Warning: Permanently added '[localhost]:24648' (ED25519) to the list of known hosts. 2025/07/01 15:00:21 ignoring optional flag "sandboxArg"="0" 2025/07/01 15:00:23 parsed 1 programs [ 129.346777][ T5666] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 132.915267][ T5678] chnl_net:caif_netlink_parms(): no params data found [ 133.011187][ T5678] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.015490][ T5678] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.018929][ T5678] bridge_slave_0: entered allmulticast mode [ 133.022993][ T5678] bridge_slave_0: entered promiscuous mode [ 133.029149][ T5678] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.033487][ T5678] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.037804][ T5678] bridge_slave_1: entered allmulticast mode [ 133.041913][ T5678] bridge_slave_1: entered promiscuous mode [ 133.071093][ T5678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.079015][ T5678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.109786][ T5678] team0: Port device team_slave_0 added [ 133.118823][ T5678] team0: Port device team_slave_1 added [ 133.145994][ T5678] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.151060][ T5678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.165829][ T5678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.173014][ T5678] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.176785][ T5678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.190372][ T5678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.225882][ T5678] hsr_slave_0: entered promiscuous mode [ 133.229049][ T5678] hsr_slave_1: entered promiscuous mode [ 133.871145][ T5678] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 133.887188][ T5678] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 133.909087][ T5678] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 133.915782][ T5678] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 134.076960][ T5678] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.108162][ T5678] 8021q: adding VLAN 0 to HW filter on device team0 [ 134.140399][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.144846][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.166610][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.169964][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.503364][ T5678] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.576058][ T5678] veth0_vlan: entered promiscuous mode [ 134.601155][ T5678] veth1_vlan: entered promiscuous mode [ 134.655593][ T5678] veth0_macvtap: entered promiscuous mode [ 134.669340][ T5678] veth1_macvtap: entered promiscuous mode [ 134.707788][ T5678] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.721161][ T5678] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.741384][ T5678] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.755025][ T5678] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.759105][ T5678] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.763224][ T5678] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.028878][ T31] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.136220][ T31] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.246594][ T31] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.360203][ T31] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.035670][ T31] bridge_slave_1: left allmulticast mode [ 137.038458][ T31] bridge_slave_1: left promiscuous mode [ 137.041176][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.066311][ T31] bridge_slave_0: left allmulticast mode [ 137.068968][ T31] bridge_slave_0: left promiscuous mode [ 137.071720][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.711152][ T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 137.727123][ T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 137.736045][ T31] bond0 (unregistering): Released all slaves [ 137.826838][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.830536][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.883047][ T31] hsr_slave_0: left promiscuous mode [ 137.898801][ T31] hsr_slave_1: left promiscuous mode [ 137.916437][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 137.920087][ T31] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 137.930094][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.934057][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.949276][ T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 137.952835][ T31] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 138.003417][ T31] veth1_macvtap: left promiscuous mode [ 138.024430][ T31] veth0_macvtap: left promiscuous mode [ 138.027267][ T31] veth1_vlan: left promiscuous mode [ 138.029859][ T31] veth0_vlan: left promiscuous mode [ 138.692547][ T31] team0 (unregistering): Port device team_slave_1 removed [ 138.736409][ T31] team0 (unregistering): Port device team_slave_0 removed [ 139.222932][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.228919][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.618842][ T5371] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 140.623303][ T5371] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 140.627608][ T5371] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 140.631760][ T5371] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 140.635684][ T5371] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 2025/07/01 15:00:43 executed programs: 0 [ 145.044198][ T4667] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 145.056607][ T4667] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 145.060661][ T4667] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 145.068768][ T4667] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 145.072902][ T4667] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 145.470910][ T5902] chnl_net:caif_netlink_parms(): no params data found [ 145.616421][ T5902] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.619813][ T5902] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.623080][ T5902] bridge_slave_0: entered allmulticast mode [ 145.637679][ T5902] bridge_slave_0: entered promiscuous mode [ 145.642179][ T5902] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.654564][ T5902] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.658179][ T5902] bridge_slave_1: entered allmulticast mode [ 145.675028][ T5902] bridge_slave_1: entered promiscuous mode [ 145.729938][ T5902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.745899][ T5902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 145.800325][ T5902] team0: Port device team_slave_0 added [ 145.817651][ T5902] team0: Port device team_slave_1 added [ 145.869086][ T5902] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 145.872355][ T5902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.905967][ T5902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 145.925438][ T5902] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 145.928873][ T5902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.956926][ T5902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.037810][ T5902] hsr_slave_0: entered promiscuous mode [ 146.041808][ T5902] hsr_slave_1: entered promiscuous mode [ 146.728687][ T5902] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 146.747844][ T5902] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 146.766602][ T5902] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 146.775773][ T5902] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 146.924173][ T5902] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.958638][ T5902] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.969095][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.972926][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.002748][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.006555][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.115990][ T4667] Bluetooth: hci0: command tx timeout [ 147.387120][ T5902] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.457418][ T5902] veth0_vlan: entered promiscuous mode [ 147.476093][ T5902] veth1_vlan: entered promiscuous mode [ 147.517447][ T5902] veth0_macvtap: entered promiscuous mode [ 147.539005][ T5902] veth1_macvtap: entered promiscuous mode [ 147.568358][ T5902] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 147.588293][ T5902] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.617412][ T5902] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.621523][ T5902] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.636552][ T5902] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.640520][ T5902] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.788036][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.791615][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.856448][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.860592][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.388039][ T5960] loop0: detected capacity change from 0 to 32768 [ 148.408334][ T5960] ======================================================= [ 148.408334][ T5960] WARNING: The mand mount option has been deprecated and [ 148.408334][ T5960] and is ignored by this kernel. Remove the mand [ 148.408334][ T5960] option from the mount to silence this warning. [ 148.408334][ T5960] ======================================================= [ 148.513403][ T5960] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 148.573167][ T25] audit: type=1800 audit(1751382046.611:2): pid=5960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.16" name="file2" dev="loop0" ino=17060 res=0 errno=0 [ 148.748757][ T5968] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 148.756885][ T5968] JBD2: I/O error when updating journal superblock for loop0-75. [ 148.760697][ T5968] Aborting journal on device loop0-75. [ 148.766092][ T5960] (syz.0.16,5960,0):__ocfs2_journal_access:727 ERROR: Error -30 getting 1 access to buffer! [ 148.772680][ T5968] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 148.777084][ T5960] (syz.0.16,5960,0):ocfs2_write_end_nolock:1942 ERROR: status = -30 [ 148.781037][ T5968] JBD2: I/O error when updating journal superblock for loop0-75. [ 148.785227][ T5960] (syz.0.16,5960,0):ocfs2_commit_trans:404 ERROR: status = -5 [ 148.797615][ T5968] journal_release_journal_head: freeing b_committed_data [ 149.194557][ T4667] Bluetooth: hci0: command tx timeout [ 149.344108][ T5902] (syz-executor,5902,0):ocfs2_start_trans:379 ERROR: status = -30 [ 149.351082][ T5902] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 149.360239][ T5902] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 149.365926][ T5902] OCFS2: File system is now read-only. [ 149.368494][ T5902] (syz-executor,5902,0):ocfs2_shutdown_local_alloc:419 ERROR: status = -30 [ 149.373015][ T5902] Buffer I/O error on dev loop0, logical block 17024, lost sync page write [ 149.380375][ T5902] (syz-executor,5902,0):ocfs2_write_block:78 ERROR: status = -5 [ 149.385384][ T5902] (syz-executor,5902,0):ocfs2_update_disk_slot:199 ERROR: status = -5 [ 149.389584][ T5902] (syz-executor,5902,0):ocfs2_put_slot:517 ERROR: status = -5 [ 149.393912][ T5902] (syz-executor,5902,0):ocfs2_journal_shutdown:1107 ERROR: status = -5 [ 149.400807][ T5902] ocfs2: Unmounting device (7,0) on (node local) [ 149.713937][ T5973] loop0: detected capacity change from 0 to 32768 [ 149.739011][ T5973] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 149.789471][ T25] audit: type=1800 audit(1751382047.831:3): pid=5973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file2" dev="loop0" ino=17060 res=0 errno=0 [ 149.948093][ T5975] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 149.952254][ T5975] JBD2: I/O error when updating journal superblock for loop0-75. [ 149.956371][ T5976] Aborting journal on device loop0-75. [ 149.960605][ T5973] (syz.0.17,5973,0):__ocfs2_journal_access:727 ERROR: Error -30 getting 1 access to buffer! [ 149.965527][ T5976] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 149.969461][ T5973] (syz.0.17,5973,0):ocfs2_write_end_nolock:1942 ERROR: status = -30 [ 149.973420][ T5976] JBD2: I/O error when updating journal superblock for loop0-75. [ 149.978366][ T5973] (syz.0.17,5973,0):ocfs2_commit_trans:404 ERROR: status = -5 [ 149.982074][ T5976] (syz.0.17,5976,0):__ocfs2_journal_access:727 ERROR: Error -5 getting 1 access to buffer! [ 149.987746][ T5976] (syz.0.17,5976,0):ocfs2_rotate_rightmost_leaf_left:2901 ERROR: status = -5 [ 149.991930][ T5976] (syz.0.17,5976,0):ocfs2_rotate_tree_left:3180 ERROR: status = -5 [ 149.997299][ T5976] (syz.0.17,5976,0):ocfs2_try_to_merge_extent:3829 ERROR: status = -5 [ 150.002090][ T5976] (syz.0.17,5976,0):__ocfs2_journal_access:727 ERROR: Error -30 getting 1 access to buffer! [ 150.008203][ T5976] (syz.0.17,5976,0):ocfs2_do_insert_extent:4267 ERROR: status = -30 [ 150.013275][ T5976] (syz.0.17,5976,0):ocfs2_split_and_insert:4991 ERROR: status = -30 [ 150.018342][ T5976] (syz.0.17,5976,0):ocfs2_split_extent:5137 ERROR: status = -30 [ 150.022227][ T5976] (syz.0.17,5976,0):ocfs2_change_extent_flag:5234 ERROR: status = -30 [ 150.026602][ T5976] (syz.0.17,5976,0):ocfs2_mark_extent_written:5280 ERROR: status = -30 [ 150.030546][ T5976] (syz.0.17,5976,0):ocfs2_dio_end_io_write:2352 ERROR: status = -30 [ 150.038478][ T5975] journal_release_journal_head: freeing b_committed_data [ 150.043773][ T5976] (syz.0.17,5976,0):ocfs2_commit_trans:404 ERROR: status = -5 [ 150.589250][ T5902] (syz-executor,5902,0):ocfs2_start_trans:379 ERROR: status = -30 [ 150.592977][ T5902] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 150.600105][ T5902] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 150.604218][ T5902] OCFS2: File system is now read-only. 2025/07/01 15:00:48 executed programs: 4 [ 150.611282][ T5902] (syz-executor,5902,0):ocfs2_shutdown_local_alloc:419 ERROR: status = -30 [ 150.618132][ T5902] Buffer I/O error on dev loop0, logical block 17024, lost sync page write [ 150.622055][ T5902] (syz-executor,5902,0):ocfs2_write_block:78 ERROR: status = -5 [ 150.626097][ T5902] (syz-executor,5902,0):ocfs2_update_disk_slot:199 ERROR: status = -5 [ 150.629654][ T5902] (syz-executor,5902,0):ocfs2_put_slot:517 ERROR: status = -5 [ 150.633353][ T5902] (syz-executor,5902,0):ocfs2_journal_shutdown:1107 ERROR: status = -5 [ 150.639826][ T5902] ocfs2: Unmounting device (7,0) on (node local) [ 150.922396][ T5980] loop0: detected capacity change from 0 to 32768 [ 150.956731][ T5980] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 150.999291][ T25] audit: type=1800 audit(1751382049.041:4): pid=5980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.18" name="file2" dev="loop0" ino=17060 res=0 errno=0 [ 151.159048][ T5982] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 151.166803][ T5982] JBD2: I/O error when updating journal superblock for loop0-75. [ 151.170474][ T5982] Aborting journal on device loop0-75. [ 151.173166][ T5982] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 151.177673][ T5980] (syz.0.18,5980,0):__ocfs2_journal_access:727 ERROR: Error -30 getting 1 access to buffer! [ 151.185019][ T5980] (syz.0.18,5980,0):ocfs2_write_end_nolock:1942 ERROR: status = -30 [ 151.188929][ T5980] (syz.0.18,5980,0):ocfs2_commit_trans:404 ERROR: status = -5 [ 151.192668][ T5982] JBD2: I/O error when updating journal superblock for loop0-75. [ 151.201830][ T5982] journal_release_journal_head: freeing b_committed_data [ 151.275351][ T4667] Bluetooth: hci0: command tx timeout [ 151.747889][ T5902] (syz-executor,5902,0):ocfs2_start_trans:379 ERROR: status = -30 [ 151.751625][ T5902] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 151.765483][ T5902] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 151.770101][ T5902] OCFS2: File system is now read-only. [ 151.772886][ T5902] (syz-executor,5902,0):ocfs2_shutdown_local_alloc:419 ERROR: status = -30 [ 151.778171][ T5902] Buffer I/O error on dev loop0, logical block 17024, lost sync page write [ 151.782106][ T5902] (syz-executor,5902,0):ocfs2_write_block:78 ERROR: status = -5 [ 151.786163][ T5902] (syz-executor,5902,0):ocfs2_update_disk_slot:199 ERROR: status = -5 [ 