x00', 0xd4030000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:31 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, 0x0) 16:25:31 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000008040000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2591.752637] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:31 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xcb010000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:31 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, 0x0) [ 2591.858162] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2591.893031] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2591.907794] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2591.925038] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2591.936285] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2591.973618] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2591.992645] EXT4-fs (loop5): group descriptors corrupted! 16:25:31 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getresuid(&(0x7f0000003300), &(0x7f0000003340), &(0x7f0000003380)) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) sendmsg$sock(r1, &(0x7f0000003200)={0x0, 0x0, &(0x7f0000003140)=[{&(0x7f0000000140)="5ed22d0066373668ae9eb51cc6f77088b51e0a335f9f0aacaab498578b49cfcdd832448f8e8b1e65f9fd6741d36d12acaa86b8892b6141599968c768eed1bc7ee913700845a23c4c89859fe04ce355939a7b881c63ea84ccca9912b6caced4487ed9758b7ffede5176329a9991f7baa9cf684ad3a565ad86813775237c527857a0778b0810b41117bc3c58087472484dc610b0cdbe84996f7db616640c04235b4accf37476909ae58ba3bd53a5831a273ea644b6beb5970f2616401584da34fbc1cdd0c9c8b4e4ce485e1f84d287467563bd9473afa33f0955bea98c695281a00a2d1b2e747616b23c51975a5cf1a5755ac2fd09c515a5e40e171d755081e87d8de84b7832cd1b4545ca642b582489f328f2d78d367bab430fbf78dd8a1bf4d9c56b90a9d10817a43500664813440582746b9b4c9611733322ed928e8ae335088a077a295353c4ececedae41443623509a8912c9a265367a452c7c6481301a761e961b8bc63d0287adc947f3efc79e4e4c69c24d464afc10e1ae19e0c2e31514585611c869cb37bfbc12cfde7d6a149f216f5a796629c4c4f9ce0a788295503f212002fdd840b864cc091dda4a3c870fc14db60749aadce967eedeb9cb5f91b42149f1f67895ba97cc04381f705b871978957b40b7b8a7bfc9d1b816908055908976763cc2e5baa9cca12fac267b834ea392e709cfcea6d965d4bb4967e063b196f198597b7364712abb840fc1b6c59b5b9b0b0ea39e4783fa2090102e22076117747636a44916e545fa0a989ea5d24a7ece23b529285861f1ab70184d43c15f4418cf0190143d43f88cfc9785d756b234457177fe7420a9b0324a7110130e8122c78a7900d8cde518fb48435cf2b9d09528c97b2bd1e9ac3c4621d33dbe94768090f851d965aff60e49efed4dd58fc09b11e03d2aaa24d127847bbeaf39e8fdb292789f1ba3764e4a98af575cd829eabbaa3c66e85c0d82fedfc0e7a81e8506e837d9360627fc521c028770b18509611c6c1d965b251c3bce4128b472e9b32790039d8cf4c8d064fc22da2d88d9ce1ca1394334c15b553760e3063bb049d6cd1b97075d9969b3327c232860cc8207a158daa7560e13838b886bd008eaf6b286692c64d4c2876c8fe219a5639874986a1eabe826d9e4526ca3ee8674ea1f45dd779afc982b3fda95b28906cd09f3b91c214221941635f84b5b15024d196d55e49a80bea3441aba6673145da39599073774f955c0f4ac1cdca591d8d35e50cc7e3b26d29b8442751fada28e3518434109e21cdc8f634c98d2e3a0d77ad082dd1ac8163a3391ef9610bfd6c5bff4d28a8287c55c1a04521dbc7ac6fd3088774e4781d73602a3ebe4ba4c46d3afaf466dd170ab841f800338de0035e24953c69a61b82e34866193e5d94e9e20a51f8688d597eb7d03b6b98dca32069b5cc2d819f03ca4371b7579c022417dbd50783859971bd29f500875531b205bddf3c05d3628eb49d120