program: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r0, 0x0, 0x0) syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1014494, &(0x7f00000001c0)=ANY=[@ANYBLOB="696f636861727365743d63703933322c706172746974696f6e3d30303030303030303030303030303030303030332c6769643d666f726765742c6769643d666f726765742c6e6f6164696e6963622c756e64656c6574652c7569643d666f726765742c00fb5ebc1bbec00aea8217b7375ace1f91cad4e856ac3ce827902dd91a9a936650ca99205dc1adee73bc464ab6ea2dad7091eea47594f5ef5227a72684b2ed98640aa52eba3e04c81c829036f312ecb1c7483575d32ed9eef652c6b7284dc45cecea6a0ae3a01c5cd7b60af90431eddc00"/225], 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk") r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000440)={0x1, 0x0, [{0x40000107, 0x0, 0xfffe}]}) ftruncate(r1, 0x2007ffc) sendfile(r1, r1, 0x0, 0x800000009) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000540)={'\x00', 0x2, 0x2, 0x0, 0x8, 0x3ff, 0xffffffffffffffff}) perf_event_open(&(0x7f00000004c0)={0x7, 0x80, 0x9, 0x0, 0x9, 0x0, 0x0, 0x8, 0x140, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7ff, 0x2, @perf_bp={&(0x7f0000000300), 0x5}, 0x340, 0x9, 0xffff, 0x7, 0x4, 0x7fff, 0x8}, r5, 0xd, r0, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r7 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x10) ftruncate(r7, 0x2007ffb) sendfile(r6, r7, 0x0, 0x1000000201005) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x1, 0x6000006, 0x0, {}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0xfd}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x60}}, 0x0) r8 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r8, 0x4c09, 0x800) creat(&(0x7f00000002c0)='./file1\x00', 0x11) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200c00, &(0x7f0000001bc0)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0x3, 0xa73, &(0x7f0000003cc0)="$eJzs3U2MG1cBAOA33vUmm6TEKQldktAm/LTlp7vNZgk/ETRVcyFqKm6VKi5RmpaINCBSCVpVIsmJG62qcIUiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRove95xy92x/uTtb3+Punt85s39nszOzMez8x7LwBjq9b6u7AwU4Rw5a1Xj//j/r9PL055pD1Ho/V3spSqhxCKmJ7MPu/9iaX45gcvne4WF2G+9TelwxM32u/dHkK4GA6Eq6ER9l659so784+fvHTi8sF3Xz96/c4sPQAAjJdvXz26sOevf96368M37j0WtrSnp/PzRkzviOf9x+KJfzr/r4XOdFEKZVPZfJMx1LL5JrrMVy6nns032aP8qexz6+38fR3zbakof6I0rdtywyhL23EjFLXZjnStNju79Js8tH7XTxWz58+ee+bCgCoKrLt/3RdCOCCsNDSbzZ+0VuAQ1EUQVhuaOwd9BAJYkt8vvM3F/MrC2rQ/bbK/8m88Wuv+flgHG739K3+0yv/1JUcc1s9m3ZrScqX9aEdM5/cR8ueXVrr/p8/L70fU+6xnr/sIo3J/oVc9Jza4HqvVq/75drFZfSPGaT18M8sv7z/5/3RU/sdAd//eqOv/r00P/FrnYjgwBHXY1KE+BHUQ+g7NQR+AgKG1/NzckmaU8vPn+vL8LRX5Wyvypyvyt1Xkb6/Ih3H2++d/Fl4uln/n57/pV3o9LF1nuyvGH1thffLrkSstP3/ud6XWWn7+PDEMszdPPXnmq08/dW3p+f+ivf3fitv7gZhuxH3rapwhXS/Mr6u3n/1vdJZT6zHf3Vl97rpt/uZSibs75yt2L39OKB1nbqvHTOf7dvaab3/nfI1svukYtmb1zc9PtmXvS+cf6bia1tdktrz1bDmmsnqk48quGOf1gNVI22Ov5//T9jkT6sUzZ8+deTim03b6p4n6lsXph8of+puNqTuwNv22/5kJne1/drSn12vl48LO5elF+bjQyKbPLyXbt8nT9MMxnb7nvjsx3Zo+e/r7555e74WHMXfhhRe/d+rcuTM/9CK9mLZavPCi6sixWZ8chPEx9/xzP5i78MKLD5197tSzZ549c/7wkSOH5+ePfO3wwlzrvH6ufHYPbCbLX/qDrgkAAAAAAAAAAADQrx+dOH7tL29/5b2l9v/L7f9S+//05G9q///TrP1/3k4+tQpI7QB3dclvjbv3Zmc9prL56jF8PKvv7qycPdn7PhHj9jh+sf1/am+f9+ua6nNPNj3vvzfNl3UncFt/KVNZHyTt8QJjg/1Px/TlGP8qwAAV090nx7iqf+u0raf+KfRLMZrS/y1tDakfk9T+u1e/Tun4v2sD6sj624jmhINeRqC7fw79+J+lM/GB1+UjQ7M5+DqsPQz/ehbWMTSbRvEAhsOgx/9M1z1TfP6P39q6GNJsNx7tPF7m/ZfCWgz7+JPK31zjf7bHv+vr+Neld/WOfp77H13hP7+4/l6p2LC33+NvvvypH+jd1WWWfRjLT8v/QOiv/OZrWfn5DaE+/Tcrf1uf5d+2/PtXV/7/YvlptT34mX7LX6pxUeusR37dON3/y68bJzez5U99e654+Vc5UOOtWD6Ms97jzPY7gu1wGpXxf3vJn8P4ckynA2F6ziH/Rl5p/dPzFel7YE/2+UXF99uojFPcy7iP//v1GFftD2n837Q9Nrqka6V0vcu6HfVtBTab94f+/t+IhYtDUAdhSMNwjIFdDs1mc6AdeetFfLAGvf4Hffd50OUPev1Xycf/zc/h8/F/a9kPiHz83/z9+fi/eX4+vl6en4//m6/PfPzfPP+e7HPzK9gzFfmfrMjfW5G/bzl/ulv+/or3f6oi/2BF/r0V+fdV5N9dkT9Rkf/ZivzPVeTfX5H/YEX+5yvyN7tWe5TSTjVuyw/jLG+fZ/+H8ZHu//Ta/3dX5AOj6+dvHHrsqd99p7HU/n+q/Xst3cc7FtP1+Nv5xzGd3/cOpfRi3tsx/bcsf9ivd8A4yfvPyL/fH6jIB0ZXes7L/g1jqOjeY09+v61Xv1W9zvMZLV+I8Rdj/KUYPxTj2RjPxfhQjOc3qH7cGY/99g9HXy6Wf+/vzPL7fZ48bw+U9xN1uM/65NcHVvo8e96P30qttfxVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmFrr78LCTBHClbdePf7kybNzi1Meac/RaP2dLKXq7feF8HCMJ2L8y/ji5gcvnS7Ht2JchPlQhKI9PTxxo13S9hDCxXAgXA2NsPfKtVfemX/85KUTlw+++/rR63duDQAAAMDm9/8AAAD//6ZSGwg=") unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='load