last executing test programs: 5.198760482s ago: executing program 2 (id=14138): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, 0x3d, 0x107, 0xfffffffe, 0x0, {0x2, 0x7c}, [@nested={0x4, 0x142}]}, 0x18}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) 5.139994939s ago: executing program 2 (id=14140): r0 = io_uring_setup(0x60b6, &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x18, 0xffffffffffffffff, 0x1) 5.072998955s ago: executing program 2 (id=14141): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x1}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 4.955859157s ago: executing program 2 (id=14146): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x302, 0xb8e, 0x1, 0x1, 0x0}) 3.640352362s ago: executing program 2 (id=14190): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x5, &(0x7f00000006c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffbff}, [@call={0x85, 0x0, 0x0, 0x18}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000680)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="1d1b00ba8d13cdea2aac8a25ec05", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.618347592s ago: executing program 0 (id=14192): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS(r0, 0x4b72, &(0x7f0000000700)={0x5, 0x2, 0x0, 0x0, 0xb, "f6ff00"}) 3.595578123s ago: executing program 3 (id=14194): setresuid(0xee01, 0x0, 0x0) keyctl$set_reqkey_keyring(0xf, 0xfffffffb) 3.497522721s ago: executing program 0 (id=14196): r0 = io_uring_setup(0x3eae, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0), 0x0) 3.473224297s ago: executing program 1 (id=14198): r0 = userfaultfd(0x80001) readv(r0, &(0x7f0000000700)=[{&(0x7f0000000180)=""/57, 0x39}], 0x1) 3.447300824s ago: executing program 1 (id=14199): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000300), 0x4) 3.44696743s ago: executing program 4 (id=14200): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x14, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000) 3.423940215s ago: executing program 2 (id=14201): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCMBIC(r0, 0x5417, 0x0) 3.423631662s ago: executing program 3 (id=14202): r0 = socket$kcm(0xa, 0x3, 0x3a) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xffffffffffff0000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8b", 0x1}], 0x1, 0x0, 0x0, 0x900}, 0x60) 3.376312405s ago: executing program 4 (id=14203): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10060, 0x8346}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_VFINFO_LIST={0x18, 0x16, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@IFLA_VF_RATE={0x10, 0x6, {0x100, 0x6, 0x8}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x50}}, 0x0) 3.373292237s ago: executing program 1 (id=14204): r0 = syz_open_dev$vim2m(&(0x7f0000000c80), 0x6, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000080)={0x1, @pix_mp={0x0, 0x0, 0x33524742}}) 3.365504891s ago: executing program 0 (id=14205): r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002) ioctl$FE_SET_FRONTEND(r0, 0x40246f4c, &(0x7f0000000080)={0x30a32c0, 0x2, @ofdm={0x4, 0xefbcc3122fda24e9, 0x11, 0xa, 0x0, 0xb}}) 3.359290977s ago: executing program 3 (id=14206): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp_addr={0x44, 0xc, 0x7, 0x1, 0x7, [{@rand_addr=0x64010101}]}]}}}], 0x20}, 0x200040c4) 3.300104284s ago: executing program 4 (id=14207): r0 = syz_open_dev$video(&(0x7f0000000580), 0x8, 0x1) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000000)={0xb, @raw_data="06fc9f6ec851f71e0e7ec0b7c15d3ca318ba169cb54078963aa0792702fe413efd18f6274d170e33ce14b272a279618971e3c218a475c8ad776f090f53ef4ec4b8415f11ea3ac0f385a4be33a0f93c36d3eb964b84c7073aaef853b8e8b4717ca6081a226b31059abf59d8ca5a49113f28099dc0cdcb7f2d36366493ab9ad6b89a2a4ccaab61535776a916a299137374d31b44d820bae5b26e45313f876f16369004d5e11e26223681d898888072bce3b43d200579a7411e174b150f4ca8f69ca745da93b3fa55a6"}) 3.297247504s ago: executing program 1 (id=14208): r0 = syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f00000000c0)={0x6, "4eff5e04e1beffa06d1398e723d337406f34c074bf2d5a553ae708e88c059f78", 0x3}) 3.281610888s ago: executing program 0 (id=14209): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x34, 0x0, 0x8, 0x201, 0x0, 0x0, {0x5, 0x0, 0x2}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @gre}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6001}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0xff}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008802}, 0x8000) 3.277063321s ago: executing program 3 (id=14210): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in=@private=0xa010100, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0xa0}, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}, 0x0, 0x33}, @in6=@empty, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffff1, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffffe}, {0x0, 0x0, 0x796}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe55286f1921f74be}, 0xfffffffc, 0x1a0b1}}, 0xf8}}, 0x0) 3.214235434s ago: executing program 4 (id=14211): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000001700)={0x30, 0x0, 0xb, 0x5, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_COMPAT_NAME={0xc, 0x1, 'NFQUEUE\x00'}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x24040800) 3.209781921s ago: executing program 1 (id=14212): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x2c, 0x0, &(0x7f0000000200)) 3.204116606s ago: executing program 0 (id=14213): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$TIOCSLCKTRMIOS(r0, 0x5401, 0xffffffffffffffff) 3.193183906s ago: executing program 3 (id=14214): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x7}, 0x50) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r0, &(0x7f0000000300), 0x0}, 0x20) 3.137901472s ago: executing program 4 (id=14215): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) connect$tipc(r0, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0xffffffff, 0x4}}, 0x10) 3.133838415s ago: executing program 1 (id=14216): r0 = socket(0x2, 0x80805, 0x0) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, 0x0, 0x0) 3.125743397s ago: executing program 3 (id=14217): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x894a, &(0x7f0000000900)={'bridge0\x00', @broadcast}) 3.093117798s ago: executing program 0 (id=14218): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x4, 0x3c8, 0xe8, 0x1d0, 0x1d0, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@arp={@remote, @multicast2, 0x0, 0x0, 0x7, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x100}}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0xfc, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@multicast, {[0xff]}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond_slave_1\x00', 'ipvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, 0x4, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) 0s ago: executing program 4 (id=14219): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount_setattr(r0, &(0x7f0000000100)='.\x00', 0x1100, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20) kernel console output (not intermixed with test programs): evice loop2): ext4_get_link:106: inode #16: comm syz.2.9504: bad symlink. [ 152.410325][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.605624][T24388] validate_nla: 2 callbacks suppressed [ 152.606669][T24388] netlink: 'syz.2.9527': attribute type 1 has an invalid length. [ 152.915832][T24456] overlay: Unknown parameter '\' [ 152.920566][T24457] ip6tnl3: entered allmulticast mode [ 152.975884][T24466] loop2: detected capacity change from 0 to 256 [ 153.012625][T24470] netlink: 'syz.4.9560': attribute type 5 has an invalid length. [ 153.120071][T24487] loop1: detected capacity change from 0 to 2048 [ 153.159871][T24487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 153.219936][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.340202][T24515] loop4: detected capacity change from 0 to 1024 [ 153.340587][T24515] EXT4-fs: Ignoring removed nomblk_io_submit option [ 153.340608][T24515] EXT4-fs: Ignoring removed nomblk_io_submit option [ 153.340836][T24515] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 153.346623][T24517] netlink: 'syz.2.9576': attribute type 1 has an invalid length. [ 153.350245][T24515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.414645][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.629723][T24558] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 154.028419][ T30] audit: type=1326 audit(2727.021:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24620 comm="syz.3.9628" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 154.028465][ T30] audit: type=1326 audit(2727.021:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24620 comm="syz.3.9628" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 154.043149][ T30] audit: type=1326 audit(2727.039:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24620 comm="syz.3.9628" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=442 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 154.191725][T24650] bond4: option ad_select: invalid value (34) [ 154.212199][T24650] bond4 (unregistering): Released all slaves [ 154.263892][T24663] netlink: 'syz.0.9648': attribute type 3 has an invalid length. [ 154.266133][T24663] netlink: 'syz.0.9648': attribute type 3 has an invalid length. [ 154.701139][T24735] devpts: Bad value for 'max' [ 154.906497][T24762] netlink: 'syz.4.9697': attribute type 2 has an invalid length. [ 154.997289][T24770] trusted_key: encrypted_key: insufficient parameters specified [ 155.126052][T24786] netlink: 'syz.3.9708': attribute type 1 has an invalid length. [ 155.233299][T24804] netlink: 'syz.0.9717': attribute type 1 has an invalid length. [ 155.234864][T24804] NCSI netlink: No device for ifindex 0 [ 155.236598][T24802] cgroup: Invalid name [ 155.376441][T24820] netlink: 'syz.4.9725': attribute type 31 has an invalid length. [ 155.493896][T24838] __nla_validate_parse: 13 callbacks suppressed [ 155.494105][T24838] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9734'. [ 155.494139][T24838] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9734'. [ 155.561563][T24850] Unknown options in mask b7f2 [ 155.698493][T24874] xt_connbytes: Forcing CT accounting to be enabled [ 155.698523][T24874] xt_NFQUEUE: number of total queues is 0 [ 155.727072][T24879] xt_ecn: cannot match TCP bits for non-tcp packets [ 155.771637][T24888] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9758'. [ 155.793180][T24890] fuse: Invalid rootmode [ 155.811509][T24898] SET target dimension over the limit! [ 155.868957][T24910] misc userio: Invalid payload size [ 156.031991][T24939] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9785'. [ 156.183924][T24971] random: crng reseeded on system resumption [ 156.300921][T24986] loop1: detected capacity change from 0 to 512 [ 156.315368][T24986] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.9807: bad orphan inode 15 [ 156.315400][T24986] loop1: lost filesystem error report for type 5 error -117 [ 156.315705][T24986] ext4_test_bit(bit=14, block=18) = 1 [ 156.315720][T24986] is_bad_inode(inode)=0 [ 156.315725][T24986] NEXT_ORPHAN(inode)=1023 [ 156.315730][T24986] max_ino=32 [ 156.315735][T24986] i_nlink=0 [ 156.315867][T24986] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2972: inode #15: comm syz.1.9807: corrupted xattr block 19: invalid header [ 156.315881][T24986] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 156.316000][T24986] EXT4-fs warning (device loop1): ext4_evict_inode:287: xattr delete (err -117) [ 156.316475][T24986] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 156.325676][T24986] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9807: bg 0: block 449: padding at end of block bitmap is not set [ 156.360325][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 156.622043][T25043] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 156.623790][T25043] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 156.625367][T25043] overlayfs: missing 'lowerdir' [ 156.706048][T25057] gre1: entered allmulticast mode [ 156.766005][T25072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9848'. [ 156.866448][T25091] 8021q: VLANs not supported on ipvlan0 [ 156.922764][T25100] netlink: 'syz.3.9864': attribute type 10 has an invalid length. [ 156.922795][T25102] @0Ù: renamed from dummy0 (while UP) [ 156.931778][T25104] netlink: 32 bytes leftover after parsing attributes in process `syz.1.9862'. [ 157.262431][T25164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9892'. [ 157.262767][T25164] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 157.305385][T25173] vlan0: entered promiscuous mode [ 157.553938][T25225] random: crng reseeded on system resumption [ 157.585956][T25228] xt_connbytes: Forcing CT accounting to be enabled [ 157.586059][T25228] x_tables: ip6_tables: rpfilter match: used from hooks POSTROUTING, but only valid from PREROUTING [ 157.632693][T25236] bridge7: entered promiscuous mode [ 157.633776][T25236] bridge7: entered allmulticast mode [ 157.860489][T25280] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 157.907060][T25287] netdevsim netdevsim3 ªªªªª»: renamed from netdevsim0 (while UP) [ 158.025047][T25310] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 158.122920][T25330] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9976'. [ 158.302416][T25366] validate_nla: 2 callbacks suppressed [ 158.302456][T25366] netlink: 'syz.1.9993': attribute type 46 has an invalid length. [ 158.325787][T25370] ubi31: attaching mtd0 [ 158.326540][T25370] ubi31: scanning is finished [ 158.333046][T25370] ubi31: empty MTD device detected [ 158.552224][T25370] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 158.552266][T25370] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 158.552291][T25370] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 158.552305][T25370] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 158.552316][T25370] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 158.552327][T25370] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 158.552337][T25370] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2548496739 [ 158.552349][T25370] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 158.552734][T25396] ubi31: background thread "ubi_bgt31d" started, PID 25396 [ 158.891063][T25440] loop3: detected capacity change from 0 to 512 [ 158.895676][T25442] xt_hashlimit: max too large, truncated to 1048576 [ 158.895707][T25442] xt_hashlimit: overflow, try lower: 2/0 [ 158.935571][T25440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 158.973415][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.273078][T25492] binder: 25490:25492 ioctl c00c6211 0 returned -14 [ 159.345123][T25508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10064'. [ 159.490426][T25534] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4095 out of range (51000000..2150000000) [ 159.537952][T25543] netlink: 76 bytes leftover after parsing attributes in process `syz.2.10081'. [ 159.605250][T25555] loop3: detected capacity change from 0 to 512 [ 159.605649][T25555] EXT4-fs: Ignoring removed nobh option [ 159.615084][T25555] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 159.619434][T25555] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.10087: attempt to clear invalid blocks 1 len 1 [ 159.619472][T25555] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 