T3007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.776397][ T7227] device hsr_slave_0 entered promiscuous mode [ 52.841524][ T7227] device hsr_slave_1 entered promiscuous mode [ 52.881175][ T7227] debugfs: Directory 'hsr0' with parent '/' already present! [ 52.888835][ T7229] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.901224][ T7229] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.931253][ T7229] device bridge_slave_0 entered promiscuous mode [ 52.968172][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.977479][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready 18:30:25 executing program 5: futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, &(0x7f0000000200), 0x0) futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000000140), 0x0) [ 53.021663][ T7246] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.028757][ T7246] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.079439][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.112886][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.142793][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.172158][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.227267][ T7229] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.251437][ T7229] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.259688][ T7229] device bridge_slave_1 entered promiscuous mode [ 53.303146][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.322524][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.362243][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.543692][ T7224] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 53.570829][ T7224] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 53.630619][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.663078][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.732500][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 53.791398][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.887502][ T7229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.923430][ T7229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.949132][ T7265] IPVS: ftp: loaded support on port[0] = 21 [ 53.958262][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.976253][ T7233] chnl_net:caif_netlink_parms(): no params data found [ 54.077560][ T7224] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.117799][ T7229] team0: Port device team_slave_0 added [ 54.192877][ T7229] team0: Port device team_slave_1 added [ 54.238459][ T7227] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.306853][ T7227] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.336910][ T7233] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.346086][ T7233] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.362818][ T7233] device bridge_slave_0 entered promiscuous mode [ 54.382205][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.401901][ T7246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.504456][ T7229] device hsr_slave_0 entered promiscuous mode [ 54.541627][ T7229] device hsr_slave_1 entered promiscuous mode [ 54.581209][ T7229] debugfs: Directory 'hsr0' with parent '/' already present! [ 54.611211][ T7233] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.618403][ T7233] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.672406][ T7233] device bridge_slave_1 entered promiscuous mode [ 54.732715][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.742492][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.781597][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.789234][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.821994][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.830766][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.881801][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.889050][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.922466][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.952494][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 54.972342][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 54.992243][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.011720][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.020844][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.134407][ T7233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.181767][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.201552][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.228624][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.252325][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.295776][ T7262] chnl_net:caif_netlink_parms(): no params data found [ 55.314358][ T7227] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 55.371334][ T7227] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.413043][ T7233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.474802][ T7307] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 55.502938][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.541671][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.627958][ T7227] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.635299][ T7307] EXT4-fs error (device loop0): ext4_fill_super:4489: inode #2: comm syz-executor.0: iget: root inode unallocated [ 55.758225][ T7233] team0: Port device team_slave_0 added [ 55.775416][ T7265] chnl_net:caif_netlink_parms(): no params data found [ 55.787395][ T7307] EXT4-fs (loop0): get root inode failed [ 55.855946][ T7233] team0: Port device team_slave_1 added [ 55.862448][ T7307] EXT4-fs (loop0): mount failed [ 55.876902][ T7262] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.912225][ T7262] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.934930][ T7262] device bridge_slave_0 entered promiscuous mode [ 56.094086][ T7262] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.134393][ T7262] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.182262][ T7262] device bridge_slave_1 entered promiscuous mode 18:30:28 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[]}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f00000004c0)) select(0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) [ 56.454095][ T7233] device hsr_slave_0 entered promiscuous mode [ 56.496216][ T7233] device hsr_slave_1 entered promiscuous mode [ 56.551208][ T7233] debugfs: Directory 'hsr0' with parent '/' already present! [ 56.569714][ T7229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.602492][ T7351] sp0: Synchronizing with TNC [ 56.651425][ T7265] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.685776][ T7265] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.724558][ T7265] device bridge_slave_0 entered promiscuous mode [ 56.777573][ T7262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.791489][ T7355] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 56.832944][ T7229] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.844159][ T7265] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.870514][ T7265] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.871297][ T7355] EXT4-fs error (device loop0): ext4_fill_super:4489: inode #2: comm syz-executor.0: iget: root inode unallocated [ 56.952924][ T7265] device bridge_slave_1 entered promiscuous mode [ 56.989997][ T7355] EXT4-fs (loop0): get root inode failed [ 56.997230][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.028665][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.031218][ T7355] EXT4-fs (loop0): mount failed [ 57.100401][ T7262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.166601][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.196499][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.279146][ T3007] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.286330][ T3007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.396541][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.500984][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.580143][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.587279][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.706423][ T3007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.810823][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.841889][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.892014][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.900924][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.002468][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.042178][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.082340][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.136214][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.183534][ T7262] team0: Port device team_slave_0 added [ 58.191028][ T7262] team0: Port device team_slave_1 added [ 58.224363][ T7265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.277030][ T7265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.322360][ T7229] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.362004][ T7229] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.415672][ T7263] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.425541][ T7263] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.475867][ T7263] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.608271][ T7229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.724254][ T7262] device hsr_slave_0 entered promiscuous mode [ 58.781569][ T7262] device hsr_slave_1 entered promiscuous mode [ 58.831170][ T7262] debugfs: Directory 'hsr0' with parent '/' already present! [ 58.850622][ T7265] team0: Port device team_slave_0 added [ 58.873723][ T7265] team0: Port device team_slave_1 added [ 58.930108][ T7233] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.066692][ T7233] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.135518][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.161799][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.244784][ T7265] device hsr_slave_0 entered promiscuous mode [ 59.286401][ T7265] device hsr_slave_1 entered promiscuous mode 18:30:31 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) [ 59.370977][ T7265] debugfs: Directory 'hsr0' with parent '/' already present! [ 59.442032][ T7261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.481733][ T7261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.490470][ T7261] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.497739][ T7261] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.620377][ T7261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.693223][ T7261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.746929][ T7261] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.754314][ T7261] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.862059][ T7416] sp0: Synchronizing with TNC [ 59.872518][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.942054][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.012876][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.227879][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.260594][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.349456][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.418408][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.484771][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.547880][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.634304][ T7233] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.709907][ T7233] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 18:30:33 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:30:33 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[]}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f00000004c0)) select(0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) [ 60.857625][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 18:30:33 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) [ 60.902484][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.019086][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.118606][ T7262] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.377829][ T7233] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.495413][ T7262] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.528087][ T7467] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 61.559312][ T7472] sp0: Synchronizing with TNC 18:30:34 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) [ 61.601340][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 61.609497][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.833972][ T7467] EXT4-fs error (device loop0): ext4_fill_super:4489: inode #2: comm syz-executor.0: iget: root inode unallocated [ 61.892008][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 61.945297][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.021536][ T7467] EXT4-fs (loop0): get root inode failed [ 62.092207][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.099339][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.112666][ T7467] EXT4-fs (loop0): mount failed [ 62.285846][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.403100][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready 18:30:35 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[]}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f00000004c0)) select(0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) [ 62.500808][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.508010][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.694836][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.852515][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.062728][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.070858][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.199588][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.318231][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 18:30:35 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:30:35 