Warning: Permanently added '10.128.1.71' (ED25519) to the list of known hosts. 2026/06/04 19:16:02 parsed 1 programs [ 81.652719][ T820] cfg80211: failed to load regulatory.db [ 83.705128][ T5613] cgroup: Unknown subsys name 'net' [ 83.969871][ T5613] cgroup: Unknown subsys name 'cpuset' [ 84.021213][ T5613] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.651135][ T5613] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.656175][ T5652] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.657446][ T5652] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.657552][ T5652] bridge_slave_0: entered allmulticast mode [ 90.664537][ T5652] bridge_slave_0: entered promiscuous mode [ 90.677591][ T5652] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.677776][ T5652] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.677954][ T5652] bridge_slave_1: entered allmulticast mode [ 90.683317][ T5652] bridge_slave_1: entered promiscuous mode [ 90.729505][ T5652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.742570][ T5652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.776561][ T5652] team0: Port device team_slave_0 added [ 90.778459][ T5652] team0: Port device team_slave_1 added [ 90.967073][ T5652] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.967089][ T5652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.967112][ T5652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.978521][ T5652] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.978536][ T5652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.981283][ T5652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.073422][ T5652] hsr_slave_0: entered promiscuous mode [ 91.074340][ T5652] hsr_slave_1: entered promiscuous mode [ 91.402103][ T5652] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.454541][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 91.458266][ T5652] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.486877][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 91.783867][ T5652] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.804589][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 91.806777][ T5652] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.835060][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 92.015727][ T5652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.047962][ T5652] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.085025][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.085165][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.104391][ T1423] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.104998][ T1423] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.478094][ T5652] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.534995][ T5652] veth0_vlan: entered promiscuous mode [ 92.553082][ T5652] veth1_vlan: entered promiscuous mode [ 92.608237][ T5652] veth0_macvtap: entered promiscuous mode [ 92.618473][ T5652] veth1_macvtap: entered promiscuous mode [ 92.642173][ T5652] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.652426][ T5652] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.695231][ T1788] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.697766][ T1788] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.724797][ T1788] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.726130][ T1788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.131617][ T4917] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.159968][ T4917] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.167367][ T4917] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.178580][ T4917] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.179261][ T4917] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.397084][ T4259] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.724190][ T4259] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.743661][ T1788] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.743689][ T1788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.883651][ T1788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.883669][ T1788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.107826][ T4259] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.409517][ T4259] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.401029][ T4259] bridge_slave_1: left allmulticast mode [ 97.401211][ T4259] bridge_slave_1: left promiscuous mode [ 97.405098][ T4259] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.531654][ T4259] bridge_slave_0: left allmulticast mode [ 97.531676][ T4259] bridge_slave_0: left promiscuous mode [ 97.531825][ T4259] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.441211][ T4259] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 98.521286][ T4259] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 98.542758][ T4259] bond0 (unregistering): Released all slaves [ 98.589220][ T5263] 8021q: adding VLAN 0 to HW filter on device eth1 [ 99.001654][ T4259] hsr_slave_0: left promiscuous mode [ 99.046098][ T4259] hsr_slave_1: left promiscuous mode [ 99.057347][ T4259] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.057406][ T4259] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.111562][ T4259] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 99.111589][ T4259] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 99.198220][ T4259] veth1_macvtap: left promiscuous mode [ 99.198465][ T4259] veth0_macvtap: left promiscuous mode [ 99.198735][ T4259] veth1_vlan: left promiscuous mode [ 99.199021][ T4259] veth0_vlan: left promiscuous mode 2026/06/04 19:16:20 executed programs: 0 [ 99.376394][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 99.390288][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 99.397537][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 99.399064][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 99.401293][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 100.131202][ T4259] team0 (unregistering): Port device team_slave_1 removed [ 100.171234][ T4259] team0 (unregistering): Port device team_slave_0 removed [ 100.346271][ T5263] 8021q: adding VLAN 0 to HW filter on device eth3 [ 100.976576][ T5263] 8021q: adding VLAN 0 to HW filter on device eth2 [ 101.463408][ T4917] Bluetooth: hci0: command tx timeout [ 101.481763][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.481967][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.482129][ T5769] bridge_slave_0: entered allmulticast mode [ 101.484674][ T5769] bridge_slave_0: entered promiscuous mode [ 101.488585][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.488730][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.488896][ T5769] bridge_slave_1: entered allmulticast mode [ 101.492359][ T5769] bridge_slave_1: entered promiscuous mode [ 101.568703][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.580263][ T5263] 8021q: adding VLAN 0 to HW filter on device eth4 [ 101.586981][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.634396][ T5769] team0: Port device team_slave_0 added [ 101.637870][ T5769] team0: Port device team_slave_1 added [ 101.680205][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.680220][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 101.680241][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.687006][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.687019][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 101.687041][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.767372][ T5769] hsr_slave_0: entered promiscuous mode [ 101.770494][ T5769] hsr_slave_1: entered promiscuous mode [ 103.540694][ T4917] Bluetooth: hci0: command tx timeout [ 105.130447][ T5769] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.194212][ T5769] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 105.195207][ T5769] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.250248][ T5769] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 105.265082][ T5769] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.299102][ T5769] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 105.620704][ T4917] Bluetooth: hci0: command tx timeout [ 105.672701][ T5769] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.719906][ T5769] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 106.140344][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.197533][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.208477][ T1423] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.208722][ T1423] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.220334][ T1423] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.220527][ T1423] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.813072][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.893245][ T5769] veth0_vlan: entered promiscuous mode [ 106.909987][ T5769] veth1_vlan: entered promiscuous mode [ 106.978598][ T5769] veth0_macvtap: entered promiscuous mode [ 106.996621][ T5769] veth1_macvtap: entered promiscuous mode [ 107.022180][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.040434][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.055788][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.056030][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.056064][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.056096][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.701382][ T4917] Bluetooth: hci0: command tx timeout [ 107.823502][ T1463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.823521][ T1463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.882149][ T1423] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.882167][ T1423] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2026/06/04 19:16:29 executed programs: 2 [ 107.989637][ T5956] loop0: detected capacity change from 0 to 1024 [ 107.996083][ T5956] ======================================================= [ 107.996083][ T5956] WARNING: The mand mount option has been deprecated and [ 107.996083][ T5956] and is ignored by this kernel. Remove the mand [ 107.996083][ T5956] option from the mount to silence this warning. [ 107.996083][ T5956] ======================================================= [ 107.996298][ T5956] EXT4-fs: Ignoring removed bh option [ 108.042382][ T5956] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 108.123794][ T5956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.384430][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /0/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 108.387743][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 108.431515][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.670554][ T5960] loop0: detected capacity change from 0 to 1024 [ 108.675435][ T5960] EXT4-fs: Ignoring removed bh option [ 108.676939][ T5960] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 108.706251][ T5960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.801496][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /1/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 108.804051][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 108.873438][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.403813][ T5964] loop0: detected capacity change from 0 to 1024 [ 109.405349][ T5964] EXT4-fs: Ignoring removed bh option [ 109.406992][ T5964] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 109.425497][ T5964] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.531492][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /3/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 109.531897][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 109.590154][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.154798][ T5968] loop0: detected capacity change from 0 to 1024 [ 110.156047][ T5968] EXT4-fs: Ignoring removed bh option [ 110.157319][ T5968] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 110.173495][ T5968] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.201773][ T5968] [ 110.201780][ T5968] ====================================================== [ 110.201783][ T5968] WARNING: possible circular locking dependency detected [ 110.201808][ T5968] syzkaller #0 Not tainted [ 110.201812][ T5968] ------------------------------------------------------ [ 110.201816][ T5968] syz.0.22/5968 is trying to acquire lock: [ 110.201821][ T5968] ffff88805aab44a0 (&ovl_i_mutex_key[depth]){+.+.}-{4:4}, at: lock_two_nondirectories+0xe7/0x180 [ 110.201857][ T5968] [ 110.201857][ T5968] but task is already holding lock: [ 110.201860][ T5968] ffff88803ea9c480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write_file+0x63/0x210 [ 110.201883][ T5968] [ 110.201883][ T5968] which lock already depends on the new lock. [ 110.201883][ T5968] [ 110.201886][ T5968] [ 110.201886][ T5968] the existing dependency chain (in reverse order) is: [ 110.201889][ T5968] [ 110.201889][ T5968] -> #1 (sb_writers#4){.+.+}-{0:0}: [ 110.201903][ T5968] sb_start_write+0x4d/0x1c0 [ 110.201915][ T5968] vfs_iter_write+0x1f8/0x610 [ 110.201925][ T5968] backing_file_write_iter+0x5e7/0x950 [ 110.201937][ T5968] ovl_write_iter+0x2fd/0x3d0 [ 110.201948][ T5968] vfs_write+0x629/0xba0 [ 110.201956][ T5968] __x64_sys_pwrite64+0x19c/0x230 [ 110.201966][ T5968] do_syscall_64+0x174/0x580 [ 110.201979][ T5968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.201987][ T5968] [ 110.201987][ T5968] -> #0 (&ovl_i_mutex_key[depth]){+.+.}-{4:4}: [ 110.202005][ T5968] __lock_acquire+0x15a5/0x2cf0 [ 110.202017][ T5968] lock_acquire+0x106/0x350 [ 110.202026][ T5968] down_write+0x3a/0x50 [ 110.202034][ T5968] lock_two_nondirectories+0xe7/0x180 [ 110.202042][ T5968] ext4_move_extents+0x20f/0x3950 [ 110.202050][ T5968] ext4_ioctl+0x3092/0x4b40 [ 110.202058][ T5968] __se_sys_ioctl+0xff/0x170 [ 110.202072][ T5968] do_syscall_64+0x174/0x580 [ 110.202083][ T5968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.202091][ T5968] [ 110.202091][ T5968] other info that might help us debug this: [ 110.202091][ T5968] [ 110.202094][ T5968] Possible unsafe locking scenario: [ 110.202094][ T5968] [ 110.202098][ T5968] CPU0 CPU1 [ 110.202103][ T5968] ---- ---- [ 110.202107][ T5968] rlock(sb_writers#4); [ 110.202120][ T5968] lock(&ovl_i_mutex_key[depth]); [ 110.202131][ T5968] lock(sb_writers#4); [ 110.202146][ T5968] lock(&ovl_i_mutex_key[depth]); [ 110.202152][ T5968] [ 110.202152][ T5968] *** DEADLOCK *** [ 110.202152][ T5968] [ 110.202154][ T5968] 1 lock held by syz.0.22/5968: [ 110.202160][ T5968] #0: ffff88803ea9c480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write_file+0x63/0x210 [ 110.202184][ T5968] [ 110.202184][ T5968] stack backtrace: [ 110.202198][ T5968] CPU: 0 UID: 0 PID: 5968 Comm: syz.0.22 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 110.202209][ T5968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 110.202219][ T5968] Call Trace: [ 110.202223][ T5968] [ 110.202228][ T5968] dump_stack_lvl+0xe8/0x150 [ 110.202239][ T5968] print_circular_bug+0x2e1/0x300 [ 110.202256][ T5968] check_noncircular+0x12e/0x150 [ 110.202270][ T5968] __lock_acquire+0x15a5/0x2cf0 [ 110.202283][ T5968] ? __lock_acquire+0x6b5/0x2cf0 [ 110.202295][ T5968] ? lock_two_nondirectories+0xe7/0x180 [ 110.202304][ T5968] lock_acquire+0x106/0x350 [ 110.202315][ T5968] ? lock_two_nondirectories+0xe7/0x180 [ 110.202326][ T5968] down_write+0x3a/0x50 [ 110.202333][ T5968] ? lock_two_nondirectories+0xe7/0x180 [ 110.202342][ T5968] lock_two_nondirectories+0xe7/0x180 [ 110.202350][ T5968] ext4_move_extents+0x20f/0x3950 [ 110.202360][ T5968] ? __lock_acquire+0x6b5/0x2cf0 [ 110.202371][ T5968] ? __lock_acquire+0x6b5/0x2cf0 [ 110.202384][ T5968] ? __lock_acquire+0x6b5/0x2cf0 [ 110.202395][ T5968] ? __pfx_ext4_move_extents+0x10/0x10 [ 110.202404][ T5968] ? mnt_want_write_file+0x63/0x210 [ 110.202414][ T5968] ? mnt_want_write_file+0x63/0x210 [ 110.202426][ T5968] ? sb_start_write+0x114/0x1c0 [ 110.202436][ T5968] ? mnt_want_write_file+0x170/0x210 [ 110.202447][ T5968] ext4_ioctl+0x3092/0x4b40 [ 110.202456][ T5968] ? __pfx_ext4_ioctl+0x10/0x10 [ 110.202465][ T5968] ? is_bpf_text_address+0x292/0x2b0 [ 110.202477][ T5968] ? is_bpf_text_address+0x26/0x2b0 [ 110.202488][ T5968] ? kernel_text_address+0xa5/0xe0 [ 110.202503][ T5968] ? __kernel_text_address+0xd/0x30 [ 110.202515][ T5968] ? unwind_get_return_address+0x4d/0x90 [ 110.202526][ T5968] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 