ecryptfs user:trusted: '], 0x32, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="19763552d07d6f8d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r5, @ANYBLOB="030000000300"/28], 0x48) [ 75.323638][ T5335] syz.0.0 (5335) used greatest stack depth: 1[ 74.728148][ T5316] Bluetooth: hci0: command tx timeout [ 74.798416][ T5335] loop0: detected capacity change from 0 to 2048 [ 74.833652][ T5335] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 74.867418][ T5335] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 74.879243][ T5335] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 74.916100][ T26] audit: type=1800 audit(1752355475.338:2): pid=5335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=1346 res=0 errno=0 [ 75.119100][ T5336] Buffer I/O error on dev loop0, logical block 1520, lost sync page write [ 75.122994][ T5336] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [000005f0] [ 75.129910][ T5335] Buffer I/O error on dev loop0, logical block 1346, lost sync page write [ 75.134311][ T5335] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [00000542] [ 75.139872][ T5336] Buffer I/O error on dev loop0, logical block 1520, lost sync page write [ 75.143751][ T5336] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [000005f0] [ 75.149269][ T5335] Buffer I/O error on dev loop0, logical block 1346, lost sync page write [ 75.153273][ T5335] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [00000542] [ 75.158944][ T5336] Buffer I/O error on dev loop0, logical block 1520, lost sync page write [ 75.162892][ T5336] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [000005f0] [ 75.168856][ T5335] Buffer I/O error on dev loop0, logical block 1346, lost sync page write [ 75.172478][ T5335] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [00000542] [ 75.176753][ T5335] Buffer I/O error on dev loop0, logical block 1346, lost sync page write [ 75.189057][ T5336] Buffer I/O error on dev loop0, logical block 1520, lost sync page write [ 75.194338][ T5335] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [00000542] [ 75.201080][ T5336] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [000005f0] [ 75.217098][ T5335] Buffer I/O error on dev loop0, logical block 1741, lost async page write [ 75.221239][ T5336] Buffer I/O error on dev loop0, logical block 1520, lost sync page write [ 75.224768][ T5336] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [000005f0] [ 75.240098][ T5337] getblk(): invalid block size 512 requested [ 75.243006][ T5337] logical block size: 2048 [ 75.245062][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 75.245079][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.245087][ T5337] Call Trace: [ 75.245095][ T5337] [ 75.245100][ T5337] dump_stack_lvl+0x189/0x250 [ 75.245197][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.245213][ T5337] ? __pfx__printk+0x10/0x10 [ 75.245234][ T5337] ? fs_reclaim_acquire+0x7d/0x100 [ 75.245284][ T5337] bdev_getblk+0x5b0/0x690 [ 75.245308][ T5337] ? udf_get_pblock_spar15+0x2d0/0x420 [ 75.245329][ T5337] udf_setup_indirect_aext+0x190/0x800 [ 75.245355][ T5337] udf_free_blocks+0x13f2/0x17f0 [ 75.245373][ T5337] ? __pfx_udf_free_blocks+0x10/0x10 [ 75.245383][ T5337] ? mark_buffer_dirty+0x22f/0x410 [ 75.245393][ T5337] ? mark_buffer_dirty_inode+0xf7/0x2f0 [ 75.245405][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.245414][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 75.245427][ T5337] extent_trunc+0x35c/0x450 [ 75.245439][ T5337] ? __pfx_extent_trunc+0x10/0x10 [ 75.245446][ T5337] ? udf_current_aext+0x51f/0xad0 [ 75.245461][ T5337] udf_truncate_extents+0x5b0/0xec0 [ 75.245482][ T5337] ? __pfx_udf_truncate_extents+0x10/0x10 [ 75.245509][ T5337] ? do_raw_spin_unlock+0x4d/0x240 [ 75.245528][ T5337] udf_setsize+0x972/0x1000 [ 75.245547][ T5337] ? __pfx_udf_setsize+0x10/0x10 [ 75.245555][ T5337] ? down_write+0x162/0x1f0 [ 75.245593][ T5337] ? __pfx_down_write+0x10/0x10 [ 75.245608][ T5337] ? __pfx_current_time+0x10/0x10 [ 75.245629][ T5337] udf_setattr+0x3a1/0x5a0 [ 75.245643][ T5337] ? __pfx_udf_setattr+0x10/0x10 [ 75.245657][ T5337] notify_change+0xb36/0xe40 [ 75.245677][ T5337] do_truncate+0x1a4/0x220 [ 75.245692][ T5337] ? __pfx_do_truncate+0x10/0x10 [ 75.245703][ T5337] ? apparmor_file_truncate+0x23e/0x2d0 [ 75.245732][ T5337] path_openat+0x306c/0x3830 [ 75.245747][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.245775][ T5337] ? kvm_sched_clock_read+0x11/0x20 [ 75.245798][ T5337] ? __pfx_path_openat+0x10/0x10 [ 75.245808][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.245832][ T5337] do_filp_open+0x1fa/0x410 [ 75.245843][ T5337] ? __lock_acquire+0xab9/0xd20 [ 75.245855][ T5337] ? __pfx_do_filp_open+0x10/0x10 [ 75.245880][ T5337] ? _raw_spin_unlock+0x28/0x50 [ 75.245894][ T5337] ? alloc_fd+0x64c/0x6c0 [ 75.245917][ T5337] do_sys_openat2+0x121/0x1c0 [ 75.245935][ T5337] ? __pfx_do_sys_openat2+0x10/0x10 [ 75.245950][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.245964][ T5337] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 75.245990][ T5337] __x64_sys_creat+0x8f/0xc0 [ 75.246003][ T5337] do_syscall_64+0xfa/0x3b0 [ 75.246015][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.246034][ T5337] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 75.246046][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.246062][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.246075][ T5337] RIP: 0033:0x7fbc4ff8e929 [ 75.246088][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.246097][ T5337] RSP: 002b:00007fbc50d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 75.246110][ T5337] RAX: ffffffffffffffda RBX: 00007fbc501b6160 RCX: 00007fbc4ff8e929 [ 75.246119][ T5337] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0 [ 75.246126][ T5337] RBP: 00007fbc50010b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.246133][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.246140][ T5337] R13: 0000000000000000 R14: 00007fbc501b6160 R15: 00007ffe3eb0f768 [ 75.246158][ T5337] [ 75.246193][ T5337] getblk(): invalid block size 512 requested [ 75.438955][ T5337] logical block size: 2048 [ 75.441147][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 75.441167][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.441175][ T5337] Call Trace: [ 75.441182][ T5337] [ 75.441188][ T5337] dump_stack_lvl+0x189/0x250 [ 75.441226][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.441242][ T5337] ? __pfx__printk+0x10/0x10 [ 75.441272][ T5337] ? fs_reclaim_acquire+0x7d/0x100 [ 75.441300][ T5337] bdev_getblk+0x5b0/0x690 [ 75.441322][ T5337] ? udf_get_pblock_spar15+0x2d0/0x420 [ 75.441346][ T5337] udf_setup_indirect_aext+0x190/0x800 [ 75.441373][ T5337] udf_free_blocks+0x13f2/0x17f0 [ 75.441402][ T5337] ? __pfx_udf_free_blocks+0x10/0x10 [ 75.441417][ T5337] ? mark_buffer_dirty+0x22f/0x410 [ 75.441431][ T5337] ? mark_buffer_dirty_inode+0xf7/0x2f0 [ 75.441450][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.441465][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 75.441486][ T5337] extent_trunc+0x35c/0x450 [ 75.441504][ T5337] ? __pfx_extent_trunc+0x10/0x10 [ 75.441517][ T5337] ? udf_current_aext+0x51f/0xad0 [ 75.441537][ T5337] udf_truncate_extents+0x5b0/0xec0 [ 75.441558][ T5337] ? __pfx_udf_truncate_extents+0x10/0x10 [ 75.441584][ T5337] ? do_raw_spin_unlock+0x4d/0x240 [ 75.441605][ T5337] udf_setsize+0x972/0x1000 [ 75.441627][ T5337] ? __pfx_udf_setsize+0x10/0x10 [ 75.441640][ T5337] ? down_write+0x162/0x1f0 [ 75.441665][ T5337] ? __pfx_down_write+0x10/0x10 [ 75.441682][ T5337] ? __pfx_current_time+0x10/0x10 [ 75.441704][ T5337] udf_setattr+0x3a1/0x5a0 [ 75.441719][ T5337] ? __pfx_udf_setattr+0x10/0x10 [ 75.441735][ T5337] notify_change+0xb36/0xe40 [ 75.441756][ T5337] do_truncate+0x1a4/0x220 [ 75.441774][ T5337] ? __pfx_do_truncate+0x10/0x10 [ 75.441786][ T5337] ? apparmor_file_truncate+0x23e/0x2d0 [ 75.441815][ T5337] path_openat+0x306c/0x3830 [ 75.441832][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.441864][ T5337] ? kvm_sched_clock_read+0x11/0x20 [ 75.441893][ T5337] ? __pfx_path_openat+0x10/0x10 [ 75.441903][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.441928][ T5337] do_filp_open+0x1fa/0x410 [ 75.441942][ T5337] ? __lock_acquire+0xab9/0xd20 [ 75.441957][ T5337] ? __pfx_do_filp_open+0x10/0x10 [ 75.441986][ T5337] ? _raw_spin_unlock+0x28/0x50 [ 75.442001][ T5337] ? alloc_fd+0x64c/0x6c0 [ 75.442024][ T5337] do_sys_openat2+0x121/0x1c0 [ 75.442046][ T5337] ? __pfx_do_sys_openat2+0x10/0x10 [ 75.442064][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.442079][ T5337] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 75.442107][ T5337] __x64_sys_creat+0x8f/0xc0 [ 75.442121][ T5337] do_syscall_64+0xfa/0x3b0 [ 75.442135][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.442146][ T5337] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 75.442159][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.442176][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.442189][ T5337] RIP: 0033:0x7fbc4ff8e929 [ 75.442201][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.442211][ T5337] RSP: 002b:00007fbc50d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 75.442224][ T5337] RAX: ffffffffffffffda RBX: 00007fbc501b6160 RCX: 00007fbc4ff8e929 [ 75.442234][ T5337] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0 [ 75.442242][ T5337] RBP: 00007fbc50010b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.442249][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.442258][ T5337] R13: 0000000000000000 R14: 00007fbc501b6160 R15: 00007ffe3eb0f768 [ 75.442288][ T5337] [ 75.443075][ T5336] UDF-fs: warning (device loop0): udf_update_inode: IO error syncing udf inode [000005f0] [ 75.613728][ T5337] getblk(): invalid block size 512 requested [ 75.616458][ T5337] logical block size: 2048 [ 75.619511][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 75.619530][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.619539][ T5337] Call Trace: [ 75.619544][ T5337] [ 75.619551][ T5337] dump_stack_lvl+0x189/0x250 [ 75.619575][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.619593][ T5337] ? __pfx__printk+0x10/0x10 [ 75.619617][ T5337] ? fs_reclaim_acquire+0x7d/0x100 [ 75.619638][ T5337] bdev_getblk+0x5b0/0x690 [ 75.619659][ T5337] ? udf_get_pblock_spar15+0x2d0/0x420 [ 75.619681][ T5337] udf_setup_indirect_aext+0x190/0x800 [ 75.619710][ T5337] udf_free_blocks+0x13f2/0x17f0 [ 75.619742][ T5337] ? __pfx_udf_free_blocks+0x10/0x10 [ 75.619757][ T5337] ? mark_buffer_dirty+0x22f/0x410 [ 75.619774][ T5337] ? mark_buffer_dirty_inode+0xf7/0x2f0 [ 75.619793][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.619808][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 75.619829][ T5337] extent_trunc+0x35c/0x450 [ 75.619848][ T5337] ? __pfx_extent_trunc+0x10/0x10 [ 75.619860][ T5337] ? udf_current_aext+0x51f/0xad0 [ 75.619882][ T5337] udf_truncate_extents+0x5b0/0xec0 [ 75.619904][ T5337] ? __pfx_udf_truncate_extents+0x10/0x10 [ 75.619930][ T5337] ? do_raw_spin_unlock+0x4d/0x240 [ 75.619950][ T5337] udf_setsize+0x972/0x1000 [ 75.620017][ T5337] ? __pfx_udf_setsize+0x10/0x10 [ 75.620033][ T5337] ? down_write+0x162/0x1f0 [ 75.620048][ T5337] ? __pfx_down_write+0x10/0x10 [ 75.620065][ T5337] ? __pfx_current_time+0x10/0x10 [ 75.620087][ T5337] udf_setattr+0x3a1/0x5a0 [ 75.620103][ T5337] ? __pfx_udf_setattr+0x10/0x10 [ 75.620118][ T5337] notify_change+0xb36/0xe40 [ 75.620139][ T5337] do_truncate+0x1a4/0x220 [ 75.620155][ T5337] ? __pfx_do_truncate+0x10/0x10 [ 75.620167][ T5337] ? apparmor_file_truncate+0x23e/0x2d0 [ 75.620197][ T5337] path_openat+0x306c/0x3830 [ 75.620213][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.620242][ T5337] ? kvm_sched_clock_read+0x11/0x20 [ 75.620265][ T5337] ? __pfx_path_openat+0x10/0x10 [ 75.620276][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.620303][ T5337] do_filp_open+0x1fa/0x410 [ 75.620313][ T5337] ? __lock_acquire+0xab9/0xd20 [ 75.620327][ T5337] ? __pfx_do_filp_open+0x10/0x10 [ 75.620353][ T5337] ? _raw_spin_unlock+0x28/0x50 [ 75.620367][ T5337] ? alloc_fd+0x64c/0x6c0 [ 75.620389][ T5337] do_sys_openat2+0x121/0x1c0 [ 75.620409][ T5337] ? __pfx_do_sys_openat2+0x10/0x10 [ 75.620425][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.620440][ T5337] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 75.620467][ T5337] __x64_sys_creat+0x8f/0xc0 [ 75.620480][ T5337] do_syscall_64+0xfa/0x3b0 [ 