159.623056][T25555] EXT4-fs (loop3): Remounting filesystem read-only [ 159.627647][T25555] EXT4-fs (loop3): 1 truncate cleaned up [ 159.628354][T25555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.659762][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.446945][T25695] binder: 25694:25695 BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found [ 160.446978][T25695] binder: 25694:25695 ioctl c0306201 20000100 returned -22 [ 160.516701][T25703] sock: sock_timestamping_bind_phc: sock not bind to device [ 160.691919][T25725] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 160.732753][T25727] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 161.038658][T25765] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 161.396564][ T4400] veth0_vlan: left promiscuous mode [ 161.397854][ T4400] veth0_vlan: entered promiscuous mode [ 161.568513][T25859] __nla_validate_parse: 7 callbacks suppressed [ 161.568555][T25859] netlink: 224 bytes leftover after parsing attributes in process `syz.0.10224'. [ 161.661935][T25878] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10231'. [ 161.661967][T25878] netlink: 108 bytes leftover after parsing attributes in process `syz.3.10231'. [ 161.662076][T25878] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10231'. [ 161.662121][T25878] netlink: 108 bytes leftover after parsing attributes in process `syz.3.10231'. [ 161.662134][T25878] netlink: 84 bytes leftover after parsing attributes in process `syz.3.10231'. [ 161.694420][T25885] loop2: detected capacity change from 0 to 256 [ 161.713124][T25885] FAT-fs (loop2): Directory bread(block 64) failed [ 161.713162][T25885] FAT-fs (loop2): Directory bread(block 65) failed [ 161.713194][T25885] FAT-fs (loop2): Directory bread(block 66) failed [ 161.713206][T25885] FAT-fs (loop2): Directory bread(block 67) failed [ 161.713240][T25885] FAT-fs (loop2): Directory bread(block 68) failed [ 161.713256][T25885] FAT-fs (loop2): Directory bread(block 69) failed [ 161.713279][T25885] FAT-fs (loop2): Directory bread(block 70) failed [ 161.713290][T25885] FAT-fs (loop2): Directory bread(block 71) failed [ 161.713312][T25885] FAT-fs (loop2): Directory bread(block 72) failed [ 161.713322][T25885] FAT-fs (loop2): Directory bread(block 73) failed [ 161.736405][T25890] loop3: detected capacity change from 0 to 256 [ 161.761699][T25890] FAT-fs (loop3): Directory bread(block 64) failed [ 161.761738][T25890] FAT-fs (loop3): Directory bread(block 65) failed [ 161.761768][T25890] FAT-fs (loop3): Directory bread(block 66) failed [ 161.761780][T25890] FAT-fs (loop3): Directory bread(block 67) failed [ 161.761804][T25890] FAT-fs (loop3): Directory bread(block 68) failed [ 161.761815][T25890] FAT-fs (loop3): Directory bread(block 69) failed [ 161.761837][T25890] FAT-fs (loop3): Directory bread(block 70) failed [ 161.761847][T25890] FAT-fs (loop3): Directory bread(block 71) failed [ 161.761869][T25890] FAT-fs (loop3): Directory bread(block 72) failed [ 161.761879][T25890] FAT-fs (loop3): Directory bread(block 73) failed [ 161.819151][T25897] Smack: duplicate mount options [ 161.831710][T25899] netlink: 'syz.4.10241': attribute type 1 has an invalid length. [ 161.865672][T25903] Option ' ' to dns_resolver key: bad/missing value [ 161.887006][T25909] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 162.047257][T25938] netlink: 830 bytes leftover after parsing attributes in process `syz.0.10259'. [ 162.160981][T25953] bond3 (unregistering): Released all slaves [ 162.207871][T25967] loop3: detected capacity change from 0 to 512 [ 162.212855][T25967] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 162.218792][T25967] EXT4-fs error (device loop3): xattr_find_entry:337: inode #15: comm syz.3.10273: corrupted xattr entries [ 162.218827][T25967] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 162.218990][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 162.219016][ C0] EXT4-fs (loop3): initial error at time 2734: xattr_find_entry:337: inode 15 [ 162.219049][ C0] EXT4-fs (loop3): last error at time 2734: xattr_find_entry:337: inode 15 [ 162.220512][T25967] EXT4-fs (loop3): Remounting filesystem read-only [ 162.220590][T25967] EXT4-fs (loop3): 1 truncate cleaned up [ 162.221070][T25967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.277075][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.324263][T25983] ip6t_srh: unknown srh match flags 4000 [ 162.356618][T25988] loop4: detected capacity change from 0 to 1024 [ 162.381778][T25988] EXT4-fs: Ignoring removed mblk_io_submit option [ 162.392044][T25988] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 162.394870][T25988] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.405900][T26000] dlm: non-version read from control device 240 [ 162.436751][T26004] netlink: 'syz.0.10289': attribute type 4 has an invalid length. [ 162.438193][T26004] netlink: 17 bytes leftover after parsing attributes in process `syz.0.10289'. [ 162.471008][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.710207][T26056] netlink: 'syz.4.10315': attribute type 1 has an invalid length. [ 162.710240][T26056] netlink: 224 bytes leftover after parsing attributes in process `syz.4.10315'. [ 162.762519][T26063] netlink: 'syz.0.10318': attribute type 13 has an invalid length. [ 162.762549][T26063] netlink: 'syz.0.10318': attribute type 12 has an invalid length. [ 162.877638][T26084] loop4: detected capacity change from 0 to 1024 [ 162.877976][T26084] EXT4-fs: inline encryption not supported [ 162.898041][T26084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.920553][T26095] loop3: detected capacity change from 0 to 512 [ 162.928229][T26100] loop1: detected capacity change from 0 to 128 [ 162.930424][T26100] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 162.940171][T26095] EXT4-fs: Ignoring removed nomblk_io_submit option [ 162.942178][T26095] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 162.942197][T26095] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8840c01d, mo2=0102] [ 162.942294][T26095] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80) [ 162.942310][T26095] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features [ 162.942752][T26095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 162.959733][ T5143] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 162.966771][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.987726][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.997209][T26108] netlink: 'syz.1.10337': attribute type 2 has an invalid length. [ 163.055659][T26125] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10346'. [ 163.175419][T26139] tmpfs: Bad value for 'mpol' [ 163.353643][T26171] netlink: 'syz.3.10368': attribute type 21 has an invalid length. [ 163.380542][T26178] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 163.782556][T26249] random: crng reseeded on system resumption [ 163.852571][T26236] lo speed is unknown, defaulting to 1000 [ 163.853309][T26236] lo speed is unknown, defaulting to 1000 [ 164.211291][T26315] PKCS8: Unsupported PKCS#8 version [ 164.325726][T26332] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 164.343569][T26334] netlink: 'syz.0.10448': attribute type 3 has an invalid length. [ 164.378281][ T5073] Bluetooth: hci2: command 0x0406 tx timeout [ 164.378341][ T5073] Bluetooth: hci1: command 0x0406 tx timeout [ 164.378492][ T5073] Bluetooth: hci0: command 0x0406 tx timeout [ 164.479396][T26359] netlink: 'syz.2.10461': attribute type 6 has an invalid length. [ 164.527680][T26366] netlink: 'syz.4.10464': attribute type 3 has an invalid length. [ 164.620839][T26383] loop2: detected capacity change from 0 to 512 [ 164.663602][T26395] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 164.695083][T26383] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 164.725241][T26383] __quota_error: 8 callbacks suppressed [ 164.726334][T26383] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 164.726423][T26383] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 164.726464][T26383] EXT4-fs error (device loop2): ext4_acquire_dquot:7034: comm syz.2.10471: Failed to acquire dquot type 0 [ 164.793902][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 164.814032][T26417] netlink: 'syz.1.10489': attribute type 7 has an invalid length. [ 164.815526][T26417] netlink: 'syz.1.10489': attribute type 5 has an invalid length. [ 164.942642][T26434] netlink: 'syz.0.10496': attribute type 10 has an invalid length. [ 164.942680][T26434] dummy0: left allmulticast mode [ 164.942927][T26435] loop3: detected capacity change from 0 to 512 [ 164.944016][T26434] team0: Port device dummy0 added [ 164.965737][T26435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 164.988943][T26440] loop1: detected capacity change from 0 to 2048 [ 164.996117][T26435] Quota error (device loop3): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 164.996195][T26435] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 164.996226][T26435] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.10497: Failed to acquire dquot type 0 [ 165.038543][T26451] netdevsim netdevsim0 netdevsim0: refused to change device tx_queue_len [ 165.046189][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 165.113006][T26463] netdevsim netdevsim4: Firmware load for './cgroup/../file0/file0' refused, path contains '..' component [ 165.224163][T26476] mac80211_hwsim hwsim10 wlan0: left promiscuous mode [ 165.225906][T26476] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 165.249379][T26488] netlink: 'syz.3.10522': attribute type 11 has an invalid length. [ 165.385431][T26513] loop1: detected capacity change from 0 to 256 [ 165.408846][T26513] FAT-fs (loop1): Directory bread(block 64) failed [ 165.408880][T26513] FAT-fs (loop1): Directory bread(block 65) failed [ 165.408906][T26513] FAT-fs (loop1): Directory bread(block 66) failed [ 165.408917][T26513] FAT-fs (loop1): Directory bread(block 67) failed [ 165.408939][T26513] FAT-fs (loop1): Directory bread(block 68) failed [ 165.408950][T26513] FAT-fs (loop1): Directory bread(block 69) failed [ 165.408973][T26513] FAT-fs (loop1): Directory bread(block 70) failed [ 165.408984][T26513] FAT-fs (loop1): Directory bread(block 71) failed [ 165.409005][T26513] FAT-fs (loop1): Directory bread(block 72) failed [ 165.409015][T26513] FAT-fs (loop1): Directory bread(block 73) failed [ 165.439403][T26513] FAT-fs (loop1): Filesystem has been set read-only [ 165.631690][T26554] SET target dimension over the limit! [ 165.659225][T26555] netlink: 'syz.0.10555': attribute type 2 has an invalid length. [ 165.850582][T26585] xt_ecn: cannot match TCP bits for non-tcp packets [ 165.883663][T26592] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 166.164249][T26635] mmap: syz.1.10593 (26635): VmData 37494784 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 166.237767][T26647] loop2: detected capacity change from 0 to 256 [ 166.313918][T26655] netlink: 'syz.3.10602': attribute type 2 has an invalid length. [ 166.424848][T26674] loop4: detected capacity change from 0 to 512 [ 166.433826][T26674] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.10612: ea_inode with extended attributes [ 166.448332][T26674] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 166.451921][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 166.451957][ C0] EXT4-fs (loop4): initial error at time 2738: ext4_xattr_inode_iget:441: inode 11 [ 166.452002][ C0] EXT4-fs (loop4): last error at time 2738: ext4_xattr_inode_iget:441: inode 11 [ 166.463019][T26674] EXT4-fs (loop4): Remounting filesystem read-only [ 166.464360][T26674] EXT4-fs warning (device loop4): ext4_evict_inode:287: xattr delete (err -30) [ 166.465998][T26674] EXT4-fs (loop4): 1 orphan inode deleted [ 166.467543][T26674] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.497602][T26687] loop2: detected capacity change from 0 to 256 [ 166.541477][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.671411][T26718] loop2: detected capacity change from 0 to 256 [ 166.680396][T26718] FAT-fs (loop2): Directory bread(block 64) failed [ 166.680433][T26718] FAT-fs (loop2): Directory bread(block 65) failed [ 166.680461][T26718] FAT-fs (loop2): Directory bread(block 66) failed [ 166.680473][T26718] FAT-fs (loop2): Directory bread(block 67) failed [ 166.680496][T26718] FAT-fs (loop2): Directory bread(block 68) failed [ 166.680507][T26718] FAT-fs (loop2): Directory bread(block 69) failed [ 166.680529][T26718] FAT-fs (loop2): Directory bread(block 70) failed [ 166.680540][T26718] FAT-fs (loop2): Directory bread(block 71) failed [ 166.680562][T26718] FAT-fs (loop2): Directory bread(block 72) failed [ 166.680572][T26718] FAT-fs (loop2): Directory bread(block 73) failed [ 166.726251][T26718] FAT-fs (loop2): Filesystem has been set read-only [ 166.882239][T26746] loop4: detected capacity change from 0 to 256 [ 166.907280][T26746] FAT-fs (loop4): Directory bread(block 64) failed [ 166.907314][T26746] FAT-fs (loop4): Directory bread(block 65) failed [ 166.907342][T26746] FAT-fs (loop4): Directory bread(block 66) failed [ 166.907354][T26746] FAT-fs (loop4): Directory bread(block 67) failed [ 166.907378][T26746] FAT-fs (loop4): Directory bread(block 68) failed [ 166.907389][T26746] FAT-fs (loop4): Directory bread(block 69) failed [ 166.907413][T26746] FAT-fs (loop4): Directory bread(block 70) failed [ 166.907423][T26746] FAT-fs (loop4): Directory bread(block 71) failed [ 166.907460][T26746] FAT-fs (loop4): Directory bread(block 72) failed [ 166.907470][T26746] FAT-fs (loop4): Directory bread(block 73) failed [ 166.910593][T26754] netlink: 'syz.2.10650': attribute type 5 has an invalid length. [ 166.982449][T26764] loop3: detected capacity change from 0 to 512 [ 166.992841][T26764] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 166.995492][T26764] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal [ 167.063029][T26775] __nla_validate_parse: 8 callbacks suppressed [ 167.064307][T26775] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10661'. [ 167.068339][T26777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10657'. [ 167.081137][T26771] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 167.085735][T26771] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 167.085866][T26771] EXT4-fs (loop2): orphan cleanup on readonly fs [ 167.086271][T26771] EXT4-fs error (device loop2): __ext4_get_inode_loc:4885: comm syz.2.10659: Invalid inode table block 0 in block_group 0 [ 167.086289][T26771] loop2: lost filesystem error report for type 5 error -117 [ 167.086374][T26771] EXT4-fs (loop2): Remounting filesystem read-only [ 167.086384][T26771] Quota error (device loop2): write_blk: dquota write failed [ 167.086409][T26771] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 167.086453][T26771] EXT4-fs (loop2): 1 truncate cleaned up [ 167.104597][T26771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 167.135475][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.333930][T26820] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 167.522350][T26858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10701'. [ 167.725864][T26896] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 167.733458][T26896] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 2: comm syz.1.10720: lblock 2 mapped to illegal pblock 2 (length 1) [ 167.733495][T26896] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 