110.202537][ T5968] ? arch_stack_walk+0xfb/0x150 [ 110.202550][ T5968] ? stack_trace_save+0xa9/0x100 [ 110.202559][ T5968] ? __pfx_stack_trace_save+0x10/0x10 [ 110.202568][ T5968] ? kasan_save_free_info+0x46/0x50 [ 110.202581][ T5968] ? stack_depot_save_flags+0x33/0x810 [ 110.202595][ T5968] ? kasan_save_track+0x4f/0x80 [ 110.202603][ T5968] ? kasan_save_track+0x3e/0x80 [ 110.202611][ T5968] ? kasan_save_free_info+0x46/0x50 [ 110.202623][ T5968] ? __kasan_slab_free+0x5c/0x80 [ 110.202632][ T5968] ? kfree+0x1c5/0x6c0 [ 110.202640][ T5968] ? tomoyo_path_number_perm+0x501/0x630 [ 110.202653][ T5968] ? security_file_ioctl+0xc3/0x2a0 [ 110.202666][ T5968] ? __se_sys_ioctl+0x47/0x170 [ 110.202676][ T5968] ? do_syscall_64+0x174/0x580 [ 110.202687][ T5968] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.202700][ T5968] ? file_ioctl+0x279/0x870 [ 110.202710][ T5968] ? __pfx_file_ioctl+0x10/0x10 [ 110.202723][ T5968] ? kasan_quarantine_put+0xbb/0x1f0 [ 110.202734][ T5968] ? tomoyo_path_number_perm+0x219/0x630 [ 110.202746][ T5968] ? tomoyo_path_number_perm+0x219/0x630 [ 110.202760][ T5968] ? do_vfs_ioctl+0x117b/0x1540 [ 110.202770][ T5968] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 110.202781][ T5968] ? __pfx_smack_log+0x10/0x10 [ 110.202791][ T5968] ? smk_access+0x14c/0x4e0 [ 110.202802][ T5968] ? smk_tskacc+0x311/0x3a0 [ 110.202813][ T5968] ? smack_file_ioctl+0x2c2/0x360 [ 110.202825][ T5968] ? __pfx_smack_file_ioctl+0x10/0x10 [ 110.202838][ T5968] ? __x64_sys_pwrite64+0x1b7/0x230 [ 110.202849][ T5968] ? __pfx___se_sys_futex+0x10/0x10 [ 110.202863][ T5968] ? bpf_lsm_file_ioctl+0x9/0x20 [ 110.202873][ T5968] ? __pfx_ext4_ioctl+0x10/0x10 [ 110.202882][ T5968] __se_sys_ioctl+0xff/0x170 [ 110.202892][ T5968] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.202901][ T5968] do_syscall_64+0x174/0x580 [ 110.202913][ T5968] ? trace_irq_disable+0x3b/0x140 [ 110.202923][ T5968] ? clear_bhb_loop+0x40/0x90 [ 110.202933][ T5968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.202941][ T5968] RIP: 0033:0x7fb592a3ce59 [ 110.202953][ T5968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 110.202960][ T5968] RSP: 002b:00007ffc3443e838 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 110.202970][ T5968] RAX: ffffffffffffffda RBX: 00007fb592cb5fa0 RCX: 00007fb592a3ce59 [ 110.202977][ T5968] RDX: 0000200000000040 RSI: 00000000c028660f RDI: 0000000000000005 [ 110.202983][ T5968] RBP: 00007fb592ad2d6f R08: 0000000000000000 R09: 0000000000000000 [ 110.202988][ T5968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.202998][ T5968] R13: 00007fb592cb5fac R14: 00007fb592cb5fa0 R15: 00007fb592cb5fa0 [ 110.203007][ T5968] [ 110.322659][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /5/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 110.323026][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 110.364676][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.854384][ T5972] loop0: detected capacity change from 0 to 1024 [ 110.856990][ T5972] EXT4-fs: Ignoring removed bh option [ 110.857657][ T5972] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 110.874444][ T5972] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.011340][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /7/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 111.011746][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 111.052211][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.538141][ T5976] loop0: detected capacity change from 0 to 1024 [ 111.538809][ T5976] EXT4-fs: Ignoring removed bh option [ 111.539322][ T5976] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 111.545180][ T5976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.631970][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /9/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 111.632509][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 111.683145][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.208088][ T5981] loop0: detected capacity change from 0 to 1024 [ 112.208724][ T5981] EXT4-fs: Ignoring removed bh option [ 112.209234][ T5981] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 112.214465][ T5981] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.301314][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /11/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 112.301726][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 112.361971][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.889639][ T5985] loop0: detected capacity change from 0 to 1024 [ 112.890268][ T5985] EXT4-fs: Ignoring removed bh option [ 112.891231][ T5985] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 112.905136][ T5985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.981591][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /13/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 112.982038][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 113.022939][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. 