ecc9aa4f8fc08a4164710f2a1be46d1c8d6a4736619a2f35e4ed0521e094e8aa0b948e1f0ed39bacef6d6ee96f5fa3cc66d219406a6ed26dad6da44f0dba9c9d087ba62307df25c403de09b17fa68e61418c9db48604258cc69cfb1faceb30f90a0b9162d6af297779319a4a4d5fdbfcc3dda466cb1ebadc78d9a28521b11d6da3a090915fe0375c5127341160398d39a8b19846430947d5d30254ac4a123e5df3d23736b7c30a59224147e4704a5261d38d9820016e19106d44bded6168fd5d8430f94727f022301fe3863573986b5f3086640d5dc95cd0df07843b670f8a99a72c07d763e15ef734ecc2d59b780a1f7882fcbf010165666efd3f42cef408a57805c86f1ea8cb8e79cabe539508e02d4609057991b875fc2a1798a02eb97162e55dce43583cc7b70fb20aa65a24c9a90660ccee02140f4bf6c63a8a8077bc3c361904966492ce9ff0b40efc2ab411aab18b062e8ed7e80fbbb66472dde47a50e9ae1c7fcd2b67bd015e071aca94110ade5c7735505d241497bf0e12e449f7073c9e7257f0d1ebc4cf31f6c4c8434634a29cececa7622d50caa70bcf911eddd25362170b5ba0acdd6fda3ac9a69fd332090faedcc7909768aaeec0830a42e6d6a449ac45c38fa33153ae4da00a3ef860aa1c03dde7ff6bf3b3fcfd4f4badccfd4fc69623e3228851a369890b00c42a8febc4e8829e6012e66e833343acd17bae0b5c3d4805d4b114acdbceafed531389a9b1e3c9a501f21f54142b7681c98e42c02be25318b15e9483b3ec308bacbc271b7227014af3988a9028a2464a91403e23c7820d6bc0648784505d565c1fc8c5b2893525f141868ffc26ddf945fbd5fe745cdb96ee18184c80cbe180574b0007ba30e47d1afd614bab067fe8aeb33f1d9e6c7c8508ec09138105a87e7187165dd955deddc5c23f99317381037e64e14eaf48bff3cbcc26312ed3588a76207f1f5ef0169e10802d727a6af9e6b4d699dd3d9a71848cf108109a44390de2e63ea9b349b078647d6b1c0bf6346f5127ab9b013bae63bd1f5cbc1ae80e5d88d9e674afe70dd92d2bf85c54f716d41d3f211d6123faa045a8ba3527b667a48efe334f3ba37d3eb71fe51f586ac93017eab097baa2f80bb9c8311102db499e0fed29bec825393f1c75813d9b08ee543f16456354234a8ae3a8ebcd7653fd3dbe55b1b9c11f86840fd126d385c3922c4a65c541ca7af953cebdcf0059bb7a720226291b0779d56c4e63154364196b1039c8ade56589733cb9e2b570feb5adda0c785c457d6a5b7e99183800d9bc9028f62ec44c77deeb436f94612f4d4070abb8900f92dab5774ecbb4dce1e89345366ef17069cd7a70e4c9773d2ed18284c47ac5e17739b5cfc2e1b0059fcfa8571e57daed7b4826a0a04950423b4d02bafdb2985b4d37ee2755c5eb70266325b7a07c65ab39d7c6f3687ad90968378ec0bc73f1712a2d0f00c231dc116424e83972e675d5d898e8e940cd5a5138cea50ad46e0f4b5bb4be80e00a24bce40e002a954cdbea78855e481c62a5c625a72413ef1869a531283da5e9ebf58f5a50aa97aa0f3a03bd15fe688b58c0e5d3af54727f7f5eee6ef2ae439f55c1dc24148532fb3c9068e947e9ccee1eacf799f65149f7bcf6f0c8588d8abe2f526c4599a0fbf86c4db67f0c0078c73efea0bc503713ec47bef377d5ad04dd84f6235e552b3ab6a78d8e83eeb54b6667e3005cacc9139d816ff82b99b1f88be22ac3e835516a3378b9e280e4b53bd8aeebc487a47727c9a66d38c7d02703656388e973aecf05396194e70a96f7e1f322ec1d9ff9bcb02dc0fc84092aee6403e8a74c84d2317474930dceafc59f948cb339edaba95df51b58251f892148604dbe39765d2e02145cfb1aab4c9663213eff67e1d6cc1c5eb36e32509960923875485b011a1cbdf8312e3a87075422ddeb91a62bb610b84e25a842893f60933c1fab3ddf3e3d79848a6a30f6a911eabafd6786d2df005d2441e9664e300f8029e963a0ea92a1e4a5890d025945eba3186e671b1fe39896deba4e1e06789f9285889865d1257fe2645d520dffbef2cf01d29a53f67d1ad09d3cdcd0a995fdc4219ac97c27657618da4d662e555eb40deeb16d979bc19de32b77acd4fe60eb3f34d5f0e6ec9e4334a01df76ab9b0a6bb6a73f9c5b736b31f7abec97126c1c00e45ada7fece05323ff21f1e316551839bd32e7b26d61d0657f6ee3a748408649461763db8d8bc54017b4df646a067b0c2e9aa9d0074c45fe900c7f45667e33abdb8e729708d45fc84bdda18196c276054fbb24f52c338a9dd796c22a064b41754e40ec8a20a4f9f492a359b7e1b222749d30a7afc76ade