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) [ 63.444171][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.573461][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.715036][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.871191][ T7499] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 63.880449][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.930286][ T7499] EXT4-fs error (device loop0): ext4_fill_super:4489: inode #2: comm syz-executor.0: iget: root inode unallocated [ 63.993485][ T7262] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.110824][ T7262] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.240854][ T7265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.270349][ T7499] EXT4-fs (loop0): get root inode failed [ 64.360596][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.413128][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.436475][ T7499] EXT4-fs (loop0): mount failed [ 64.539088][ T7516] sp0: Synchronizing with TNC [ 64.559200][ T7265] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.700090][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.725550][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.885396][ T7262] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.996042][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.037444][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.169925][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.177079][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.336895][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.418203][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.494018][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.502316][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.726453][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.745968][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.839642][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 18:30:38 executing program 3: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) [ 65.926097][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 66.015620][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 66.133437][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 66.212295][ T2934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.345680][ T7265] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 66.454331][ T7265] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.561813][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.570346][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 66.671948][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 66.680875][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 66.822034][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.847065][ T7265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.948381][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 18:30:39 executing program 4: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) 18:30:40 executing program 5: futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, &(0x7f0000000200), 0x0) futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000000140), 0x0) 18:30:40 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:30:40 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) 18:30:40 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) 18:30:40 executing program 3: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) 18:30:40 executing program 4: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) [ 68.429058][ T7602] sp0: Synchronizing with TNC 18:30:41 executing program 4: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) 18:30:41 executing program 3: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) 18:30:41 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:30:41 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) 18:30:41 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) 18:30:41 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) [ 68.957461][ T7633] sp0: Synchronizing with TNC 18:30:41 executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) 18:30:41 executing program 5: futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, &(0x7f0000000200), 0x0) futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000000140), 0x0) 18:30:41 executing program 4: futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, &(0x7f0000000200), 0x0) futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000000140), 0x0) 18:30:41 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000000)={'bpq0\x00', @ifru_names='rose0\x00'}) 18:30:41 executing program 1: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) 18:30:42 executing program 2: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) [ 69.686986][ T7665] sp0: Synchronizing with TNC 18:30:42 executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) 18:30:42 executing program 0: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) [ 70.014595][ T7678] sp0: Synchronizing with TNC 18:30:42 executing program 1: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[]}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f00000004c0)) select(0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) [ 70.253309][ T7694] sp0: Synchronizing with TNC 18:30:42 executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4000000004, &(0x7f0000000080), &(0x7f0000002600)=0x4) 18:30:42 executing program 4: futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, &(0x7f0000000200), 0x0) futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000000140), 0x0) 18:30:43 executing program 2: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) 18:30:43 executing program 5: futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, &(0x7f0000000200), 0x0) futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000000140), 0x0) 18:30:43 executing program 0: socket$inet(0xa, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$KDADDIO(r0, 0x8924, 0x70e000) [ 70.986173][ T7729] sp0: Synchronizing with TNC 18:30:43 executing program 3: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000280)="02006800000f000000000000000000008128b14700000000559863d20000000002000f2005cc00000000ff070069000000000000000000000000000000000000000000000000000000000000000000000000000000000000050094c0000055aa", 0x60, 0x1a0}]) syz_open_procfs(0x0, 0x0) [ 71.256056][ T7716] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 71.287507][ T7741] sp1: Synchronizing with TNC [ 71.412184][ T7716] EXT4-fs: failed to create workqueue [ 71.452381][ T7716] EXT4-fs (loop1): mount failed [ 71.519600][ C0] hrtimer: interrupt took 61345 ns [ 72.352315][ T7755] loop3: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 [ 72.352329][ T7755] loop3: partition table partially beyond EOD, truncated [ 72.858710][ T7755] loop3: p1 size 2 extends beyond EOD, truncated [ 72.931916][ T7755] loop3: p4 start 327680 is beyond EOD, truncated [ 