167.736097][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 167.736108][ C0] EXT4-fs (loop1): initial error at time 2739: ext4_map_blocks:791: inode 3: block 2 [ 167.736125][ C0] EXT4-fs (loop1): last error at time 2739: ext4_map_blocks:791: inode 3: block 2 [ 167.742647][T26896] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 167.742677][T26896] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 48: comm syz.1.10720: lblock 0 mapped to illegal pblock 48 (length 1) [ 167.742705][T26896] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 167.747503][T26896] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 167.747530][T26896] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.10720: Failed to acquire dquot type 0 [ 167.747558][T26896] loop1: lost filesystem error report for type 5 error -117 [ 167.749201][T26896] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 167.749215][T26896] loop1: lost filesystem error report for type 5 error -117 [ 167.755655][T26896] EXT4-fs error (device loop1): ext4_evict_inode:267: inode #11: comm syz.1.10720: mark_inode_dirty error [ 167.755686][T26896] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 167.755775][T26896] EXT4-fs warning (device loop1): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 167.755814][T26896] EXT4-fs (loop1): 1 orphan inode deleted [ 167.756333][T26896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.770711][ T3910] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 167.774339][ T3910] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 167.774383][ T3910] EXT4-fs error (device loop1): ext4_release_dquot:7070: comm kworker/u8:11: Failed to release dquot type 0 [ 167.786689][T26909] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 167.786689][T26909] The task syz.3.10722 (26909) triggered the difference, watch for misbehavior. [ 167.804985][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.807865][ T39] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 167.807892][ T39] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 167.811722][ T39] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 167.811742][ T39] EXT4-fs error (device loop1): ext4_release_dquot:7070: comm kworker/u8:2: Failed to release dquot type 0 [ 167.811755][ T39] loop1: lost filesystem error report for type 5 error -117 [ 167.817232][ T5143] EXT4-fs error (device loop1): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 167.817270][ T5143] loop1: lost filesystem error report for type 5 error -117 [ 167.822055][ T5143] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 167.822092][ T5143] loop1: lost filesystem error report for type 5 error -117 [ 167.822220][ T5143] EXT4-fs error (device loop1): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 167.822232][ T5143] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 168.021590][T26946] cgroup: No subsys list or none specified [ 168.022079][T26944] netlink: 256 bytes leftover after parsing attributes in process `syz.0.10743'. [ 168.204630][T26976] netlink: 148 bytes leftover after parsing attributes in process `syz.4.10759'. [ 168.208082][T26978] netlink: 44 bytes leftover after parsing attributes in process `syz.1.10758'. [ 168.210207][T26978] netlink: 43 bytes leftover after parsing attributes in process `syz.1.10758'. [ 168.210247][T26978] netlink: 43 bytes leftover after parsing attributes in process `syz.1.10758'. [ 168.556841][T27040] EXT4-fs: Ignoring removed bh option [ 168.556877][T27040] EXT4-fs: inline encryption not supported [ 168.565869][T27040] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 168.588642][T27040] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1148: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 168.591866][T27040] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.10790: bg 0: block 248: padding at end of block bitmap is not set [ 168.591902][T27040] loop4: lost filesystem error report for type 5 error -117 [ 168.594767][T27040] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.10790: Failed to acquire dquot type 1 [ 168.600462][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 168.600494][ C0] EXT4-fs (loop4): last error at time 2740: ext4_validate_block_bitmap:441 [ 168.608488][T27040] loop4: lost filesystem error report for type 5 error -28 [ 168.609977][T27040] EXT4-fs (loop4): 1 truncate cleaned up [ 168.614474][T27040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 168.701072][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 168.704181][ T3707] EXT4-fs error (device loop4): ext4_release_dquot:7070: comm kworker/u8:8: Failed to release dquot type 1 [ 168.704211][ T3707] loop4: lost filesystem error report for type 5 error -117 [ 168.772295][T27069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10802'. [ 168.796074][T27069] 8021q: adding VLAN 0 to HW filter on device bond4 [ 168.870515][T27090] netlink: zone id is out of range [ 168.870539][T27090] netlink: zone id is out of range [ 168.870560][T27090] netlink: zone id is out of range [ 168.870572][T27090] netlink: zone id is out of range [ 168.870582][T27090] netlink: zone id is out of range [ 168.870591][T27090] netlink: zone id is out of range [ 168.870600][T27090] netlink: zone id is out of range [ 168.919129][T27098] IPv6: NLM_F_CREATE should be specified when creating new route [ 169.167576][ T5098] Bluetooth: hci3: command 0x206a tx timeout [ 169.167994][ T5147] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 169.193491][T27153] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10843'. [ 169.336528][T27171] bond3: option tlb_dynamic_lb: invalid value (4) [ 169.339002][T27171] bond3 (unregistering): Released all slaves [ 169.924554][T27263] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 170.108957][T27278] set_capacity_and_notify: 5 callbacks suppressed [ 170.108994][T27278] loop3: detected capacity change from 0 to 512 [ 170.123013][T27278] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 170.126433][T27278] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.10906: iget: bad i_size value: -67835469387268086 [ 170.126472][T27278] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 170.126918][T27278] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.10906: couldn't read orphan inode 15 (err -117) [ 170.126939][T27278] loop3: lost filesystem error report for type 5 error -117 [ 170.127935][T27278] EXT4-fs (loop3): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.162313][ T5151] EXT4-fs (loop3): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 170.273988][T27305] SET target dimension over the limit! [ 170.483126][T27346] loop2: detected capacity change from 0 to 256 [ 170.512365][T27346] FAT-fs (loop2): Directory bread(block 64) failed [ 170.512397][T27346] FAT-fs (loop2): Directory bread(block 65) failed [ 170.512430][T27346] FAT-fs (loop2): Directory bread(block 66) failed [ 170.512441][T27346] FAT-fs (loop2): Directory bread(block 67) failed [ 170.512462][T27346] FAT-fs (loop2): Directory bread(block 68) failed [ 170.512473][T27346] FAT-fs (loop2): Directory bread(block 69) failed [ 170.512494][T27346] FAT-fs (loop2): Directory bread(block 70) failed [ 170.512504][T27346] FAT-fs (loop2): Directory bread(block 71) failed [ 170.512525][T27346] FAT-fs (loop2): Directory bread(block 72) failed [ 170.512535][T27346] FAT-fs (loop2): Directory bread(block 73) failed [ 170.561028][T27355] overlayfs: conflicting options: nfs_export=on,index=off [ 170.905279][T27413] validate_nla: 5 callbacks suppressed [ 170.905318][T27413] netlink: 'syz.2.10971': attribute type 4 has an invalid length. [ 170.920500][T27419] loop1: detected capacity change from 0 to 128 [ 170.925655][T27419] FAT-fs (loop1): Directory bread(block 162) failed [ 170.925693][T27419] FAT-fs (loop1): Directory bread(block 163) failed [ 170.925716][T27419] FAT-fs (loop1): Directory bread(block 164) failed [ 170.925732][T27419] FAT-fs (loop1): Directory bread(block 165) failed [ 170.925748][T27419] FAT-fs (loop1): Directory bread(block 166) failed [ 170.925763][T27419] FAT-fs (loop1): Directory bread(block 167) failed [ 170.925777][T27419] FAT-fs (loop1): Directory bread(block 168) failed [ 170.925791][T27419] FAT-fs (loop1): Directory bread(block 169) failed [ 170.925813][T27419] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 170.939772][T27419] FAT-fs (loop1): Directory bread(block 162) failed [ 170.939796][T27419] FAT-fs (loop1): Directory bread(block 163) failed [ 170.940089][T27419] syz.1.10973: attempt to access beyond end of device [ 170.940089][T27419] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 170.940129][T27419] syz.1.10973: attempt to access beyond end of device [ 170.940129][T27419] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 171.202929][T27468] net_ratelimit: 16 callbacks suppressed [ 171.208134][T27468] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 171.278752][T27475] team0: entered promiscuous mode [ 171.278779][T27475] team_slave_0: entered promiscuous mode [ 171.278869][T27475] team_slave_1: entered promiscuous mode [ 171.964227][T27600] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 172.015858][T27611] tmpfs: Bad value for 'mpol' [ 172.065730][T27619] bridge8: entered promiscuous mode [ 172.065777][T27619] bridge8: entered allmulticast mode [ 172.128084][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 172.128826][ T30] audit: type=1326 audit(2743.944:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129580][ T30] audit: type=1326 audit(2743.944:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129784][ T30] audit: type=1326 audit(2743.944:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129804][ T30] audit: type=1326 audit(2743.944:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129823][ T30] audit: type=1326 audit(2743.944:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129841][ T30] audit: type=1326 audit(2743.944:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129859][ T30] audit: type=1326 audit(2743.944:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129877][ T30] audit: type=1326 audit(2743.944:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129894][ T30] audit: type=1326 audit(2743.944:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.129913][ T30] audit: type=1326 audit(2743.944:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27634 comm="syz.0.11078" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x50000 [ 172.212258][T27639] --map-set only usable from mangle table [ 172.258498][T27650] netlink: 'syz.3.11087': attribute type 2 has an invalid length. [ 172.258526][T27650] netlink: 'syz.3.11087': attribute type 11 has an invalid length. [ 172.510387][T27692] loop3: detected capacity change from 0 to 1024 [ 172.510739][T27692] EXT4-fs: Ignoring removed bh option [ 172.510755][T27692] EXT4-fs: Ignoring removed nomblk_io_submit option [ 172.526452][T27692] EXT4-fs (loop3): Test dummy encryption mode enabled [ 172.532156][T27692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.540188][T27692] VFS: Lookup of 'file0' in ext4 loop3 would have caused loop [ 172.559001][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.678781][T27723] netlink: 'syz.4.11118': attribute type 58 has an invalid length. [ 172.678809][T27723] __nla_validate_parse: 9 callbacks suppressed [ 172.678834][T27723] netlink: 468 bytes leftover after parsing attributes in process `syz.4.11118'. [ 172.679123][T27723] A link change request failed with some changes committed already. Interface veth1 may have been left with an inconsistent configuration, please check. [ 172.757691][T27735] loop1: detected capacity change from 0 to 4096 [ 172.777495][T27735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.786958][T27735] EXT4-fs error (device loop1): ext4_lookup:1785: inode #14: comm syz.1.11123: invalid fast symlink length 131109 [ 172.837577][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.980644][T27776] netlink: 'syz.1.11142': attribute type 8 has an invalid length. [ 173.009548][T27782] bond0: entered allmulticast mode [ 173.087713][T27794] netlink: 32 bytes leftover after parsing attributes in process `syz.1.11150'. [ 173.087750][T27794] netlink: 32 bytes leftover after parsing attributes in process `syz.1.11150'. [ 173.182826][T27808] netlink: 'syz.4.11157': attribute type 1 has an invalid length. [ 173.349452][T27840] loop2: detected capacity change from 0 to 2048 [ 173.381452][T27848] netlink: 'syz.3.11177': attribute type 2 has an invalid length. [ 173.381486][T27848] netlink: 'syz.3.11177': attribute type 1 has an invalid length. [ 173.397965][T27840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.440325][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.600232][T27884] loop4: detected capacity change from 0 to 1024 [ 173.638888][T27884] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.679190][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.833890][T27926] bond4: option all_slaves_active: invalid value (8) [ 173.845282][T27926] bond4 (unregistering): Released all slaves [ 174.291273][T28013] Unsupported ieee802154 address type: 0 [ 174.702361][T28093] netlink: 392 bytes leftover after parsing attributes in process `syz.1.11286'. [ 174.730531][T28101] netlink: 'syz.2.11290': attribute type 15 has an invalid length. [ 174.731999][T28101] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11290'. [ 174.809154][T28113] netlink: 176 bytes leftover after parsing attributes in process `syz.1.11297'. [ 174.967424][T28146] overlay: Bad value for 'workdir' [ 175.011356][T28154] netlink: 'syz.3.11319': attribute type 15 has an invalid length. [ 175.012876][T28154] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11319'. [ 175.083434][T28169] loop3: detected capacity change from 0 to 1024 [ 175.084887][T28169] EXT4-fs: Ignoring removed nomblk_io_submit option [ 175.089628][T28169] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 175.089677][T28169] System zones: 0-1, 3-36 [ 175.094100][T28169] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.136965][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.223545][T28192] loop3: detected capacity change from 0 to 512 [ 175.238626][T28192] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 175.247318][T28192] EXT4-fs (loop3): orphan cleanup on readonly fs [ 175.257000][T28192] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.11335: inode #15: comm syz.3.11335: iget: illegal inode # [ 175.257063][T28192] loop3: lost filesystem error report for type 5 error -117 [ 175.259511][T28192] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.11335: couldn't read orphan inode 15 (err -117) [ 175.259547][T28192] loop3: lost filesystem error report for type 5 error -117 [ 175.261026][ C0] EXT4-fs (loop3): error count since last fsck: 2 [ 175.261041][ C0] EXT4-fs (loop3): initial error at time 2746: ext4_orphan_get:1397 [ 175.261057][ C0] EXT4-fs (loop3): last error at time 2746: ext4_orphan_get:1402 [ 175.268553][T28192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 175.278874][T28200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11340'. [ 175.283847][T28203] loop1: detected capacity change from 0 to 256 [ 175.306183][T28192] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 175.308189][T28192] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 175.340079][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.377002][T28215] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11349'. [ 