3484df39ab58baa6791cac522236be1df2bf3701cd4dfd38f589c8c8e2ac591b7b5d4bef2b3338182918c0363f675708e2f40edf451db1c76071edd487d388079f262e3bb407bf16d356e569377780a024ccbdacc44baf07fcab24047c1161db6c00f974356f6adeb3fcb1e04dadd346299dc97c462540b61630673d391a33cd65621e7dcebe28f5daa98ee691d240d62eed5214b57f515760b74ac91a85b7acf46dc738e175cfe037c27b5593f0f0c6e708b6ea81cf469bea06d106201407d337bca21bb2e0d718eb4274d32877323936522625cdb61fedb1cb0dbd3470f8701acb27dd69c239715c558e45a9cd6956a1d520c79f04f2953ace19847b54eb4ad9565835bba083c6b88979144f059a5b0f8a5480d4502220d88cfca2c04fa38fd3ede62a36c6e3f66c7cee5e78f45e14fb0e702f87abb87a45f7c1daa8fad8528dd55e9307e903bafb327c91b28bb76f9fe7ccd13b2ea8ddc2733d6dc66577868278db5401a74c970a9b316e03154b8025c491d999d9ce25003ad323923be75ca41532ab6cbdbf49ee6eb9fd8a4b6231f3ab473f5dbaad45f5e7d3342609a3edd002ab1f2f4edf2d998a63e29b80dd293aa9342a1e375100cf12e944df401acf09ae83743a77ce0a9f2755ef74ea084b2d398c18c75deb42df8272112eabe27420e23ebd3829d210c20ca58d9a14c42c6f3cbd0ae3beea733e8f4d30b31badced600c8c81fef9b4beb5221e512071a2b528e25bc9fc21b8ff54323592b8b4b98eb1c09a9f74283ddfc66ff93ab949f7bdba18f67b1094ce93627a1d37aac8eebfc81d0aa25d2fd2dc896e44c0b5de4cce5313f0684ba0b88583bea1c592d69fbf46f116839f5c511ea7ec55fa484737a35b97aa891fee03210d354140a5c30c6dd61b3cd1cc1e1e73dc071128ae944ca40b2e487c91e751fcbcc4341d11253015821d70b470cd180acdb411aaba6a9d8aa9daf7f6ace56cbd8cd8ed0040d5c492a341d79998916150d70f326e2a286346cd32ad9a97b2de44b06648ef9a8b76dad3bb74ad6f043b5ec6e6913f36f8201618306f43c897142d80cd5b00351c1c88a3665ae80b3af1235a9d4d121a3e294d78ceb4a87668b7542cc68520919da51d7f4a9d8ad76daf6d27a165bc06dc481eb0131c760073045a90a143404a414ba36f38ee939fa8a994eb47d5ba0e40330b11d596fbf187837ebd22b6fa0e698be134d76fab71880c401d1502921f378798648efe5c86c16adaee711959f481457581bd3b17f75f55cbeff21dd1868712bd54d914b68c54c37ef0fab1a0d633bd2afaf55fc70dcd97052385df5dd9871e2e915031229efdaa403da391780232d2c4185e1b126b76551570a2b81f54f8d821dbc0da74357be165fd0a48562d9ff3a49af7e878758c50c4304f3eeda6bdabb08f47b0505843639adcf928f1da74d62040ca226430bb71acd3bff7130e07afc61ce6083d5e1b46e351efeb4114c62fc336b0115b255611a9ca8abdd4c0154f79b641d712688c9ba89548b4507a2d1e56429ce69f13227f2424e87be48d8c083e6f40e72a8246db9288bf520674eb2e93189d5695f4a64638a1dc73d66cb11eb4c390a16bcc2987617352a7bb47d9c53859fe2e7385c3a1314ae7acd2a3eb3e008d78394cacc6f3b8450d2ac89a7446dbda5f7b71e55f304ded35bb667f2202103deb5daa68c5531bc3c54b713378466520a8d3d07ff01c512d939edac039d52e5cc3e73b016e98624bb2e25ee26165ae3d1792a79354efbe6c0f33f6ea7944fed3e3747a60c6880d89646c5012d6d32ecd00fc211e704d314eeda4e25c78ff7ffb37c0cf499c78fd85c1bf37e9d29a5208f380a0cfc06c1ef2845e1569770dfcf6e34aa90e039ac1101279585f36f023342bef4617a4eb618f2688eb489a433786b1df", 0x1000}, {&(0x7f0000000000)="4f00f27fe8b100aa15aba5c928f265746a3630d5d26c459d39a761cc46ccfdabfa72ff27fc0574", 0x27}, {&(0x7f0000001140)="ff611a79d97c97ae03d80ead978ff7764c75742fe6891d31d28d28f614ee8fad397c0cd8f4555adfff1ac73909cd8058b0715a6df968deee6fa330cacf0a0336e8ac96ce3274067030c5576ba9bb11abf31e055992eacb0ac346ed925b06ae57eb98dadf9a563a8755698469e5f51eba8751ce1ffb56d3dfb91daf092aa7a33ef432aa8148f8cbab9368c245d73105647eff229b1fc8b18ad5e065a6152f3c17de16492b459eb2e99f3ee01330c1f47513e268b61bb12569283bda8bb45d1ca7f4df5bbf355fc8ca114f001f160be6806be57c47897b3fc75ab718625f1ebb8401a9150f6aa8d423bfea93f6b8b0