151.789916][ T5902] (syz-executor,5902,0):ocfs2_put_slot:517 ERROR: status = -5 [ 151.793910][ T5902] (syz-executor,5902,0):ocfs2_journal_shutdown:1107 ERROR: status = -5 [ 151.799806][ T5902] ocfs2: Unmounting device (7,0) on (node local) [ 152.112651][ T5987] loop0: detected capacity change from 0 to 32768 [ 152.146031][ T5987] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 152.199497][ T25] audit: type=1800 audit(1751382050.241:5): pid=5987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.19" name="file2" dev="loop0" ino=17060 res=0 errno=0 [ 152.348657][ T5989] Buffer I/O error on dev loop0, logical block 640, lost sync page write [ 152.365195][ T5989] JBD2: I/O error when updating journal superblock for loop0-75. [ 152.368921][ T5989] Aborting journal on device loop0-75. [ 152.371550][ T5989] JBD2: I/O error when updating journal superblock for loop0-75. [ 152.376330][ T5992] (syz.0.19,5992,0):ocfs2_start_trans:379 ERROR: status = -30 [ 152.379942][ T5992] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 152.390438][ T5989] journal_release_journal_head: freeing b_committed_data [ 152.396749][ T5990] (syz.0.19,5990,0):ocfs2_extend_trans:460 ERROR: status = -30 [ 152.400723][ T5990] (syz.0.19,5990,0):ocfs2_try_to_merge_extent:3817 ERROR: status = -30 [ 152.407960][ T5990] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI [ 152.413656][ T5990] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 152.418467][ T5990] CPU: 0 UID: 0 PID: 5990 Comm: syz.0.19 Not tainted 6.16.0-rc4-syzkaller-g66701750d556 #0 PREEMPT(full) [ 152.423441][ T5990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.428275][ T5990] RIP: 0010:ocfs2_assure_trans_credits+0x7d/0x370 [ 152.431321][ T5990] Code: 4c 89 f0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 f7 e8 d7 98 84 fe 4d 8b 3e eb 08 e8 fd 15 21 fe 4d 89 f7 4c 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 ff e8 b4 98 84 fe 4d 8b 3f 49 8d 7e 10 [ 152.440227][ T5990] RSP: 0018:ffffc90002b2efa8 EFLAGS: 00010246 [ 152.443049][ T5990] RAX: 0000000000000000 RBX: 000000000000000a RCX: ffff8880006ba440 [ 152.446710][ T5990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.449896][ T5990] RBP: 0000000000000000 R08: ffff8880006ba440 R09: 0000000000000006 [ 152.453566][ T5990] R10: 00000000fffffffc R11: 0000000000000000 R12: 1ffff92000565e08 [ 152.457127][ T5990] R13: dffffc0000000000 R14: ffff88804308c630 R15: 0000000000000000 [ 152.460708][ T5990] FS: 00007f028e9fe6c0(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000 [ 152.464739][ T5990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.467690][ T5990] CR2: 00007f028e9bbfc8 CR3: 0000000055f0b000 CR4: 0000000000352ef0 [ 152.471051][ T5990] Call Trace: [ 152.472614][ T5990] [ 152.474034][ T5990] ocfs2_dio_end_io+0xafb/0x10f0 [ 152.476603][ T5990] ? __pfx_ocfs2_dio_end_io+0x10/0x10 [ 152.479670][ T5990] ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ 152.483164][ T5990] ? __lock_acquire+0xab9/0xd20 [ 152.485989][ T5990] ? do_raw_spin_lock+0x121/0x290 [ 152.488382][ T5990] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 152.491020][ T5990] ? lockdep_hardirqs_on+0x9c/0x150 [ 152.493432][ T5990] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 152.496180][ T5990] ? __pfx_ocfs2_dio_end_io+0x10/0x10 [ 152.498612][ T5990] dio_complete+0x258/0x790 [ 152.500690][ T5990] __blockdev_direct_IO+0x2db6/0x33d0 [ 152.503164][ T5990] ? __pfx___blockdev_direct_IO+0x10/0x10 [ 152.505750][ T5990] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 152.508758][ T5990] ? __pfx_ocfs2_dio_wr_get_block+0x10/0x10 [ 152.511579][ T5990] ? filemap_write_and_wait_range+0x182/0x310 [ 152.514404][ T5990] ? __pfx_filemap_write_and_wait_range+0x10/0x10 [ 152.517379][ T5990] ? inode_set_ctime_to_ts+0x126/0x2f0 [ 152.519880][ T5990] ? __pfx_ocfs2_dio_wr_get_block+0x10/0x10 [ 152.522586][ T5990] ocfs2_direct_IO+0x25f/0x2d0 [ 152.524828][ T5990] generic_file_direct_write+0x1d8/0x3e0 [ 152.527532][ T5990] ? file_update_time+0x416/0x490 [ 152.529868][ T5990] __generic_file_write_iter+0x11d/0x230 [ 152.532463][ T5990] ? ocfs2_file_write_iter+0x1551/0x1d10 [ 152.535476][ T5990] ocfs2_file_write_iter+0x157a/0x1d10 [ 152.538333][ T5990] ? __pfx_ocfs2_file_write_iter+0x10/0x10 [ 152.541156][ T5990] ? aa_file_perm+0x11f/0xed0 [ 152.543322][ T5990] ? aa_file_perm+0x11f/0xed0 [ 152.545572][ T5990] ? aa_file_perm+0x3e7/0xed0 [ 152.547734][ T5990] ? futex_unqueue+0x211/0x240 [ 152.549969][ T5990] do_iter_readv_writev+0x56b/0x7f0 [ 152.552512][ T5990] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 152.555166][ T5990] ? rcu_read_lock_any_held+0xb3/0x120 [ 152.557715][ T5990] vfs_writev+0x31a/0x960 [ 152.559841][ T5990] ? __lock_acquire+0xab9/0xd20 [ 152.562075][ T5990] ? __pfx_vfs_writev+0x10/0x10 [ 152.564378][ T5990] ? __fget_files+0x2a/0x420 [ 152.566607][ T5990] ? __fget_files+0x3a0/0x420 [ 152.568709][ T5990] ? __fget_files+0x2a/0x420 [ 152.570842][ T5990] __se_sys_pwritev2+0x179/0x290 [ 152.573095][ T5990] ? __pfx___se_sys_pwritev2+0x10/0x10 [ 152.575540][ T5990] ? rcu_is_watching+0x15/0xb0 [ 152.577796][ T5990] ? do_syscall_64+0xbe/0x3b0 [ 152.579974][ T5990] ? __x64_sys_pwritev2+0x20/0xc0 [ 152.582354][ T5990] do_syscall_64+0xfa/0x3b0 [ 152.584408][ T5990] ? lockdep_hardirqs_on+0x9c/0x150 [ 152.586776][ T5990] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.589560][ T5990] ? clear_bhb_loop+0x60/0xb0 [ 152.591818][ T5990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.594479][ T5990] RIP: 0033:0x7f028f78d169 [ 152.596670][ T5990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.605917][ T5990] RSP: 002b:00007f028e9fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 152.610093][ T5990] RAX: ffffffffffffffda RBX: 00007f028f9a6080 RCX: 00007f028f78d169 [ 152.613855][ T5990] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 000000000000000a [ 152.617543][ T5990] RBP: 00007f028f80e2a0 R08: 0000000000000000 R09: 0000000000000003 [ 152.621214][ T5990] R10: 0000000000007800 R11: 0000000000000246 R12: 0000000000000000 [ 152.624787][ T5990] R13: 0000000000000000 R14: 00007f028f9a6080 R15: 00007fff254a88b8 [ 152.628481][ T5990] [ 152.630012][ T5990] Modules linked in: [ 152.632641][ T5990] ---[ end trace 0000000000000000 ]--- [ 152.641344][ T5987] (syz.0.19,5987,0):ocfs2_start_trans:379 ERROR: status = -30 [ 152.645169][ T5992] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 152.649738][ T5992] OCFS2: File system is now read-only. [ 152.652236][ T5992] (syz.0.19,5992,0):ocfs2_xattr_set:3646 ERROR: status = -30 [ 152.656424][ T5987] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 152.663005][ T5987] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 152.667997][ T5987] (syz.0.19,5987,0):ocfs2_write_begin_nolock:1751 ERROR: status = -30 [ 152.671758][ T5987] (syz.0.19,5987,0):ocfs2_write_begin:1885 ERROR: status = -30 [ 152.675786][ T5990] RIP: 0010:ocfs2_assure_trans_credits+0x7d/0x370 [ 152.678788][ T5990] Code: 4c 89 f0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 f7 e8 d7 98 84 fe 4d 8b 3e eb 08 e8 fd 15 21 fe 4d 89 f7 4c 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 ff e8 b4 98 84 fe 4d 8b 3f 49 8d 7e 10 [ 152.688363][ T5990] RSP: 0018:ffffc90002b2efa8 EFLAGS: 00010246 [ 152.691963][ T5990] RAX: 0000000000000000 RBX: 000000000000000a RCX: ffff8880006ba440 [ 152.696579][ T5990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.700591][ T5990] RBP: 0000000000000000 R08: ffff8880006ba440 R09: 0000000000000006 [ 152.704656][ T5990] R10: 00000000fffffffc R11: 0000000000000000 R12: 1ffff92000565e08 [ 152.708364][ T5990] R13: dffffc0000000000 R14: ffff88804308c630 R15: 0000000000000000 [ 152.712064][ T5990] FS: 00007f028e9fe6c0(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000 [ 152.716892][ T5990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.720072][ T5990] CR2: 00007f028e9bbfc8 CR3: 0000000055f0b000 CR4: 0000000000352ef0 [ 152.723908][ T5990] Kernel panic - not syncing: Fatal exception [ 152.726979][ T5990] Kernel Offset: disabled [ 152.728961][ T5990] Rebooting in 86400 seconds..