175.514563][T28244] Invalid source name [ 175.514591][T28244] UBIFS error (pid: 28244): cannot open "./file0", error -22 [ 175.614266][T28263] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11371'. [ 175.865737][T28310] --map-set only usable from mangle table [ 176.305149][T28389] fuse: Unknown parameter './file0' [ 176.471776][T28415] nfs: Unknown parameter 'defcontext' [ 176.576023][T28432] random: crng reseeded on system resumption [ 176.659216][T28443] loop4: detected capacity change from 0 to 256 [ 177.022583][T28507] random: crng reseeded on system resumption [ 177.210752][T28535] validate_nla: 5 callbacks suppressed [ 177.210786][T28535] netlink: 'syz.3.11496': attribute type 30 has an invalid length. [ 177.223464][T28540] netlink: 'syz.4.11499': attribute type 1 has an invalid length. [ 177.233051][T28535] bond1: option arp_missed_max: invalid value (0) [ 177.234471][T28535] bond1: option arp_missed_max: allowed values 1 - 255 [ 177.244500][T28535] bond1 (unregistering): Released all slaves [ 177.288101][T28547] xt_policy: output policy not valid in PREROUTING and INPUT [ 177.302560][T28548] loop2: detected capacity change from 0 to 256 [ 177.306602][T28550] netlink: 'syz.4.11505': attribute type 16 has an invalid length. [ 177.341250][T28548] FAT-fs (loop2): Directory bread(block 64) failed [ 177.341287][T28548] FAT-fs (loop2): Directory bread(block 65) failed [ 177.341328][T28548] FAT-fs (loop2): Directory bread(block 66) failed [ 177.341346][T28548] FAT-fs (loop2): Directory bread(block 67) failed [ 177.341386][T28548] FAT-fs (loop2): Directory bread(block 68) failed [ 177.341402][T28548] FAT-fs (loop2): Directory bread(block 69) failed [ 177.341430][T28548] FAT-fs (loop2): Directory bread(block 70) failed [ 177.341444][T28548] FAT-fs (loop2): Directory bread(block 71) failed [ 177.341472][T28548] FAT-fs (loop2): Directory bread(block 72) failed [ 177.341486][T28548] FAT-fs (loop2): Directory bread(block 73) failed [ 177.421592][T28566] netlink: 'syz.4.11512': attribute type 4 has an invalid length. [ 177.728894][T28621] netlink: 'syz.2.11539': attribute type 4 has an invalid length. [ 177.741228][T28621] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 177.747183][T28624] loop4: detected capacity change from 0 to 8 [ 177.786489][T28624] SQUASHFS error: Unable to read directory block [631:26] [ 178.144784][T28695] tmpfs: Unknown parameter 'N' [ 178.188616][T28701] __nla_validate_parse: 12 callbacks suppressed [ 178.192196][T28701] netlink: 32 bytes leftover after parsing attributes in process `syz.0.11576'. [ 178.248388][T28713] netlink: 268 bytes leftover after parsing attributes in process `syz.3.11581'. [ 178.250031][T28713] netlink: 268 bytes leftover after parsing attributes in process `syz.3.11581'. [ 178.282924][T28721] netlink: 'syz.3.11585': attribute type 10 has an invalid length. [ 178.464225][T28745] random: crng reseeded on system resumption [ 178.646494][T28769] loop4: detected capacity change from 0 to 512 [ 178.662607][T28773] netlink: 'syz.1.11611': attribute type 7 has an invalid length. [ 178.699688][T28769] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.708872][T28781] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 178.725820][T28769] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.11609: corrupted xattr block 6: invalid header [ 178.730379][T28769] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.11609: corrupted xattr block 6: invalid header [ 178.733011][T28769] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.11609: corrupted xattr block 6: invalid header [ 178.736786][T28769] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.11609: corrupted xattr block 6: invalid header [ 178.742750][T28769] EXT4-fs error (device loop4): ext4_get_inode_usage:888: inode #12: comm syz.4.11609: corrupted xattr block 6: invalid header [ 178.795554][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.897025][T28799] netlink: 'syz.2.11622': attribute type 58 has an invalid length. [ 178.897055][T28799] netlink: 152 bytes leftover after parsing attributes in process `syz.2.11622'. [ 178.917492][T28802] cgroup: Invalid name [ 179.195974][T28836] loop4: detected capacity change from 0 to 512 [ 179.207666][T28836] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.11641: couldn't read orphan inode 26 (err -116) [ 179.207698][T28836] loop4: lost filesystem error report for type 5 error -116 [ 179.211192][T28836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.234305][T28836] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #3: comm syz.4.11641: corrupted inode contents [ 179.244171][T28836] EXT4-fs error (device loop4): ext4_dirty_inode:6587: inode #3: comm syz.4.11641: mark_inode_dirty error [ 179.248280][T28836] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.11641: bg 0: block 64: padding at end of block bitmap is not set [ 179.252285][T28836] __quota_error: 1421 callbacks suppressed [ 179.254646][T28836] Quota error (device loop4): write_blk: dquota write failed [ 179.254739][T28836] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 179.254773][T28836] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.11641: Failed to acquire dquot type 0 [ 179.282998][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.417233][T28873] tmpfs: Bad value for 'mpol' [ 179.562844][T28899] loop1: detected capacity change from 0 to 256 [ 179.573075][T28899] FAT-fs (loop1): Directory bread(block 64) failed [ 179.574897][T28899] FAT-fs (loop1): Directory bread(block 65) failed [ 179.574970][T28899] FAT-fs (loop1): Directory bread(block 66) failed [ 179.574991][T28899] FAT-fs (loop1): Directory bread(block 67) failed [ 179.575022][T28899] FAT-fs (loop1): Directory bread(block 68) failed [ 179.575038][T28899] FAT-fs (loop1): Directory bread(block 69) failed [ 179.575066][T28899] FAT-fs (loop1): Directory bread(block 70) failed [ 179.575081][T28899] FAT-fs (loop1): Directory bread(block 71) failed [ 179.575107][T28899] FAT-fs (loop1): Directory bread(block 72) failed [ 179.575121][T28899] FAT-fs (loop1): Directory bread(block 73) failed [ 179.765140][T28935] netlink: 'syz.4.11688': attribute type 1 has an invalid length. [ 179.766698][T28935] netlink: 224 bytes leftover after parsing attributes in process `syz.4.11688'. [ 179.933039][T28963] loop3: detected capacity change from 0 to 128 [ 179.954566][T28963] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 179.987245][ T5151] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 180.020108][T28980] netlink: 'syz.2.11708': attribute type 1 has an invalid length. [ 180.020140][T28980] netlink: 748 bytes leftover after parsing attributes in process `syz.2.11708'. [ 180.020151][T28980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11708'. [ 180.042467][T28985] netlink: zone id is out of range [ 180.501426][T29075] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 180.714629][T29115] loop4: detected capacity change from 0 to 256 [ 180.735789][T29121] bond4: Removing last ns target with arp_interval on [ 180.736131][T29121] 8021q: adding VLAN 0 to HW filter on device bond4 [ 180.744856][T29117] loop3: detected capacity change from 0 to 512 [ 180.752245][T29117] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 180.760621][T29117] EXT4-fs (loop3): orphan cleanup on readonly fs [ 180.766161][T29117] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.11776: Allocating blocks 41-42 which overlap fs metadata [ 180.766190][T29117] loop3: lost filesystem error report for type 5 error -117 [ 180.772235][T29117] Quota error (device loop3): write_blk: dquota write failed [ 180.772290][T29117] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 180.772317][T29117] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.11776: Failed to acquire dquot type 0 [ 180.772333][T29117] loop3: lost filesystem error report for type 5 error -117 [ 180.776835][ C0] EXT4-fs (loop3): error count since last fsck: 2 [ 180.776851][ C0] EXT4-fs (loop3): initial error at time 2752: ext4_mb_mark_diskspace_used:4222 [ 180.776864][ C0] EXT4-fs (loop3): last error at time 2752: ext4_acquire_dquot:7034 [ 180.786256][T29117] EXT4-fs error (device loop3): mb_free_blocks:2049: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 180.786316][T29117] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #12: comm syz.3.11776: corrupted inode contents [ 180.786332][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.791407][T29117] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #12: comm syz.3.11776: mark_inode_dirty error [ 180.791434][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.795582][T29117] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #12: comm syz.3.11776: corrupted inode contents [ 180.799523][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.799630][T29117] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #12: comm syz.3.11776: mark_inode_dirty error [ 180.799650][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.802851][T29115] FAT-fs (loop4): Directory bread(block 64) failed [ 180.802870][T29115] FAT-fs (loop4): Directory bread(block 65) failed [ 180.802895][T29115] FAT-fs (loop4): Directory bread(block 66) failed [ 180.802907][T29115] FAT-fs (loop4): Directory bread(block 67) failed [ 180.802941][T29115] FAT-fs (loop4): Directory bread(block 68) failed [ 180.802952][T29115] FAT-fs (loop4): Directory bread(block 69) failed [ 180.802976][T29115] FAT-fs (loop4): Directory bread(block 70) failed [ 180.802986][T29115] FAT-fs (loop4): Directory bread(block 71) failed [ 180.803007][T29115] FAT-fs (loop4): Directory bread(block 72) failed [ 180.803018][T29115] FAT-fs (loop4): Directory bread(block 73) failed [ 180.805130][T29115] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 180.818699][T29117] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #12: comm syz.3.11776: corrupted inode contents [ 180.818733][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.820867][T29117] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 180.820895][T29117] loop3: lost filesystem error report for type 5 error -117 [ 180.824223][T29117] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #12: comm syz.3.11776: corrupted inode contents [ 180.824259][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.828288][T29117] EXT4-fs error (device loop3): ext4_truncate:4690: inode #12: comm syz.3.11776: mark_inode_dirty error [ 180.830453][T29117] loop3: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 180.830786][T29117] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 180.830800][T29117] loop3: lost filesystem error report for type 5 error -117 [ 180.830970][T29117] EXT4-fs (loop3): 1 truncate cleaned up [ 180.831024][T29117] EXT4-fs (loop3): pa 000000005179a0c0: logic 1, phys. 41, len 23 [ 180.831036][T29117] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5459: group 0, free 22, pa_free 23 [ 180.831562][T29117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 180.878610][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.108312][T29175] loop4: detected capacity change from 0 to 256 [ 181.152897][T29175] FAT-fs (loop4): Directory bread(block 64) failed [ 181.152926][T29175] FAT-fs (loop4): Directory bread(block 65) failed [ 181.152949][T29175] FAT-fs (loop4): Directory bread(block 66) failed [ 181.152961][T29175] FAT-fs (loop4): Directory bread(block 67) failed [ 181.152982][T29175] FAT-fs (loop4): Directory bread(block 68) failed [ 181.152993][T29175] FAT-fs (loop4): Directory bread(block 69) failed [ 181.153014][T29175] FAT-fs (loop4): Directory bread(block 70) failed [ 181.153024][T29175] FAT-fs (loop4): Directory bread(block 71) failed [ 181.153045][T29175] FAT-fs (loop4): Directory bread(block 72) failed [ 181.153055][T29175] FAT-fs (loop4): Directory bread(block 73) failed [ 181.419267][T29229] netlink: 256 bytes leftover after parsing attributes in process `syz.3.11831'. [ 181.464764][T29236] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 181.523254][T29245] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11838'. [ 181.761645][T29290] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11861'. [ 181.765725][T29291] syz.4.11862: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 181.765836][T29291] CPU: 1 UID: 0 PID: 29291 Comm: syz.4.11862 Tainted: G L syzkaller #0 PREEMPT [ 181.765851][T29291] Tainted: [L]=SOFTLOCKUP [ 181.765855][T29291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 181.765860][T29291] Call trace: [ 181.765863][T29291] show_stack+0x2c/0x3c (C) [ 181.765882][T29291] __dump_stack+0x30/0x40 [ 181.765894][T29291] dump_stack_lvl+0xd8/0x12c [ 181.765906][T29291] dump_stack+0x1c/0x28 [ 181.765917][T29291] warn_alloc+0x1c4/0x2e0 [ 181.765927][T29291] __vmalloc_node_range_noprof+0x11c/0x10dc [ 181.765939][T29291] vmalloc_user_noprof+0xe4/0x140 [ 181.765950][T29291] xskq_create+0xbc/0x168 [ 181.765962][T29291] xsk_init_queue+0x9c/0xf8 [ 181.765972][T29291] xsk_setsockopt+0x49c/0x6c4 [ 181.765981][T29291] do_sock_setsockopt+0x1f0/0x330 [ 181.765990][T29291] __sys_setsockopt+0x104/0x170 [ 181.765998][T29291] __arm64_sys_setsockopt+0xb8/0xd4 [ 181.766006][T29291] invoke_syscall+0x98/0x244 [ 181.766017][T29291] el0_svc_common+0xe8/0x23c [ 181.766028][T29291] do_el0_svc+0x48/0x58 [ 181.766039][T29291] el0_svc+0x64/0x260 [ 181.766047][T29291] el0t_64_sync_handler+0x48/0x148 [ 181.766055][T29291] el0t_64_sync+0x198/0x19c [ 181.766069][T29291] Mem-Info: [ 181.766078][T29291] active_anon:17 inactive_anon:5660 isolated_anon:0 [ 181.766078][T29291] active_file:3366 inactive_file:16349 isolated_file:0 [ 181.766078][T29291] unevictable:768 dirty:427 writeback:0 [ 181.766078][T29291] slab_reclaimable:9363 slab_unreclaimable:101271 [ 181.766078][T29291] mapped:29013 shmem:938 pagetables:3500 [ 181.766078][T29291] sec_pagetables:0 bounce:0 [ 181.766078][T29291] kernel_misc_reclaimable:0 [ 181.766078][T29291] free:1455729 free_pcp:12118 free_cma:7616 [ 181.766103][T29291] Node 0 active_anon:68kB inactive_anon:22640kB active_file:13464kB inactive_file:65396kB unevictable:3072kB isolated(anon):0kB isolated(file):0kB mapped:116052kB dirty:1708kB writeback:0kB shmem:3752kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9552kB pagetables:14000kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 181.766129][T29291] Node 0 DMA free:3077888kB boost:0kB min:20352kB low:25440kB high:30528kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3145728kB managed:3080192kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:30464kB [ 181.766160][T29291] lowmem_reserve[]: 0 0 3653 3653 3653 [ 181.766203][T29291] Node 0 Normal free:2745028kB boost:0kB min:24700kB low:30872kB high:37044kB reserved_highatomic:0KB free_highatomic:0KB active_anon:68kB inactive_anon:22640kB active_file:13464kB inactive_file:65396kB unevictable:3072kB writepending:1708kB zspages:0kB present:5242880kB managed:3741116kB mlocked:0kB bounce:0kB free_pcp:48472kB local_pcp:24308kB free_cma:0kB [ 181.766233][T29291] lowmem_reserve[]: 0 0 0 0 0 [ 181.766282][T29291] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 1*256kB (C) 1*512kB (C) 1*1024kB (C) 0*2048kB 751*4096kB (MC) = 3077888kB [ 181.766404][T29291] Node 0 Normal: 6149*4kB (UME) 4398*8kB (UME) 3094*16kB (UM) 1214*32kB (UME) 1614*64kB (UME) 389*128kB (UM) 66*256kB (UME) 162*512kB (UME) 223*1024kB (UME) 9*2048kB (UM) 512*4096kB (UM) = 2744996kB [ 181.766566][T29291] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 