713292ae07870eab57bb251b17e63374616f5773286c230e55c4fcbcfbbc1ac48a85e0d674830574252cf7b72989dbb6e63a133215885165ae411a4e72b5831c2dfeed20a78e1fd0e8e39e51213c24376198f507064e133fa180cae27a9c7beebfc7c7891863f8b9d579c3d8819e446ff46aa922928a1d331b16f26f19907e99063ccf25e586a58d0f7f9580311fdd2cd0f81903c3b47e2ca4c01574842f2b2db8e12951dc12469c138f71dedaf6be1e96250d52d0a28b3c1ade1d73ba26dfea5d99dac6524a9add01fe9b829cc3759670318da589fb0a0a6f91795b32c504f95cf08a6859bc86bd6c512f7d9f13f6e939b48067079bb8d7ac8eb5fe9a75da5f9eb6bcc1785face3a559e47e227cc953027926124ed6477ac94a3f8330815e40715852a21c3770bdd065d776155bf20be8bfb1cf1d8b27f0d5b4537fa272241fed6cebf2e24cb0a165a0c003ff735f98c8d3c816130c02890718b871be67da5ddfc2653cd404f90eb1a0a7c7e8efad4a8dbe29e102f1e08f67d852d186182e3ce540e01e5178133a65eea31a662d7f0e4740b8dbfdd9dc006d0f9a5cb93aed5e84816a7371bc1d5d1b1363453e54392f64a08dc0200f874d0c4455c84a84b1d0c98a4412ac628c5747dd250a06152c8d414932b5a5eca1d465576720eb82b89351f8825cc58551ddea28af29655c6ca838502235e9a2b45269ffbaf1c37645fb4db8b3a30227636961826e1aa5afa417767dcd06edbdfe5ecc4597c592523ebdc9165c8ec96a876ce4f2851a0fe5de7be86537ae6252963887e2b4d8962b66d98b53a52e17a70666b7306c6ce20291dfa3ee1501024cf484c4258b54fab823d0ca5a81d09d21b75a452c33d058f1db3bcd36358ea8f7134ed3ae5da28302b338d06d949d64086605bc5f907c5b61cf1477f973f5a6a3dec17c7f3d16cfe94aad0d3461606a1daac4e30c61bc99de724ef67a8871c285fcbedde6f6dee1b943f8f72b2aa52319c95cc7cf1cd6678ff3a53a73acd79cc995a86d394d3e9b84af32c9116e173c4a7ab154fad7993fc9ae898c6bfc461044b2f69eff9d33589189258962a2ff47303ec8e2dade95e78195db215b0b83458e637e487ff52940849a01b151432051879b005c67c8348807e8afef56bce689d475f7fd5d4eb8df13de3a6b72cd916ae90f038ab76053ec8d14a08d0bbbacc9d07eb3f56c2f06e1bc622f965fb08d61ae2f9adea9a3add0c30b2649f06dd0a6e59c81a485b06451b6324c931fd952c619b4e3b3ab2572fd760e9bf7823cb2298cf93bb90fde33ee7f80bd8062eb5542574444623c833c8a2f811280d54b746c6da6b1dd9c7d1f23733c51115cb65c75bb93ae5f85addecd8e04d0b7200c2d9703a931351aa1a2ef95ccd9e61b92fe4fb003fb971154b36c1b92f67382ed6cf1194ae7c0ee5791d32c27330bf7df6d032da1cd090145db8892c0edc51722c20fce7d4b0c37a3291999515f66666eb7e5d2e5aa5b6d8afc3e6c12db4ae407e80df25c0057c487b3b6419b3aa872b3816bdbb26020ad86b3144cbc178a8ea7b6331f3c790245a823ca3189625940aebdd32d3ae0366387d4b685d4d8ac64659d4b5f0dfce0766e35000f81d43da67f363a2e5180732a9fbf492f311ab1cbce3ba45c523cc66884bb9d645099ef9cb054592ff3b06c257bc0367f5f24ac9664eea237db0969ed907df4ad004c6d01a5e99624c7ebde116cd510feae098847eb5f54880a675cbc2831e180c7d43d4cbe7035fd086590c696fd03bea943d2591138a12e727f7ad427239db6c89f2bd4e257899cde2ef421aaf06f467b1ead9368a1f2ffec7fb300e02694cb8bb818f0bc45dcd82b451b280d0ab80d3f8cd2133d0b807b7a53e4a9ac2681ee9fdcedb8fb443387a4b0fa2f5dc77d64ca27a5a4b8c3c51ed15060bde1df449e7146792c8eefe672e71e53e1da90a55f0daabd64c4f44c36ab82602c8cc8595087862aef84b625e75f6a63a8aaf73ce9bf702bf98c080bb0264fdec2e27fd328699d8d7f5c3924b460dcf326bb7049b205dda5aa487924d7e3e81d9b2c5c7d98aff6845c24c59cd2d1bab20c9b614100d44a3ddad14cce32a56c708f75bd8c434b42296199b178086cbe13822f26a7ef1cbe577afee7fd2e39c2756ef9847d847c2aa6bdae538fe673d5bcfd10b2531fc8487577484fc42f4dbbca7140ce63ac978c7a64f0dd5d86ae4b0460deadb5999c42d8251d54488509605fbdcafc9f84e625a864118dbb84761164385d184114e5135fda25ed5d7d6f649f52c031f4a498d51e8411bcf067ebdb52a5986971058c375d9bef9dbe64bef355f60af429f7be73112c1ba9c632e107f