last executing test programs: 1.323984973s ago: executing program 0 (id=9617): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@minixdf}, {@debug}, {@lazytime}, {@noauto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, 0x0, 0x0) 1.159189942s ago: executing program 0 (id=9631): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x50}]}}}]}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x24040800}, 0x0) 1.055971058s ago: executing program 0 (id=9624): bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="190000000400000008"], 0x50) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000240)="02000000", 0x4}], 0x10000000000000a3, 0x0, 0x0) 964.630274ms ago: executing program 0 (id=9628): io_setup(0x23, &(0x7f0000000280)=0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 842.023661ms ago: executing program 0 (id=9637): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x8, 0x0, @loopback, 0x20}, {0xa, 0x0, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x1c}}, r1, 0x99d}}, 0x48) 798.600213ms ago: executing program 0 (id=9640): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x9, 0x4, 0x0, 0x0, 0x80000000) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000)=0x1, 0x0) 649.138042ms ago: executing program 2 (id=9647): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @remote}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000}) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000840)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x44, @remote}, {0x2, 0x4e2f, @broadcast}, 0x34, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)='lo\x00', 0xffffffff}) 546.847118ms ago: executing program 2 (id=9662): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)={0x24, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @nested={0x4, 0x1d}]}, 0x24}], 0x1, 0x0, 0x0, 0x8001}, 0x0) 486.733872ms ago: executing program 2 (id=9653): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000001c0)={@mcast1, 0x8000000, 0x2, 0x1, 0x0, 0x0, 0x4}, 0x20) 470.236042ms ago: executing program 2 (id=9654): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r0, 0xc0245720, &(0x7f0000000140)={0x1}) 420.875805ms ago: executing program 3 (id=9659): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) ioprio_set$pid(0x2, 0x0, 0x2007) syz_clone3(&(0x7f0000000380)={0x2140080, 0x0, 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 414.731045ms ago: executing program 2 (id=9660): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000000)) 361.252079ms ago: executing program 3 (id=9665): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f00000000c0)="3e29de0f60f09caa268cea662ab81f7dda4db30e31a9a7e558705ce6bd1592b910898a93247706e2a701a3b14bdc5e53bd277a9de89a9aa5ea277b4c6254640000006594803448a5730d50b05d7440a97a0d1942c7adb95837410c8674e0b549814d222919e047c0d847b8023570dfa2a97cfe1f1f491d99cd225b06948a9079af1aeea78ed1d599a1dda104963f86d2dcba6a4b5bd19ecf01221c4e7134a12625e429157bc0febd912fc64ad847663abfb23636519c7fba142870ceef32b2ef8c5605ad26c702a469c1630d913baa834233580687ee97400281d3466e3dd89359326284709d823f7ee934b2069a2f80967e007c3d6fdab89404262ac3dfba7b4f36a0200c10cf69a8d20c5639e13b570cdd718c07ab59d144ddfc5f3bbfa77ce3c4cf425def3d930b0e9e4bd27899d0fe0ac651a2055788af0a05d82c2f5b3b4a91de7b85e2b0cb799bd9897f6a7709befeddeb49fc332fdc8f8ee72603000000000000001ae2820a63e56d078adc994e00"/382, 0xfffffcfb) shutdown(r0, 0x2) 354.046229ms ago: executing program 2 (id=9666): r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ppoll(&(0x7f0000000100)=[{r0, 0x10}], 0x1, 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000000580)={0x2020}, 0x2020) 314.115701ms ago: executing program 4 (id=9667): r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0xb59f) write$binfmt_script(r0, 0x0, 0x0) 261.664834ms ago: executing program 4 (id=9678): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000000)) 252.450515ms ago: executing program 3 (id=9669): r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000000340)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24) write$cgroup_subtree(r0, 0x0, 0x7) 214.364688ms ago: executing program 3 (id=9670): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x8, 0x0, @loopback, 0x20}, {0xa, 0x0, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x1c}}, r1, 0x99d}}, 0x48) 211.090397ms ago: executing program 1 (id=9681): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) 128.083543ms ago: executing program 1 (id=9671): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x1f, 0x15, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3f}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 127.972712ms ago: executing program 4 (id=9672): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r0, 0xc0245720, &(0x7f0000000140)={0x1}) 127.141823ms ago: executing program 3 (id=9673): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0x5411, 0x1000000000000) 126.206863ms ago: executing program 1 (id=9684): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000000)) 111.839423ms ago: executing program 4 (id=9674): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="57010000000000000000000000000800050000000000080008000000000008000400ac1414000800020001000000080001"], 0x4c}}, 0x0) 100.236824ms ago: executing program 1 (id=9675): r0 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x40000000}, &(0x7f0000000380)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_SYMLINKAT={0x26, 0x40, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00'}) io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0) 51.344506ms ago: executing program 4 (id=9676): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) ioprio_set$pid(0x2, 0x0, 0x2007) syz_clone3(&(0x7f0000000380)={0x2140080, 0x0, 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 50.158227ms ago: executing program 1 (id=9689): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={0xffffffffffffffff}, 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r1, 0x3fc}}, 0x48) 49.236487ms ago: executing program 3 (id=9677): r0 = gettid() r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp(r1, r0, 0xde6c8001d5ed5ea6, 0xffffffffffffffff, 0xffffffffffffffff) 1.08462ms ago: executing program 1 (id=9679): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000680)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100cc9a, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0x1, 0x2af, &(0x7f0000000240)="$eJzs3UFr1E4Yx/HfJNvt/v8tNbYVQTxVBU+lrRcRRJF9B148idrdQnGpoBXUi9Vz8eCxd9+CL8KTeBa8efIFFDxEZpI0yW6S3XbZxq3fD3TJJvMk83SyyTwLSwTgn3Wv/ePTjZ/2z0i+fKkpyZPUkhqSLuhi6+XO7vZur9up2pHvIuyfURRpBtps7nSLQm2ci4gF9l1D85l1zeIgjKv1/dghPv/8s8eEYRgWrPek2exon5WR36u7AzUzhzrUbN29AADUzc3+o4m/L/nz8fzd86Rr8W3fbk/v/9N7A/0dRuruR63c/f+VFpLKKzR2fM+5TWm950o4u91LqsTKnXrFq5vxNj/XgWFVpeuL99/Wdq+7uvms1/H0XndimWbL7rWTP3i2t+8Gd71SUJtWGCn3I28zJ9acy2HG5rBR0v+l8Y/ozJRu6RsV88V8NQ9NoAN13PhbjdDYYXIjFfSNVNT/NeWL9AyXZRC1KsnyvIu+lC/kK7P01deNrGa8z0Y2+SDtZ0XUYl8WUXbrQ6KWCqM2hkQt90elZ3N55KSZD+aBWdEvfVb7aPztWeJHl/rhn0zbxrWMz4zKfBquZeDuJ/Gnbu9yYcuSqwcmYl9PdFMLL16/efq41+s+Z2G0heQ6+7f050QLyUlw6kf33cJHSXXkvr96e8um7dYonuJO9KAazNTXiOGNcY6e3HdO3vkarkk4demgHzOweCqI6eO5r/9d/ZepV9bcZM2+BBXz9KFFdGaP6yW1waJ7/b+8gssx7quHufIKbtSa68p16WrJEdsHA7sN4n5OtbtKvsIxbX3To8z8HwAAAAAAAAAAAAAAAAAAAFNhvJ83hGH684aWyhrXnSMAAAAAAAAAAAAAAAAAAAAAANNu8Pm/ulXr83/vK3qXf/4vgAn4EwAA////Xngs") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.swap.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) 0s ago: executing program 4 (id=9680): ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f0000000140)={'ip6gre0\x00', 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, @remote, @loopback={0x0, 0xffff888101827518}, 0x0, 0x40}}) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_sset_info={0x37, 0x9, 0x10000}}) kernel console output (not intermixed with test programs): y bread(block 68) failed [ 141.591317][T17169] FAT-fs (loop1): Directory bread(block 69) failed [ 141.592393][T17169] FAT-fs (loop1): Directory bread(block 70) failed [ 141.594801][T17176] loop3: detected capacity change from 0 to 4096 [ 141.604244][T17176] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 141.604561][T17169] FAT-fs (loop1): Directory bread(block 71) failed [ 141.606668][T17169] FAT-fs (loop1): Directory bread(block 72) failed [ 141.608765][T17169] FAT-fs (loop1): Directory bread(block 73) failed [ 141.830928][T17210] loop2: detected capacity change from 0 to 64 [ 141.876771][T17217] netlink: 'syz.4.5923': attribute type 13 has an invalid length. [ 141.882398][T17217] syz_tun: refused to change device tx_queue_len [ 141.886840][T17217] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 142.048965][T17240] loop0: detected capacity change from 0 to 2048 [ 142.075988][T17240] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.120993][T17253] xt_cgroup: xt_cgroup: no path or classid specified [ 142.268420][T17277] loop2: detected capacity change from 0 to 512 [ 142.281581][T17277] EXT2-fs (loop2): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 142.292758][T17277] EXT2-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 142.298094][T17277] EXT2-fs (loop2): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c] [ 142.418886][T17295] virtio-fs: tag not found [ 142.451978][T17301] xt_hashlimit: size too large, truncated to 1048576 [ 142.617749][T17318] loop4: detected capacity change from 0 to 128 [ 142.637694][T17318] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 142.652050][T17318] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #2: comm syz.4.5970: No space for directory leaf checksum. Please run e2fsck -D. [ 142.656627][T17318] EXT4-fs error (device loop4): __ext4_find_entry:1696: inode #2: comm syz.4.5970: checksumming directory block 0 [ 142.686968][T17300] loop3: detected capacity change from 0 to 32768 [ 142.689309][ T4329] EXT4-fs (loop4): unmounting filesystem. [ 142.710241][T17300] find_entry called with index = 0 [ 142.717792][T17300] read_mapping_page failed! [ 142.718560][T17300] ERROR: (device loop3): txAbort: [ 142.718560][T17300] [ 142.725597][T17300] ERROR: (device loop3): remounting filesystem as read-only [ 142.761470][ T4328] ERROR: (device loop3): diFree: numfree > numinos [ 142.761470][ T4328] [ 142.861737][T17339] Cannot find set identified by id 0 to match [ 142.956883][T17356] IPv6: Can't replace route, no match found [ 143.046661][T17373] loop3: detected capacity change from 0 to 128 [ 143.094450][T17373] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 143.113907][T17373] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.5997: No space for directory leaf checksum. Please run e2fsck -D. [ 143.116237][T17373] EXT4-fs error (device loop3): __ext4_find_entry:1696: inode #2: comm syz.3.5997: checksumming directory block 0 [ 143.166392][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 143.288315][T17406] __nla_validate_parse: 5 callbacks suppressed [ 143.288327][T17406] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6012'. [ 143.698859][T17471] 9pnet: Found fid 0 not clunked [ 143.774052][T17480] netlink: 'syz.0.6046': attribute type 1 has an invalid length. [ 143.888804][T17499] Soft offlining pfn 0x1482c9 at process virtual address 0x204c9000 [ 143.914883][T17499] Memory failure: 0x1482c9: unhandlable page. [ 143.943479][T17506] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6062'. [ 143.958870][T17509] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6063'. [ 144.213986][T17546] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6082'. [ 144.393027][T17572] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6093'. [ 144.427178][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 144.427188][ T27] audit: type=1800 audit(32776.188:138): pid=17558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.6087" name="/" dev="sockfs" ino=70687 res=0 errno=0 [ 144.657958][T17588] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 144.677863][T17588] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 144.692200][T17588] (syz.3.6099,17588,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0 [ 144.713963][T17588] (syz.3.6099,17588,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 144.715326][T17588] (syz.3.6099,17588,0):ocfs2_mknod:298 ERROR: status = -2 [ 144.716466][T17588] (syz.3.6099,17588,0):ocfs2_mknod:502 ERROR: status = -2 [ 144.717571][T17588] (syz.3.6099,17588,0):ocfs2_mkdir:659 ERROR: status = -2 [ 144.743029][ T4328] ocfs2: Unmounting device (7,3) on (node local) [ 145.048177][T17651] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6124'. [ 145.139160][T17664] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 145.225450][T17675] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.598862][T17677] gfs2: fsid=([{{{+: Trying to join cluster "lock_nolock", "([{{{+" [ 145.613652][T17677] gfs2: fsid=([{{{+: Now mounting FS (format 0)... [ 145.625397][T17677] gfs2: Invalid block size shift [ 145.626167][T17677] gfs2: fsid=([{{{+: can't read superblock: -22 [ 145.646763][T17734] device netdevsim0 entered promiscuous mode [ 145.710996][T17741] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6169'. [ 145.743707][T17745] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 145.744746][T17745] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 145.753430][T17745] vhci_hcd vhci_hcd.0: Device attached [ 145.756438][T17746] usbip_core: unknown command [ 145.757124][T17746] vhci_hcd: unknown pdu 0 [ 145.757746][T17746] usbip_core: unknown command [ 145.758620][ T7299] vhci_hcd: stop threads [ 145.759334][ T7299] vhci_hcd: release socket [ 145.760126][ T7299] vhci_hcd: disconnect device [ 145.786224][T17753] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 145.960594][T17738] XFS (loop4): Mounting V5 Filesystem [ 146.013781][T17738] XFS (loop4): Ending clean mount [ 146.018762][T17738] XFS (loop4): Quotacheck needed: Please wait. [ 146.044120][T17738] XFS (loop4): Quotacheck: Done. [ 146.096267][ T4329] XFS (loop4): Unmounting Filesystem [ 146.134008][T17757] set_capacity_and_notify: 6 callbacks suppressed [ 146.134018][T17757] loop2: detected capacity change from 0 to 32768 [ 146.161727][T17757] JBD2: Ignoring recovery information on journal [ 146.181069][T17791] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6190'. [ 146.216841][T17757] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 146.230621][T17757] OCFS2: ERROR (device loop2): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 146.230667][T17757] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 146.241135][T17757] OCFS2: File system is now read-only. [ 146.242030][T17757] (syz.2.6176,17757,1):ocfs2_setattr:1299 ERROR: status = -117 [ 146.308424][T17804] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6195'. [ 146.342449][ T4320] ocfs2: Unmounting device (7,2) on (node local) [ 146.451331][T17821] netlink: 'syz.2.6202': attribute type 1 has an invalid length. [ 146.598729][T17847] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6216'. [ 146.608806][T17845] 8021q: adding VLAN 0 to HW filter on device bond2 [ 146.645537][T17852] loop4: detected capacity change from 0 to 8 [ 146.685871][T17852] SQUASHFS error: Unable to read inode 0xe3 [ 146.689140][T17858] No such timeout policy "syz0" [ 146.697938][T17860] loop3: detected capacity change from 0 to 256 [ 146.699312][T17860] exfat: Deprecated parameter 'namecase' [ 146.700248][T17860] exfat: Deprecated parameter 'utf8' [ 146.721332][T17860] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 146.796462][T17860] fuse: Bad value for 'fd' [ 147.103467][T17927] random: crng reseeded on system resumption [ 147.307391][T17948] netlink: 'syz.4.6258': attribute type 1 has an invalid length. [ 147.309598][T17906] loop2: detected capacity change from 0 to 40427 [ 147.335826][T17906] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 147.338688][T17906] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 147.342137][T17906] F2FS-fs (loop2): invalid crc value [ 147.355194][T17906] F2FS-fs (loop2): Found nat_bits in checkpoint [ 147.376328][T17925] loop3: detected capacity change