72.981281][ T7755] loop3: p5 start 327680 is beyond EOD, truncated [ 73.001235][ T7755] loop3: p6 start 327680 is beyond EOD, truncated [ 73.061383][ T7755] loop3: p7 start 327680 is beyond EOD, truncated [ 73.071240][ T7755] loop3: p8 start 327680 is beyond EOD, truncated [ 73.131232][ T7755] loop3: p9 start 327680 is beyond EOD, truncated [ 73.221199][ T7755] loop3: p10 start 327680 is beyond EOD, truncated [ 73.228824][ T7755] loop3: p11 start 327680 is beyond EOD, truncated [ 73.291660][ T7755] loop3: p12 start 327680 is beyond EOD, truncated [ 73.298311][ T7755] loop3: p13 start 327680 is beyond EOD, truncated [ 73.411219][ T7755] loop3: p14 start 327680 is beyond EOD, truncated [ 73.417925][ T7755] loop3: p15 start 327680 is beyond EOD, truncated [ 73.561164][ T7755] loop3: p16 start 327680 is beyond EOD, truncated [ 73.567723][ T7755] loop3: p17 start 327680 is beyond EOD, truncated [ 73.651178][ T7755] loop3: p18 start 327680 is beyond EOD, truncated [ 73.657755][ T7755] loop3: p19 start 327680 is beyond EOD, truncated [ 73.705306][ T7755] loop3: p20 start 327680 is beyond EOD, truncated [ 73.735551][ T7755] loop3: p21 start 327680 is beyond EOD, truncated [ 73.775464][ T7755] loop3: p22 start 327680 is beyond EOD, truncated [ 73.811647][ T7755] loop3: p23 start 327680 is beyond EOD, truncated [ 73.838244][ T7752] ================================================================== [ 73.846386][ T7752] BUG: KCSAN: data-race in common_perm_cond / task_dump_owner [ 73.851235][ T7755] loop3: p24 start 327680 is beyond EOD, truncated [ 73.853831][ T7752] [ 73.853845][ T7752] read to 0xffff888124d387fc of 4 bytes by task 7765 on cpu 1: [ 73.853859][ T7752] common_perm_cond+0x65/0x110 [ 73.853884][ T7752] apparmor_inode_getattr+0x2b/0x40 [ 73.880154][ T7752] security_inode_getattr+0x9b/0xd0 [ 73.881153][ T7755] loop3: p25 start 327680 is beyond EOD, truncated [ 73.885343][ T7752] vfs_getattr+0x2e/0x70 [ 73.885352][ T7752] vfs_statx+0x102/0x190 [ 73.885362][ T7752] __do_sys_newstat+0x51/0xb0 [ 73.885386][ T7752] __x64_sys_newstat+0x3a/0x50 [ 73.909902][ T7752] do_syscall_64+0xcc/0x370 [ 73.914408][ T7752] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 73.920283][ T7752] [ 73.922605][ T7752] write to 0xffff888124d387fc of 4 bytes by task 7752 on cpu 0: [ 73.930439][ T7752] task_dump_owner+0x237/0x260 [ 73.935200][ T7752] pid_update_inode+0x3c/0x70 [ 73.939876][ T7752] pid_revalidate+0x91/0xd0 [ 73.941647][ T7755] loop3: p26 start 327680 is beyond EOD, truncated [ 73.944383][ T7752] lookup_fast+0x6f2/0x700 [ 73.944396][ T7752] walk_component+0x6d/0xe80 [ 73.944423][ T7752] link_path_walk.part.0+0x5d3/0xa90 [ 73.965261][ T7752] path_openat+0x14f/0x36e0 [ 73.969761][ T7752] do_filp_open+0x11e/0x1b0 [ 73.974262][ T7752] do_sys_open+0x3b3/0x4f0 [ 73.978678][ T7752] __x64_sys_open+0x55/0x70 [ 73.981155][ T7755] loop3: p27 start 327680 is beyond EOD, truncated [ 73.983281][ T7752] do_syscall_64+0xcc/0x370 [ 73.989844][ T7755] loop3: p28 start 327680 is beyond EOD, truncated [ 73.994348][ T7752] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 73.994352][ T7752] [ 73.994356][ T7752] Reported by Kernel Concurrency Sanitizer on: [ 73.994371][ T7752] CPU: 0 PID: 7752 Comm: ps Not tainted 5.4.0-rc3+ #0 [ 73.994378][ T7752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.994383][ T7752] ================================================================== [ 73.994390][ T7752] Kernel panic - not syncing: panic_on_warn set ... [ 73.994402][ T7752] CPU: 0 PID: 7752 Comm: ps Not tainted 5.4.0-rc3+ #0 [ 73.994422][ T7752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.031194][ T7755] loop3: p29 start 327680 is beyond EOD, truncated [ 74.032890][ T7752] Call Trace: [ 74.032914][ T7752] dump_stack+0xf5/0x159 [ 74.032941][ T7752] panic+0x210/0x640 [ 74.071574][ T7755] loop3: p30 start 327680 is beyond EOD, truncated [ 74.074163][ T7752] ? do_sys_open+0x3b3/0x4f0 [ 74.078396][ T7755] loop3: p31 start 327680 is beyond EOD, truncated [ 74.082283][ T7752] ? vprintk_func+0x8d/0x140 [ 74.082302][ T7752] kcsan_report.cold+0xc/0x10 [ 74.082319][ T7752] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 74.082331][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.082346][ T7752] __tsan_write4+0x32/0x40 [ 74.082373][ T7752] task_dump_owner+0x237/0x260 [ 74.121278][ T7755] loop3: p32 start 327680 is beyond EOD, truncated [ 74.124927][ T7752] ? __rcu_read_unlock+0x66/0x3c0 [ 74.124946][ T7752] pid_update_inode+0x3c/0x70 [ 74.124960][ T7752] pid_revalidate+0x91/0xd0 [ 74.124979][ T7752] lookup_fast+0x6f2/0x700 [ 74.125008][ T7752] walk_component+0x6d/0xe80 [ 74.159366][ T7752] ? __tsan_read8+0x2c/0x30 [ 74.161266][ T7755] loop3: p33 start 327680 is beyond EOD, truncated [ 74.163873][ T7752] ? security_inode_permission+0xa5/0xc0 [ 74.163904][ T7752] link_path_walk.part.0+0x5d3/0xa90 [ 74.181280][ T7752] path_openat+0x14f/0x36e0 [ 74.185787][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.191417][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.197044][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.201716][ T7755] loop3: p34 start 327680 is beyond EOD, truncated [ 74.202807][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.209292][ T7755] loop3: p35 start 327680 is beyond EOD, truncated [ 74.214900][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.214913][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.214925][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.214941][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.214958][ T7752] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 74.215000][ T7752] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 74.255668][ T7752] do_filp_open+0x11e/0x1b0 [ 74.260177][ T7752] ? __alloc_fd+0x316/0x4c0 [ 74.264781][ T7752] do_sys_open+0x3b3/0x4f0 [ 74.265584][ T7755] loop3: p36 start 327680 is beyond EOD, truncated [ 74.269212][ T7752] __x64_sys_open+0x55/0x70 [ 74.269241][ T7752] do_syscall_64+0xcc/0x370 [ 74.275882][ T7755] loop3: p37 start 327680 is beyond EOD, truncated [ 74.280214][ T7752] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.280237][ T7752] RIP: 0033:0x7f1b90f70120 [ 74.301873][ T7752] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 74.305626][ T7755] loop3: p38 start 327680 is beyond EOD, truncated [ 74.321570][ T7752] RSP: 002b:00007ffc6f3fccd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 74.321585][ T7752] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007f1b90f70120 [ 74.321594][ T7752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f1b9143ed00 [ 74.321602][ T7752] RBP: 0000000000001000 R08: 0000000000000000 R09: 00007f1b9123857b [ 74.321610][ T7752] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1b9143dd00 [ 74.321618][ T7752] R13: 0000000000000020 R14: 0000000000000005 R15: 0000000000000000 [ 74.323426][ T7752] Kernel Offset: disabled [ 74.382674][ T7752] Rebooting in 86400 seconds..