0ea28cb356b2cd16a32d892a981e7b62eeb5c6138d72367e2de7bf7e3bd1046fc6575f7cb903ff32b35359058612d63219c4985a2d2145f1e54671ca75eb81a4ba56fe2e252715c5be9fa7024aaceb23021429b71c2d411f0bc110c7b1fb31997104fbfecbe5dfd0ef79c3e0ecb453226973ecd8af7890b5b07cf5717f0dfa5e8f12f2f04dca828c10aac508b6befdcc34d7b055f536b354a1b60de738c1b2ccd374751cd12b51fd366c4456567ed0b082d91bf2e7c6ed98e9796535151eb9a27f5bacebb49c8b87eba9db3bb2e04f1e68c5bface09b410e74232ae893cac6486494230776fc24569862504bbdce79fdb32cc2d35fcbda5281ae0cb75e9a9d91c6201c301688491874e379c254185c5b09c10a9b9d548198a66760b194e31e2e68bb3d9c603ffc80c9ba14015b50d7004de44ba963dd6b820b9241c03407f8144fc2cefe5af7cd2c3e249b45352e01846d86ec83269d89c4ce0a01f578414325adb187f843133ff0b7cc51cbca26e91db7a8f23e8555beb7c6a31c1f26ea73958e108877f90d52eb5a481f32ffbd8fd40144eacc8b3d32c85e5d048225d25a1e95eafbc06349da9101b682e1019f88bbc42f4d4941855df816d173d4ed125018d375339af4b3bc5548c7e93828a136008207a375337736e762c0d2d992e03c1eff73eaf19975129872f91f6ddd6f877d5c618a5dd0ffc3da95a64828a6a28ec00b9e082c6d13e96ca456e29517f4a0896e75fa148e78d2cf599dbf3219c53eafd0db552bd9ee8a7f4af53d48989b2d034a7bca87d5ed91e4c1e5792a801905f159d47b6bf227434540f56e380c134d4774ff155e6a4238dfedf8c0fe63459d1026ea4a4345e3b42ce24724aa03f3b421db73d5157a89916de8674a8dacde86bf751715bb327498620b2fb8a2220d1c9d5a267ab5993eff4831dc02851e71524a3b0f630ff390f2f168055f4f2f00f56c22bfa217fda468d652228e44dc433909b0c02e192f21663d61eab250893034c99cb04dd31385696cd23e495836230fb5238507f14fb603478227d9999880bc60f6bfc9e0285cd9b45e80e0583f903c5ae1d18e5b8922ed0a36d9fc9ea7875301992790efe35abcd2d6199c07b3c1971fe51b51aea109f0ce6934c9721258e39775907835b71afd0e9265edc1135ed381a77d8331740a343a57222136f8fa06b92e2cb7db27cc89c4e35dacccc2a9a50377912f2be6a35abdc357bb2516cfa0a6d13185e7a7c78c5a9452f8c98d22121cdd19003545670a5b17fc7895ee73ded493c0b08988ae0694045cefecaa2a116c601914d5bd565b2d7ccd1137b32005bfd1278299ad7d55b0fb79fad7907236a32dbab7f52b2da51092b3fe486bc560e0a2b2fea37eddd93ce08df9e94afcd5c2ea152846e07670c3a4f1713905c607010a0e51832e728e51a496ba0f6bf2af425be2702d2a02fdeb7ad161f1f7b84c008a2f1adfd0d72b03dbbaaed9a0f7a02686ccb295a3afa0059abf41c4a8e9d2292798808525e7e1539f4c0e6c525e67e30b508211bad9b37ff7b1d3bb309acc3ff321db542147e4d9d09f5ad7d977ba0257264924ef11293e2bd5e2c4c17323138971b5ada4b972b44b7299c4ea457f7172365d6fc62246d75fc19b9164ba256c88a790e622d75bdc409126f8bee46538a91f2ca2b0dbe347996284ebfff761965b75778f17e63639263dcb848d50403caa1b6ad88d51aa380820240ecb4494021702c0227ecc9b8d77dd319b16f284d5f7c86e3128074fe45c99202be6679a2fe954cac175dfbea29fa7869fba681032107d0e45142173f66703e5e910515ed201fe0a6dd192e9400df9264e3520b20cc0a8383a0147049cee9e1b3819e5c13ce6d4afd62b0d0c7243e41787e7b8aef5ae2f89c04b293f738b68d596ed1ecf6e92d540ba7e849e11f0e81a034b6cf5be01817d54871e422bb3dd2df26f3c894329f8162c7f9be3ff47c7dd96866883182edb2056a7a587ebe904f4ac2ddddce501fa7c147ac320e93d3d82aee0484bdcda0bd914e06701a2fe71c82ff2b5ad935550ea547f3aa0d6a5463f5785a50ae9277aa15e3272a3f990e162d2542df7216e2ff3029019bc3e8b00e9a120ed51612b173805998917b389e073201ef5c718a6b841f6df2eab44313c75ca45f7c40a490e3a7817d10d3b7fb0ef39bfb017e1599306abb279e26f6051db765b46f48c8cc9f3359b86a38bf40c418213961164cfbf4bb717ea73f51ad8875634efa8ab521f1b805c9bc0b163b51d2d5deec9a8f3ffb2b842d98ae40a357831899c611b4102f27acd6c6008e352da11cb977d7fdd2c515e2ba2122dd662b6defa0f53001fec8db9dc1f918ebe