75.620494][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.620505][ T5337] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 75.620516][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.620532][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.620544][ T5337] RIP: 0033:0x7fbc4ff8e929 [ 75.620557][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.620567][ T5337] RSP: 002b:00007fbc50d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 75.620581][ T5337] RAX: ffffffffffffffda RBX: 00007fbc501b6160 RCX: 00007fbc4ff8e929 [ 75.620589][ T5337] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0 [ 75.620596][ T5337] RBP: 00007fbc50010b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.620603][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.620611][ T5337] R13: 0000000000000000 R14: 00007fbc501b6160 R15: 00007ffe3eb0f768 [ 75.620632][ T5337] [ 75.620845][ T5337] getblk(): invalid block size 512 requested [ 75.792281][ T5338] trusted_key: encrypted_key: hex blob is missing [ 75.797352][ T5337] logical block size: 2048 [ 75.825683][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 75.825707][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.825716][ T5337] Call Trace: [ 75.825722][ T5337] [ 75.825729][ T5337] dump_stack_lvl+0x189/0x250 [ 75.825757][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.825776][ T5337] ? __pfx__printk+0x10/0x10 [ 75.825799][ T5337] ? fs_reclaim_acquire+0x7d/0x100 [ 75.825821][ T5337] bdev_getblk+0x5b0/0x690 [ 75.825845][ T5337] ? udf_get_pblock_spar15+0x2d0/0x420 [ 75.825869][ T5337] udf_setup_indirect_aext+0x190/0x800 [ 75.825899][ T5337] udf_free_blocks+0x13f2/0x17f0 [ 75.825929][ T5337] ? __pfx_udf_free_blocks+0x10/0x10 [ 75.825947][ T5337] ? mark_buffer_dirty+0x22f/0x410 [ 75.825967][ T5337] ? mark_buffer_dirty_inode+0xf7/0x2f0 [ 75.825988][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.826018][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 75.826044][ T5337] extent_trunc+0x35c/0x450 [ 75.826064][ T5337] ? __pfx_extent_trunc+0x10/0x10 [ 75.826077][ T5337] ? udf_current_aext+0x51f/0xad0 [ 75.826099][ T5337] udf_truncate_extents+0x5b0/0xec0 [ 75.826124][ T5337] ? __pfx_udf_truncate_extents+0x10/0x10 [ 75.826151][ T5337] ? do_raw_spin_unlock+0x4d/0x240 [ 75.826173][ T5337] udf_setsize+0x972/0x1000 [ 75.826198][ T5337] ? __pfx_udf_setsize+0x10/0x10 [ 75.826213][ T5337] ? down_write+0x162/0x1f0 [ 75.826228][ T5337] ? __pfx_down_write+0x10/0x10 [ 75.826244][ T5337] ? __pfx_current_time+0x10/0x10 [ 75.826265][ T5337] udf_setattr+0x3a1/0x5a0 [ 75.826280][ T5337] ? __pfx_udf_setattr+0x10/0x10 [ 75.826297][ T5337] notify_change+0xb36/0xe40 [ 75.826319][ T5337] do_truncate+0x1a4/0x220 [ 75.826337][ T5337] ? __pfx_do_truncate+0x10/0x10 [ 75.826351][ T5337] ? apparmor_file_truncate+0x23e/0x2d0 [ 75.826382][ T5337] path_openat+0x306c/0x3830 [ 75.826400][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.826433][ T5337] ? kvm_sched_clock_read+0x11/0x20 [ 75.826461][ T5337] ? __pfx_path_openat+0x10/0x10 [ 75.826473][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.826500][ T5337] do_filp_open+0x1fa/0x410 [ 75.826514][ T5337] ? __lock_acquire+0xab9/0xd20 [ 75.826531][ T5337] ? __pfx_do_filp_open+0x10/0x10 [ 75.826561][ T5337] ? _raw_spin_unlock+0x28/0x50 [ 75.826581][ T5337] ? alloc_fd+0x64c/0x6c0 [ 75.826609][ T5337] do_sys_openat2+0x121/0x1c0 [ 75.826632][ T5337] ? __pfx_do_sys_openat2+0x10/0x10 [ 75.826651][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.826667][ T5337] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 75.826731][ T5337] __x64_sys_creat+0x8f/0xc0 [ 75.826750][ T5337] do_syscall_64+0xfa/0x3b0 [ 75.826767][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.826780][ T5337] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 75.826794][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.826810][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.826824][ T5337] RIP: 0033:0x7fbc4ff8e929 [ 75.826837][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.826848][ T5337] RSP: 002b:00007fbc50d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 75.826863][ T5337] RAX: ffffffffffffffda RBX: 00007fbc501b6160 RCX: 00007fbc4ff8e929 [ 75.826871][ T5337] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0 [ 75.826877][ T5337] RBP: 00007fbc50010b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.826884][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.826891][ T5337] R13: 0000000000000000 R14: 00007fbc501b6160 R15: 00007ffe3eb0f768 [ 75.826910][ T5337] [ 75.827054][ T5337] ================================================================== [ 75.985078][ T5337] BUG: KASAN: slab-out-of-bounds in udf_write_aext+0x69d/0x7b0 [ 75.988329][ T5337] Write of size 4 at addr ffff88803f0485d8 by task syz.0.0/5337 [ 75.991449][ T5337] [ 75.992524][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 75.992541][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.992550][ T5337] Call Trace: [ 75.992557][ T5337] [ 75.992563][ T5337] dump_stack_lvl+0x189/0x250 [ 75.992584][ T5337] ? __virt_addr_valid+0x1c8/0x5c0 [ 75.992598][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.992612][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.992625][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.992637][ T5337] ? lock_release+0x4b/0x3e0 [ 75.992649][ T5337] ? _raw_spin_lock_irqsave+0xb3/0xf0 [ 75.992694][ T5337] ? __virt_addr_valid+0x1c8/0x5c0 [ 75.992710][ T5337] ? __virt_addr_valid+0x4a5/0x5c0 [ 75.992725][ T5337] print_report+0xca/0x230 [ 75.992736][ T5337] ? udf_write_aext+0x69d/0x7b0 [ 75.992751][ T5337] kasan_report+0x118/0x150 [ 75.992767][ T5337] ? udf_write_aext+0x69d/0x7b0 [ 75.992782][ T5337] udf_write_aext+0x69d/0x7b0 [ 75.992798][ T5337] __udf_add_aext+0x2b9/0x6d0 [ 75.992814][ T5337] udf_free_blocks+0x1466/0x17f0 [ 75.992831][ T5337] ? __pfx_udf_free_blocks+0x10/0x10 [ 75.992844][ T5337] ? mark_buffer_dirty+0x22f/0x410 [ 75.992859][ T5337] ? mark_buffer_dirty_inode+0xf7/0x2f0 [ 75.992875][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.992887][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 75.992905][ T5337] extent_trunc+0x35c/0x450 [ 75.992917][ T5337] ? __pfx_extent_trunc+0x10/0x10 [ 75.992928][ T5337] ? udf_current_aext+0x51f/0xad0 [ 75.992944][ T5337] udf_truncate_extents+0x5b0/0xec0 [ 75.992959][ T5337] ? __pfx_udf_truncate_extents+0x10/0x10 [ 75.992974][ T5337] ? do_raw_spin_unlock+0x4d/0x240 [ 75.992990][ T5337] udf_setsize+0x972/0x1000 [ 75.993015][ T5337] ? __pfx_udf_setsize+0x10/0x10 [ 75.993029][ T5337] ? down_write+0x162/0x1f0 [ 75.993042][ T5337] ? __pfx_down_write+0x10/0x10 [ 75.993056][ T5337] ? __pfx_current_time+0x10/0x10 [ 75.993074][ T5337] udf_setattr+0x3a1/0x5a0 [ 75.993086][ T5337] ? __pfx_udf_setattr+0x10/0x10 [ 75.993099][ T5337] notify_change+0xb36/0xe40 [ 75.993114][ T5337] do_truncate+0x1a4/0x220 [ 75.993128][ T5337] ? __pfx_do_truncate+0x10/0x10 [ 75.993140][ T5337] ? apparmor_file_truncate+0x23e/0x2d0 [ 75.993160][ T5337] path_openat+0x306c/0x3830 [ 75.993173][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.993196][ T5337] ? kvm_sched_clock_read+0x11/0x20 [ 75.993214][ T5337] ? __pfx_path_openat+0x10/0x10 [ 75.993223][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.993237][ T5337] do_filp_open+0x1fa/0x410 [ 75.993258][ T5337] ? __lock_acquire+0xab9/0xd20 [ 75.993270][ T5337] ? __pfx_do_filp_open+0x10/0x10 [ 75.993287][ T5337] ? _raw_spin_unlock+0x28/0x50 [ 75.993302][ T5337] ? alloc_fd+0x64c/0x6c0 [ 75.993320][ T5337] do_sys_openat2+0x121/0x1c0 [ 75.993339][ T5337] ? __pfx_do_sys_openat2+0x10/0x10 [ 75.993355][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.993367][ T5337] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 75.993387][ T5337] __x64_sys_creat+0x8f/0xc0 [ 75.993397][ T5337] do_syscall_64+0xfa/0x3b0 [ 75.993409][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.993419][ T5337] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 75.993430][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.993442][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.993454][ T5337] RIP: 0033:0x7fbc4ff8e929 [ 75.993466][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.993475][ T5337] RSP: 002b:00007fbc50d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 75.993489][ T5337] RAX: ffffffffffffffda RBX: 00007fbc501b6160 RCX: 00007fbc4ff8e929 [ 75.993497][ T5337] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0 [ 75.993505][ T5337] RBP: 00007fbc50010b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.993512][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.993519][ T5337] R13: 0000000000000000 R14: 00007fbc501b6160 R15: 00007ffe3eb0f768 [ 75.993533][ T5337] [ 75.993538][ T5337] [ 76.157084][ T5337] Allocated by task 5335: [ 76.159198][ T5337] kasan_save_track+0x3e/0x80 [ 76.161370][ T5337] __kasan_kmalloc+0x93/0xb0 [ 76.163306][ T5337] __kmalloc_noprof+0x27a/0x4f0 [ 76.165461][ T5337] __udf_iget+0xc66/0x3ae0 [ 76.167387][ T5337] udf_fill_partdesc_info+0x773/0x1310 [ 76.169591][ T5337] udf_process_sequence+0x1133/0x4840 [ 76.171420][ T5337] udf_check_anchor_block+0x28e/0x550 [ 76.173396][ T5337] udf_load_vrs+0x96d/0xf20 [ 76.175192][ T5337] udf_fill_super+0x5ad/0x17a0 [ 76.177144][ T5337] get_tree_bdev_flags+0x40e/0x4d0 [ 76.179080][ T5337] vfs_get_tree+0x92/0x2b0 [ 76.180985][ T5337] do_new_mount+0x24a/0xa40 [ 76.182844][ T5337] __se_sys_mount+0x317/0x410 [ 76.184758][ T5337] do_syscall_64+0xfa/0x3b0 [ 76.186637][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.188879][ T5337] [ 76.189923][ T5337] The buggy address belongs to the object at ffff88803f048400 [ 76.189923][ T5337] which belongs to the cache kmalloc-512 of size 512 [ 76.195506][ T5337] The buggy address is located 0 bytes to the right of [ 76.195506][ T5337] allocated 472-byte region [ffff88803f048400, ffff88803f0485d8) [ 76.201762][ T5337] [ 76.202815][ T5337] The buggy address belongs to the physical page: [ 76.205557][ T5337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f048000 pfn:0x3f048 [ 76.209333][ T5337] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 76.212204][ T5337] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff) [ 76.215171][ T5337] page_type: f5(slab) [ 76.216559][ T5337] raw: 04fff00000000240 ffff88801a441c80 ffffea000100d490 ffffea0000fec710 [ 76.219566][ T5337] raw: ffff88803f048000 0000000000080007 00000000f5000000 0000000000000000 [ 76.222622][ T5337] head: 04fff00000000240 ffff88801a441c80 ffffea000100d490 ffffea0000fec710 [ 76.226019][ T5337] head: ffff88803f048000 0000000000080007 00000000f5000000 0000000000000000 [ 76.229759][ T5337] head: 04fff00000000001 ffffea0000fc1201 00000000ffffffff 00000000ffffffff [ 76.233024][ T5337] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 76.236138][ T5337] page dumped because: kasan: bad access detected [ 76.238696][ T5337] page_owner tracks the page as allocated [ 76.241022][ T5337] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 22938950246, free_ts 0 [ 76.248358][ T5337] post_alloc_hook+0x240/0x2a0 [ 76.250279][ T5337] get_page_from_freelist+0x21e4/0x22c0 [ 76.252564][ T5337] __alloc_frozen_pages_noprof+0x181/0x370 [ 76.254803][ T5337] alloc_pages_mpol+0x232/0x4a0 [ 76.257106][ T5337] allocate_slab+0x8a/0x3b0 [ 76.259723][ T5337] ___slab_alloc+0xbfc/0x1480 [ 76.262443][ T5337] __kmalloc_noprof+0x305/0x4f0 [ 76.264506][ T5337] ops_init+0x1eb/0x5c0 [ 76.266305][ T5337] register_pernet_operations+0x336/0x800 [ 76.268808][ T5337] register_pernet_subsys+0x28/0x40 [ 76.271129][ T5337] tcf_register_action+0x8f/0x670 [ 76.273229][ T5337] do_one_initcall+0x233/0x820 [ 76.275240][ T5337] do_initcall_level+0x137/0x1f0 [ 76.277469][ T5337] do_initcalls+0x69/0xd0 [ 76.279515][ T5337] kernel_init_freeable+0x3d9/0x570 [ 76.281840][ T5337] kernel_init+0x1d/0x1d0 [ 76.283735][ T5337] page_owner free stack trace missing [ 76.286016][ T5337] [ 76.287016][ T5337] Memory state around the buggy address: [ 76.289349][ T5337] ffff88803f048480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 76.292691][ T5337] ffff88803f048500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 76.295919][ T5337] >ffff88803f048580: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc [ 76.299210][ T5337] ^ [ 76.302078][ T5337] ffff88803f048600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.306254][ T5337] ffff88803f048680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.309545][ T5337] ================================================================== [ 