from 0 to 32768 [ 147.378248][T17906] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 147.379489][T17906] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 147.421070][T17906] syz.2.6242: attempt to access beyond end of device [ 147.421070][T17906] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 147.491780][T17983] loop0: detected capacity change from 0 to 1024 [ 147.512776][T17987] device netdevsim0 left promiscuous mode [ 147.516236][T17987] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 148.044535][T18091] loop0: detected capacity change from 0 to 8 [ 148.067466][T18049] loop1: detected capacity change from 0 to 32768 [ 148.122518][T18049] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 148.142151][T18114] autofs4:pid:18114:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 148.194246][T18049] OCFS2: ERROR (device loop1): int ocfs2_reserve_suballoc_bits(struct ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 74 [ 148.197263][T18049] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 148.198731][T18049] OCFS2: Returning error to the calling process. [ 148.199694][T18049] (syz.1.6288,18049,1):ocfs2_reserve_suballoc_bits:850 ERROR: status = -5 [ 148.200964][T18049] (syz.1.6288,18049,1):ocfs2_reserve_new_inode:1091 ERROR: status = -5 [ 148.202274][T18049] (syz.1.6288,18049,1):ocfs2_reserve_new_inode:1114 ERROR: status = -5 [ 148.206427][T18125] block device autoloading is deprecated and will be removed. [ 148.233428][T18049] (syz.1.6288,18049,0):ocfs2_symlink:1871 ERROR: status = -5 [ 148.234691][T18049] (syz.1.6288,18049,0):ocfs2_symlink:2065 ERROR: status = -5 [ 148.312358][ T4321] ocfs2: Unmounting device (7,1) on (node local) [ 148.366240][T18158] cgroup: none used incorrectly [ 148.473970][T18181] tmpfs: Bad value for 'mpol' [ 148.596920][T18192] loop1: detected capacity change from 0 to 4096 [ 148.600085][T18192] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 148.601831][T18192] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 148.604191][T18192] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 148.605928][T18192] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 148.607967][T18192] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 148.623569][T18192] ntfs: volume version 3.1. [ 148.627564][T18192] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 148.635991][T18192] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 148.638112][T18192] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 148.639600][T18192] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 148.692498][T18232] __nla_validate_parse: 5 callbacks suppressed [ 148.692510][T18232] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6345'. [ 149.090860][T18313] loop0: detected capacity change from 0 to 4096 [ 149.112465][T18313] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 149.147390][ T4319] ntfs3: loop0: ntfs_sync_fs r=9 failed, -22. [ 149.149832][ T4319] ntfs3: loop0: ntfs_evict_inode r=9 failed, -22. [ 149.392436][T18355] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 149.396470][T18355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 149.464944][T18365] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6378'. [ 149.466468][T18365] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6378'. [ 149.713322][T18270] F2FS-fs (loop1): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 149.714695][T18270] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 149.720967][T18270] F2FS-fs (loop1): invalid crc value [ 149.747579][T18270] F2FS-fs (loop1): Found nat_bits in checkpoint [ 149.771580][T18270] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 149.772739][T18270] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 149.780575][T18270] fscrypt (loop1, inode 8): Error -61 getting encryption context [ 150.222076][T18450] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 150.249203][T18450] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 150.250759][T18450] FAT-fs (loop2): Filesystem has been set read-only [ 150.282161][ T4320] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 150.350130][T18474] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 150.451698][T18494] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 150.528152][T18502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6424'. [ 150.690493][T18518] cgroup: name respecified [ 150.871206][T18534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6436'. [ 151.066641][T18558] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 151.093720][T18558] UDF-fs: error (device loop2): udf_read_inode: (ino 19) failed ident=264 [ 151.401972][T18609] random: crng reseeded on system resumption [ 151.433828][T18614] overlayfs: conflicting options: nfs_export=on,index=off [ 151.499500][T18628] netlink: 2 bytes leftover after parsing attributes in process `syz.4.6466'. [ 151.598315][T18630] set_capacity_and_notify: 6 callbacks suppressed [ 151.598324][T18630] loop2: detected capacity change from 0 to 4096 [ 151.647549][T18649] delete_channel: no stack [ 151.900556][T18692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6487'. [ 151.902026][T18692] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6487'. [ 151.920104][T18692] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6487'. [ 152.086972][T18714] loop4: detected capacity change from 0 to 2048 [ 152.126157][T18723] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 152.214217][T18714] NILFS (loop4): error -2 truncating bmap (ino=16) [ 152.235839][T18739] loop1: detected capacity change from 0 to 128 [ 152.241019][T18739] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 152.250482][T18739] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.509292][T18777] loop1: detected capacity change from 0 to 512 [ 152.530783][T18777] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 152.532344][T18777] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 152.535967][T18777] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 152.547149][T18777] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 152.548451][T18777] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e11c, mo2=0000] [ 152.550020][T18777] EXT4-fs (loop1): orphan cleanup on readonly fs [ 152.558608][T18786] ieee802154 phy0 wpan0: encryption failed: -22 [ 152.564463][T18777] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.6516: bg 0: block 34: padding at end of block bitmap is not set [ 152.570856][T18636] loop3: detected capacity change from 0 to 131072 [ 152.579550][T18636] F2FS-fs (loop3): Invalid segment/section count (31, 24 x 150994945) [ 152.580832][T18636] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 152.582650][T18777] __quota_error: 7 callbacks suppressed [ 152.582660][T18777] Quota error (device loop1): write_blk: dquota write failed [ 152.591993][T18777] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 152.594311][T18777] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.6516: Failed to acquire dquot type 1 [ 152.600987][T18793] netlink: 80 bytes leftover after parsing attributes in process `syz.2.6520'. [ 152.603873][T18636] F2FS-fs (loop3): invalid crc value [ 152.605653][T18777] EXT4-fs (loop1): 1 truncate cleaned up [ 152.607682][T18777] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 152.639342][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 152.647394][T18636] F2FS-fs (loop3): Found nat_bits in checkpoint [ 152.677212][T18636] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 152.678326][T18636] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 152.711593][T18636] F2FS-fs (loop3): sanity_check_inode: corrupted inode footer i_ino=8, ino,nid: [10986248, 8] run fsck to fix. [ 152.774933][T18826] loop1: detected capacity change from 0 to 1024 [ 152.832801][T18826] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.6529: lblock 2 mapped to illegal pblock 2 (length 1) [ 152.846186][T18826] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 152.858601][T18826] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.6529: lblock 0 mapped to illegal pblock 48 (length 1) [ 152.866547][T18826] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 152.867874][T18826] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.6529: Failed to acquire dquot type 0 [ 152.886695][T18841] netlink: 'syz.0.6534': attribute type 1 has an invalid length. [ 152.887935][T18841] netlink: 'syz.0.6534': attribute type 3 has an invalid length. [ 152.900974][T18826] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 152.914978][T18826] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.6529: mark_inode_dirty error [ 152.918820][T18849] loop3: detected capacity change from 0 to 16 [ 152.921014][T18826] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 152.933555][T18849] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 152.936453][T18826] EXT4-fs (loop1): 1 orphan inode deleted [ 152.956598][T18826] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 152.962123][ T55] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 152.969216][ T55] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 152.970582][ T55] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:3: Failed to release dquot type 0 [ 153.055548][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 153.056710][ T9] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 153.059261][ T9] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 153.060671][ T9] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:0: Failed to release dquot type 0 [ 153.073825][ T4321] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 153.076074][ T4321] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 153.077603][ T4321] EXT4-fs error (device loop1): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error [ 153.551812][T18929] kAFS: unable to lookup cell '(,c' [ 153.606840][T18919] loop3: detected capacity change from 0 to 32768 [ 153.627508][T18919] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 153.628802][T18919] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 153.639699][T18919] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 153.646313][T13356] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 153.646324][T18940] loop1: detected capacity change from 0 to 256 [ 153.647331][T13356] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 153.676428][T18940] FAT-fs (loop1): Directory bread(block 64) failed [ 153.677521][T18940] FAT-fs (loop1): Directory bread(block 65) failed [ 153.678609][T18940] FAT-fs (loop1): Directory bread(block 66) failed [ 153.678701][T13356] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 31ms [ 153.679659][T18940] FAT-fs (loop1): Directory bread(block 67) failed [ 153.692757][T13356] gfs2: fsid=syz:syz.0: jid=0: Done [ 153.694279][T18940] FAT-fs (loop1): Directory bread(block 68) failed [ 153.695341][T18940] FAT-fs (loop1): Directory bread(block 69) failed [ 153.696352][T18940] FAT-fs (loop1): Directory bread(block 70) failed [ 153.697370][T18940] FAT-fs (loop1): Directory bread(block 71) failed [ 153.697679][T18919] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 153.698385][T18940] FAT-fs (loop1): Directory bread(block 72) failed [ 153.700498][T18940] FAT-fs (loop1): Directory bread(block 73) failed [ 153.816129][T18919] gfs2: fsid=syz:syz.0: found 1 quota changes [ 153.896982][ T4328] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485 [ 153.899241][ T4328] CPU: 0 PID: 4328 Comm: syz-executor Not tainted syzkaller #0 [ 153.900433][ T4328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 153.902006][ T4328] Call trace: [ 153.902510][ T4328] dump_backtrace+0x1c0/0x1ec [ 153.903218][ T4328] show_stack+0x2c/0x3c [ 153.903899][ T4328] __dump_stack+0x30/0x40 [ 153.904557][ T4328] dump_stack_lvl+0xf4/0x15c [ 153.905305][ T4328] dump_stack+0x1c/0x5c [ 153.906003][ T4328] gfs2_assert_warn_i+0x16c/0x26c [ 153.906770][ T4328] gfs2_quota_cleanup+0x464/0x668 [ 153.907580][ T4328] gfs2_make_fs_ro+0x368/0x438 [ 153.908315][ T4328] gfs2_put_super+0x1e0/0x760 [ 153.909067][ T4328] generic_shutdown_super+0x130/0x324 [ 153.909872][ T4328] kill_block_super+0x70/0xdc [ 153.910582][ T4328] gfs2_kill_sb+0xc0/0xd4 [ 153.911314][ T4328] deactivate_locked_super+0xac/0x120 [ 153.912145][ T4328] deactivate_super+0xe4/0x104 [ 153.912958][ T4328] cleanup_mnt+0x390/0x418 [ 153.913644][ T4328] __cleanup_mnt+0x20/0x30 [ 153.914360][ T4328] task_work_run+0x1ec/0x278 [ 153.915086][ T4328] do_notify_resume+0x1fa0/0x2aa4 [ 153.915854][ T4328] el0_svc+0x98/0x128 [ 153.916451][ T4328] el0t_64_sync_handler+0x84/0xf0 [ 153.917254][ T4328] el0t_64_sync+0x18c/0x190 [ 153.972865][T18969] __nla_validate_parse: 2 callbacks suppressed [ 153.972878][T18969] netlink: 220 bytes leftover after parsing attributes in process `syz.0.6572'. [ 153.980065][T18969] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6572'. [ 154.058139][T18915] loop4: detected capacity change from 0 to 131072 [ 154.076653][T18915] F2FS-fs (loop4): invalid crc value [ 154.098043][T18915] F2FS-fs (loop4): Found nat_bits in checkpoint [ 154.117599][T18915] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 154.130980][T18999] xt_TCPMSS: Only works on TCP SYN packets [ 154.141536][T18915] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=ffffffff, run fsck to fix. [ 154.146516][T18915] F2FS-fs (loop4): sanity_check_inode: inode (ino=4) has corrupted i_xattr_nid: 4294967295, run fsck to fix. [ 154.177140][T19001] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 154.200121][T19011] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6581'. [ 154.212683][T19011] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6581'. [ 154.228116][T19011] device vlan0 entered promiscuous mode [ 154.277939][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 154.304382][T19022] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6587'. [ 154.440344][T19046] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6597'. [ 154.601738][T19061] infiniband !yz!: set active [ 154.609090][T19073] netlink: 'syz.2.6607': attribute type 1 has an invalid length. [ 154.610647][T19073] netlink: 220 bytes leftover after parsing attributes in process `syz.2.6607'. [ 154.629797][T19061] infiniband !yz!: added team_slave_0 [ 154.667399][T19061] RDS/IB: !yz!: added [ 154.668224][T19061] smc: adding ib device !yz! with port count 1 [ 154.668768][T19030] XFS (loop0): Mounting V5 Filesystem [ 154.669214][T19061] smc: ib device !yz! port 1 has pnetid [ 154.739932][T19030] XFS (loop0): Ending clean mount [ 154.741565][T19030] XFS (loop0): Quotacheck needed: Please wait. [ 154.780753][T19030] XFS (loop0): Quotacheck: Done. [ 154.794841][T19103] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 154.832747][T19103] EXT4-fs error (device loop1): ext4_empty_dir:3154: inode #12: block 80: comm syz.1.6610: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 154.843085][T19103] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz.1.6610: directory missing '..' [ 154.905487][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 154.926086][ T4319] XFS (loop0): Unmounting Filesystem [ 154.954192][T19119] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 154.959513][T19119] EXT4-fs (loop3): Remounting filesystem read-only [ 154.961029][T19119] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.6615: invalid indirect mapped block 4278190080 (level 0) [ 154.980018][T19119] EXT4-fs (loop3): Remounting filesystem read-only [ 154.981134][T19119] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.6615: invalid indirect mapped block 1 (level 1) [ 154.985130][T19125] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 155.002381][T19119] EXT4-fs (loop3): Remounting filesystem read-only [ 155.007432][T19119] EXT4-fs (loop3): 1 truncate cleaned up [ 155.008379][T19119] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 155.019468][T19125] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 155.066669][T19119] EXT4-fs error (device loop3): ext4_iget_extra_inode:4756: inode #15: comm syz.3.6615: corrupted in-inode xattr [ 155.071932][T19119] EXT4-fs (loop3): Remounting filesystem read-only [ 155.086535][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 155.205626][T19152] netlink: 'syz.4.6625': attribute type 1 has an invalid length. [ 155.246080][T19160] futex_wake_op: syz.2.6627 tries to shift op by 32; fix this program [ 155.335276][T19174] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 155.342827][T19182] xt_CONNSECMARK: invalid mode: 0 [ 155.346126][T19174] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 155.580105][T19222] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 55946 - 0 [ 155.588931][T19222] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 55946 - 0 [ 155.590331][T19222] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 55946 - 0 [ 155.591707][T19222] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 55946 - 0 [ 155.609587][T19222] device geneve2 entered promiscuous mode [ 155.667101][T19234] ipt_REJECT: TCP_RESET invalid for non-tcp [ 156.018233][T19301] netlink: 'syz.2.6674': attribute type 30 has an invalid length. [ 156.177571][T19335] xt_TCPMSS: Only works on TCP SYN packets [ 156.319332][T19364] netlink: 'syz.2.6692': attribute type 1 has an invalid length. [ 156.320630][T19364] netlink: 232 bytes leftover after parsing attributes in process `syz.2.6692'. [ 156.488427][T19395] device bond1 entered promiscuous mode [ 156.489718][T19395] 8021q: adding VLAN 0 to HW filter on device bond1 [ 156.504980][T19387] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 156.560053][T19441] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.6706'. [ 156.594674][ T4320] EXT4-fs (loop2): unmounting filesystem. [ 156.665233][T19462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6714'. [ 156.801262][T19485] netlink: 'syz.2.6723': attribute type 3 has an invalid length. [ 156.852140][T19501] set_capacity_and_notify: 8 callbacks suppressed [ 156.852150][T19501] loop0: detected capacity change from 0 to 256 [ 156.860271][T19501] FAT-fs (loop0): Directory bread(block 64) failed [ 156.861312][T19501] FAT-fs (loop0): Directory bread(block 65) failed [ 156.862417][T19501] FAT-fs (loop0): Directory bread(block 66) failed [ 156.864258][T19501] FAT-fs (loop0): Directory bread(block 67) failed [ 156.865390][T19501] FAT-fs (loop0): Directory bread(block 68) failed [ 156.866447][T19501] FAT-fs (loop0): Directory bread(block 69) failed [ 156.867671][T19501] FAT-fs (loop0): Directory bread(block 70) failed [ 156.902663][T19501] FAT-fs (loop0): Directory bread(block 71) failed [ 156.904309][T19501] FAT-fs (loop0): Directory bread(block 72) failed [ 156.905326][T19501] FAT-fs (loop0): Directory bread(block 73) failed [ 157.022452][T19537] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 157.188829][T19570] netlink: 'syz.3.6749': attribute type 7 has an invalid length. [ 157.266789][T19532] loop0: detected capacity change from 0 to 32768 [ 157.273913][T19532] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 157.289306][T19585] loop4: detected capacity change from 0 to 256 [ 157.314389][T19585] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 157.318516][T19594] netlink: 'syz.3.6758': attribute type 2 has an invalid length. [ 157.327358][ T4313] I/O error, dev loop0, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 157.360772][ T7299] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 157.384965][T19602] cgroup: subsys name conflicts with all [ 157.406735][T19605] loop2: detected capacity change from 0 to 2048 [ 157.439892][T19612] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 157.500998][T19627] loop3: detected capacity change from 0 to 64 [ 157.645618][T19651] device geneve4 entered promiscuous mode [ 157.699296][T19611] loop1: detected capacity change from 0 to 32768 [ 157.715507][T19611] XFS (loop1): Mounting V5 Filesystem [ 157.820698][T19611] XFS (loop1): Ending clean mount [ 157.826743][T19611] XFS (loop1): Quotacheck needed: Please wait. [ 157.850603][T19611] XFS (loop1): Quotacheck: Done. [ 157.935491][ T4321] XFS (loop1): Unmounting Filesystem [ 157.960455][T19703] overlayfs: missing 'lowerdir' [ 158.081127][T19720] ieee802154 phy0 wpan0: encryption failed: -90 [ 158.179823][T19736] loop2: detected capacity change from 0 to 764 [ 158.190357][T19736] rock: directory entry would overflow storage [ 158.191345][T19736] rock: sig=0x4654, size=5, remaining=4 [ 158.200775][T19742] netlink: 'syz.4.6803': attribute type 3 has an invalid length. [ 158.436340][T19795] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 158.483793][T19794] loop4: detected capacity change from 0 to 4096 [ 158.494939][T19794] ntfs3: loop4: mft corrupted [ 158.495833][T19794] ntfs3: loop4: Failed to load $MFT. [ 158.560700][T19820] device ip6erspan0 entered promiscuous mode [ 158.691843][T19839] loop3: detected capacity change from 0 to 4096 [ 158.733319][ T47] Bluetooth: hci1: command 0x0406 tx timeout [ 158.734346][ T47] Bluetooth: hci2: command 0x0406 tx timeout [ 158.735380][ T47] Bluetooth: hci3: command 0x0406 tx timeout [ 158.752752][T19854] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 158.839931][T19864] x_tables: duplicate underflow at hook 2 [ 158.842694][T19865] loop1: detected capacity change from 0 to 128 [ 159.332546][T19947] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 159.339409][T19947] bond0: (slave lo): Error: Device can not be enslaved while up [ 159.384060][T19956] __nla_validate_parse: 11 callbacks suppressed [ 159.384073][T19956] netlink: 45 bytes leftover after parsing attributes in process `syz.1.6878'. [ 159.451928][T19968] xt_l2tp: invalid flags combination: 8 [ 159.481178][T19973] rock: directory entry would overflow storage [ 159.482293][T19973] rock: sig=0x4654, size=5, remaining=4 [ 159.499631][T19973] isofs: Unable to find the ".." directory for NFS. [ 159.592954][T19994] overlayfs: conflicting options: userxattr,redirect_dir=off [ 159.809743][T19848] F2FS-fs (loop2): invalid crc value [ 159.837230][T19848] F2FS-fs (loop2): Found nat_bits in checkpoint [ 159.859907][T20044] i2c i2c-0: Invalid block write size 34 [ 159.862555][T19848] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 159.883877][T19848] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=ffffffff, run fsck to fix. [ 159.896674][T19848] F2FS-fs (loop2): sanity_check_inode: inode (ino=4) has corrupted i_xattr_nid: 4294967295, run fsck to fix. [ 159.977491][T20068] Attempt to read inode for relocated directory [ 160.020111][T20080] netlink: 124 bytes leftover after parsing attributes in process `syz.3.6915'. [ 160.021438][T20080] netlink: 'syz.3.6915': attribute type 3 has an invalid length. [ 160.267564][T20118] bond0: (slave rose0): Enslaving as an active interface with an up link [ 160.474242][T20109] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 160.530664][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 160.622718][T20212] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6949'. [ 160.627572][T20212] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6949'. [ 160.629059][T20212] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6949'. [ 160.636498][T20212] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6949'. [ 160.644422][T20213] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 160.645692][T20213] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 160.649099][T20213] System zones: 0-1, 15-15, 18-18, 34-34 [ 160.650727][T20213] EXT4-fs (loop3): orphan cleanup on readonly fs [ 160.657634][T20213] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 160.676491][T20213] EXT4-fs warning (device loop3): ext4_enable_quotas:7087: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 160.678955][T20213] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 160.697422][T20213] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.6950: bg 0: block 40: padding at end of block bitmap is not set [ 160.709231][T20213] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6181: Corrupt filesystem [ 160.730910][T20213] EXT4-fs (loop3): 1 truncate cleaned up [ 160.744720][T20213] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 160.784567][T20213] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.6950: bad symlink. [ 160.883823][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 160.945706][T20243] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 160.971330][T20243] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 160.976379][T20248] device veth3 entered promiscuous mode [ 161.000388][T20207] XFS (loop0): Mounting V5 Filesystem [ 161.053157][T20207] XFS (loop0): Ending clean mount [ 161.062976][T20207] XFS (loop0): Quotacheck needed: Please wait. [ 161.084778][T20222] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 161.106062][T20207] XFS (loop0): Quotacheck: Done. [ 161.122476][T20222] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 161.161012][ T4319] XFS (loop0): Unmounting Filesystem [ 161.200141][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 161.532361][T20341] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 161.535490][T20341] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 161.536812][T20341] REISERFS (device loop1): using ordered data mode [ 161.537742][T20341] reiserfs: using flush barriers [ 161.545888][T20341] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 161.548456][T20341] REISERFS (device loop1): checking transaction log (loop1) [ 161.585469][T20341] REISERFS (device loop1): Using tea hash to sort names [ 161.587254][T20341] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 161.604291][T20373] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 161.759963][T20402] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6999'. [ 161.761531][T20402] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 161.762911][T20402] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 161.876647][T20411] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 161.901854][T20346] set_capacity_and_notify: 11 callbacks suppressed [ 161.901865][T20346] loop2: detected capacity change from 0 to 32768 [ 161.924270][T20346] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 161.925550][T20346] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 161.960291][T20346] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 161.962798][ T24] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 161.964775][ T24] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 161.993151][ T24] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 28ms [ 161.994534][ T24] gfs2: fsid=syz:syz.0: jid=0: Done [ 161.999537][T20346] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 162.036348][T20453] loop3: detected capacity change from 0 to 1024 [ 162.062531][T20453] hfsplus: keylen 65060 too large [ 162.092088][T20460] loop4: detected capacity change from 0 to 1024 [ 162.283641][T20493] loop4: detected capacity change from 0 to 4096 [ 162.289194][T20498] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7027'. [ 162.376125][ T4329] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22. [ 162.377189][ T4329] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 162.417877][T20521] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7032'. [ 162.495277][T20530] device ip6erspan0 entered promiscuous mode [ 162.580267][T20561] binder: 20559:20561 ioctl c00c620f 20000540 returned -22 [ 162.658052][T20579] loop2: detected capacity change from 0 to 512 [ 162.736888][T20588] device bond3 entered promiscuous mode [ 162.737914][T20588] 8021q: adding VLAN 0 to HW filter on device bond3 [ 162.963602][T20671] netlink: 'syz.2.7068': attribute type 48 has an invalid length. [ 162.991062][T20635] loop0: detected capacity change from 0 to 32768 [ 163.001388][T20635] ERROR: (device loop0): dbAlloc: the hint is outside the map [ 163.001388][T20635] [ 163.035248][T20681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7071'. [ 163.038607][ T55] read_mapping_page failed! [ 163.039674][ T55] ERROR: (device loop0): txAbort: [ 163.039674][ T55] [ 163.041048][ T55] jfs_write_inode: jfs_commit_inode failed! [ 163.249152][T20729] ieee802154 phy0 wpan0: encryption failed: -22 [ 163.444437][T20783] loop0: detected capacity change from 0 to 128 [ 163.447197][T20784] netlink: 'syz.3.7100': attribute type 1 has an invalid length. [ 163.448635][T20781] vhci_hcd: invalid port number 254 [ 163.449455][T20781] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub [ 163.457536][T20783] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 163.586137][T20805] netlink: 'syz.4.7111': attribute type 1 has an invalid length. [ 163.735675][T20838] loop1: detected capacity change from 0 to 512 [ 163.739273][T20839] sctp: [Deprecated]: syz.0.7122 (pid 20839) Use of int in max_burst socket option deprecated. [ 163.739273][T20839] Use struct sctp_assoc_value instead [ 163.766012][T20838] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 164.037098][T20884] xt_TCPMSS: Only works on TCP SYN packets [ 164.143093][T20852] loop2: detected capacity change from 0 to 40427 [ 164.158308][T20899] netlink: 'syz.0.7147': attribute type 21 has an invalid length. [ 164.161158][T20852] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 164.162219][T20852] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 164.190326][T20852] F2FS-fs (loop2): Found nat_bits in checkpoint [ 164.203673][T20852] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 164.206110][T20852] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 164.280012][T20917] loop3: detected capacity change from 0 to 1024 [ 164.291028][T20879] (syz.4.7136,20879,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 164.310796][T20879] (syz.4.7136,20879,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 164.319885][T20926] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.320903][T20926] ieee802154 phy0 wpan0: encryption failed: -22 [ 164.328177][T20879] JBD2: Ignoring recovery information on journal [ 164.342500][T20929] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 164.367567][T20879] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 164.558520][T20970] __nla_validate_parse: 6 callbacks suppressed [ 164.558532][T20970] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7172'. [ 164.576620][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 164.788961][T21022] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7187'. [ 164.974608][T21057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7202'. [ 164.989530][T21066] netlink: 'syz.0.7204': attribute type 21 has an invalid length. [ 164.990868][T21066] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7204'. [ 165.024942][T21070] netlink: 'syz.0.7206': attribute type 11 has an invalid length. [ 165.026184][T21070] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.7206'. [ 165.028722][T21074] netlink: 'syz.4.7207': attribute type 1 has an invalid length. [ 165.289169][T21123] netlink: 'syz.3.7222': attribute type 21 has an invalid length. [ 165.290531][T21123] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7222'. [ 165.482075][T21156] device wlan0 entered promiscuous mode [ 165.486046][T21156] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 165.538823][T21162] AppArmor: change_hat: Invalid input '0x0000000000' [ 165.591037][T21170] FAT-fs (loop4): Directory bread(block 64) failed [ 165.600422][T21170] FAT-fs (loop4): Directory bread(block 65) failed [ 165.601448][T21170] FAT-fs (loop4): Directory bread(block 66) failed [ 165.602539][T21170] FAT-fs (loop4): Directory bread(block 67) failed [ 165.608790][T21170] FAT-fs (loop4): Directory bread(block 68) failed [ 165.608819][T21170] FAT-fs (loop4): Directory bread(block 69) failed [ 165.608858][T21170] FAT-fs (loop4): Directory bread(block 70) failed [ 165.608874][T21170] FAT-fs (loop4): Directory bread(block 71) failed [ 165.608904][T21170] FAT-fs (loop4): Directory bread(block 72) failed [ 165.608918][T21170] FAT-fs (loop4): Directory bread(block 73) failed [ 165.715776][T21194] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 