998c86806881bab0bf60464e99091737f761470a95b0d845941c26ee3e33289b10f8b349bc783efeb5500a5cc530e2324949a1a7acc7f4b99e75c975a868dcbc880af0cab8c8846add284617a526ef7c2aa65d17c39f7957cb8fc934d6e10bf026925e6b5649ea18bbfd5aece5556844b0e93214843e6027d36af2c2c27644b6c62875c1b78e2f8fb08d426e5e1a23793b457c99ffecb1fcc47b940d5cb1fa8f8460a6baef590b8f4cec61f227041b6935a76874987c192d2de063be67ced08e3b047dcdcf1f92001cd081501b4e6068fa44d7856e20da160234d6e9b6cfe1e7e01e8892e86e63195b70d40da6bc7e0209a11f328da43e18156662a5303ef0bbf19ac0c4bb3c49e4bfc2a8c6e891e562c621644f3f6e3fda3a8fbb7f8e1c84800d9e5e65c9f443ad865e8abb7c403410b51444203f6a89c07c09e728aee0f4cf604ba8de20fff1fccfcae56569a7b0949a2e91595dd0e76f8b33cfeb9f911ff460d6d42ae4a8a173c3d00a8c65b01e4972d57296a72323e5f1d0edb1fe9853da1cd0dbe7b21783c11237da2d63a91b8af61dbe1acca0b59a211ebfb51257ab04dc0da99a81215ae1efc70badb99b4cfb793591841c507412c75275eb19da9e0bec65b66e3bb112c16f24cf9269bc001d04054a7581d958903a94f8626d46be21482404979d4f8a7d2cbdf740dc263043c36669cf8774fb2d0c811c5aa132b08a5", 0x1000}, {&(0x7f0000000040)="553e263fd63cc7e4d292549d94357cfb06d568e58f0301f44979a059a8fe37f5308e8623f8cf2d2850a6216b9f84f27eac6d54556a0012be72b853396fac6efeb9daf47b621da35894accc", 0x4b}, {&(0x7f0000002140)="f35a831310fee8a89970506e8664a1120bf09eb0881a6cfc18268e4b6c91765b7d169dbccfe458feace48cf9e5b2f32362f3f1ee621d945fc2da2f2e0daad23be7878bfb6c12246dbad82964055a385f6d876e3410b92c2672664ebf1d3d5bb29156d3a0a792661b8fbe29eb59b738dc7a0f7ddf6693010224f6b40722f4ee51e7a3a9cabe8f63c51e78218ae72c63579c70203a159191d8d03467c90bfe976c4be04745f4c4ee8c0bb53f2c6b5b4b47a115918930448196e73336ecc9bf621bc005d216d0f91edd78ae61bf9b374edb1159ec00f66ab2981902a82f7f2ffef5768ed73d30e647463dc9954fc5a06d870d2105929fe90d7840ed293a9874d380a096d8fdbc76d1c847f65b83b88b8f24703e0e47b15cfa133408f96ec4b2c7b856fee681ad2cc268b4100757936d6a5b41d9b6e2f6a84a40aa63a8903af104386565ea9a8a6ade32d24dc93f7a03ae8dc9ca978b1a390fd2c41073a56d4ffd217402647daa086c69252c5f60be634bc9f540a15eb7e3cf67c3561a2ad0f1e49005e481b01dc5b00fde43df3944c3c1fb1062c42207cfb2e168f5b3b342968e3f39493a2b94b7a37dd4215ae27a58bf7105f4f25df313c05e46e64ef4fb22efa45fe2da99cb5cb9a8f598d1dfcd8785bd81a4c0e443e7eb6ad69f4921c06b78a38269768289f914011e40d6141294b23e3ef063cfe402b126ba4a8bf85402d6d424069854456fb21e3deb0055423dad8fcbf6d4ff3c93b399ac1989b0214cc00c1f7714762c415ffc077d819ac76db1feae868d6da5a6fbf09004b629c233f15ddaed470a3861a85cff1c1bfcc9a99e72361f40de15ed87818b66fa96b5f168a1e74cdda88903e1a943147ff9090f61091113b2ed971705848fb478ccf135bfc8df92fc70430fe27c4b504f00ddc3144683f7d3e4cdb22572ea0d71ece317ffa8839b5e31342b3d6db99259b80d7bf5fcc6a77d4be4c0de15e322e1771fd50b50c7d89499ef5a2e501d6fd2a7ab33ff69b3ddc1412ccc5ede9fa9a0f3d3bcd96c612b6f7f73a6ad0ae3f72a304e24c31413a2a48b141bd1e4368509e212a900fe1f86355794d28fbddbfa77f7549f4978e9b58fc899c7069a5273d8ca14a5596e949e0ca5f95a702c470dd925e86f28d1650c770ae0ded979ffb0ad01c9c562278c86c3bd53eced39b925547bca30baff7ee080e6f445d9e9492956b4709d293e090f1cfd55e6b5cf78e7e9b2224416d8e0f5948f04841616b13d8244abd1c8b707f89560195a7fb995970b0b395c9001a29675f3198d508cdff4e089f1e2fb7aac6d915e4fabe5f7c0b44decf092a4c8721a26796a43fe017d2c37c7070b9d6afe2b252853512a04424382a0db6b9f009169374b7dbfc2f2a6379aa29890c3054e358ddf07dcdc3c217ee2e5b794b7e9cf264d774e268715ff96aa6dc7dc64fc5e4ece3943b798a6069068833ad21a06f212e4296a5431d5a32aef721a4344