76.362364][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.365188][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.393769][ T5337] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 76.396978][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 76.401822][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.406383][ T5337] Call Trace: [ 76.407841][ T5337] [ 76.409182][ T5337] dump_stack_lvl+0x99/0x250 [ 76.411077][ T5337] ? __asan_memcpy+0x40/0x70 [ 76.413262][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.415648][ T5337] ? __pfx__printk+0x10/0x10 [ 76.417755][ T5337] panic+0x2db/0x790 [ 76.419443][ T5337] ? __pfx_preempt_schedule+0x10/0x10 [ 76.421776][ T5337] ? __pfx_panic+0x10/0x10 [ 76.423682][ T5337] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 76.426319][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 76.429059][ T5337] ? udf_write_aext+0x69d/0x7b0 [ 76.431034][ T5337] check_panic_on_warn+0x89/0xb0 [ 76.433229][ T5337] ? udf_write_aext+0x69d/0x7b0 [ 76.435430][ T5337] end_report+0x78/0x160 [ 76.437269][ T5337] kasan_report+0x129/0x150 [ 76.439175][ T5337] ? udf_write_aext+0x69d/0x7b0 [ 76.441300][ T5337] udf_write_aext+0x69d/0x7b0 [ 76.443191][ T5337] __udf_add_aext+0x2b9/0x6d0 [ 76.445243][ T5337] udf_free_blocks+0x1466/0x17f0 [ 76.447491][ T5337] ? __pfx_udf_free_blocks+0x10/0x10 [ 76.449784][ T5337] ? mark_buffer_dirty+0x22f/0x410 [ 76.452032][ T5337] ? mark_buffer_dirty_inode+0xf7/0x2f0 [ 76.454305][ T5337] ? rcu_is_watching+0x15/0xb0 [ 76.456518][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 76.458828][ T5337] extent_trunc+0x35c/0x450 [ 76.460822][ T5337] ? __pfx_extent_trunc+0x10/0x10 [ 76.463160][ T5337] ? udf_current_aext+0x51f/0xad0 [ 76.465209][ T5337] udf_truncate_extents+0x5b0/0xec0 [ 76.467410][ T5337] ? __pfx_udf_truncate_extents+0x10/0x10 [ 76.469986][ T5337] ? do_raw_spin_unlock+0x4d/0x240 [ 76.472211][ T5337] udf_setsize+0x972/0x1000 [ 76.474133][ T5337] ? __pfx_udf_setsize+0x10/0x10 [ 76.476141][ T5337] ? down_write+0x162/0x1f0 [ 76.478000][ T5337] ? __pfx_down_write+0x10/0x10 [ 76.479919][ T5337] ? __pfx_current_time+0x10/0x10 [ 76.482063][ T5337] udf_setattr+0x3a1/0x5a0 [ 76.483897][ T5337] ? __pfx_udf_setattr+0x10/0x10 [ 76.486077][ T5337] notify_change+0xb36/0xe40 [ 76.488019][ T5337] do_truncate+0x1a4/0x220 [ 76.490030][ T5337] ? __pfx_do_truncate+0x10/0x10 [ 76.492147][ T5337] ? apparmor_file_truncate+0x23e/0x2d0 [ 76.494504][ T5337] path_openat+0x306c/0x3830 [ 76.496643][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 76.499498][ T5337] ? kvm_sched_clock_read+0x11/0x20 [ 76.501801][ T5337] ? __pfx_path_openat+0x10/0x10 [ 76.504094][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.506860][ T5337] do_filp_open+0x1fa/0x410 [ 76.508907][ T5337] ? __lock_acquire+0xab9/0xd20 [ 76.511060][ T5337] ? __pfx_do_filp_open+0x10/0x10 [ 76.513294][ T5337] ? _raw_spin_unlock+0x28/0x50 [ 76.515459][ T5337] ? alloc_fd+0x64c/0x6c0 [ 76.517376][ T5337] do_sys_openat2+0x121/0x1c0 [ 76.519437][ T5337] ? __pfx_do_sys_openat2+0x10/0x10 [ 76.522016][ T5337] ? rcu_is_watching+0x15/0xb0 [ 76.524516][ T5337] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 76.527471][ T5337] __x64_sys_creat+0x8f/0xc0 [ 76.529441][ T5337] do_syscall_64+0xfa/0x3b0 [ 76.531514][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.534183][ T5337] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 76.536889][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 76.539019][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.541731][ T5337] RIP: 0033:0x7fbc4ff8e929 [ 76.543747][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.551941][ T5337] RSP: 002b:00007fbc50d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 76.555704][ T5337] RAX: ffffffffffffffda RBX: 00007fbc501b6160 RCX: 00007fbc4ff8e929 [ 76.559346][ T5337] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0 [ 76.562702][ T5337] RBP: 00007fbc50010b39 R08: 0000000000000000 R09: 0000000000000000 [ 76.566145][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.569611][ T5337] R13: 0000000000000000 R14: 00007fbc501b6160 R15: 00007ffe3eb0f768 [ 76.573360][ T5337] [ 76.575215][ T5337] Kernel Offset: disabled [ 76.577207][ T5337] Rebooting in 86400 seconds..