2026/06/04 19:16:34 executed programs: 17 [ 113.491258][ T5994] loop0: detected capacity change from 0 to 1024 [ 113.492004][ T5994] EXT4-fs: Ignoring removed bh option [ 113.492745][ T5994] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 113.510968][ T5994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.571694][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /15/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 113.571959][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 113.621881][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.088431][ T5999] loop0: detected capacity change from 0 to 1024 [ 114.089020][ T5999] EXT4-fs: Ignoring removed bh option [ 114.089890][ T5999] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 114.112507][ T5999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.211190][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /17/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 114.211477][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 114.252536][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.758137][ T6003] loop0: detected capacity change from 0 to 1024 [ 114.758735][ T6003] EXT4-fs: Ignoring removed bh option [ 114.759246][ T6003] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 114.769084][ T6003] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.851127][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /19/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 114.851427][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 114.901956][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.368055][ T6007] loop0: detected capacity change from 0 to 1024 [ 115.368650][ T6007] EXT4-fs: Ignoring removed bh option [ 115.369136][ T6007] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 115.379656][ T6007] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.471105][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /21/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 115.471392][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 115.512020][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.042050][ T6011] loop0: detected capacity change from 0 to 1024 [ 116.042812][ T6011] EXT4-fs: Ignoring removed bh option [ 116.043545][ T6011] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 116.055527][ T6011] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.131298][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /23/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 116.131761][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 116.193107][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.697991][ T6015] loop0: detected capacity change from 0 to 1024 [ 116.698590][ T6015] EXT4-fs: Ignoring removed bh option [ 116.699102][ T6015] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 116.704602][ T6015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.801276][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /25/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 116.801700][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 116.862681][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.368530][ T6019] loop0: detected capacity change from 0 to 1024 [ 117.369260][ T6019] EXT4-fs: Ignoring removed bh option [ 117.369832][ T6019] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 117.386374][ T6019] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.481454][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /27/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 117.481772][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 117.532035][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.019123][ T6023] loop0: detected capacity change from 0 to 1024 [ 118.019807][ T6023] EXT4-fs: Ignoring removed bh option [ 118.020316][ T6023] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 118.035734][ T6023] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.111309][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /29/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 118.111686][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 118.152599][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. 2026/06/04 19:16:39 executed programs: 33 [ 118.658098][ T6028] loop0: detected capacity change from 0 to 1024 [ 118.658739][ T6028] EXT4-fs: Ignoring removed bh option [ 118.659246][ T6028] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 118.664545][ T6028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.741850][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /31/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 118.742315][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 118.782801][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.288468][ T6032] loop0: detected capacity change from 0 to 1024 [ 119.289064][ T6032] EXT4-fs: Ignoring removed bh option [ 119.289564][ T6032] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 119.295012][ T6032] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.361321][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /33/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 119.361606][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 119.411986][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.918390][ T6037] loop0: detected capacity change from 0 to 1024 [ 119.918995][ T6037] EXT4-fs: Ignoring removed bh option [ 119.919487][ T6037] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 119.933028][ T6037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.991807][ T5769] EXT4-fs error (device loop0): ext4_read_inline_dir:1494: inode #12: block 7: comm syz-executor: path /35/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 119.992112][ T5769] EXT4-fs (loop0): Remounting filesystem read-only [ 120.041929][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.