program: socket$inet(0x10, 0x3, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000200)=0x1, 0x12) write$cgroup_pid(r1, &(0x7f0000000140), 0x12) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'hsr0\x00', 0x0}) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4) sendto$packet(r2, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff0060030000000088fb143488a87f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r3, 0x1, 0x0, 0x6, @multicast}, 0x14) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000001580)=ANY=[@ANYBLOB="700000004a0000032dbd7000fbdbdf250a003800", @ANYRES32=r3, @ANYBLOB="13000080080002000c0000000800020b010000001400010000000000000000000000ffff000000001400010000000000000000000000ffff64010102080002000100000014000100ff020000000000000000000000000001833a3d87ae3bad1b8a19997cbfeb4c290f8f00995d72831387c85cc41863606b0103b261ab6edc89560989eb8018ee7a179ba1c6cefe541debbbe93044e0b49c135658a3e235df148af98711508dafec35243246545f9e5030ab8d6118822d"], 0x70}}, 0x80) socket$nl_route(0x10, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r4, r4, 0x2e}, 0x20) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, 0x0}, 0x8) r6 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r5, 0x4) bpf$LINK_DETACH(0x22, &(0x7f00000001c0)=r6, 0x4) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x13c, 0x19, 0x1, 0x70bd2a, 0x0, {{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x2}, {}, 0x0, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x84, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x0, 0x0, 0x1c}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@local, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x81}]}]}, 0x13c}, 0x1, 0x0, 0x0, 0x1}, 0x0) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@updpolicy={0x188, 0x19, 0xfd3649826d894c67, 0x270bd28, 0x0, {{@in6=@mcast1, @in=@multicast1, 0xffbe, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x100}, {0x0, 0x0, 0xfffffffffffffffe}}, [@tmpl={0xc4, 0x5, [{{@in6=@private2, 0x4d3, 0x2b}, 0xa, @in=@loopback, 0x3507, 0x4, 0x1, 0x6, 0x4, 0x9, 0x1}, {{@in6=@empty, 0x4d5, 0x3c}, 0xa, @in=@remote, 0x3502, 0x0, 0x0, 0xff, 0xe2, 0x5, 0x8}, {{@in=@local, 0x4d5, 0x6c}, 0x2, @in6=@mcast2, 0x0, 0x4, 0x0, 0xcb, 0x8, 0x4, 0x7fffffff}]}, @policy_type={0xa, 0x10, {0x1}}]}, 0x188}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa00ab6f4c8f66643e25ab0000000000000000ff020000000000000000"], 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000240)={[{@stripe={'stripe', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@oldalloc}, {@noauto_da_alloc}, {@minixdf}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@delalloc}, {@nojournal_checksum}, {@orlov}, {@user_xattr}, {@quota}, {@delalloc}]}, 0x1, 0x559, &(0x7f00000005c0)="$eJzs3d9rW1UcAPDvTX/sp66DMVRECntwMpeurT8m+DAfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EN/13cfhP+BfMdDBkFH0wZfITW+6dknarMuWznw+cMs5uTc595t7v6fn5N6QAAbWePanEPFyRHyTRByKiCRfNxz5yvG17VYfXJvJliTq9U//ShrbZfXmazWfdyCvvBQRv30VcaLQ2m51eWW+VC6ni3l9orZweaK6vHLy4kJpLp1LL01NT59+e3rqvXff6Vmsb5z75/tP7nx4+utjq9/9cu/wrSTOxMF83cY4nsD1jZXxGM/fk5E488iGkz1obDdJ+r0D7MhQnucjkfUBh2Ioz3rg/+/LiKgDAyqR/zCgmuOA5ty+R/Pg58b9D9YmQK3xD699NhJ7G3Oj/avJpplRNt8d60H7WRu//nn7VrZE7z6HANjW9RsRcWp4uLX/S/L+b+dOdbHNo23o/+DZuZONf95sN/4prI9/os3450Cb3N2J7fO/cK8HzXSUjf/eb45/N330vX7Ramwor73QGPONJBcultOsb3sxIo7HyJ6svtX1nNOrd+ud1m0c/2VLth/NsWC+H/eG92x+zmypVtpZtK3u34h4pe34N1k//kmb45+9H+e6bONoevu1Tuu2j//pqv8U8Xrb+c/DK1rJ1tcnJxrnw0TzrGj1982jv3dqv9/xZ8d//9bxjyUbr9dWH7+NH/f+m3Zatyn+6P78H00+a5RH88eulmq1xcmI0eTj1senHj63WW9un8V//NjW/V+7839fRHzeZfw3j/z8alfx9+n4zz7W8X/8wt2PvvihU/vd9X9vNUrH80e66f+63cEnee8AAAAAAABgtylExMFICsX1cqFQLK7d33Ek9hfKlWrtxIXK0qXZaHxXdixGCs0r3Yc23A8xmd8P26xPPVKfjojDEfHt0L5GvThTKc/2O3gAAAAAAAAAAAAAAAAAAADYJQ50+P5/5o+hfu8d8NT5yW8YXNvmfy9+6QnYlfz/h8El/2FwyX8YXPIfBpf8h8El/2FwyX8YXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurc2bPZUl99cG0mq89eWV6ar1w5OZtW54sLSzPFmcri5eJcpTJXToszlYXtXq9cqVyenIqlqxO1tFqbqC6vnF+oLF2qnb+4UJpLz6cjEaPPJDAAAAAAAAAAAAAAAAAAAAB4jlSXV+ZL5XK6qKCwo8Lw7tgNhR4X+t0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//ZdYzKA==") r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r9, &(0x7f0000000140)='2', 0x1, 0x8000c61) r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x35) pwrite64(r10, &(0x7f0000000140)='2', 0xfdef, 0xfecc) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000500), &(0x7f0000001040)=ANY=[], 0x841, 0x0) ioctl$FIBMAP(r9, 0x1, &(0x7f0000000080)=0xfaeb) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r6, r4, 0x4, r4}, 0x10) [ 110.569125][ T5303] Bluetooth: hci0: command tx timeout [ 110.777383][ T5325] loop0: detected capacity change from 0 to 1024 [ 110.791748][ T5325] ======================================================= [ 110.791748][ T5325] WARNING: The mand mount option has been deprecated and [ 110.791748][ T5325] and is ignored by this kernel. Remove the mand [ 110.791748][ T5325] option from the mount to silence this warning. [ 110.791748][ T5325] ======================================================= [ 110.824356][ T5325] EXT4-fs: Ignoring removed oldalloc option [ 110.827623][ T5325] EXT4-fs: Ignoring removed orlov option [ 110.839968][ T5325] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 110.862738][ T5325] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.892710][ T5325] ================================================================== [ 110.897498][ T5325] BUG: KASAN: use-after-free in ext4_find_extent+0xaea/0xcc0 [ 110.901590][ T5325] Read of size 4 at addr ffff888055262f24 by task syz.0.0/5325 [ 110.904520][ T5325] [ 110.905659][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 110.905677][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.905685][ T5325] Call Trace: [ 110.905712][ T5325] [ 110.905721][ T5325] dump_stack_lvl+0xe8/0x150 [ 110.905741][ T5325] print_report+0xba/0x230 [ 110.905759][ T5325] ? ext4_find_extent+0xaea/0xcc0 [ 110.905772][ T5325] kasan_report+0x117/0x150 [ 110.905786][ T5325] ? ext4_find_extent+0xaea/0xcc0 [ 110.905800][ T5325] ext4_find_extent+0xaea/0xcc0 [ 110.905816][ T5325] ext4_ext_map_blocks+0x283/0x58b0 [ 110.905828][ T5325] ? kernel_text_address+0xa5/0xe0 [ 110.905842][ T5325] ? check_path+0x21/0x40 [ 110.905858][ T5325] ? lockdep_unlock+0x5d/0xd0 [ 110.905876][ T5325] ? __lock_acquire+0x146e/0x2cf0 [ 110.905895][ T5325] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 110.905915][ T5325] ext4_map_create_blocks+0x11d/0x540 [ 110.905934][ T5325] ext4_map_blocks+0x7cd/0x11d0 [ 110.905951][ T5325] ? __pfx_ext4_map_blocks+0x10/0x10 [ 110.905966][ T5325] ? ext4_inode_journal_mode+0x193/0x470 [ 110.905978][ T5325] ext4_do_writepages+0x22c0/0x46e0 [ 110.905996][ T5325] ? unwind_get_return_address+0x4d/0x90 [ 110.906020][ T5325] ? __pfx_ext4_do_writepages+0x10/0x10 [ 110.906035][ T5325] ? add_lock_to_list+0xc7/0x100 [ 110.906050][ T5325] ? lockdep_unlock+0x5d/0xd0 [ 110.906061][ T5325] ? __lock_acquire+0x146e/0x2cf0 [ 110.906082][ T5325] ext4_writepages+0x241/0x3b0 [ 110.906095][ T5325] ? __pfx_ext4_writepages+0x10/0x10 [ 110.906111][ T5325] ? __pfx_ext4_writepages+0x10/0x10 [ 110.906122][ T5325] do_writepages+0x32e/0x550 [ 110.906138][ T5325] ? do_raw_spin_unlock+0x4d/0x210 [ 110.906150][ T5325] filemap_write_and_wait_range+0x335/0x3f0 [ 110.906166][ T5325] ? __pfx_filemap_write_and_wait_range+0x10/0x10 [ 110.906189][ T5325] ? down_read+0x272/0x2e0 [ 110.906249][ T5325] ext4_bmap+0x1ce/0x260 [ 110.906264][ T5325] ? __pfx_ext4_bmap+0x10/0x10 [ 110.906275][ T5325] bmap+0xac/0xe0 [ 110.906289][ T5325] file_ioctl+0x4ac/0x860 [ 110.906301][ T5325] ? __pfx_file_ioctl+0x10/0x10 [ 110.906314][ T5325] ? kasan_quarantine_put+0xbb/0x1f0 [ 110.906331][ T5325] ? tomoyo_path_number_perm+0x219/0x630 [ 110.906384][ T5325] ? tomoyo_path_number_perm+0x219/0x630 [ 110.906398][ T5325] do_vfs_ioctl+0xc26/0x1530 [ 110.906414][ T5325] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 110.906429][ T5325] ? do_futex+0x395/0x420 [ 110.906450][ T5325] ? __fget_files+0x2a/0x420 [ 110.906465][ T5325] ? __fget_files+0x2a/0x420 [ 110.906477][ T5325] ? __fget_files+0x3a0/0x420 [ 110.906490][ T5325] ? __fget_files+0x2a/0x420 [ 110.906503][ T5325] ? bpf_lsm_file_ioctl+0x9/0x20 [ 110.906517][ T5325] __se_sys_ioctl+0x82/0x170 [ 110.906535][ T5325] do_syscall_64+0x14d/0xf80 [ 110.906549][ T5325] ? trace_irq_disable+0x3b/0x150 [ 110.906565][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.906576][ T5325] ? clear_bhb_loop+0x40/0x90 [ 110.906587][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.906599][ T5325] RIP: 0033:0x7f367ef9c799 [ 110.906612][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 110.906621][ T5325] RSP: 002b:00007f367feb5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 110.906635][ T5325] RAX: ffffffffffffffda RBX: 00007f367f215fa0 RCX: 00007f367ef9c799 [ 110.906645][ T5325] RDX: 0000200000000080 RSI: 0000000000000001 RDI: 000000000000000c [ 110.906652][ T5325] RBP: 00007f367f032c99 R08: 0000000000000000 R09: 0000000000000000 [ 110.906660][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.906667][ T5325] R13: 00007f367f216038 R14: 00007f367f215fa0 R15: 00007ffef9614248 [ 110.906681][ T5325] [ 110.906686][ T5325] [ 111.083628][ T5325] The buggy address belongs to the physical page: [ 111.086897][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55262 [ 111.091232][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 111.094301][ T5325] raw: 04fff00000000000 ffffea0001549908 ffff88801fc40da0 0000000000000000 [ 111.099074][ T5325] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 111.103140][ T5325] page dumped because: kasan: bad access detected [ 111.106032][ T5325] page_owner info is not present (never set?) [ 111.108532][ T5325] [ 111.109676][ T5325] Memory state around the buggy address: [ 111.112444][ T5325] ffff888055262e00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 111.116264][ T5325] ffff888055262e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 111.120147][ T5325] >ffff888055262f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 111.124321][ T5325] ^ [ 111.127106][ T5325] ffff888055262f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 111.131735][ T5325] ffff888055263000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 111.135887][ T5325] ================================================================== [ 111.155196][ T5325] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 111.158449][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 111.162343][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.167028][ T5325] Call Trace: [ 111.168598][ T5325] [ 111.169940][ T5325] vpanic+0x56c/0xa60 [ 111.171887][ T5325] ? __pfx_vpanic+0x10/0x10 [ 111.173916][ T5325] panic+0xc5/0xd0 [ 111.175843][ T5325] ? __pfx_panic+0x10/0x10 [ 111.177909][ T5325] ? preempt_schedule_thunk+0x16/0x30 [ 111.180390][ T5325] ? preempt_schedule_thunk+0x16/0x30 [ 111.182720][ T5325] ? ext4_find_extent+0xaea/0xcc0 [ 111.184742][ T5325] check_panic_on_warn+0x89/0xb0 [ 111.189518][ T5325] ? ext4_find_extent+0xaea/0xcc0 [ 111.191681][ T5325] end_report+0x73/0x180 [ 111.193801][ T5325] ? ext4_find_extent+0xaea/0xcc0 [ 111.196392][ T5325] kasan_report+0x128/0x150 [ 111.199554][ T5325] ? ext4_find_extent+0xaea/0xcc0 [ 111.202334][ T5325] ext4_find_extent+0xaea/0xcc0 [ 111.204485][ T5325] ext4_ext_map_blocks+0x283/0x58b0 [ 111.206884][ T5325] ? kernel_text_address+0xa5/0xe0 [ 111.209433][ T5325] ? check_path+0x21/0x40 [ 111.211524][ T5325] ? lockdep_unlock+0x5d/0xd0 [ 111.214034][ T5325] ? __lock_acquire+0x146e/0x2cf0 [ 111.216707][ T5325] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 111.219608][ T5325] ext4_map_create_blocks+0x11d/0x540 [ 111.222490][ T5325] ext4_map_blocks+0x7cd/0x11d0 [ 111.224730][ T5325] ? __pfx_ext4_map_blocks+0x10/0x10 [ 111.227581][ T5325] ? ext4_inode_journal_mode+0x193/0x470 [ 111.230816][ T5325] ext4_do_writepages+0x22c0/0x46e0 [ 111.233580][ T5325] ? unwind_get_return_address+0x4d/0x90 [ 111.236164][ T5325] ? __pfx_ext4_do_writepages+0x10/0x10 [ 111.238655][ T5325] ? add_lock_to_list+0xc7/0x100 [ 111.240887][ T5325] ? lockdep_unlock+0x5d/0xd0 [ 111.243124][ T5325] ? __lock_acquire+0x146e/0x2cf0 [ 111.245683][ T5325] ext4_writepages+0x241/0x3b0 [ 111.248295][ T5325] ? __pfx_ext4_writepages+0x10/0x10 [ 111.251069][ T5325] ? __pfx_ext4_writepages+0x10/0x10 [ 111.253411][ T5325] do_writepages+0x32e/0x550 [ 111.255701][ T5325] ? do_raw_spin_unlock+0x4d/0x210 [ 111.258006][ T5325] filemap_write_and_wait_range+0x335/0x3f0 [ 111.260572][ T5325] ? __pfx_filemap_write_and_wait_range+0x10/0x10 [ 111.264101][ T5325] ? down_read+0x272/0x2e0 [ 111.266638][ T5325] ext4_bmap+0x1ce/0x260 [ 111.268746][ T5325] ? __pfx_ext4_bmap+0x10/0x10 [ 111.270869][ T5325] bmap+0xac/0xe0 [ 111.272520][ T5325] file_ioctl+0x4ac/0x860 [ 111.274585][ T5325] ? __pfx_file_ioctl+0x10/0x10 [ 111.276968][ T5325] ? kasan_quarantine_put+0xbb/0x1f0 [ 111.279554][ T5325] ? tomoyo_path_number_perm+0x219/0x630 [ 111.282088][ T5325] ? tomoyo_path_number_perm+0x219/0x630 [ 111.285115][ T5325] do_vfs_ioctl+0xc26/0x1530 [ 111.287794][ T5325] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 111.290720][ T5325] ? do_futex+0x395/0x420 [ 111.292734][ T5325] ? __fget_files+0x2a/0x420 [ 111.295112][ T5325] ? __fget_files+0x2a/0x420 [ 111.297482][ T5325] ? __fget_files+0x3a0/0x420 [ 111.299624][ T5325] ? __fget_files+0x2a/0x420 [ 111.301855][ T5325] ? bpf_lsm_file_ioctl+0x9/0x20 [ 111.304451][ T5325] __se_sys_ioctl+0x82/0x170 [ 111.306742][ T5325] do_syscall_64+0x14d/0xf80 [ 111.308798][ T5325] ? trace_irq_disable+0x3b/0x150 [ 111.311120][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.313938][ T5325] ? clear_bhb_loop+0x40/0x90 [ 111.316169][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.319277][ T5325] RIP: 0033:0x7f367ef9c799 [ 111.321503][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.330034][ T5325] RSP: 002b:00007f367feb5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 111.334426][ T5325] RAX: ffffffffffffffda RBX: 00007f367f215fa0 RCX: 00007f367ef9c799 [ 111.338799][ T5325] RDX: 0000200000000080 RSI: 0000000000000001 RDI: 000000000000000c [ 111.342426][ T5325] RBP: 00007f367f032c99 R08: 0000000000000000 R09: 0000000000000000 [ 111.346024][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.349701][ T5325] R13: 00007f367f216038 R14: 00007f367f215fa0 R15: 00007ffef9614248 [ 111.354162][ T5325] [ 111.356128][ T5325] Kernel Offset: disabled [ 111.358005][ T5325] Rebooting in 86400 seconds..