181.766577][T29291] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=32768kB [ 181.766587][T29291] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 181.766597][T29291] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=64kB [ 181.766607][T29291] 20635 total pagecache pages [ 181.766614][T29291] 0 pages in swap cache [ 181.766621][T29291] Free swap = 124996kB [ 181.766628][T29291] Total swap = 124996kB [ 181.766635][T29291] 2097152 pages RAM [ 181.766642][T29291] 0 pages HighMem/MovableOnly [ 181.766648][T29291] 391825 pages reserved [ 181.766655][T29291] 8192 pages cma reserved [ 181.766661][T29291] 4 pages hwpoisoned [ 181.868016][ T30] audit: type=1400 audit(2753.066:1643): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=29297 comm="syz.3.11868" src=1 netif=wpan0 [ 181.913353][T29309] set match dimension is over the limit! [ 182.006896][T29316] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.073187][T29319] bond1: Unable to set down delay as MII monitoring is disabled [ 182.077857][T29319] bond1 (unregistering): Released all slaves [ 182.120619][T29344] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 182.373312][T29401] RDS: rds_bind could not find a transport for ::9d:0:0:0:1, load rds_tcp or rds_rdma? [ 182.499330][T29425] xt_TCPMSS: Only works on TCP SYN packets [ 182.514959][ T4400] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 182.643128][T29448] cgroup: noprefix used incorrectly [ 182.803774][ T30] audit: type=1326 audit(2753.936:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29476 comm="syz.3.11945" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 182.803819][ T30] audit: type=1326 audit(2753.936:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29476 comm="syz.3.11945" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 182.808137][ T30] audit: type=1326 audit(2753.936:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29476 comm="syz.3.11945" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=48 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 182.808160][ T30] audit: type=1326 audit(2753.936:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29476 comm="syz.3.11945" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 182.808176][ T30] audit: type=1326 audit(2753.936:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29476 comm="syz.3.11945" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9df77aa8 code=0x7ffc0000 [ 182.852097][T29487] validate_nla: 6 callbacks suppressed [ 182.852318][T29487] netlink: 'syz.3.11950': attribute type 1 has an invalid length. [ 182.877369][T29491] loop4: detected capacity change from 0 to 2048 [ 182.907659][T29491] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.917376][T29491] EXT4-fs error (device loop4): __ext4_new_inode:1079: comm syz.4.11953: reserved inode found cleared - inode=1 [ 182.952290][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.035017][T29520] ip6t_srh: unknown srh invflags 4000 [ 183.150079][T29540] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0' [ 183.243448][T29558] loop2: detected capacity change from 0 to 512 [ 183.293467][T29558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.333837][T29570] Device name cannot be null; rc = [-22] [ 183.351141][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.623348][T29618] tmpfs: Bad value for 'mpol' [ 183.681695][T29631] netlink: 'syz.2.12019': attribute type 4 has an invalid length. [ 183.687471][T29633] ieee802154 phy0 wpan0: encryption failed: -22 [ 183.838503][T29659] loop2: detected capacity change from 0 to 1024 [ 183.877700][T29659] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 183.887062][T29659] EXT4-fs error (device loop2): ext4_lookup:1789: inode #2: comm syz.2.12033: deleted inode referenced: 12 [ 183.894486][T29659] EXT4-fs (loop2): Remounting filesystem read-only [ 183.909450][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.946047][T29678] netlink: 'syz.2.12042': attribute type 1 has an invalid length. [ 183.996359][T29684] __nla_validate_parse: 6 callbacks suppressed [ 183.996393][T29684] netlink: 20 bytes leftover after parsing attributes in process `syz.0.12044'. [ 184.132470][T29710] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12058'. [ 184.311994][T29742] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode [ 184.316905][T29742] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12074'. [ 184.329576][T29749] xt_CT: You must specify a L4 protocol and not use inversions on it [ 184.495050][T29778] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0 [ 184.589135][T29795] cgroup: Need name or subsystem set [ 184.702705][T29817] loop2: detected capacity change from 0 to 128 [ 184.765540][T29826] xt_TPROXY: Can be used only with -p tcp or -p udp [ 185.031582][T29872] netlink: 'syz.2.12136': attribute type 32 has an invalid length. [ 185.031622][T29872] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 185.137577][T29892] netlink: 'syz.4.12148': attribute type 2 has an invalid length. [ 185.251797][T29915] xt_bpf: check failed: parse error [ 185.399654][T29943] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.402556][T29943] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.506270][T29956] ipt_REJECT: TCP_RESET invalid for non-tcp [ 185.554459][T29965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12182'. [ 185.554492][T29965] netlink: 74 bytes leftover after parsing attributes in process `syz.1.12182'. [ 185.641635][T29983] loop1: detected capacity change from 0 to 512 [ 185.654387][T29983] EXT4-fs: Ignoring removed bh option [ 185.658759][T29983] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 185.662394][T29983] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 185.665151][T29983] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 185.668246][T29983] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 185.672510][T29983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.715979][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.817855][T30011] netlink: 260 bytes leftover after parsing attributes in process `syz.0.12204'. [ 185.918079][T30024] netlink: 60 bytes leftover after parsing attributes in process `syz.4.12210'. [ 185.986472][T30034] loop4: detected capacity change from 0 to 512 [ 186.052919][T30044] loop3: detected capacity change from 0 to 512 [ 186.072708][T30044] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.097734][T30044] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #2: block 3: comm syz.3.12220: bad entry in directory: inode out of bounds - offset=0, inode=150994946, rec_len=2048, size=2048 fake=1 [ 186.124664][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.185856][T30066] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12230'. [ 186.187644][T30066] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12230'. [ 186.221167][T30068] geneve2: entered promiscuous mode [ 186.222159][T30068] geneve2: entered allmulticast mode [ 186.365138][T30093] netlink: 'syz.4.12245': attribute type 1 has an invalid length. [ 186.365172][T30093] netlink: 'syz.4.12245': attribute type 2 has an invalid length. [ 186.365201][T30093] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12245'. [ 186.461920][T30114] netlink: 'syz.0.12253': attribute type 21 has an invalid length. [ 186.585000][T30134] netlink: 'syz.0.12263': attribute type 3 has an invalid length. [ 186.585035][T30134] netlink: 'syz.0.12263': attribute type 1 has an invalid length. [ 186.639647][T30145] nfs: Unknown parameter 'smackfstransmuteC' [ 186.748706][T30164] loop1: detected capacity change from 0 to 128 [ 186.750529][T30164] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 186.753008][T30164] FAT-fs (loop1): Directory bread(block 524322) failed [ 186.753034][T30164] FAT-fs (loop1): Directory bread(block 524323) failed [ 186.753057][T30164] FAT-fs (loop1): Directory bread(block 524324) failed [ 186.753072][T30164] FAT-fs (loop1): Directory bread(block 524325) failed [ 186.753087][T30164] FAT-fs (loop1): Directory bread(block 524326) failed [ 186.753101][T30164] FAT-fs (loop1): Directory bread(block 524327) failed [ 186.753115][T30164] FAT-fs (loop1): Directory bread(block 524328) failed [ 186.753130][T30164] FAT-fs (loop1): Directory bread(block 524329) failed [ 186.768391][T30164] FAT-fs (loop1): Directory bread(block 524322) failed [ 186.768420][T30164] FAT-fs (loop1): Directory bread(block 524323) failed [ 186.802261][ T3910] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 187.054248][T30219] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 187.143639][T30232] loop1: detected capacity change from 0 to 256 [ 187.175588][T30232] FAT-fs (loop1): Directory bread(block 64) failed [ 187.175623][T30232] FAT-fs (loop1): Directory bread(block 65) failed [ 187.175650][T30232] FAT-fs (loop1): Directory bread(block 66) failed [ 187.175662][T30232] FAT-fs (loop1): Directory bread(block 67) failed [ 187.175684][T30232] FAT-fs (loop1): Directory bread(block 68) failed [ 187.175695][T30232] FAT-fs (loop1): Directory bread(block 69) failed [ 187.175716][T30232] FAT-fs (loop1): Directory bread(block 70) failed [ 187.175726][T30232] FAT-fs (loop1): Directory bread(block 71) failed [ 187.175748][T30232] FAT-fs (loop1): Directory bread(block 72) failed [ 187.175758][T30232] FAT-fs (loop1): Directory bread(block 73) failed [ 187.256088][ T5241] lo speed is unknown, defaulting to 1000 [ 187.411990][T30277] x_tables: ip_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 187.473967][T30289] kernel profiling enabled (shift: 17) [ 188.059698][T30400] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 188.244739][T30435] loop4: detected capacity change from 0 to 256 [ 188.287393][T30441] usb usb2: usbfs: process 30441 (syz.1.12412) did not claim interface 0 before use [ 188.334472][T30449] binder: 30447:30449 ioctl 40046210 0 returned -14 [ 188.343795][T30452] bond0: (slave bond_slave_1): Releasing backup interface [ 188.444592][T30466] bond6: up delay (2) is not a multiple of miimon (4), value rounded to 0 ms [ 188.448468][T30466] bond6: option downdelay: invalid value (18446744073709547521) [ 188.448534][T30466] bond6: option downdelay: allowed values 0 - 2147483647 [ 188.453158][T30466] bond6 (unregistering): Released all slaves [ 188.521607][T30483] overlayfs: missing 'workdir' [ 188.599058][T30500] loop1: detected capacity change from 0 to 256 [ 188.626420][T30500] FAT-fs (loop1): Directory bread(block 64) failed [ 188.626454][T30500] FAT-fs (loop1): Directory bread(block 65) failed [ 188.626480][T30500] FAT-fs (loop1): Directory bread(block 66) failed [ 188.626493][T30500] FAT-fs (loop1): Directory bread(block 67) failed [ 188.626517][T30500] FAT-fs (loop1): Directory bread(block 68) failed [ 188.626528][T30500] FAT-fs (loop1): Directory bread(block 69) failed [ 188.626550][T30500] FAT-fs (loop1): Directory bread(block 70) failed [ 188.626561][T30500] FAT-fs (loop1): Directory bread(block 71) failed [ 188.626582][T30500] FAT-fs (loop1): Directory bread(block 72) failed [ 188.626592][T30500] FAT-fs (loop1): Directory bread(block 73) failed [ 188.667108][T30507] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 188.668686][T30507] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 188.670145][T30507] overlayfs: missing 'lowerdir' [ 189.136468][T30598] loop1: detected capacity change from 0 to 256 [ 189.166418][T30598] FAT-fs (loop1): Directory bread(block 64) failed [ 189.166454][T30598] FAT-fs (loop1): Directory bread(block 65) failed [ 189.166488][T30598] FAT-fs (loop1): Directory bread(block 66) failed [ 189.166544][T30598] FAT-fs (loop1): Directory bread(block 67) failed [ 189.166567][T30598] FAT-fs (loop1): Directory bread(block 68) failed [ 189.166578][T30598] FAT-fs (loop1): Directory bread(block 69) failed [ 189.166599][T30598] FAT-fs (loop1): Directory bread(block 70) failed [ 189.166610][T30598] FAT-fs (loop1): Directory bread(block 71) failed [ 189.166631][T30598] FAT-fs (loop1): Directory bread(block 72) failed [ 189.166641][T30598] FAT-fs (loop1): Directory bread(block 73) failed [ 189.656887][T30687] loop1: detected capacity change from 0 to 4096 [ 189.701493][T30687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 189.741253][T30687] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 189.741350][T30687] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 189.741375][T30687] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.12533: Failed to acquire dquot type 1 [ 189.788611][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.802192][T30714] xt_CONNSECMARK: invalid mode: 66 [ 189.813147][T30716] cgroup: name respecified [ 189.988827][T30748] __nla_validate_parse: 16 callbacks suppressed [ 189.992606][T30748] netlink: 32 bytes leftover after parsing attributes in process `syz.1.12562'. [ 189.995275][ T5098] Bluetooth: hci2: unexpected event for opcode 0x0c20 [ 190.081106][T30769] loop2: detected capacity change from 0 to 128 [ 190.091432][T30769] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 190.120095][ T5146] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 190.284669][T30805] validate_nla: 1 callbacks suppressed [ 190.285737][T30805] netlink: 'syz.3.12589': attribute type 21 has an invalid length. [ 190.287192][T30805] netlink: 'syz.3.12589': attribute type 1 has an invalid length. [ 190.288551][T30805] netlink: 144 bytes leftover after parsing attributes in process `syz.3.12589'. [ 190.491665][T30841] netlink: 14 bytes leftover after parsing attributes in process `syz.2.12608'. [ 190.790152][T30900] netlink: 'syz.3.12635': attribute type 4 has an invalid length. [ 190.843251][T30906] netlink: 180 bytes leftover after parsing attributes in process `syz.0.12638'. [ 190.948221][T30925] 8021q: adding VLAN 0 to HW filter on device bond4 [ 190.969188][T30932] netlink: 'syz.2.12652': attribute type 3 has an invalid length. [ 191.039331][T30942] loop4: detected capacity change from 0 to 2048 [ 191.072020][T30953] cgroup: Bad value for 'name' [ 191.079548][T30942] loop4: p1 < > p3 p4 < > [ 191.081040][T30942] loop4: p3 start 4284289 is beyond EOD, truncated [ 191.111580][T30958] netlink: 'syz.0.12662': attribute type 3 has an invalid length. [ 191.182661][ T8816] udevd[8816]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 191.192948][ T5154] udevd[5154]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 191.299518][T30984] bond5: option lacp_active: invalid value (254) [ 191.306999][T30984] bond5 (unregistering): Released all slaves [ 191.323975][T30996] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12680'. [ 191.324118][T30996] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 191.480020][T31023] loop4: detected capacity change from 0 to 1024 [ 191.516459][T31023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.533791][T31023] EXT4-fs warning (device loop4): ext4_empty_dir:3104: inode #11: comm syz.4.12694: directory missing '..' [ 191.554356][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.607689][T31047] loop4: detected capacity change from 0 to 8 [ 191.632850][T31047] overlay: filesystem on ./file0 is read-only [ 191.643012][T31053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12706'. [ 191.646186][T31053] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 191.787607][T31077] loop1: detected capacity change from 0 to 512 [ 191.798725][T31077] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 