165.717032][T21194] IPv6: NLM_F_CREATE should be set when creating new route [ 165.717042][T21142] (syz.3.7227,21142,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 165.730821][T21142] (syz.3.7227,21142,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 165.767006][T21142] JBD2: Ignoring recovery information on journal [ 165.850731][T21142] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 165.994839][T21226] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7259'. [ 165.996529][T21226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7259'. [ 166.000316][ T4328] ocfs2: Unmounting device (7,3) on (node local) [ 166.042758][T21236] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7262'. [ 166.054080][T21236] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7262'. [ 166.250093][T21258] device batadv0 left promiscuous mode [ 166.291208][T21262] xt_recent: hitcount (512) is larger than allowed maximum (255) [ 166.329970][T21233] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 166.331232][T21233] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 166.332504][T21233] F2FS-fs (loop0): build fault injection attr: rate: 1, type: 0x3ffff [ 166.347735][T21233] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x1f8 [ 166.349524][T21233] F2FS-fs (loop0): invalid crc value [ 166.375936][T21233] F2FS-fs (loop0): Found nat_bits in checkpoint [ 166.400863][T21233] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 166.402155][T21233] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 166.417249][T21249] XFS: attr2 mount option is deprecated. [ 166.419908][T21233] F2FS-fs (loop0) : inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xf0/0xcf8 [ 166.483579][T21249] XFS (loop3): Mounting V5 Filesystem [ 166.531974][T21249] XFS (loop3): Ending clean mount [ 166.543058][T21249] XFS (loop3): Quotacheck needed: Please wait. [ 166.558507][T21308] xt_TPROXY: Can be used only with -p tcp or -p udp [ 166.574313][T21249] XFS (loop3): Quotacheck: Done. [ 166.646269][T21249] XFS: attr2 mount option is deprecated. [ 166.743461][ T4328] XFS (loop3): Unmounting Filesystem [ 167.236013][T21415] IPVS: set_ctl: invalid protocol: 135 172.30.0.1:20000 [ 167.374251][T21440] set_capacity_and_notify: 6 callbacks suppressed [ 167.374266][T21440] loop4: detected capacity change from 0 to 256 [ 167.403120][T21440] FAT-fs (loop4): Directory bread(block 64) failed [ 167.406993][T21440] FAT-fs (loop4): Directory bread(block 65) failed [ 167.407971][T21440] FAT-fs (loop4): Directory bread(block 66) failed [ 167.409003][T21440] FAT-fs (loop4): Directory bread(block 67) failed [ 167.409971][T21440] FAT-fs (loop4): Directory bread(block 68) failed [ 167.410942][T21440] FAT-fs (loop4): Directory bread(block 69) failed [ 167.421697][T21449] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 167.423945][T21440] FAT-fs (loop4): Directory bread(block 70) failed [ 167.425212][T21440] FAT-fs (loop4): Directory bread(block 71) failed [ 167.426237][T21440] FAT-fs (loop4): Directory bread(block 72) failed [ 167.436713][T21440] FAT-fs (loop4): Directory bread(block 73) failed [ 167.527071][T21472] loop1: detected capacity change from 0 to 256 [ 167.748478][T21516] x_tables: unsorted underflow at hook 1 [ 167.789294][T21525] netlink: 'syz.2.7365': attribute type 1 has an invalid length. [ 167.932818][T21557] ERROR: device name not specified. [ 167.948102][T21551] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 168.085292][T21578] loop4: detected capacity change from 0 to 1024 [ 168.090773][T21578] EXT4-fs: Ignoring removed bh option [ 168.092114][T21578] EXT4-fs: inline encryption not supported [ 168.106412][T21588] loop1: detected capacity change from 0 to 764 [ 168.131840][T21588] rock: directory entry would overflow storage [ 168.132790][T21588] rock: sig=0x4654, size=5, remaining=4 [ 168.138110][T21588] isofs: Unable to find the ".." directory for NFS. [ 168.150744][T21578] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 168.160965][T21578] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 2: comm syz.4.7386: lblock 2 mapped to illegal pblock 2 (length 1) [ 168.169026][T21578] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 168.170250][T21578] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 48: comm syz.4.7386: lblock 0 mapped to illegal pblock 48 (length 1) [ 168.176572][T21578] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 168.185840][T21578] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.7386: Failed to acquire dquot type 0 [ 168.187993][T21578] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 168.192047][T21578] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #11: comm syz.4.7386: mark_inode_dirty error [ 168.217804][T21578] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 168.219496][T21578] EXT4-fs (loop4): 1 orphan inode deleted [ 168.224139][T21578] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 168.233320][ T11] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 168.235718][ T11] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 168.237119][ T11] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:1: Failed to release dquot type 0 [ 168.263754][T21578] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 1: comm syz.4.7386: lblock 1 mapped to illegal pblock 1 (length 1) [ 168.280477][T21578] Quota error (device loop4): find_next_id: Can't read quota tree block 1 [ 168.331022][ T4329] EXT4-fs (loop4): unmounting filesystem. [ 168.332159][ T4329] EXT4-fs error (device loop4): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 168.340221][ T4329] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 168.351763][ T4329] EXT4-fs error (device loop4): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error [ 168.415814][T21648] loop2: detected capacity change from 0 to 1024 [ 168.457098][ T9] hfsplus: b-tree write err: -5, ino 4 [ 168.536988][T21674] tmpfs: Bad value for 'mpol' [ 168.552363][T21679] loop3: detected capacity change from 0 to 64 [ 168.615841][T21687] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 168.708979][T21704] netlink: 'syz.4.7426': attribute type 5 has an invalid length. [ 168.826271][T21729] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 168.973420][ T4330] Bluetooth: hci4: command 0x0406 tx timeout [ 169.016668][T21759] overlayfs: bad mount option "redirect_dir=off:/" [ 169.120770][T21786] loop0: detected capacity change from 0 to 64 [ 169.137496][T21782] device veth3 entered promiscuous mode [ 169.452174][T21865] loop1: detected capacity change from 0 to 512 [ 169.476763][T21865] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 169.478018][T21865] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 169.479243][T21865] System zones: 0-1, 15-15, 18-18, 34-34 [ 169.480470][T21865] EXT4-fs (loop1): orphan cleanup on readonly fs [ 169.481447][T21865] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 169.482865][T21865] EXT4-fs warning (device loop1): ext4_enable_quotas:7087: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 169.497541][T21865] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 169.499849][T21865] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.7473: bg 0: block 40: padding at end of block bitmap is not set [ 169.502180][T21865] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6181: Corrupt filesystem [ 169.522171][T21865] EXT4-fs (loop1): 1 truncate cleaned up [ 169.523144][T21865] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 169.541536][T21865] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.7473: bad symlink. [ 169.564442][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 169.572593][T21833] loop2: detected capacity change from 0 to 32768 [ 169.579276][T21842] loop0: detected capacity change from 0 to 32768 [ 169.586892][T21874] device veth3 entered promiscuous mode [ 169.602370][T21842] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 169.612483][T21842] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 169.637822][T21833] XFS (loop2): Mounting V5 Filesystem [ 169.711741][T21833] XFS (loop2): Ending clean mount [ 169.715888][T21833] XFS (loop2): Quotacheck needed: Please wait. [ 169.721039][ T4319] ocfs2: Unmounting device (7,0) on (node local) [ 169.765473][T21833] XFS (loop2): Quotacheck: Done. [ 169.851114][ T4320] XFS (loop2): Unmounting Filesystem [ 169.880176][T21948] __nla_validate_parse: 17 callbacks suppressed [ 169.880189][T21948] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7496'. [ 169.882795][T21948] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 169.909673][T21948] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 169.977916][T21958] device veth3 entered promiscuous mode [ 170.317706][T22035] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7509'. [ 170.319229][T22035] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 170.320829][T22035] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 170.395285][T22037] hfsplus: keylen 65060 too large [ 170.417945][T21997] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 170.515992][ T4321] ocfs2: Unmounting device (7,1) on (node local) [ 170.667478][T22014] XFS (loop3): Mounting V5 Filesystem [ 170.716142][T22014] XFS (loop3): Ending clean mount [ 170.727584][T22014] XFS (loop3): Quotacheck needed: Please wait. [ 170.768718][T22099] hfsplus: keylen 65060 too large [ 170.789191][T22014] XFS (loop3): Quotacheck: Done. [ 170.844590][ T4328] XFS (loop3): Unmounting Filesystem [ 170.894790][T22118] binder: 22117:22118 ioctl c00c620f 20000540 returned -22 [ 171.145454][T22161] device bond1 entered promiscuous mode [ 171.146597][T22161] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.202351][ T4320] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 171.209910][ T4320] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 171.259032][T22211] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7533'. [ 171.285901][T22209] binder: 22208:22209 ioctl c00c620f 20000540 returned -22 [ 171.516795][T22260] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 171.760006][T22250] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 171.760006][T22250] [ 171.790027][ T7299] read_mapping_page failed! [ 171.790709][ T7299] ERROR: (device loop2): txAbort: [ 171.790709][ T7299] [ 171.791829][ T7299] jfs_write_inode: jfs_commit_inode failed! [ 171.814144][T22312] ieee802154 phy0 wpan0: encryption failed: -22 [ 171.919997][T22333] netlink: 'syz.0.7604': attribute type 1 has an invalid length. [ 172.047176][T22353] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 172.097731][T22362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7599'. [ 172.099321][T22362] netlink: 'syz.1.7599': attribute type 1 has an invalid length. [ 172.100680][T22291] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 172.101968][T22291] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 172.132823][T22291] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 172.137485][T13356] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 172.138588][T13356] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 172.159983][T13356] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 21ms [ 172.161200][T13356] gfs2: fsid=syz:syz.0: jid=0: Done [ 172.162060][T22291] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 172.237078][T22390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7609'. [ 172.397350][T22411] ieee802154 phy0 wpan0: encryption failed: -22 [ 172.791012][T22495] vhci_hcd: invalid port number 254 [ 172.792089][T22496] ieee802154 phy0 wpan0: encryption failed: -22 [ 172.793133][T22496] ieee802154 phy0 wpan0: encryption failed: -22 [ 172.801032][T22495] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub [ 172.972676][T22535] set_capacity_and_notify: 10 callbacks suppressed [ 172.972686][T22535] loop4: detected capacity change from 0 to 1024 [ 173.043378][ T4493] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 173.053008][T22480] loop0: detected capacity change from 0 to 40427 [ 173.079326][T22480] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 173.096241][T22480] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 173.118972][T22480] F2FS-fs (loop0): Found nat_bits in checkpoint [ 173.133039][T22480] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 173.134423][T22480] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 173.310786][T22543] loop2: detected capacity change from 0 to 32768 [ 173.312969][T22543] (syz.2.7659,22543,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 173.330410][T22543] (syz.2.7659,22543,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 173.364679][T22586] netlink: 'syz.3.7672': attribute type 1 has an invalid length. [ 173.367066][T22543] JBD2: Ignoring recovery information on journal [ 173.467792][T22599] netlink: 80 bytes leftover after parsing attributes in process `syz.0.7678'. [ 173.487813][T22543] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 173.510948][T22604] netlink: 'syz.3.7682': attribute type 21 has an invalid length. [ 173.512295][T22604] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7682'. [ 173.576974][T22610] netlink: 'syz.3.7684': attribute type 11 has an invalid length. [ 173.582079][T22610] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.7684'. [ 173.590695][ T4320] ocfs2: Unmounting device (7,2) on (node local) [ 173.612043][T22598] loop4: detected capacity change from 0 to 40427 [ 173.617129][T22598] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 173.618158][T22598] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 173.642109][T22598] F2FS-fs (loop4): Found nat_bits in checkpoint [ 173.666216][T22598] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 173.667312][T22598] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 173.683499][T22625] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7688'. [ 173.838933][T22653] netlink: 'syz.1.7697': attribute type 21 has an invalid length. [ 173.840158][T22653] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7697'. [ 173.980118][T22680] netlink: 'syz.2.7706': attribute type 21 has an invalid length. [ 174.015681][T22682] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 174.064342][T22691] ieee802154 phy0 wpan0: encryption failed: -22 [ 174.065436][T22691] ieee802154 phy0 wpan0: encryption failed: -22 [ 174.152933][T22705] device wlan0 entered promiscuous mode [ 174.155193][T22705] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 174.208049][T22659] loop0: detected capacity change from 0 to 32768 [ 174.221080][T22659] (syz.0.7698,22659,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 174.235752][T22659] (syz.0.7698,22659,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 174.257521][T22659] JBD2: Ignoring recovery information on journal [ 174.342617][T22659] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 174.476281][ T4319] ocfs2: Unmounting device (7,0) on (node local) [ 174.594857][T22774] device batadv0 left promiscuous mode [ 174.649900][T22755] loop4: detected capacity change from 0 to 32768 [ 174.656912][T22755] (syz.4.7729,22755,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 174.672810][T22755] (syz.4.7729,22755,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 174.698262][T22755] JBD2: Ignoring recovery information on journal [ 174.770886][T22755] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 174.878628][T22817] xt_TPROXY: Can be used only with -p tcp or -p udp [ 174.954291][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 175.130702][T22863] __nla_validate_parse: 2 callbacks suppressed [ 175.130715][T22863] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.7772'. [ 175.172602][T22866] device erspan1 entered promiscuous mode [ 175.379739][T22870] loop2: detected capacity change from 0 to 32768 [ 175.403698][T22870] (syz.2.7774,22870,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 175.406515][T22870] (syz.2.7774,22870,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 175.428707][T22870] JBD2: Ignoring recovery information on journal [ 175.444050][T22869] loop4: detected capacity change from 0 to 32768 [ 175.445613][T22869] XFS: attr2 mount option is deprecated. [ 175.452397][T22903] device wlan0 entered promiscuous mode [ 175.455843][T22903] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 175.481018][T22870] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 175.500282][T22869] XFS (loop4): Mounting V5 Filesystem [ 175.566784][T22869] XFS (loop4): Ending clean mount [ 175.572904][T22869] XFS (loop4): Quotacheck needed: Please wait. [ 175.592779][T22869] XFS (loop4): Quotacheck: Done. [ 175.610247][T22869] XFS: attr2 mount option is deprecated. [ 175.629798][ T4320] ocfs2: Unmounting device (7,2) on (node local) [ 175.711815][T22948] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7795'. [ 175.714112][T22948] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7795'. [ 175.772951][T22962] IPVS: set_ctl: invalid protocol: 135 172.30.0.3:20000 [ 175.895494][T22949] loop3: detected capacity change from 0 to 40427 [ 175.901696][T22949] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 175.902954][T22949] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 175.905866][T22949] F2FS-fs (loop3): build fault injection attr: rate: 1, type: 0x3ffff [ 175.907396][T22949] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x1f8 [ 175.912028][T22949] F2FS-fs (loop3): invalid crc value [ 175.926386][T22949] F2FS-fs (loop3): Found nat_bits in checkpoint [ 175.949538][T22979] loop0: detected capacity change from 0 to 256 [ 175.953571][T22949] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 175.954702][T22949] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 175.978070][T22949] F2FS-fs (loop3) : inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xf0/0xcf8 [ 176.079105][T23003] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.7808'. [ 176.264714][T23040] x_tables: unsorted underflow at hook 1 [ 176.357409][T23052] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7827'. [ 176.359007][T23052] netlink: 'syz.0.7827': attribute type 1 has an invalid length. [ 176.516459][T23083] ERROR: device name not specified. [ 176.542888][T23090] ERROR: device name not specified. [ 176.686987][ T4329] XFS (loop4): Unmounting Filesystem [ 176.712956][T23120] FAT-fs (loop2): Directory bread(block 64) failed [ 176.723388][T23120] FAT-fs (loop2): Directory bread(block 65) failed [ 176.724562][T23120] FAT-fs (loop2): Directory bread(block 66) failed [ 176.725594][T23120] FAT-fs (loop2): Directory bread(block 67) failed [ 176.726640][T23120] FAT-fs (loop2): Directory bread(block 68) failed [ 176.727607][T23120] FAT-fs (loop2): Directory bread(block 69) failed [ 176.728553][T23120] FAT-fs (loop2): Directory bread(block 70) failed [ 176.729592][T23120] FAT-fs (loop2): Directory bread(block 71) failed [ 176.730568][T23120] FAT-fs (loop2): Directory bread(block 72) failed [ 176.731668][T23120] FAT-fs (loop2): Directory bread(block 73) failed [ 176.796122][T23137] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 177.119556][T23198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7889'. [ 177.192062][T23216] tmpfs: Bad value for 'mpol' [ 177.224987][ T55] hfsplus: b-tree write err: -5, ino 4 [ 177.354534][T23243] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 177.418731][T23262] tmpfs: Bad value for 'mpol' [ 177.492686][T23281] overlayfs: bad mount option "redirect_dir=off:/" [ 177.556542][T23293] xt_cluster: you have exceeded the maximum number of cluster nodes (2048 > 32) [ 177.577571][ T55] hfsplus: b-tree write err: -5, ino 4 [ 177.592014][T23297] ntfs3: nbd2: try to read out of volume at offset 0x0 [ 177.619786][T23302] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 177.622040][T23302] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 177.703103][ T1573] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 177.727006][T23326] overlayfs: bad mount option "redirect_dir=off:/" [ 177.797985][T23343] ntfs3: nbd0: try to read out of volume at offset 0x0 [ 178.140235][T23417] set_capacity_and_notify: 7 callbacks suppressed [ 178.140243][T23417] loop3: detected capacity change from 0 to 128 [ 178.161621][T23417] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 178.181317][T23417] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 178.240968][ T55] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 178.289738][T23450] loop3: detected capacity change from 0 to 1764 [ 178.462202][T23496] loop1: detected capacity change from 0 to 128 [ 178.489294][T23496] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 178.492919][T23496] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 178.560939][ T9] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 178.581366][T23514] loop4: detected capacity change from 0 to 1764 [ 179.276934][T23658] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 179.331962][T23673] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8045'. [ 179.384299][T23683] openvswitch: netlink: Key 0 has unexpected len 5118 expected 0 [ 179.714271][T23742] loop2: detected capacity change from 0 to 4096 [ 179.719862][T23742] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 179.721940][T23742] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 179.727358][T23742] ntfs: (device loop2): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 179.729312][T23742] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 179.731372][T23742] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 179.752818][T23742] ntfs: volume version 3.1. [ 179.762536][T23742] ntfs: (device loop2): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 179.766015][T23742] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 179.768830][T23742] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 179.770594][T23742] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 179.772249][T23742] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 180.030997][T23806] loop1: detected capacity change from 0 to 1764 [ 180.066229][T23806] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 180.207355][T23767] loop4: detected capacity change from 0 to 32768 [ 180.236220][T23767] (syz.4.8070,23767,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 180.243686][T23767] (syz.4.8070,23767,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 180.269777][T23767] JBD2: Ignoring recovery information on journal [ 180.316944][T23858] loop0: detected capacity change from 0 to 4096 [ 180.319033][T23767] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 180.332000][T23858] ntfs: volume version 3.1. [ 180.397250][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 180.512527][T23897] netlink: 'syz.2.8110': attribute type 12 has an invalid length. [ 180.520142][T23892] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 180.521216][T23892] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 180.522523][T23892] vhci_hcd vhci_hcd.0: Device attached [ 180.539620][T23894] vhci_hcd: cannot find the pending unlink 5 [ 180.540622][T23894] vhci_hcd: connection closed [ 180.540745][ T9] vhci_hcd: stop threads [ 180.542151][ T9] vhci_hcd: release socket [ 180.542902][ T9] vhci_hcd: disconnect device [ 180.702440][T23925] loop1: detected capacity change from 0 to 1024 [ 180.707660][T23925] EXT4-fs: Ignoring removed bh option [ 180.773481][T23925] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 180.839483][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 180.950613][T23971] netlink: 'syz.1.8137': attribute type 30 has an invalid length. [ 180.951869][T23971] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8137'. [ 180.956574][T23971] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4) [ 180.979692][T23976] cifs: Unknown parameter 'h}# [ 180.979692][T23976] [bIT&:"1:ӭ'4,Zz-#F<]%gC [ 180.979692][T23976] SȘȞZ6' [ 180.987701][T23975] netlink: 'syz.3.8140': attribute type 12 has an invalid length. [ 181.119558][T23999] 8021q: adding VLAN 0 to HW filter on device bond1 [ 181.270586][T24064] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8169'. [ 181.279268][T24058] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 181.280341][T24058] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 181.281528][T24058] vhci_hcd vhci_hcd.0: Device attached [ 181.290564][T24059] vhci_hcd: cannot find the pending unlink 5 [ 181.291483][T24059] vhci_hcd: connection closed [ 181.291638][ T55] vhci_hcd: stop threads [ 181.293666][ T55] vhci_hcd: release socket [ 181.294386][ T55] vhci_hcd: disconnect device [ 181.319719][T24073] loop3: detected capacity change from 0 to 8 [ 181.389454][T24092] misc userio: No port type given on /dev/userio [ 181.420152][T24095] team0: Port device team_slave_0 removed [ 181.421300][T24095] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 181.494668][T24108] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8174'. [ 181.589373][T24127] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 181.590766][T24127] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 181.598564][T24130] misc userio: No port type given on /dev/userio [ 181.730936][T24141] 8021q: adding VLAN 0 to HW filter on device bond4 [ 181.800518][T24188] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8189'. [ 181.842652][T24194] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8203'. [ 181.903695][T24204] EXT4-fs: Ignoring removed bh option [ 181.911522][T24210] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 181.912898][T24210] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 181.933142][T24204] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 182.021030][ T4320] EXT4-fs (loop2): unmounting filesystem. [ 182.053010][T24230] 8021q: adding VLAN 0 to HW filter on device bond2 [ 182.063385][T24237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8210'. [ 182.192439][T24296] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 182.211774][T24296] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 182.274859][T24309] infiniband !yz!: set down [ 182.294220][T24309] team0: Port device team_slave_0 removed [ 182.295480][T24309] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 182.300917][T24314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8224'. [ 182.578351][T24307] (syz.0.8222,24307,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 182.583593][T24307] (syz.0.8222,24307,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 182.607776][T24307] JBD2: Ignoring recovery information on journal [ 182.639387][T24307] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 182.696041][ T4319] ocfs2: Unmounting device (7,0) on (node local) [ 182.837237][T24412] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8267'. [ 183.051966][T24445] binder: 24445 RLIMIT_NICE not set [ 183.147911][T24460] ip6t_srh: unknown srh match flags 4001 [ 183.162805][T24415] set_capacity_and_notify: 3 callbacks suppressed [ 183.162814][T24415] loop4: detected capacity change from 0 to 32768 [ 183.170977][T24466] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8278'. [ 183.172039][T24415] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 183.174793][T24415] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 183.187538][T24415] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 183.191522][ T8148] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 183.192776][ T8148] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 183.245852][T24477] openvswitch: netlink: Message has -1 unknown bytes. [ 183.246959][ T8148] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 54ms [ 183.247075][ T8148] gfs2: fsid=syz:syz.0: jid=0: Done [ 183.249497][T24415] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 183.252105][T24474] netlink: 'syz.3.8280': attribute type 1 has an invalid length. [ 183.256454][T24474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8280'. [ 183.315458][T24486] binder: 24486 RLIMIT_NICE not set [ 183.328928][T24415] gfs2: fsid=syz:syz.0: found 1 quota changes [ 183.362140][T24415] gfs2: fsid=syz:syz.0: inum=2340 error=-28, nblocks=1, full=1 fail_pt=0 [ 183.366089][T24415] gfs2: fsid=syz:syz.0: rgrp 18 has an error, marking it readonly until umount [ 183.367463][T24415] gfs2: fsid=syz:syz.0: umount on all nodes and run fsck.gfs2 to fix the error [ 183.368780][T24415] gfs2: fsid=syz:syz.0: R: n:18 f:80000000 b:4294967295/4294967295 i:4294967295 q:0 r:1 e:0 [ 183.428124][ T4329] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485 [ 183.430432][ T4329] CPU: 1 PID: 4329 Comm: syz-executor Not tainted syzkaller #0 [ 183.431659][ T4329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 183.433205][ T4329] Call trace: [ 183.433674][ T4329] dump_backtrace+0x1c0/0x1ec [ 183.434451][ T4329] show_stack+0x2c/0x3c [ 183.435067][ T4329] __dump_stack+0x30/0x40 [ 183.435670][ T4329] dump_stack_lvl+0xf4/0x15c [ 183.436383][ T4329] dump_stack+0x1c/0x5c [ 183.437034][ T4329] gfs2_assert_warn_i+0x16c/0x26c [ 183.437807][ T4329] gfs2_quota_cleanup+0x464/0x668 [ 183.438547][ T4329] gfs2_make_fs_ro+0x368/0x438 [ 183.439287][ T4329] gfs2_put_super+0x1e0/0x760 [ 183.440026][ T4329] generic_shutdown_super+0x130/0x324 [ 183.440843][ T4329] kill_block_super+0x70/0xdc [ 183.441531][ T4329] gfs2_kill_sb+0xc0/0xd4 [ 183.442155][ T4329] deactivate_locked_super+0xac/0x120 [ 183.442960][ T4329] deactivate_super+0xe4/0x104 [ 183.443649][ T4329] cleanup_mnt+0x390/0x418 [ 183.444265][ T4329] __cleanup_mnt+0x20/0x30 [ 183.444912][ T4329] task_work_run+0x1ec/0x278 [ 183.445575][ T4329] do_notify_resume+0x1fa0/0x2aa4 [ 183.446281][ T4329] el0_svc+0x98/0x128 [ 183.446884][ T4329] el0t_64_sync_handler+0x84/0xf0 [ 183.447644][ T4329] el0t_64_sync+0x18c/0x190 [ 183.537031][T24520] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 183.552862][T24524] openvswitch: netlink: Message has -1 unknown bytes. [ 183.574715][T24525] netlink: 'syz.1.8294': attribute type 1 has an invalid length. [ 183.597702][T24530] ip6t_srh: unknown srh match flags 4001 [ 183.604819][T24532] openvswitch: netlink: Message has -1 unknown bytes. [ 183.822346][T24603] ip6t_srh: unknown srh match flags 4001 [ 183.845109][T24607] netlink: 'syz.4.8311': attribute type 1 has an invalid length. [ 183.899411][T24619] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 184.273028][T24732] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 184.695259][T24818] random: crng reseeded on system resumption [ 184.718092][T24818] hibernate: Hibernate image not generated by this kernel! [ 184.719495][T24818] PM: hibernation: Image mismatch: architecture specific data [ 184.859441][T24853] x_tables: unsorted entry at hook 1 [ 185.052459][T24896] x_tables: unsorted entry at hook 1 [ 185.228441][T24936] random: crng reseeded on system resumption [ 185.261116][T24943] x_tables: unsorted entry at hook 1 [ 185.280456][T24936] hibernate: Hibernate image not generated by this kernel! [ 185.281625][T24936] PM: hibernation: Image mismatch: architecture specific data [ 185.422068][T24979] random: crng reseeded on system resumption [ 185.692923][T25038] random: crng reseeded on system resumption [ 185.986804][T25047] loop4: detected capacity change from 0 to 32768 [ 186.030048][T25097] random: crng reseeded on system resumption [ 186.218384][T25134] [U] [ 186.219206][T25134] [U] [ 186.219568][T25134] [U] [ 186.219940][T25134] [U] [ 186.220366][T25134] [U] [ 186.220764][T25134] [U] [ 186.221145][T25134] [U] [ 186.221569][T25134] [U] [ 186.221986][T25134] [U] [ 186.222375][T25134] [U] [ 186.222783][T25134] [U] [ 186.229299][T25133] [U] [ 186.267655][T25144] [U] v3f"S/4:XTzWtlW= [ 186.268762][T25144] [U] J"e:" [ 186.306339][T25155] loop0: detected capacity change from 0 to 256 [ 186.351330][T25155] FAT-fs (loop0): Directory bread(block 64) failed [ 186.352398][T25155] FAT-fs (loop0): Directory bread(block 65) failed [ 186.358992][T25155] FAT-fs (loop0): Directory bread(block 66) failed [ 186.360005][T25155] FAT-fs (loop0): Directory bread(block 67) failed [ 186.361106][T25155] FAT-fs (loop0): Directory bread(block 68) failed [ 186.362200][T25155] FAT-fs (loop0): Directory bread(block 69) failed [ 