a95ac44e5a25536ffb322353a6519963db135583508ce4c547cc912f99906012aa3bdc8e0004f4e0f7b9d6c4bf957c04a118ef55a8c00512a784451ea87ea004df061735c656a66317d5497e98f21e2cf534de0e5890087f62e802970bffe251364ff46cc0d063811e9332d74ab15dcf763d94653a07154a10be4bc0ce3e2bb96beee9a1ad55c1ea4fa8fbf0aa328f553299ed4ca64bd62d705dba4a02de58348c1550c3af7c4cec4115fd2641d66914ae7db118bc4059d6b9b8ba0f74d59b337f928eda7a5b5f3b0e42f5377866add746fc221a5a912c4fc64a936bc6fcb63d3b842d5781a28c9341a8594fb8e8bcd82aa4db99b3fa22cc7bc8e70888594523e2df87abd38499a54e4575d29aa519adf8861c057a2784310fa5d31726622a06c40682d4f6f739efa93ef6c27ebe5475264de068a21bd6d9167dc2b8d769967a24284e47e97b4fc2eea2fb3c7247c718ed9495e0ce8d5c41b68bae13923d4c8cc193418307b30135c770c2277f7b27b4b742c6ff4d9faadc80ce4133a01014855cfc0152b927f44e033612c78afef92a384c6fd095f32fab3379ffb061475cce5e41b5eaa18d01a6a557476c6c47f4311481a9e0c73493629d7e9841d1129e201ca713123116c0136b50c4c648d0669cd6150882f308abeb1b02237f285b622783b48d80690677230f7b97805c59a07eb056aba6c2c5a18d116edf2057c48526d756c904ed0424260fbf4b88e4f3f845b44b16d32993478b4c86e0176b2a691efc2e13fc0c5703c0538d87b8cebb1a14d5ea53fa231d7f4fee3fe963895a2251d3751b19ab5ab37ce0a7e546f3a9849c6d360d78b23eac256619916d56b58c7073b1e3f00521fd5873d9de54652ca027a017179210ec794801599f5bb8df8ed2f093d1c703417fa296579300c91d15b69d4c52aa12be3a9cd34954ba452b02d8304f8135273c5746807df797a37f7452033c500e7baa0d638fa7ee536c4f982a8109ee69b02bb5b1f6d055e2f22ee2145eb10c4e1a4761d0d1b7119205748ad28bc0b6b6d7b4f2fb9416f3cdb1b8b094c0710134cc4033e781c9c69a5eb48d2c9400195b230eb1e3a30e9421f6c0d834a4896e864447dbdddecacec05d7f2677d84225912e88ce55ce41bd597e1801b01a1e486e8e38a6ca0be7f94eb584f955980341d49cafb0c1f8488fa24c46334df6af0fce13ce262f45c8af6d9f38cc667cf5e2e0fc4be4fb6adbec2b136f6384f690b75e1789530cfd47f105b79032652d23ec0e8a4adc2287f81b1d1a0c55b520d0fc74e2d91b951f580f6a6a609739dfeb933c256181283fce85c7020d44f06dc62f50c3837d0dd22f918ad5ef0c36e645c058c27de0d4d351ce6ece94044f6c47083b095b0736803704f6f307b43e115f03c5750e956507e47f9c91ff9ec31efa904caa0660257493c754150e870fd6765ca2c1cde6d83fc83633e152e6a2ae3de1e08fb6714f613c50663395e0f5dbb79ca09d045a472ea3901791c41bfc8ce1c41999d974e957f2c1e6b4e0408564a89fb275055cb545a36755a85603a9ab43a9039a3e3dc12fd768e667d26d0ba3bfb3fcd337f436ef90509361987e81b292c80b7344d730824bf357567c8e60b20a8cc3b51a4aa69a8500bfc1d1a4074f811d0f2b099acb62715ca5783c5d282a3be9a8ce9655fb3d059f0214eefd056fec63457ad286e742d03cdc7c8e7db8a251b63571c0dcf1e7b184f7b67616ac4dfdd8d1443bc81c2741b32c1c9c867593e2c5e12d73ad864e5d67f4e33e0f0b7d88fd9e8d1338ce1408bd518a630a1584afab69ae5c9fc4c794d7cf13a030b789014de1a36c2b6ad48a608a4b2685d74dcf3175802e1ba2837a7d67ab9da7910b44676820b71f439515a93fa6e806b6e7fed52cfe4036958b1b96a7bc43979ccd8bd409004ac0729f657401f665dd6cf2a8ecdd7e0c3ec50a358397aac59ecd124c21e1d0c4f85fa73f0611951146f843af15d300bd50ae13870f56c3d823f7934299a5723fa47270572ca97ffb781afc5be4568d93d4b544ba263d0a9156b9bfdbcb9213f113a8ecac8a53d7390afc76f5c69ac3ec733f3be05579fa51cc60915fcef1c32efc4f4ce012744859afcdbec4ccda39d8b63b88e9dc44cf3a0b621b215e4cda4991c793a31287c4dfb2f2e5981e1cf79c7ea32fab419c3d1d9f2f7706d8ea373423a1d20b84459642f0f33b070f1f1034f60159e1c046d00c7e47542da305c64e9cea3787cae9afb4d8b0ec137be7a025ae124a4954ba9faaae7bc57d64dd107ddcc7942adfb4a14d9041a32eb1499dc89fd58126744a7752089f3ad9812ba6b53f2018f0d832d58ba52e83849b831d202a2