191.798831][T31077] EXT4-fs (loop1): orphan cleanup on readonly fs [ 191.804803][T31077] Quota error (device loop1): find_block_dqentry: Quota for id 0 referenced but not present [ 191.804864][T31077] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 191.804874][T31077] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.12719: Failed to acquire dquot type 1 [ 191.804886][T31077] loop1: lost filesystem error report for type 5 error -5 [ 191.805043][T31077] EXT4-fs (loop1): Remounting filesystem read-only [ 191.805234][T31077] EXT4-fs (loop1): 1 truncate cleaned up [ 191.807962][T31077] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 191.853300][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.059506][T31116] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 192.113664][T31128] openvswitch: netlink: IP tunnel dst address not specified [ 192.200569][T31141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12748'. [ 192.304070][T31159] loop4: detected capacity change from 0 to 128 [ 192.314756][T31159] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 192.340694][ T5155] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 192.396998][T31172] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 192.397112][T31172] EXT4-fs (loop1): orphan cleanup on readonly fs [ 192.397365][T31172] Quota error (device loop1): v2_read_file_info: Can't read info structure [ 192.397401][T31172] EXT4-fs warning (device loop1): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix. [ 192.397446][T31172] EXT4-fs (loop1): Cannot turn on quotas: error -5 [ 192.397775][T31172] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.12761: bg 0: block 64: padding at end of block bitmap is not set [ 192.397789][T31172] loop1: lost filesystem error report for type 5 error -117 [ 192.397918][T31172] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 192.397927][T31172] loop1: lost filesystem error report for type 5 error -117 [ 192.398320][T31172] EXT4-fs (loop1): 1 truncate cleaned up [ 192.398767][T31172] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 192.427449][T31172] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 192.434545][T31185] random: crng reseeded on system resumption [ 192.471680][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.546027][T31203] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12778'. [ 192.562637][T31199] FAT-fs (loop1): Directory bread(block 64) failed [ 192.562665][T31199] FAT-fs (loop1): Directory bread(block 65) failed [ 192.562689][T31199] FAT-fs (loop1): Directory bread(block 66) failed [ 192.562701][T31199] FAT-fs (loop1): Directory bread(block 67) failed [ 192.562732][T31199] FAT-fs (loop1): Directory bread(block 68) failed [ 192.562743][T31199] FAT-fs (loop1): Directory bread(block 69) failed [ 192.562765][T31199] FAT-fs (loop1): Directory bread(block 70) failed [ 192.562775][T31199] FAT-fs (loop1): Directory bread(block 71) failed [ 192.562797][T31199] FAT-fs (loop1): Directory bread(block 72) failed [ 192.562807][T31199] FAT-fs (loop1): Directory bread(block 73) failed [ 192.588911][T31206] overlayfs: missing 'lowerdir' [ 192.614212][T31213] netlink: 'syz.3.12782': attribute type 26 has an invalid length. [ 192.833197][T31256] netlink: 200 bytes leftover after parsing attributes in process `syz.2.12804'. [ 192.891345][T31266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12807'. [ 193.765674][T31425] netlink: 'syz.1.12887': attribute type 1 has an invalid length. [ 193.896287][T31447] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 193.986745][T31463] set_capacity_and_notify: 2 callbacks suppressed [ 193.990763][T31463] loop1: detected capacity change from 0 to 512 [ 193.994863][T31463] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 193.995356][T31463] EXT4-fs (loop1): invalid journal inode [ 193.995386][T31463] EXT4-fs (loop1): can't get journal size [ 194.004952][T31463] EXT4-fs (loop1): 1 truncate cleaned up [ 194.017038][T31463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.063488][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.219592][T31505] loop1: detected capacity change from 0 to 256 [ 194.229500][T31505] FAT-fs (loop1): Directory bread(block 64) failed [ 194.230706][T31505] FAT-fs (loop1): Directory bread(block 65) failed [ 194.230757][T31505] FAT-fs (loop1): Directory bread(block 66) failed [ 194.230778][T31505] FAT-fs (loop1): Directory bread(block 67) failed [ 194.230808][T31505] FAT-fs (loop1): Directory bread(block 68) failed [ 194.230823][T31505] FAT-fs (loop1): Directory bread(block 69) failed [ 194.230851][T31505] FAT-fs (loop1): Directory bread(block 70) failed [ 194.230865][T31505] FAT-fs (loop1): Directory bread(block 71) failed [ 194.230892][T31505] FAT-fs (loop1): Directory bread(block 72) failed [ 194.230907][T31505] FAT-fs (loop1): Directory bread(block 73) failed [ 194.385176][T31524] loop3: detected capacity change from 0 to 4096 [ 194.385538][T31524] EXT4-fs: Ignoring removed mblk_io_submit option [ 194.417987][T31524] EXT4-fs (loop3): Test dummy encryption mode enabled [ 194.419476][T31524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.454011][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.548330][T31553] netlink: 'syz.2.12951': attribute type 4 has an invalid length. [ 194.748789][T31591] bridge0: port 3(veth1_to_bridge) entered blocking state [ 194.748849][T31591] bridge0: port 3(veth1_to_bridge) entered disabled state [ 194.748963][T31591] veth1_to_bridge: entered allmulticast mode [ 194.749492][T31591] veth1_to_bridge: entered promiscuous mode [ 194.749553][T31591] bridge0: adding interface veth1_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 194.749723][T31591] bridge0: port 3(veth1_to_bridge) entered blocking state [ 194.749751][T31591] bridge0: port 3(veth1_to_bridge) entered forwarding state [ 194.805703][T31597] loop1: detected capacity change from 0 to 256 [ 194.921950][T31617] openvswitch: netlink: Tunnel attr 69 out of range max 16 [ 194.982516][T31630] tipc: Trying to set illegal importance in message [ 194.994239][ T1595] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.994281][ T1595] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.994503][ T1595] aoe: packet could not be sent on ipvlan1. consider increasing tx_queue_len [ 195.004477][T31633] loop4: detected capacity change from 0 to 512 [ 195.004794][T31633] EXT4-fs: Ignoring removed bh option [ 195.013914][T31633] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 195.016795][T31633] EXT4-fs (loop4): 1 truncate cleaned up [ 195.017286][T31633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.081941][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.331947][T31688] loop2: detected capacity change from 0 to 512 [ 195.366403][T31688] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.431720][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.946695][T31795] netlink: 'syz.4.13068': attribute type 3 has an invalid length. [ 195.948503][T31795] __nla_validate_parse: 16 callbacks suppressed [ 195.950370][T31795] netlink: 3 bytes leftover after parsing attributes in process `syz.4.13068'. [ 196.185528][T31841] netlink: 'syz.3.13090': attribute type 1 has an invalid length. [ 196.330831][T31871] netlink: 1010 bytes leftover after parsing attributes in process `syz.1.13104'. [ 196.389887][T31884] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 196.389910][T31884] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 196.389967][T31884] vhci_hcd vhci_hcd.0: Device attached [ 196.399619][T31887] vhci_hcd: connection closed [ 196.400067][ T39] vhci_hcd vhci_hcd.4: stop threads [ 196.400104][ T39] vhci_hcd vhci_hcd.4: release socket [ 196.400121][ T39] vhci_hcd vhci_hcd.4: disconnect device [ 196.537410][T31918] netlink: 8460 bytes leftover after parsing attributes in process `syz.2.13127'. [ 196.700206][T31953] netlink: 'syz.0.13142': attribute type 32 has an invalid length. [ 196.803466][T31973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13154'. [ 197.029765][T32028] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 197.181862][T32058] netlink: 228 bytes leftover after parsing attributes in process `syz.1.13196'. [ 197.181899][T32058] netlink: 112 bytes leftover after parsing attributes in process `syz.1.13196'. [ 197.294988][T32085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13207'. [ 197.338778][T32092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13210'. [ 197.338811][T32092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13210'. [ 197.338825][T32092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13210'. [ 197.373914][T32104] loop3: detected capacity change from 0 to 256 [ 197.416027][T32104] FAT-fs (loop3): Directory bread(block 64) failed [ 197.417148][T32104] FAT-fs (loop3): Directory bread(block 65) failed [ 197.419506][T32104] FAT-fs (loop3): Directory bread(block 66) failed [ 197.420663][T32104] FAT-fs (loop3): Directory bread(block 67) failed [ 197.421820][T32104] FAT-fs (loop3): Directory bread(block 68) failed [ 197.423062][T32104] FAT-fs (loop3): Directory bread(block 69) failed [ 197.424305][T32104] FAT-fs (loop3): Directory bread(block 70) failed [ 197.425519][T32104] FAT-fs (loop3): Directory bread(block 71) failed [ 197.426684][T32104] FAT-fs (loop3): Directory bread(block 72) failed [ 197.427843][T32104] FAT-fs (loop3): Directory bread(block 73) failed [ 197.463340][T32116] loop1: detected capacity change from 0 to 2048 [ 197.473725][T32118] netlink: 'syz.0.13223': attribute type 2 has an invalid length. [ 197.490442][T32116] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 197.498095][T32116] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:169: inode #12: comm syz.1.13222: inline data xattr refers to an external xattr inode [ 197.532967][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 197.535575][T32127] 9pnet_fd: p9_fd_create_tcp (32127): problem connecting socket to 127.0.0.1 [ 197.619947][T32144] usb usb8: usbfs: process 32144 (syz.3.13234) did not claim interface 0 before use [ 197.662862][T32157] netlink: 'syz.3.13240': attribute type 21 has an invalid length. [ 197.667846][T32157] IPv6: NLM_F_CREATE should be specified when creating new route [ 197.730400][T32167] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 197.796892][ T30] audit: type=1326 audit(2767.968:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32181 comm="syz.1.13253" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 197.803075][ T30] audit: type=1326 audit(2767.968:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32181 comm="syz.1.13253" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 197.804588][ T30] audit: type=1326 audit(2767.968:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32181 comm="syz.1.13253" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=112 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 197.804607][ T30] audit: type=1326 audit(2767.968:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32181 comm="syz.1.13253" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 197.932883][T32210] loop4: detected capacity change from 0 to 256 [ 197.938452][T32210] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 197.957593][ T3707] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 198.289486][T32270] loop4: detected capacity change from 0 to 512 [ 198.337683][T32270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.371514][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.478913][ T30] audit: type=1326 audit(2768.605:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32294 comm="syz.0.13303" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x7ffc0000 [ 198.479018][ T30] audit: type=1326 audit(2768.605:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32294 comm="syz.0.13303" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x7ffc0000 [ 198.481052][ T30] audit: type=1326 audit(2768.605:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32294 comm="syz.0.13303" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=263 compat=0 ip=0xffff9d377aa8 code=0x7ffc0000 [ 198.481139][ T30] audit: type=1326 audit(2768.605:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32294 comm="syz.0.13303" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x7ffc0000 [ 198.482132][ T30] audit: type=1326 audit(2768.605:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32294 comm="syz.0.13303" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d377aa8 code=0x7ffc0000 [ 198.632376][T32321] netlink: 'syz.3.13313': attribute type 13 has an invalid length. [ 198.705150][T32333] netlink: 'syz.0.13322': attribute type 2 has an invalid length. [ 198.783246][T32343] vhci_hcd vhci_hcd.1: invalid port number 117 [ 198.882758][T32364] binder: 32362:32364 ioctl c00c620f 0 returned -14 [ 198.971233][T32386] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 199.140705][T32415] EXT4-fs: Ignoring removed orlov option [ 199.140746][T32415] EXT4-fs: Ignoring removed mblk_io_submit option [ 199.149953][T32415] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 199.152232][T32415] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.13361: attempt to clear invalid blocks 2 len 1 [ 199.152275][T32415] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 199.160979][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 199.161017][ C1] EXT4-fs (loop2): initial error at time 2769: ext4_clear_blocks:876: inode 13 [ 199.161046][ C1] EXT4-fs (loop2): last error at time 2769: ext4_clear_blocks:876: inode 13 [ 199.161191][T32415] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 199.169699][T32415] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.13361: invalid indirect mapped block 1819239214 (level 0) [ 199.169766][T32415] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 199.176369][T32415] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.13361: invalid indirect mapped block 1819239214 (level 1) [ 199.176406][T32415] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 199.181144][T32415] EXT4-fs (loop2): 1 truncate cleaned up [ 199.181629][T32415] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.216608][ T5146] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.376282][T32442] set_capacity_and_notify: 1 callbacks suppressed [ 199.377488][T32442] loop4: detected capacity change from 0 to 256 [ 199.540127][T32456] ÿ: renamed from bond_slave_0 [ 199.856276][T32494] loop3: detected capacity change from 0 to 8 [ 199.858090][T32494] squashfs: SQUASHFS error: Xattrs in filesystem, these will be ignored [ 199.859613][T32494] unable to read xattr id index table [ 200.065500][T32518] ptrace attach of "ci-upstream-gce-arm64/syz-executor exec"[5143] was attempted by ""[32518] [ 200.576824][T32605] netlink: 'syz.2.13453': attribute type 5 has an invalid length. [ 200.825098][T32642] loop3: detected capacity change from 0 to 256 [ 200.825557][T32636] bridge5: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 200.833958][T32642] FAT-fs (loop3): Directory bread(block 64) failed [ 200.833990][T32642] FAT-fs (loop3): Directory bread(block 65) failed [ 200.834023][T32642] FAT-fs (loop3): Directory bread(block 66) failed [ 200.834039][T32642] FAT-fs (loop3): Directory bread(block 67) failed [ 200.834065][T32642] FAT-fs (loop3): Directory bread(block 68) failed [ 200.834080][T32642] FAT-fs (loop3): Directory bread(block 69) failed [ 200.834105][T32642] FAT-fs (loop3): Directory bread(block 