186.373898][T25155] FAT-fs (loop0): Directory bread(block 70) failed [ 186.374935][T25155] FAT-fs (loop0): Directory bread(block 71) failed [ 186.375943][T25155] FAT-fs (loop0): Directory bread(block 72) failed [ 186.377007][T25155] FAT-fs (loop0): Directory bread(block 73) failed [ 186.378482][T25164] loop2: detected capacity change from 0 to 4096 [ 186.391112][T25164] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 186.434092][T25164] ntfs3: loop2: failed to convert "c46c" to iso8859-7 [ 186.578598][T25140] loop1: detected capacity change from 0 to 32768 [ 186.586695][T25140] (syz.1.8496,25140,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 186.592512][T25140] (syz.1.8496,25140,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 186.611958][T25199] [U] v3f"S/4:XTzWtlW= [ 186.612879][T25199] [U] J"e:" [ 186.622805][T25194] [U] [ 186.623315][T25194] [U] [ 186.623744][T25194] [U] [ 186.624131][T25194] [U] [ 186.631246][T25140] JBD2: Ignoring recovery information on journal [ 186.641562][T25194] [U] [ 186.642051][T25194] [U] [ 186.642480][T25194] [U] [ 186.642927][T25194] [U] [ 186.654258][T25169] loop3: detected capacity change from 0 to 32768 [ 186.667070][T25194] [U] [ 186.667556][T25194] [U] [ 186.667934][T25194] [U] [ 186.669282][T25189] [U] [ 186.691211][T25140] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 186.704195][T15109] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 186.780412][T25224] loop4: detected capacity change from 0 to 256 [ 186.782111][ T4321] ocfs2: Unmounting device (7,1) on (node local) [ 186.816158][T25224] FAT-fs (loop4): Directory bread(block 64) failed [ 186.817173][T25224] FAT-fs (loop4): Directory bread(block 65) failed [ 186.818306][T25224] FAT-fs (loop4): Directory bread(block 66) failed [ 186.819284][T25224] FAT-fs (loop4): Directory bread(block 67) failed [ 186.820357][T25224] FAT-fs (loop4): Directory bread(block 68) failed [ 186.821303][T25224] FAT-fs (loop4): Directory bread(block 69) failed [ 186.822294][T25224] FAT-fs (loop4): Directory bread(block 70) failed [ 186.833329][T25224] FAT-fs (loop4): Directory bread(block 71) failed [ 186.834401][T25224] FAT-fs (loop4): Directory bread(block 72) failed [ 186.835380][T25224] FAT-fs (loop4): Directory bread(block 73) failed [ 186.886989][T25244] [U] v3f"S/4:XTzWtlW= [ 186.888027][T25244] [U] J"e:" [ 186.967237][T25259] [U] [ 186.967726][T25259] [U] [ 186.968152][T25259] [U] [ 186.968583][T25259] [U] [ 186.969506][T25259] [U] [ 186.969967][T25259] [U] [ 186.970397][T25259] [U] [ 186.970845][T25259] [U] [ 186.971641][T25259] [U] [ 186.972098][T25259] [U] [ 186.972503][T25259] [U] [ 186.977166][T25258] [U] [ 187.157745][T25296] __nla_validate_parse: 6 callbacks suppressed [ 187.157757][T25296] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8526'. [ 187.287576][T25270] loop1: detected capacity change from 0 to 32768 [ 187.376502][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.377606][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.478076][T25318] loop0: detected capacity change from 0 to 4096 [ 187.487073][T25318] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 187.567384][T25318] ntfs3: loop0: failed to convert "c46c" to iso8859-7 [ 187.633333][T25308] loop4: detected capacity change from 0 to 32768 [ 187.651006][T25308] JBD2: Ignoring recovery information on journal [ 187.711612][T25308] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 187.770119][T25308] (syz.4.8532,25308,0):ocfs2_find_entry:1086 ERROR: status = -117 [ 187.875982][ T4329] (syz-executor,4329,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 22 [ 187.889771][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 187.910736][T25357] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8546'. [ 188.147802][T25401] netdevsim netdevsim2: Direct firmware load for .. failed with error -2 [ 188.154027][T25401] netdevsim netdevsim2: Falling back to sysfs fallback for: .. [ 188.193058][T25409] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 188.454468][T25456] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 188.658804][T25473] loop4: detected capacity change from 0 to 2048 [ 188.765449][ T4313] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 189.038980][T25518] loop3: detected capacity change from 0 to 2048 [ 189.062711][T25532] netlink: 'syz.1.8617': attribute type 1 has an invalid length. [ 189.261188][T25568] random: crng reseeded on system resumption [ 189.288170][T25571] netlink: 48 bytes leftover after parsing attributes in process `syz.1.8620'. [ 189.289580][T25571] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8620'. [ 189.290989][T25571] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8620'. [ 189.420469][T25591] loop0: detected capacity change from 0 to 2048 [ 189.526992][T25558] loop4: detected capacity change from 0 to 32768 [ 189.625455][T25620] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8637'. [ 189.631425][T25620] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8637'. [ 189.632868][T25620] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8637'. [ 189.728017][T25638] xt_hashlimit: invalid interval [ 189.860053][T25662] netlink: 48 bytes leftover after parsing attributes in process `syz.2.8652'. [ 189.861787][T25662] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8652'. [ 189.991553][T25681] xt_hashlimit: invalid interval [ 190.073515][T25691] xt_CT: You must specify a L4 protocol and not use inversions on it [ 190.286890][T25686] loop0: detected capacity change from 0 to 32768 [ 190.300747][T25725] xt_hashlimit: invalid interval [ 190.718834][T25819] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 190.720538][T25819] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 191.040566][T25885] loop1: detected capacity change from 0 to 512 [ 191.042274][T25885] EXT2-fs (loop1): DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 191.047313][T25885] EXT2-fs (loop1): DAX unsupported by block device. Turning off DAX. [ 191.060087][T25885] EXT2-fs (loop1): error: revision level too high, forcing read-only mode [ 191.065873][T25885] EXT2-fs (loop1): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=800a8] [ 191.177632][T25921] random: crng reseeded on system resumption [ 191.253405][T25934] netlink: 'syz.3.8743': attribute type 1 has an invalid length. [ 191.297989][T25939] loop4: detected capacity change from 0 to 64 [ 191.311520][T25943] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 191.312969][T25943] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 191.400139][T25960] loop4: detected capacity change from 0 to 64 [ 191.507018][T25983] netlink: 'syz.4.8757': attribute type 1 has an invalid length. [ 191.510685][T25985] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 191.517859][T25920] loop1: detected capacity change from 0 to 40427 [ 191.519977][T25985] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 191.528754][T25920] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7 [ 191.530087][T25920] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff [ 191.539172][T25920] F2FS-fs (loop1): invalid crc value [ 191.540651][T25920] F2FS-fs (loop1): Found nat_bits in checkpoint [ 191.577228][T25920] F2FS-fs (loop1): Start checkpoint disabled! [ 191.578789][T25920] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 191.613955][T25920] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7 [ 191.615349][T25920] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff [ 191.616722][T25920] F2FS-fs (loop1): disabling checkpoint not compatible with read-only [ 191.655874][T26013] loop0: detected capacity change from 0 to 64 [ 191.881574][T26062] binder: 26062:26061 cannot find target node [ 191.882592][T26062] binder: 26061:26062 transaction call to 0:0 failed 1/29189/-22, size 0-0 line 3045 [ 191.886629][T13357] binder: undelivered TRANSACTION_ERROR: 29189 [ 191.888601][T26066] random: crng reseeded on system resumption [ 192.077652][T26102] netlink: 'syz.2.8793': attribute type 2 has an invalid length. [ 192.188432][T26054] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7 [ 192.189739][T26054] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x3ffff [ 192.202924][T26054] F2FS-fs (loop3): invalid crc value [ 192.208938][T26054] F2FS-fs (loop3): Found nat_bits in checkpoint [ 192.231489][T26054] F2FS-fs (loop3): Start checkpoint disabled! [ 192.235613][T26054] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 192.266182][T26054] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7 [ 192.267562][T26054] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x3ffff [ 192.268875][T26054] F2FS-fs (loop3): disabling checkpoint not compatible with read-only [ 192.410373][T26164] netlink: 'syz.3.8808': attribute type 10 has an invalid length. [ 192.411700][T26164] __nla_validate_parse: 8 callbacks suppressed [ 192.411713][T26164] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8808'. [ 192.469589][T26177] binder: 26177:26175 cannot find target node [ 192.470504][T26177] binder: 26175:26177 transaction call to 0:0 failed 2/29189/-22, size 0-0 line 3045 [ 192.484092][ T24] binder: undelivered TRANSACTION_ERROR: 29189 [ 192.538959][T26186] netlink: 'syz.0.8820': attribute type 2 has an invalid length. [ 192.548380][T26186] netlink: 'syz.0.8820': attribute type 1 has an invalid length. [ 192.551720][T26186] netlink: 224 bytes leftover after parsing attributes in process `syz.0.8820'. [ 192.628033][T26201] netlink: 'syz.0.8827': attribute type 2 has an invalid length. [ 192.758620][T26223] binder: 26223:26220 cannot find target node [ 192.759616][T26223] binder: 26220:26223 transaction call to 0:0 failed 3/29189/-22, size 0-0 line 3045 [ 192.772509][T13356] binder: undelivered TRANSACTION_ERROR: 29189 [ 192.821923][T26235] netlink: 'syz.2.8837': attribute type 2 has an invalid length. [ 192.823344][T26235] netlink: 'syz.2.8837': attribute type 1 has an invalid length. [ 192.826881][T26235] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8837'. [ 192.850152][T26232] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 192.860077][T26234] FAT-fs (loop4): Directory bread(block 64) failed [ 192.863519][T26234] FAT-fs (loop4): Directory bread(block 65) failed [ 192.866887][T26234] FAT-fs (loop4): Directory bread(block 66) failed [ 192.870180][T26234] FAT-fs (loop4): Directory bread(block 67) failed [ 192.873961][T26234] FAT-fs (loop4): Directory bread(block 68) failed [ 192.877308][T26234] FAT-fs (loop4): Directory bread(block 69) failed [ 192.894575][T26234] FAT-fs (loop4): Directory bread(block 70) failed [ 192.895593][T26234] FAT-fs (loop4): Directory bread(block 71) failed [ 192.896582][T26234] FAT-fs (loop4): Directory bread(block 72) failed [ 192.897598][T26234] FAT-fs (loop4): Directory bread(block 73) failed [ 192.978014][T26256] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8844'. [ 193.101018][T26275] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8851'. [ 193.194301][T26296] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8858'. [ 193.427566][T26341] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 193.495244][T26339] hfsplus: found bad thread record in catalog [ 193.519641][T26351] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 193.520984][T26351] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 193.522200][T26351] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 193.537329][ T11] hfsplus: b-tree write err: -5, ino 4 [ 193.593308][T26351] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 193.646719][T26369] binder: 26368:26369 got transaction to invalid handle, 1 [ 193.647933][T26369] binder: 26369:26368 cannot find target node [ 193.649086][T26369] binder: 26368:26369 ioctl c0306201 20000780 returned -14 [ 193.709779][T26387] set_capacity_and_notify: 8 callbacks suppressed [ 193.709789][T26387] loop3: detected capacity change from 0 to 64 [ 193.716053][T26320] XFS (loop4): Mounting V5 Filesystem [ 193.716485][T26385] loop1: detected capacity change from 0 to 512 [ 193.740560][T26385] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 193.742254][T26385] EXT4-fs (loop1): orphan cleanup on readonly fs [ 193.748390][T26385] __quota_error: 28 callbacks suppressed [ 193.748399][T26385] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 193.750619][T26385] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 193.752009][T26385] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.8886: Failed to acquire dquot type 1 [ 193.761867][T26320] XFS (loop4): Ending clean mount [ 193.783274][T26385] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.8886: bg 0: block 40: padding at end of block bitmap is not set [ 193.794236][T26385] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6181: Corrupt filesystem [ 193.806782][T26385] EXT4-fs (loop1): 1 truncate cleaned up [ 193.806810][ T4329] XFS (loop4): Unmounting Filesystem [ 193.807738][T26385] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 193.821092][T26403] loop0: detected capacity change from 0 to 128 [ 193.841761][T26385] EXT4-fs error (device loop1): ext4_get_link:104: inode #16: comm syz.1.8886: bad symlink. [ 193.888095][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 193.943570][T26424] binder: 26422:26424 got transaction to invalid handle, 1 [ 193.944786][T26424] binder: 26422:26424 ioctl c0306201 20000780 returned -14 [ 193.976983][T26428] device gre0 left promiscuous mode [ 193.981374][T26430] loop0: detected capacity change from 0 to 256 [ 193.982241][T26428] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 193.984128][T26428] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 193.985336][T26428] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 193.987802][T26428] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.990158][T26428] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.005794][T26430] FAT-fs (loop0): Directory bread(block 64) failed [ 194.006860][T26430] FAT-fs (loop0): Directory bread(block 65) failed [ 194.007980][T26430] FAT-fs (loop0): Directory bread(block 66) failed [ 194.009045][T26430] FAT-fs (loop0): Directory bread(block 67) failed [ 194.010079][T26430] FAT-fs (loop0): Directory bread(block 68) failed [ 194.011093][T26430] FAT-fs (loop0): Directory bread(block 69) failed [ 194.023476][T26430] FAT-fs (loop0): Directory bread(block 70) failed [ 194.024648][T26430] FAT-fs (loop0): Directory bread(block 71) failed [ 194.025675][T26430] FAT-fs (loop0): Directory bread(block 72) failed [ 194.026640][T26430] FAT-fs (loop0): Directory bread(block 73) failed [ 194.039605][T26438] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 194.053703][T26428] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 194.138511][T26449] binder: 26446 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero. [ 194.138532][T26449] binder: 26446:26449 ioctl c018620c 20000380 returned -22 [ 194.191544][T26456] loop0: detected capacity change from 0 to 512 [ 194.202887][T26456] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 194.207130][T26456] EXT4-fs (loop0): orphan cleanup on readonly fs [ 194.211990][T26456] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 194.216032][T26456] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 194.221736][T26456] EXT4-fs error (device loop0): ext4_acquire_dquot:6835: comm syz.0.8908: Failed to acquire dquot type 1 [ 194.233704][T26456] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.8908: bg 0: block 40: padding at end of block bitmap is not set [ 194.248012][T26456] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6181: Corrupt filesystem [ 194.253827][T26456] EXT4-fs (loop0): 1 truncate cleaned up [ 194.254754][T26456] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 194.268810][T26466] binder: 26465:26466 got transaction to invalid handle, 1 [ 194.269998][T26466] binder: 26465:26466 ioctl c0306201 20000780 returned -14 [ 194.300481][T26456] EXT4-fs error (device loop0): ext4_get_link:104: inode #16: comm syz.0.8908: bad symlink. [ 194.341214][T26473] loop3: detected capacity change from 0 to 1024 [ 194.376536][ T4319] EXT4-fs (loop0): unmounting filesystem. [ 194.392325][T26479] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 194.394739][T26473] hfsplus: found bad thread record in catalog [ 194.414990][T26484] validate_nla: 10 callbacks suppressed [ 194.415001][T26484] netlink: 'syz.1.8918': attribute type 16 has an invalid length. [ 194.417232][T26484] netlink: 'syz.1.8918': attribute type 17 has an invalid length. [ 194.430171][T26484] infiniband syz1: set active [ 194.431139][T26484] infiniband syz1: set active [ 194.437915][T26484] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 194.439275][T26484] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 194.440541][T26484] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 194.453077][ T1573] hfsplus: b-tree write err: -5, ino 4 [ 194.455150][T26484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.457037][T26484] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 194.458390][T26484] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 194.459632][T26484] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 194.493722][T26484] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 194.497904][ T24] lo speed is unknown, defaulting to 1000 [ 194.498804][ T22] lo speed is unknown, defaulting to 1000 [ 194.782702][T26546] loop3: detected capacity change from 0 to 512 [ 194.809820][T26546] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 194.836175][T26546] fs-verity (loop3, inode 15): Unrecognized descriptor size: 0 bytes [ 194.843921][T26562] loop4: detected capacity change from 0 to 8 [ 194.845727][T26562] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 194.849826][ T4312] udevd[4312]: incorrect cramfs checksum on /dev/loop4 [ 194.851838][T26560] loop2: detected capacity change from 0 to 256 [ 194.866870][T26560] exfat: Deprecated parameter 'utf8' [ 194.867734][T26560] exfat: Deprecated parameter 'namecase' [ 194.878772][T26562] cramfs: Error -3 while decompressing! [ 194.879640][T26562] cramfs: 000000007622abb4(26)->00000000b56af413(4096) [ 194.883078][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 194.894256][T26562] cramfs: Error -3 while decompressing! [ 194.895140][T26562] cramfs: 0000000073242bcf(26)->000000006e92e0f5(4096) [ 194.896232][T26562] cramfs: Error -3 while decompressing! [ 194.897070][T26562] cramfs: 00000000a95e520e(16)->000000000f7b384d(4096) [ 194.904294][T26562] cramfs: Error -3 while decompressing! [ 194.905146][T26562] cramfs: 000000007622abb4(26)->00000000b56af413(4096) [ 194.911628][ T4309] udevd[4309]: incorrect cramfs checksum on /dev/loop4 [ 194.914142][T26560] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 195.038237][T26595] binder: 26594 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero. [ 195.038254][T26595] binder: 26594:26595 ioctl c018620c 20000380 returned -22 [ 195.194898][T26625] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 195.241011][T26632] binder: 26629 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero. [ 195.241031][T26632] binder: 26629:26632 ioctl c018620c 20000380 returned -22 [ 195.262258][T26637] loop2: detected capacity change from 0 to 16 [ 195.296610][T26637] erofs: (device loop2): mounted with root inode @ nid 36. [ 195.353864][T26647] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 195.394495][T26647] fs-verity (loop1, inode 15): Unrecognized descriptor size: 0 bytes [ 195.472908][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 195.670537][T26711] netlink: 'syz.1.9001': attribute type 8 has an invalid length. [ 195.709557][T26714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9003'. [ 195.722199][T26717] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.774567][T26721] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.870994][T26742] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 195.898821][T26693] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 195.926751][T26750] SET target dimension over the limit! [ 195.969693][T26760] erofs: (device loop0): mounted with root inode @ nid 36. [ 195.977584][ T4329] ocfs2: Unmounting device (7,4) on (node local) [ 196.141328][T26794] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9028'. [ 196.192363][T26800] netlink: 'syz.3.9031': attribute type 8 has an invalid length. [ 196.219794][T26805] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9032'. [ 196.235175][T26808] x_tables: unsorted underflow at hook 2 [ 196.331352][T26827] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9040'. [ 196.386377][T26839] netlink: 'syz.4.9047': attribute type 8 has an invalid length. [ 196.418029][T26836] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 196.430881][T26843] ieee802154 phy0 wpan0: encryption failed: -22 [ 196.545936][T26865] SET target dimension over the limit! [ 196.625945][T26876] erofs: (device loop4): mounted with root inode @ nid 36. [ 196.728422][T26893] x_tables: unsorted underflow at hook 2 [ 196.765466][T26850] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 196.796259][ T4328] ocfs2: Unmounting device (7,3) on (node local) [ 196.942580][T26935] netlink: 'syz.4.9080': attribute type 1 has an invalid length. [ 196.964210][T26939] xt_TCPMSS: Only works on TCP SYN packets [ 197.294568][T27011] xt_TCPMSS: Only works on TCP SYN packets [ 197.469839][T27047] netlink: 'syz.3.9121': attribute type 1 has an invalid length. [ 197.590009][T27066] xt_TCPMSS: Only works on TCP SYN packets [ 198.265892][ T27] audit: type=1400 audit(33086.023:139): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=27194 comm="syz.1.9177" [ 198.326212][T27207] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 198.700618][ T27] audit: type=1400 audit(33086.453:140): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=27279 comm="syz.4.9204" [ 198.736951][T27283] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 198.847105][T27310] __nla_validate_parse: 7 callbacks suppressed [ 198.847118][T27310] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9214'. [ 199.071324][T27354] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9229'. [ 199.108857][T27362] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9243'. [ 199.183073][T27376] device wg1 entered promiscuous mode [ 199.242493][T27385] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 199.263131][T27391] netlink: 'syz.3.9241': attribute type 30 has an invalid length. [ 199.415660][T27423] set_capacity_and_notify: 10 callbacks suppressed [ 199.415669][T27423] loop0: detected capacity change from 0 to 512 [ 199.437317][T27423] EXT2-fs (loop0): warning: mounting ext3 filesystem as ext2 [ 199.460778][T27431] netlink: 'syz.4.9257': attribute type 30 has an invalid length. [ 199.662126][T27477] loop2: detected capacity change from 0 to 512 [ 199.673551][T27477] EXT2-fs (loop2): warning: mounting ext3 filesystem as ext2 [ 199.675653][T27474] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 199.745083][T27500] xt_limit: Overflow, try lower: 65536/2147483648 [ 200.169526][T27583] netlink: 'syz.4.9314': attribute type 21 has an invalid length. [ 200.170816][T27583] netlink: 128 bytes leftover after parsing attributes in process `syz.4.9314'. [ 200.172146][T27583] netlink: 'syz.4.9314': attribute type 4 has an invalid length. [ 200.185910][T27583] netlink: 'syz.4.9314': attribute type 5 has an invalid length. [ 200.187061][T27583] netlink: 3 bytes leftover after parsing attributes in process `syz.4.9314'. [ 200.194594][T27589] loop1: detected capacity change from 0 to 256 [ 200.220402][T27589] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 200.361066][T27601] loop2: detected capacity change from 0 to 4096 [ 200.376611][T27601] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 200.378704][T27601] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 200.400875][T27601] ntfs: volume version 3.1. [ 200.429273][T27628] netlink: 'syz.0.9322': attribute type 21 has an invalid length. [ 200.430633][T27628] netlink: 128 bytes leftover after parsing attributes in process `syz.0.9322'. [ 200.441794][T27628] netlink: 'syz.0.9322': attribute type 4 has an invalid length. [ 200.443100][T27628] netlink: 'syz.0.9322': attribute type 5 has an invalid length. [ 200.444843][T27628] netlink: 3 bytes leftover after parsing attributes in process `syz.0.9322'. [ 200.912057][T27730] netlink: 'syz.3.9356': attribute type 21 has an invalid length. [ 200.923330][T27730] netlink: 128 bytes leftover after parsing attributes in process `syz.3.9356'. [ 200.928126][T27730] netlink: 'syz.3.9356': attribute type 4 has an invalid length. [ 200.931699][T27730] netlink: 'syz.3.9356': attribute type 5 has an invalid length. [ 200.936428][T27730] netlink: 3 bytes leftover after parsing attributes in process `syz.3.9356'. [ 201.120679][T27752] loop3: detected capacity change from 0 to 4096 [ 201.130696][T27752] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 201.138424][T27752] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 201.171786][T27752] ntfs: volume version 3.1. [ 201.273775][T27738] loop1: detected capacity change from 0 to 32768 [ 201.279108][T27777] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9374'. [ 201.302974][T27738] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 201.327252][T27738] (syz.1.9360,27738,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=32, inode=17057, rec_len=280, name_len=10 [ 201.334376][T27738] (syz.1.9360,27738,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 201.340260][T27738] (syz.1.9360,27738,1):ocfs2_mknod:298 ERROR: status = -2 [ 201.348986][T27738] (syz.1.9360,27738,1):ocfs2_mknod:502 ERROR: status = -2 [ 201.353615][T27738] (syz.1.9360,27738,1):ocfs2_create:676 ERROR: status = -2 [ 201.421363][ T4321] ocfs2: Unmounting device (7,1) on (node local) [ 201.752441][T27859] loop2: detected capacity change from 0 to 64 [ 201.787026][ T4330] Bluetooth: hci4: unexpected cc 0x206e length: 4 > 3 [ 201.799687][T27827] loop0: detected capacity change from 0 to 32768 [ 201.812608][T27827] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 201.821386][T27827] (syz.0.9394,27827,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=32, inode=17057, rec_len=280, name_len=10 [ 201.824049][T27827] (syz.0.9394,27827,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 201.825461][T27827] (syz.0.9394,27827,0):ocfs2_mknod:298 ERROR: status = -2 [ 201.826576][T27827] (syz.0.9394,27827,0):ocfs2_mknod:502 ERROR: status = -2 [ 201.827788][T27827] (syz.0.9394,27827,0):ocfs2_create:676 ERROR: status = -2 [ 201.839819][ T4319] ocfs2: Unmounting device (7,0) on (node local) [ 201.863912][T27867] loop1: detected capacity change from 0 to 4096 [ 201.883281][T27867] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 201.885011][T27867] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 201.895587][T27867] ntfs: volume version 3.1. [ 202.191804][T27889] loop2: detected capacity change from 0 to 32768 [ 202.211511][T27889] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 202.222004][T27889] (syz.2.9420,27889,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=32, inode=17057, rec_len=280, name_len=10 [ 202.224961][T27889] (syz.2.9420,27889,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 202.226745][T27889] (syz.2.9420,27889,0):ocfs2_mknod:298 ERROR: status = -2 [ 202.227864][T27889] (syz.2.9420,27889,0):ocfs2_mknod:502 ERROR: status = -2 [ 202.229003][T27889] (syz.2.9420,27889,0):ocfs2_create:676 ERROR: status = -2 [ 202.242425][ T4320] ocfs2: Unmounting device (7,2) on (node local) [ 202.310208][T27949] binfmt_misc: register: failed to install interpreter file ./file0 [ 202.529152][T27980] ntfs3: loop1: ino=3, Correct links count -> 2. [ 202.586473][T27990] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 202.588550][T27990] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 202.609018][T27990] ntfs: volume version 3.1. [ 202.627109][T28003] binfmt_misc: register: failed to install interpreter file ./file0 [ 202.837991][T28046] tipc: Enabling of bearer rejected, media not registered [ 202.944054][T28049] ntfs3: loop3: ino=3, Correct links count -> 2. [ 202.969134][T28067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 203.280647][T28119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 203.284330][T28119] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 203.358886][T28125] ntfs3: loop4: ino=3, Correct links count -> 2. [ 203.762904][T28117] XFS (loop2): Mounting V5 Filesystem [ 203.788789][T28117] XFS (loop2): Ending clean mount [ 203.848985][T28117] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x15c/0x234, xfs_agf block 0x1 [ 203.850868][T28117] XFS (loop2): Unmount and run xfs_repair [ 203.851767][T28117] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 203.868911][T28117] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00 XAGF..........@. [ 203.870300][T28117] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 203.882505][T28117] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 203.884598][T28117] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00 ......?...?..... [ 203.886046][T28117] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 203.887463][T28117] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 ................ [ 203.888812][T28117] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 203.890085][T28117] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 203.891541][T28117] XFS (loop2): metadata I/O error in "xfs_read_agf+0x250/0x5fc" at daddr 0x1 len 1 error 74 [ 203.929301][T28117] XFS (loop2): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x16ec/0x1eec (fs/xfs/libxfs/xfs_defer.c:580). Shutting down filesystem. [ 203.932122][T28117] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 203.959348][ T4320] XFS (loop2): Unmounting Filesystem [ 204.086260][T28217] sp0: Synchronizing with TNC [ 204.228655][T28239] ntfs3: loop0: ino=3, Correct links count -> 2. [ 204.426829][T28280] set_capacity_and_notify: 14 callbacks suppressed [ 204.426839][T28280] loop2: detected capacity change from 0 to 64 [ 204.564644][T28302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 204.673983][T28326] Soft offlining pfn 0x137d9b at process virtual address 0x20000000 [ 204.681312][T28326] Soft offlining pfn 0x121b11 at process virtual address 0x20001000 [ 204.692625][T28326] Soft offlining pfn 0x137c4f at process virtual address 0x20002000 [ 204.695742][T28326] Soft offlining pfn 0x13c0cc at process virtual address 0x20003000 [ 204.702736][T28326] Soft offlining pfn 0x14127e at process virtual address 0x20004000 [ 204.707005][T28326] Soft offlining pfn 0x12514f at process virtual address 0x20005000 [ 204.708483][T28326] Soft offlining pfn 0x13c812 at process virtual address 0x20006000 [ 204.709944][T28326] Soft offlining pfn 0x140d21 at process virtual address 0x20007000 [ 204.720932][T28326] Soft offlining pfn 0x125057 at process virtual address 0x20008000 [ 204.725086][T28326] Soft offlining pfn 0x122a51 at process virtual address 0x20009000 [ 204.728119][T28326] Soft offlining pfn 0x13b602 at process virtual address 0x2000a000 [ 204.732600][T28326] Soft offlining pfn 0x139443 at process virtual address 0x2000b000 [ 204.734534][T28326] Soft offlining pfn 0x14145f at process virtual address 0x2000c000 [ 204.739313][T28336] loop3: detected capacity change from 0 to 16 [ 204.741084][T28326] Soft offlining pfn 0x141bc0 at process virtual address 0x2000d000 [ 204.742664][T28336] erofs: (device loop3): mounted with root inode @ nid 36. [ 204.744718][T28326] Soft offlining pfn 0x137f0a at process virtual address 0x2000e000 [ 204.750778][T28326] Soft offlining pfn 0x137d9c at process virtual address 0x2000f000 [ 204.752220][T28326] Soft offlining pfn 0x13e8c3 at process virtual address 0x20010000 [ 204.764209][T28326] Soft offlining pfn 0x137d9e at process virtual address 0x20011000 [ 204.895899][T28364] loop0: detected capacity change from 0 to 128 [ 204.900816][T28364] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 204.947750][ T4418] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 205.028782][T28390] sp0: Synchronizing with TNC [ 205.128176][T28417] loop2: detected capacity change from 0 to 512 [ 205.136602][T28422] loop3: detected capacity change from 0 to 128 [ 205.158714][T28417] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.9569: inode has both inline data and extents flags [ 205.161105][T28417] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.9569: couldn't read orphan inode 15 (err -117) [ 205.163067][T28417] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 205.231387][ T4320] EXT4-fs (loop2): unmounting filesystem. [ 205.284168][T28444] loop3: detected capacity change from 0 to 512 [ 205.302766][T28444] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 205.304285][T28444] System zones: 1-12 [ 205.306211][T28444] EXT4-fs error (device loop3): ext4_iget_extra_inode:4756: inode #15: comm syz.3.9576: corrupted in-inode xattr [ 205.314116][T28444] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.9576: couldn't read orphan inode 15 (err -117) [ 205.321123][T28444] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 205.370618][T28462] loop0: detected capacity change from 0 to 16 [ 205.372435][T28462] erofs: (device loop0): mounted with root inode @ nid 36. [ 205.391851][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 205.407680][T28465] Soft offlining pfn 0x121ea1 at process virtual address 0x20000000 [ 205.420907][T28465] Soft offlining pfn 0x13ffa4 at process virtual address 0x20001000 [ 205.426207][T28465] Soft offlining pfn 0x13c317 at process virtual address 0x20002000 [ 205.437418][T28465] Soft offlining pfn 0x122268 at process virtual address 0x20003000 [ 205.446797][T28465] Soft offlining pfn 0x13d1fc at process virtual address 0x20004000 [ 205.454556][T28465] Soft offlining pfn 0x122124 at process virtual address 0x20005000 [ 205.456173][T28465] Soft offlining pfn 0x125056 at process virtual address 0x20006000 [ 205.458025][T28465] Soft offlining pfn 0x137d9d at process virtual address 0x20007000 [ 205.460796][T28465] Soft offlining pfn 0x139d3e at process virtual address 0x20008000 [ 205.464092][T28465] Soft offlining pfn 0x123ea9 at process virtual address 0x20009000 [ 205.468157][T28465] Soft offlining pfn 0x13abe9 at process virtual address 0x2000a000 [ 205.473041][T28465] Soft offlining pfn 0x123e88 at process virtual address 0x2000b000 [ 205.481580][T28465] Soft offlining pfn 0x13a873 at process virtual address 0x2000c000 [ 205.482972][T28465] Soft offlining pfn 0x141220 at process virtual address 0x2000d000 [ 205.488023][T28465] Soft offlining pfn 0x137e7b at process virtual address 0x2000e000 [ 205.493057][T28465] Soft offlining pfn 0x13b37e at process virtual address 0x2000f000 [ 205.497816][T28465] Soft offlining pfn 0x13b20c at process virtual address 0x20010000 [ 205.501250][T28465] Soft offlining pfn 0x137d9f at process virtual address 0x20011000 [ 205.629806][T28512] loop4: detected capacity change from 0 to 16 [ 205.632112][T28512] erofs: (device loop4): mounted with root inode @ nid 36. [ 205.689962][T28529] loop4: detected capacity change from 0 to 128 [ 205.697644][T28529] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 205.761728][T28541] Soft offlining pfn 0x13b777 at process virtual address 0x20000000 [ 205.769470][ T1573] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 205.785843][T28541] Soft offlining pfn 0x1414fe at process virtual address 0x20001000 [ 205.787352][T28549] loop1: detected capacity change from 0 to 128 [ 205.790781][T28541] Soft offlining pfn 0x13e93b at process virtual address 0x20002000 [ 205.793405][T28541] Soft offlining pfn 0x13c91c at process virtual address 0x20003000 [ 205.799378][T28541] Soft offlining pfn 0x13b6e0 at process virtual address 0x20004000 [ 205.808542][T28541] Soft offlining pfn 0x122a68 at process virtual address 0x20005000 [ 205.812499][T28552] EXT4-fs: Ignoring removed orlov option [ 205.814050][T28541] Soft offlining pfn 0x1409ea at process virtual address 0x20006000 [ 205.815847][T28552] EXT4-fs: Ignoring removed nomblk_io_submit option [ 205.821947][T28541] soft_offline: 0x1409ea: invalidated [ 205.831119][T28541] Soft offlining pfn 0x1408cb at process virtual address 0x20007000 [ 205.835893][T28541] Soft offlining pfn 0x13ed6d at process virtual address 0x20008000 [ 205.838525][T28541] Soft offlining pfn 0x122a3e at process virtual address 0x20009000 [ 205.840581][T28541] Soft offlining pfn 0x13a832 at process virtual address 0x2000a000 [ 205.841432][T28552] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 205.843960][T28541] Soft offlining pfn 0x13fc9a at process virtual address 0x2000b000 [ 205.848623][T28541] Soft offlining pfn 0x140a40 at process virtual address 0x2000c000 [ 205.850703][T28541] Soft offlining pfn 0x13ded4 at process virtual address 0x2000d000 [ 205.852717][T28541] Soft offlining pfn 0x13d862 at process virtual address 0x2000e000 [ 205.857409][T28541] Soft offlining pfn 0x14007e at process virtual address 0x2000f000 [ 205.860906][T28541] Soft offlining pfn 0x13957b at process virtual address 0x20010000 [ 205.866074][T28541] Soft offlining pfn 0x121e7e at process virtual address 0x20011000 [ 205.870307][ T4329] EXT4-fs (loop4): unmounting filesystem. [ 205.941199][T28567] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.9609: inode has both inline data and extents flags [ 205.943755][T28567] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.9609: couldn't read orphan inode 15 (err -117) [ 205.946545][T28567] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 206.020532][T28586] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 206.030138][ T4329] EXT4-fs (loop4): unmounting filesystem. [ 206.064549][ T55] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 206.078023][T28589] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 206.079436][T28589] System zones: 1-12 [ 206.087601][T28589] EXT4-fs error (device loop0): ext4_iget_extra_inode:4756: inode #15: comm syz.0.9617: corrupted in-inode xattr [ 206.090067][T28589] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.9617: couldn't read orphan inode 15 (err -117) [ 206.101738][T28589] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 206.152150][T28607] EXT4-fs (loop3): Test dummy encryption mode enabled [ 206.171315][T28607] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 206.172720][T28607] System zones: 0-5 [ 206.186540][T28607] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 206.188312][ T4319] EXT4-fs (loop0): unmounting filesystem. [ 206.225173][T28618] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 206.226457][T28618] System zones: 1-12 [ 206.228975][T28618] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.9632: corrupted in-inode xattr [ 206.232755][ T4328] EXT4-fs (loop3): unmounting filesystem. [ 206.260028][T28618] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.9632: couldn't read orphan inode 15 (err -117) [ 206.267365][T28628] Soft offlining pfn 0x13f147 at process virtual address 0x20000000 [ 206.269515][T28628] Soft offlining pfn 0x121ab4 at process virtual address 0x20001000 [ 206.271062][T28628] Soft offlining pfn 0x13c06e at process virtual address 0x20002000 [ 206.271284][T28618] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 206.272554][T28628] Soft offlining pfn 0x13c5a8 at process virtual address 0x20003000 [ 206.275141][T28628] Soft offlining pfn 0x137e62 at process virtual address 0x20004000 [ 206.276424][T28628] Soft offlining pfn 0x140e07 at process virtual address 0x20005000 [ 206.277927][T28628] Soft offlining pfn 0x13c394 at process virtual address 0x20006000 [ 206.279333][T28628] Soft offlining pfn 0x139cfa at process virtual address 0x20007000 [ 206.282315][T28628] Soft offlining pfn 0x11bbec at process virtual address 0x20008000 [ 206.290365][T28628] Soft offlining pfn 0x13c2d9 at process virtual address 0x20009000 [ 206.300888][T28628] Soft offlining pfn 0x13ca9d at process virtual address 0x2000a000 [ 206.307316][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 206.317457][T28628] Soft offlining pfn 0x13c873 at process virtual address 0x2000b000 [ 206.329488][T28628] Soft offlining pfn 0x122deb at process virtual address 0x2000c000 [ 206.334062][T28628] Soft offlining pfn 0x122c1a at process virtual address 0x2000d000 [ 206.335682][T28628] Soft offlining pfn 0x13f352 at process virtual address 0x2000e000 [ 206.338444][T28628] Soft offlining pfn 0x139d03 at process virtual address 0x2000f000 [ 206.348212][T28628] Soft offlining pfn 0x13b414 at process virtual address 0x20010000 [ 206.349739][T28628] Soft offlining pfn 0x13e3fd at process virtual address 0x20011000 [ 206.504615][T28664] EXT4-fs: inline encryption not supported [ 206.505545][T28664] EXT4-fs: Ignoring removed i_version option [ 206.527988][T28664] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.9635: inode has both inline data and extents flags [ 206.548900][T28664] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.9635: couldn't read orphan inode 15 (err -117) [ 206.571622][T28664] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 206.629649][ T4329] EXT4-fs (loop4): unmounting filesystem. [ 206.716506][T28704] EXT4-fs: Ignoring removed orlov option [ 206.717426][T28704] EXT4-fs: Ignoring removed nomblk_io_submit option [ 206.737931][T28704] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 206.802856][T28725] netlink: 'syz.2.9662': attribute type 29 has an invalid length. [ 206.807757][ T4321] EXT4-fs (loop1): unmounting filesystem. [ 206.929065][T28743] __nla_validate_parse: 3 callbacks suppressed [ 206.929077][T28743] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9658'. [ 206.998440][T28756] EXT4-fs: Ignoring removed nobh option [ 207.012284][T28756] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal [ 207.136448][ T4330] Bluetooth: hci3: command 0x1405 tx timeout [ 207.269587][T28803] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9674'. [ 207.349305][T28818] [ 207.349753][T28818] ====================================================== [ 207.350761][T28818] WARNING: possible circular locking dependency detected [ 207.351853][T28818] syzkaller #0 Not tainted [ 207.352586][T28818] ------------------------------------------------------ [ 207.353637][T28818] syz.1.9679/28818 is trying to acquire lock: [ 207.354618][T28818] ffff0000ded434f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xe4/0x1094 [ 207.356256][T28818] [ 207.356256][T28818] but task is already holding lock: [ 207.357443][T28818] ffff000109a180b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x148/0x1c8 [ 207.358938][T28818] [ 207.358938][T28818] which lock already depends on the new lock. [ 207.358938][T28818] [ 207.360506][T28818] [ 207.360506][T28818] the existing dependency chain (in reverse order) is: [ 207.361850][T28818] [ 207.361850][T28818] -> #1 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 207.363075][T28818] __mutex_lock_common+0x190/0x1f60 [ 207.363930][T28818] mutex_lock_nested+0x38/0x44 [ 207.364779][T28818] hfs_find_init+0x148/0x1c8 [ 207.365583][T28818] hfs_extend_file+0x28c/0x1094 [ 207.366340][T28818] hfs_bmap_reserve+0xd4/0x3e0 [ 207.367128][T28818] hfs_cat_create+0x1d4/0x7b4 [ 207.367887][T28818] hfs_mkdir+0x6c/0xe0 [ 207.368556][T28818] vfs_mkdir+0x314/0x4d4 [ 207.369281][T28818] do_mkdirat+0x1b8/0x3ec [ 207.370066][T28818] __arm64_sys_mkdirat+0x90/0xa8 [ 207.370935][T28818] invoke_syscall+0x98/0x2b4 [ 207.371780][T28818] el0_svc_common+0x138/0x258 [ 207.372574][T28818] do_el0_svc+0x58/0x130 [ 207.373330][T28818] el0_svc+0x58/0x128 [ 207.374016][T28818] el0t_64_sync_handler+0x84/0xf0 [ 207.374805][T28818] el0t_64_sync+0x18c/0x190 [ 207.375565][T28818] [ 207.375565][T28818] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 207.376934][T28818] __lock_acquire+0x2880/0x6800 [ 207.377738][T28818] lock_acquire+0x20c/0x63c [ 207.378527][T28818] __mutex_lock_common+0x190/0x1f60 [ 207.379408][T28818] mutex_lock_nested+0x38/0x44 [ 207.380183][T28818] hfs_extend_file+0xe4/0x1094 [ 207.380984][T28818] hfs_bmap_reserve+0xd4/0x3e0 [ 207.381749][T28818] __hfs_ext_write_extent+0x198/0x484 [ 207.382627][T28818] __hfs_ext_cache_extent+0x84/0x74c [ 207.383500][T28818] hfs_extend_file+0x2d0/0x1094 [ 207.384298][T28818] hfs_get_block+0x324/0xa3c [ 207.385071][T28818] __block_write_begin_int+0x350/0x1388 [ 207.385912][T28818] cont_write_begin+0x53c/0x780 [ 207.386684][T28818] hfs_write_begin+0x98/0xe4 [ 207.387435][T28818] generic_perform_write+0x234/0x4f4 [ 207.388321][T28818] __generic_file_write_iter+0x130/0x250 [ 207.389179][T28818] generic_file_write_iter+0xb4/0x2b0 [ 207.390067][T28818] vfs_write+0x3ec/0x7f0 [ 207.390754][T28818] ksys_write+0x12c/0x224 [ 207.391458][T28818] __arm64_sys_write+0x7c/0x90 [ 207.392218][T28818] invoke_syscall+0x98/0x2b4 [ 207.392987][T28818] el0_svc_common+0x138/0x258 [ 207.393804][T28818] do_el0_svc+0x58/0x130 [ 207.394514][T28818] el0_svc+0x58/0x128 [ 207.395189][T28818] el0t_64_sync_handler+0x84/0xf0 [ 207.396013][T28818] el0t_64_sync+0x18c/0x190 [ 207.396793][T28818] [ 207.396793][T28818] other info that might help us debug this: [ 207.396793][T28818] [ 207.398279][T28818] Possible unsafe locking scenario: [ 207.398279][T28818] [ 207.399424][T28818] CPU0 CPU1 [ 207.400240][T28818] ---- ---- [ 207.401080][T28818] lock(&tree->tree_lock#2/1); [ 207.401870][T28818] lock(&HFS_I(tree->inode)->extents_lock); [ 207.403136][T28818] lock(&tree->tree_lock#2/1); [ 207.404170][T28818] lock(&HFS_I(tree->inode)->extents_lock); [ 207.405032][T28818] [ 207.405032][T28818] *** DEADLOCK *** [ 207.405032][T28818] [ 207.406250][T28818] 5 locks held by syz.1.9679/28818: [ 207.407029][T28818] #0: ffff0000c2f71c68 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x114/0x16c [ 207.408369][T28818] #1: ffff0000cedec460 (sb_writers#26){.+.+}-{0:0}, at: vfs_write+0x244/0x7f0 [ 207.409792][T28818] #2: ffff0000ded41ca8 (&sb->s_type->i_mutex_key#34){+.+.}-{3:3}, at: generic_file_write_iter+0x84/0x2b0 [ 207.411543][T28818] #3: ffff0000ded41af8 (&HFS_I(inode)->extents_lock#2){+.+.}-{3:3}, at: hfs_extend_file+0xe4/0x1094 [ 207.413232][T28818] #4: ffff000109a180b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x148/0x1c8 [ 207.414769][T28818] [ 207.414769][T28818] stack backtrace: [ 207.415632][T28818] CPU: 0 PID: 28818 Comm: syz.1.9679 Not tainted syzkaller #0 [ 207.416700][T28818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 207.418263][T28818] Call trace: [ 207.418709][T28818] dump_backtrace+0x1c0/0x1ec [ 207.419393][T28818] show_stack+0x2c/0x3c [ 207.420024][T28818] __dump_stack+0x30/0x40 [ 207.420615][T28818] dump_stack_lvl+0xf4/0x15c [ 207.421324][T28818] dump_stack+0x1c/0x5c [ 207.421921][T28818] print_circular_bug+0x148/0x1b0 [ 207.422706][T28818] check_noncircular+0x264/0x2f8 [ 207.423406][T28818] __lock_acquire+0x2880/0x6800 [ 207.424080][T28818] lock_acquire+0x20c/0x63c [ 207.424751][T28818] __mutex_lock_common+0x190/0x1f60 [ 207.425533][T28818] mutex_lock_nested+0x38/0x44 [ 207.426245][T28818] hfs_extend_file+0xe4/0x1094 [ 207.426973][T28818] hfs_bmap_reserve+0xd4/0x3e0 [ 207.427661][T28818] __hfs_ext_write_extent+0x198/0x484 [ 207.428471][T28818] __hfs_ext_cache_extent+0x84/0x74c [ 207.429259][T28818] hfs_extend_file+0x2d0/0x1094 [ 207.429959][T28818] hfs_get_block+0x324/0xa3c [ 207.430671][T28818] __block_write_begin_int+0x350/0x1388 [ 207.431487][T28818] cont_write_begin+0x53c/0x780 [ 207.432212][T28818] hfs_write_begin+0x98/0xe4 [ 207.432878][T28818] generic_perform_write+0x234/0x4f4 [ 207.433640][T28818] __generic_file_write_iter+0x130/0x250 [ 207.434431][T28818] generic_file_write_iter+0xb4/0x2b0 [ 207.435248][T28818] vfs_write+0x3ec/0x7f0 [ 207.435824][T28818] ksys_write+0x12c/0x224 [ 207.436433][T28818] __arm64_sys_write+0x7c/0x90 [ 207.437094][T28818] invoke_syscall+0x98/0x2b4 [ 207.437737][T28818] el0_svc_common+0x138/0x258 [ 207.438418][T28818] do_el0_svc+0x58/0x130 [ 207.439069][T28818] el0_svc+0x58/0x128 [ 207.439640][T28818] el0t_64_sync_handler+0x84/0xf0 [ 207.440426][T28818] el0t_64_sync+0x18c/0x190 [ 209.213300][ T47] Bluetooth: hci3: command 0x1405 tx timeout