70) failed [ 200.834119][T32642] FAT-fs (loop3): Directory bread(block 71) failed [ 200.834144][T32642] FAT-fs (loop3): Directory bread(block 72) failed [ 200.834157][T32642] FAT-fs (loop3): Directory bread(block 73) failed [ 201.008819][T32656] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 201.013105][T32656] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 201.130390][T32682] netlink: 'syz.4.13492': attribute type 26 has an invalid length. [ 201.180975][T32690] tmpfs: User quota block hardlimit too large. [ 201.331958][T32716] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 201.331981][T32716] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 201.332047][T32716] vhci_hcd vhci_hcd.0: Device attached [ 201.342459][T32716] vhci_hcd vhci_hcd.0: port 0 already used [ 201.342786][T32717] vhci_hcd: connection closed [ 201.343911][ T3707] vhci_hcd vhci_hcd.2: stop threads [ 201.343954][ T3707] vhci_hcd vhci_hcd.2: release socket [ 201.343974][ T3707] vhci_hcd vhci_hcd.2: disconnect device [ 201.514972][T32753] __nla_validate_parse: 18 callbacks suppressed [ 201.516276][T32753] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13524'. [ 201.517961][T32753] netlink: 224 bytes leftover after parsing attributes in process `syz.0.13524'. [ 201.520003][T32753] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13524'. [ 201.599718][ T302] SET target dimension over the limit! [ 201.684825][ T315] xt_CT: No such helper "pptp" [ 201.732481][ T330] netlink: 'syz.3.13542': attribute type 6 has an invalid length. [ 201.819640][ T346] netlink: 4328 bytes leftover after parsing attributes in process `syz.3.13550'. [ 201.821958][ T348] tmpfs: Bad value for 'mpol' [ 201.916758][ T365] loop3: detected capacity change from 0 to 4096 [ 201.946148][ T365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.002861][ T5151] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.103916][ T394] 9pnet_fd: p9_fd_create_unix (394): problem connecting socket: ./file0/file0: -2 [ 202.115415][ T399] netlink: 10 bytes leftover after parsing attributes in process `syz.4.13575'. [ 202.147525][ T406] netlink: 'syz.0.13578': attribute type 6 has an invalid length. [ 202.344094][ T440] binder: 439:440 ioctl 400c620e 20000280 returned -22 [ 202.396830][ T444] bond0: (slave bond_slave_1): Releasing backup interface [ 202.472326][ T460] netlink: 'syz.0.13605': attribute type 10 has an invalid length. [ 202.473773][ T460] netlink: 40 bytes leftover after parsing attributes in process `syz.0.13605'. [ 202.475572][ T460] team0: entered promiscuous mode [ 202.475593][ T460] team_slave_0: entered promiscuous mode [ 202.475684][ T460] team_slave_1: entered promiscuous mode [ 202.475751][ T460] dummy0: entered promiscuous mode [ 202.479590][ T460] team0: entered allmulticast mode [ 202.480541][ T460] team_slave_0: entered allmulticast mode [ 202.481567][ T460] team_slave_1: entered allmulticast mode [ 202.482567][ T460] dummy0: entered allmulticast mode [ 202.484751][ T460] bridge0: port 3(team0) entered blocking state [ 202.495684][ T460] bridge0: port 3(team0) entered disabled state [ 202.527919][ T466] loop3: detected capacity change from 0 to 1024 [ 202.539419][ T466] EXT4-fs: inline encryption not supported [ 202.539718][ T466] EXT4-fs (loop3): bad geometry: bigalloc file system with non-zero first_data_block [ 202.539718][ T466] [ 202.653565][ T485] netlink: 'syz.0.13617': attribute type 1 has an invalid length. [ 202.655138][ T485] netlink: 224 bytes leftover after parsing attributes in process `syz.0.13617'. [ 202.845409][ T458] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 202.847606][ T458] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 202.890139][ T458] veth0_vlan: left promiscuous mode [ 203.241267][ T5241] lo speed is unknown, defaulting to 1000 [ 203.241299][ T5241] sz1: Port: 1 Link DOWN [ 203.241646][ T5241] lo speed is unknown, defaulting to 1000 [ 203.304547][ T510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13620'. [ 203.409672][ T3707] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.409733][ T3707] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.409756][ T3707] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.409776][ T3707] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.426846][ T524] xt_addrtype: ipv6 does not support BROADCAST matching [ 203.528915][ T536] loop3: detected capacity change from 0 to 256 [ 203.543183][ T536] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 203.548871][ T536] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 203.705032][ T559] netlink: 'syz.1.13636': attribute type 11 has an invalid length. [ 203.788345][ T580] ip6erspan1: entered allmulticast mode [ 203.852878][ T592] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13652'. [ 203.916576][ T605] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 203.950086][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950270][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950363][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950436][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950510][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950580][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950648][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950716][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 203.950784][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 204.091477][ T620] loop4: detected capacity change from 0 to 4096 [ 204.103133][ T620] EXT4-fs: inline encryption not supported [ 204.106524][ T620] EXT4-fs (loop4): Test dummy encryption mode enabled [ 204.122175][ T620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.237637][ T5155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.302921][ T609] bond1 (unregistering): Released all slaves [ 204.738732][ T679] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 205.006552][ T702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13693'. [ 205.122081][ T711] netlink: 'syz.0.13699': attribute type 1 has an invalid length. [ 205.126526][ T712] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 205.404849][ T738] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 205.418705][ T738] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 205.724249][ T770] netlink: 'syz.2.13727': attribute type 1 has an invalid length. [ 206.152552][ T812] sctp: [Deprecated]: syz.3.13747 (pid 812) Use of int in maxseg socket option. [ 206.152552][ T812] Use struct sctp_assoc_value instead [ 206.365505][ C1] net_ratelimit: 40351 callbacks suppressed [ 206.365543][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 206.365623][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 206.365695][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 206.365766][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 206.365839][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 206.365908][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 206.365989][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 206.366062][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 206.366187][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 206.366278][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 206.668326][ T858] Scaler: ================= START STATUS ================= [ 206.669903][ T858] Scaler: ================== END STATUS ================== [ 206.911491][ T881] __nla_validate_parse: 6 callbacks suppressed [ 206.914002][ T881] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13779'. [ 207.018062][ T888] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13782'. [ 207.018093][ T888] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13782'. [ 207.034781][ T889] binder: 885:889 BC_INCREFS_DONE u0000000000000001 no match [ 207.043151][ T889] binder: 885:889 ioctl c0306201 20000100 returned -14 [ 207.114707][ T896] netlink: 40 bytes leftover after parsing attributes in process `syz.2.13785'. [ 207.145514][ T899] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 207.221869][ T907] netlink: 6032 bytes leftover after parsing attributes in process `syz.1.13792'. [ 207.340353][ T919] netlink: 'syz.0.13798': attribute type 2 has an invalid length. [ 207.484572][ T934] netlink: 184 bytes leftover after parsing attributes in process `syz.1.13805'. [ 207.788430][ T5098] Bluetooth: hci0: unexpected event for opcode 0x200d [ 208.009699][ T981] netlink: 'syz.4.13829': attribute type 10 has an invalid length. [ 208.035312][ T981] team0: Device vxcan1 is of different type [ 208.172431][ T994] netlink: 'syz.4.13835': attribute type 1 has an invalid length. [ 208.717351][ T1061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13861'. [ 208.922209][ T1077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13869'. [ 208.940981][ T1082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13870'. [ 208.946532][ T1082] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13870'. [ 208.971071][ T1077] bond5: entered allmulticast mode [ 208.974206][ T1077] 8021q: adding VLAN 0 to HW filter on device bond5 [ 209.086862][ T1093] nft_compat: unsupported protocol 0 [ 209.147902][ T1099] netlink: 'syz.1.13877': attribute type 8 has an invalid length. [ 209.587245][ T1141] Invalid ELF header magic: != ELF [ 209.608239][ T1147] tmpfs: Bad value for 'mpol' [ 209.776701][ T1166] xt_cgroup: invalid path, errno=-2 [ 210.231792][ T1213] xt_l2tp: v2 sid > 0xffff: 4294901760 [ 210.364477][ T1228] loop4: detected capacity change from 0 to 512 [ 210.378663][ T1228] EXT4-fs: inline encryption not supported [ 210.378706][ T1228] ext4: Bad value for 'jqfmt' [ 211.062063][ T1291] netlink: 'syz.3.13967': attribute type 29 has an invalid length. [ 211.720828][ C1] net_ratelimit: 89603 callbacks suppressed [ 211.720868][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 211.720939][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 211.721009][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 211.721084][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 211.721153][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 211.721217][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 211.721294][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 211.721358][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 211.721424][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 211.721488][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 212.054425][ T1366] overlayfs: conflicting options: userxattr,metacopy=on [ 212.302781][ T1385] __nla_validate_parse: 11 callbacks suppressed [ 212.302815][ T1385] netlink: 24 bytes leftover after parsing attributes in process `syz.2.14013'. [ 212.312768][ T1383] loop1: detected capacity change from 0 to 1024 [ 212.313096][ T1383] EXT4-fs: Ignoring removed bh option [ 212.313130][ T1383] EXT4-fs: inline encryption not supported [ 212.317017][ T1383] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 212.344373][ T1383] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 2: comm syz.1.14012: lblock 2 mapped to illegal pblock 2 (length 1) [ 212.344408][ T1383] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 212.344510][ T1383] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 212.344531][ T1383] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 48: comm syz.1.14012: lblock 0 mapped to illegal pblock 48 (length 1) [ 212.344550][ T1383] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 212.344626][ T1383] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 212.344638][ T1383] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.14012: Failed to acquire dquot type 0 [ 212.344652][ T1383] loop1: lost filesystem error report for type 5 error -117 [ 212.344739][ T1383] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 212.344753][ T1383] loop1: lost filesystem error report for type 5 error -117 [ 212.344825][ T1383] EXT4-fs error (device loop1): ext4_evict_inode:267: inode #11: comm syz.1.14012: mark_inode_dirty error [ 212.344840][ T1383] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 212.349009][ T1383] EXT4-fs warning (device loop1): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 212.349057][ T1383] EXT4-fs (loop1): 1 orphan inode deleted [ 212.349507][ T1383] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.411560][ T3910] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 212.411775][ T3910] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 212.411804][ T3910] EXT4-fs error (device loop1): ext4_release_dquot:7070: comm kworker/u8:11: Failed to release dquot type 0 [ 212.439211][ T3707] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 2: comm kworker/u8:8: lblock 2 mapped to illegal pblock 2 (length 1) [ 212.444464][ T3707] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 212.444515][ T3707] EXT4-fs error (device loop1): ext4_write_dquot:7014: comm kworker/u8:8: Failed to commit dquot type 0 [ 212.457275][ T3707] Quota error (device loop1): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync! [ 212.606113][ T1404] usb usb8: usbfs: process 1404 (syz.2.14023) did not claim interface 0 before use [ 212.652858][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.652921][ T5143] EXT4-fs error (device loop1): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 212.652944][ T5143] loop1: lost filesystem error report for type 5 error -117 [ 212.667970][ T5143] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 212.668015][ T5143] loop1: lost filesystem error report for type 5 error -117 [ 212.669473][ T5143] EXT4-fs error (device loop1): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 212.669491][ T5143] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 212.820050][ T1420] trusted_key: encrypted_key: keylen parameter is missing [ 212.882385][ T1426] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14033'. [ 212.918195][ T1431] xt_TPROXY: Can be used only with -p tcp or -p udp [ 212.977221][ T1436] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14038'. [ 213.305597][ T1460] netlink: 168 bytes leftover after parsing attributes in process `syz.4.14050'. [ 213.543428][ T1479] loop4: detected capacity change from 0 to 256 [ 213.591784][ T30] audit: type=1326 audit(2782.740:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1481 comm="syz.1.14059" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 213.591826][ T30] audit: type=1326 audit(2782.740:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1481 comm="syz.1.14059" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 213.591854][ T30] audit: type=1326 audit(2782.740:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1481 comm="syz.1.14059" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=167 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 213.591875][ T30] audit: type=1326 audit(2782.740:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1481 comm="syz.1.14059" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 213.591894][ T30] audit: type=1326 audit(2782.740:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1481 comm="syz.1.14059" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab377aa8 code=0x7ffc0000 [ 213.618740][ T1484] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14060'. [ 213.718838][ T1495] netlink: 'syz.0.14067': attribute type 11 has an invalid length. [ 213.917501][ T1515] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14075'. [ 214.076718][ T1530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14082'. [ 214.146629][ T1534] xt_CT: You must specify a L4 protocol and not use inversions on it [ 214.504458][ T1571] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14101'. [ 214.580903][ T1577] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 214.582602][ T1577] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 214.599107][ T1577] overlayfs: missing 'lowerdir' [ 214.608183][ T1583] netlink: 'syz.0.14103': attribute type 39 has an invalid length. [ 214.621810][ T1581] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 214.678974][ T1583] hsr_slave_0: left promiscuous mode [ 214.759057][ T1583] hsr_slave_1: left promiscuous mode [ 215.107801][ T1617] loop1: detected capacity change from 0 to 2048 [ 215.159919][ T1617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 215.279618][ T5143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.342129][ T1644] netlink: 'syz.1.14130': attribute type 6 has an invalid length. [ 215.343714][ T1644] netlink: 48 bytes leftover after parsing attributes in process `syz.1.14130'. [ 215.346359][ T1644] netlink: 'syz.1.14130': attribute type 6 has an invalid length. [ 215.407801][ T1649] Cannot find del_set index 3 as target [ 215.493797][ T1654] loop1: detected capacity change from 0 to 256 [ 215.510363][ T1654] FAT-fs (loop1): Directory bread(block 64) failed [ 215.510398][ T1654] FAT-fs (loop1): Directory bread(block 65) failed [ 215.510438][ T1654] FAT-fs (loop1): Directory bread(block 66) failed [ 215.510456][ T1654] FAT-fs (loop1): Directory bread(block 67) failed [ 215.510488][ T1654] FAT-fs (loop1): Directory bread(block 68) failed [ 215.510504][ T1654] FAT-fs (loop1): Directory bread(block 69) failed [ 215.510533][ T1654] FAT-fs (loop1): Directory bread(block 70) failed [ 215.510548][ T1654] FAT-fs (loop1): Directory bread(block 71) failed [ 215.510575][ T1654] FAT-fs (loop1): Directory bread(block 72) failed [ 215.510590][ T1654] FAT-fs (loop1): Directory bread(block 73) failed [ 215.868228][ C1] sched: DL replenish lagged too much [ 215.996733][ T1694] netlink: 'syz.0.14159': attribute type 4 has an invalid length. [ 216.192009][ T1710] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14167'. [ 216.209218][ T1712] netlink: 'syz.4.14168': attribute type 32 has an invalid length. [ 216.349772][ T5226] usb usb9-port2: attempt power cycle [ 216.633474][ T1747] netlink: 'syz.1.14180': attribute type 1 has an invalid length. [ 216.633508][ T1747] netlink: 'syz.1.14180': attribute type 2 has an invalid length. [ 216.948398][ T5226] usb usb9-port2: unable to enumerate USB device [ 217.076170][ C1] net_ratelimit: 89814 callbacks suppressed [ 217.076205][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 217.076297][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 217.076371][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 217.076439][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 217.076509][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 217.076578][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 217.076646][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 217.076720][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 217.076789][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 217.076867][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 218.274125][ T1829] x_tables: arp_tables: NFQUEUE target: not valid for this family [ 222.431453][ C0] net_ratelimit: 172972 callbacks suppressed [ 222.431485][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431495][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431562][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431576][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431629][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431650][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431698][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431721][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431764][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.431794][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 227.786733][ C1] net_ratelimit: 182330 callbacks suppressed [ 227.786743][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.786769][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.786848][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 227.786850][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.786916][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.786920][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 227.786984][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.786994][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 227.787054][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.787066][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 233.142044][ C1] net_ratelimit: 182502 callbacks suppressed [ 233.142076][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142089][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142152][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142178][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142235][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142261][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142324][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 233.142338][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.142395][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 233.142406][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497368][ C0] net_ratelimit: 181347 callbacks suppressed [ 238.497378][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497401][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497469][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497484][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497553][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 238.497554][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497618][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497624][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 238.497687][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.497698][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 243.852662][ C1] net_ratelimit: 183249 callbacks suppressed [ 243.852666][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.852700][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 243.852743][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.852790][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 243.852834][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.852868][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.852905][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.852939][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.852973][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.853013][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 245.923580][ T3613] [ 245.923974][ T3613] ====================================================== [ 245.925124][ T3613] WARNING: possible circular locking dependency detected [ 245.926361][ T3613] syzkaller #0 Tainted: G L [ 245.927418][ T3613] ------------------------------------------------------ [ 245.928656][ T3613] kworker/u8:7/3613 is trying to acquire lock: [ 245.929797][ T3613] ffff0000d4114938 (jbd2_handle){++++}-{0:0}, at: wait_transaction_locked+0x170/0x220 [ 245.931467][ T3613] [ 245.931467][ T3613] but task is already holding lock: [ 245.932702][ T3613] ffff0000d4116c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x16c/0x2d8 [ 245.934499][ T3613] [ 245.934499][ T3613] which lock already depends on the new lock. [ 245.934499][ T3613] [ 245.936232][ T3613] [ 245.936232][ T3613] the existing dependency chain (in reverse order) is: [ 245.937786][ T3613] [ 245.937786][ T3613] -> #2 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 245.939194][ T3613] percpu_down_read_internal+0x5c/0x294 [ 245.940207][ T3613] ext4_writepages+0x16c/0x2d8 [ 245.941097][ T3613] do_writepages+0x270/0x468 [ 245.941981][ T3613] __writeback_single_inode+0x144/0x1808 [ 245.943057][ T3613] writeback_single_inode+0x3b8/0xaa0 [ 245.944052][ T3613] write_inode_now+0x170/0x208 [ 245.944948][ T3613] iput+0x6bc/0xb90 [ 245.945709][ T3613] ext4_xattr_block_set+0x12dc/0x2188 [ 245.946730][ T3613] ext4_expand_extra_isize_ea+0xb18/0x13a0 [ 245.947841][ T3613] __ext4_expand_extra_isize+0x29c/0x370 [ 245.948890][ T3613] __ext4_mark_inode_dirty+0x3a4/0x810 [ 245.949945][ T3613] ext4_evict_inode+0x7a0/0xfc4 [ 245.950855][ T3613] evict+0x4b8/0x740 [ 245.951571][ T3613] iput+0x858/0xb90 [ 245.952336][ T3613] ext4_process_orphan+0x240/0x2b4 [ 245.953309][ T3613] ext4_orphan_cleanup+0x7b8/0xd30 [ 245.954255][ T3613] ext4_fill_super+0x45a4/0x4d60 [ 245.955255][ T3613] get_tree_bdev_flags+0x380/0x434 [ 245.956247][ T3613] get_tree_bdev+0x2c/0x3c [ 245.957146][ T3613] ext4_get_tree+0x28/0x38 [ 245.958054][ T3613] vfs_get_tree+0x90/0x28c [ 245.958891][ T3613] fc_mount+0x24/0xac [ 245.959642][ T3613] do_new_mount+0x2a4/0x540 [ 245.960519][ T3613] path_mount+0x5d0/0xa68 [ 245.961393][ T3613] do_mount+0xe8/0x148 [ 245.962179][ T3613] __arm64_sys_mount+0x334/0x380 [ 245.963158][ T3613] invoke_syscall+0x98/0x244 [ 245.963972][ T3613] el0_svc_common+0xe8/0x23c [ 245.964741][ T3613] do_el0_svc+0x48/0x58 [ 245.965499][ T3613] el0_svc+0x64/0x260 [ 245.966297][ T3613] el0t_64_sync_handler+0x48/0x148 [ 245.967229][ T3613] el0t_64_sync+0x198/0x19c [ 245.968020][ T3613] [ 245.968020][ T3613] -> #1 (&ei->xattr_sem){++++}-{4:4}: [ 245.969253][ T3613] down_write+0x50/0xc0 [ 245.970055][ T3613] ext4_xattr_set_handle+0x138/0xe00 [ 245.971063][ T3613] ext4_initxattrs+0xa4/0x118 [ 245.971985][ T3613] security_inode_init_security+0x24c/0x378 [ 245.973112][ T3613] ext4_init_security+0x44/0x58 [ 245.974036][ T3613] __ext4_new_inode+0x28dc/0x3390 [ 245.974984][ T3613] ext4_create+0x1e8/0x3f4 [ 245.975806][ T3613] path_openat+0x1244/0x2a6c [ 245.976629][ T3613] do_file_open+0x1c4/0x2e4 [ 245.977468][ T3613] do_sys_openat2+0x114/0x1e8 [ 245.978337][ T3613] do_sys_open+0xac/0xdc [ 245.979135][ T3613] __arm64_sys_openat+0x9c/0xb8 [ 245.979916][ T3613] invoke_syscall+0x98/0x244 [ 245.980788][ T3613] el0_svc_common+0xe8/0x23c [ 245.981707][ T3613] do_el0_svc+0x48/0x58 [ 245.982561][ T3613] el0_svc+0x64/0x260 [ 245.983293][ T3613] el0t_64_sync_handler+0x48/0x148 [ 245.984279][ T3613] el0t_64_sync+0x198/0x19c [ 245.985112][ T3613] [ 245.985112][ T3613] -> #0 (jbd2_handle){++++}-{0:0}: [ 245.986286][ T3613] __lock_acquire+0x1780/0x2f44 [ 245.987268][ T3613] lock_acquire+0x140/0x368 [ 245.988193][ T3613] wait_transaction_locked+0x178/0x220 [ 245.989252][ T3613] start_this_handle+0x5b0/0x1c10 [ 245.990229][ T3613] jbd2__journal_start+0x260/0x520 [ 245.991190][ T3613] __ext4_journal_start_sb+0x228/0x948 [ 245.992183][ T3613] ext4_do_writepages+0xb18/0x3ac8 [ 245.993154][ T3613] ext4_writepages+0x194/0x2d8 [ 245.994057][ T3613] do_writepages+0x270/0x468 [ 245.994952][ T3613] __writeback_single_inode+0x144/0x1808 [ 245.996004][ T3613] writeback_sb_inodes+0x79c/0x1744 [ 245.996970][ T3613] __writeback_inodes_wb+0xec/0x210 [ 245.997930][ T3613] wb_writeback+0x3e8/0x10e0 [ 245.998801][ T3613] wb_workfn+0x9ac/0xcb4 [ 245.999600][ T3613] process_scheduled_works+0x79c/0x1098 [ 246.000620][ T3613] worker_thread+0x754/0xba0 [ 246.001485][ T3613] kthread+0x2f8/0x3c8 [ 246.002249][ T3613] ret_from_fork+0x10/0x20 [ 246.003098][ T3613] [ 246.003098][ T3613] other info that might help us debug this: [ 246.003098][ T3613] [ 246.004850][ T3613] Chain exists of: [ 246.004850][ T3613] jbd2_handle --> &ei->xattr_sem --> &sbi->s_writepages_rwsem [ 246.004850][ T3613] [ 246.007311][ T3613] Possible unsafe locking scenario: [ 246.007311][ T3613] [ 246.008583][ T3613] CPU0 CPU1 [ 246.009556][ T3613] ---- ---- [ 246.010447][ T3613] rlock(&sbi->s_writepages_rwsem); [ 246.011368][ T3613] lock(&ei->xattr_sem); [ 246.012525][ T3613] lock(&sbi->s_writepages_rwsem); [ 246.013885][ T3613] lock(jbd2_handle); [ 246.014607][ T3613] [ 246.014607][ T3613] *** DEADLOCK *** [ 246.014607][ T3613] [ 246.015986][ T3613] 4 locks held by kworker/u8:7/3613: [ 246.016860][ T3613] #0: ffff0000c1f19140 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 [ 246.018813][ T3613] #1: ffff80009a4d7c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 [ 246.020966][ T3613] #2: ffff0000d41080d8 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x24/0xdc [ 246.022788][ T3613] #3: ffff0000d4116c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x16c/0x2d8 [ 246.024560][ T3613] [ 246.024560][ T3613] stack backtrace: [ 246.025570][ T3613] CPU: 1 UID: 0 PID: 3613 Comm: kworker/u8:7 Tainted: G L syzkaller #0 PREEMPT [ 246.027331][ T3613] Tainted: [L]=SOFTLOCKUP [ 246.028017][ T3613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 246.029586][ T3613] Workqueue: writeback wb_workfn (flush-259:0) [ 246.030571][ T3613] Call trace: [ 246.031082][ T3613] show_stack+0x2c/0x3c (C) [ 246.031901][ T3613] __dump_stack+0x30/0x40 [ 246.032625][ T3613] dump_stack_lvl+0xd8/0x12c [ 246.033419][ T3613] dump_stack+0x1c/0x28 [ 246.034108][ T3613] print_circular_bug+0x328/0x330 [ 246.034959][ T3613] check_noncircular+0x158/0x174 [ 246.035884][ T3613] __lock_acquire+0x1780/0x2f44 [ 246.036747][ T3613] lock_acquire+0x140/0x368 [ 246.037495][ T3613] wait_transaction_locked+0x178/0x220 [ 246.038408][ T3613] start_this_handle+0x5b0/0x1c10 [ 246.039251][ T3613] jbd2__journal_start+0x260/0x520 [ 246.040089][ T3613] __ext4_journal_start_sb+0x228/0x948 [ 246.040993][ T3613] ext4_do_writepages+0xb18/0x3ac8 [ 246.041912][ T3613] ext4_writepages+0x194/0x2d8 [ 246.042742][ T3613] do_writepages+0x270/0x468 [ 246.043534][ T3613] __writeback_single_inode+0x144/0x1808 [ 246.044494][ T3613] writeback_sb_inodes+0x79c/0x1744 [ 246.045396][ T3613] __writeback_inodes_wb+0xec/0x210 [ 246.046355][ T3613] wb_writeback+0x3e8/0x10e0 [ 246.047184][ T3613] wb_workfn+0x9ac/0xcb4 [ 246.047884][ T3613] process_scheduled_works+0x79c/0x1098 [ 246.048829][ T3613] worker_thread+0x754/0xba0 [ 246.049667][ T3613] kthread+0x2f8/0x3c8 [ 246.050367][ T3613] ret_from_fork+0x10/0x20 [ 249.207975][ C0] net_ratelimit: 223395 callbacks suppressed [ 249.208001][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208004][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208062][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208074][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208115][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208131][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 249.208167][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208186][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 249.208220][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.208253][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 254.563306][ C1] net_ratelimit: 253523 callbacks suppressed [ 254.563312][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.563336][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.563366][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.563401][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.563430][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.563458][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:46:a8:35:88:ba, vlan:0) [ 254.563484][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.563513][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 254.563535][ C0] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)