cf48835e2c931b2e3fd9ef6447690d5e1722f849c3888f1bdd1082cf19833265952b1dc91511eaded1f59112af9f5e87c0b4863d281b495f0f8fd9dfa6a7bd87a7a59b82d138b36de346a2bb52b1480d4d7b961080cc35d40a4688f503db78653ccda40c57fd51d65e7096b675f3998780c2cf12cc5ec49366cb6ecc1bd36ef0a04f0cb3cc3ae8781883a945b22969f92922cb1b188a0631a01fdee1abb7411a02f50c427964c7862b418f9f6d1942cad78708e0e43a8ddc3831a0fd17973d5ea479e7bae28bebf5538eab108fbd9f3c21b089ade1ea9c0332a70e6133aaf42a45c6cfaf254d2051943f00f54b5c832745fe1b1bf71fc2a566e6b4f0259c158c29a955783cf7c1db173ebecbc3b3d63c0419ec7dbcbcfe899e2d3caf584ac2661fd08d641e0cf25bf48a6112c3c58a6c5bec7b2d3f72e8ba0960c36903737bbf2b28edf0e972081a83c19de6dbf62db7fba816a4e3f59837a8d493d2c737cc2945ce71025e130baf0833e0e018fe229f7abf983bfc1f7f019c1cc5ff9fa34eedc32326afcbd1ba609123748ffb3d1dedbb78e44a376ceaafe764fd5574895d5db73e7a5ab035501f579d0efb249b8c45d8142c40d804619372781f232cf87cfb49754b45e484e0bf9e4e266e91a0a3b688d5926408edbb0a4ee5706a9a5797c226e5ca4d8fcbdd8373a025b1e475e5114b0e1b2903545c6412152101f89acca8c55202881ccef447f8411711550f6ab8f49657f0737a72d0ac4eed28de1e94fad0996596686794aad1646b1da736174bb8bdcbd788f7011c8eef9efaef4db2d27eb32122a2500cdc57a1838dd457657d3e28ac0b5993d4e052cd79cfc8dea8fcf07ef64347ff13d8118848db3bd495e34c3e18448aed3ed8bf9af2fa635b63b7ba9878ad5de6ee51072d2f759eee2b0fa249605ebb0530b9e07af32b27b8b4c59346fbb582eacacde68a205006cc96aad94d5f0b26e6096a65e09202c69d00b9038c20843e29dab014092e8526b6700dbe08880794b928577afd0a3242009143f595996e9ee155c39df82b2293f450b0e4f1f0e2d7960d8da35281d169258ff8164740849dcada77a591a48e1b4b55a43fce32e6b29a9b2c79993e2ea8926e1f22dc513a7c5f7fd66f476f6cd66d4ac6ab5a474770f46ad751efd59eb8ab505d02886cf114b948a55b8fd4ea477274f8d099cf283264f563b31c91a919e9d39f2693a0d9031b6eec1f01994d73af1aad16dcfcb2f03688a2055e27a1260e4aa5b3c9a236418d39335310bdb6bffdb7bfa435b5b82046a0f7c1ca9622e90a9d5628904a49c0b32fb47b8e51df115560b07db9ebdfbb1b2263a28a5cf787c2e5dc794a5fad1e2295119e46d0bb00e93c8b689bc82c93bd2b76ccea08be2865a44320e4b843e95f19c97aff7cf56f6ffe5cbce9dfc0cb79914d389b4dafbbf15207ef6f5cb12837a5552aa25db66cf57b680c32981888ff6e4cefc4b4c18698469f197b14177ba35a296aa007dfdf4c58e6f4c5306a183769cebbdfb1f9c46e3f71bc75a7c7135e87ee7787a1ca549dbcab5b1da16045711d5aba7c91dd75042b3a4ad311ebe726bceda4da2df6b884a2c8358e84145375fc1b3b0c2a675c18a9eb467c63551a94e15a16606bded73d49f3638f912b2d52a9b812f20bad0462c03672c55858082d22f8a955486a7a5e87db7ec4ab93eda5a37281f54e2aadba42613f63fd23decef343ebfb5598cc2da6221a819eda9a4cfb44ac9141440664a0f713e1491603821e2293fc6f97ac5365469c914363491a090a347e1aa4be24259193b8af52bb863787c768eb546c429c2b453e6a73a721a21b35bcb514537dae7ee42cc6d64263bf82560e49db87f69604a79182b8c0a40ac51674d249d070904e7c8e23df4b7dfb07b6d70245fe152f1463bd688f5d10dc3b310", 0x1000}, {&(0x7f00000000c0)="c6f0aad28dab85b088dc9c48672533676e308c6991693d5a486b90073c35c5b529a7900c496ef45459db3e459856c3", 0x2f}], 0x100000000000032a, &(0x7f00000031c0)=[@timestamping={{0x14, 0x1, 0x25, 0x3f}}, @timestamping={{0x14, 0x1, 0x25, 0x7ff}}], 0x30}, 0x48000) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000003240)={0x0, 0x0}) wait4(r2, &(0x7f00000032c0), 0x4, 0x0) 16:25:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2592.017250] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2592.044150] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2592.107868] EXT4-fs (loop0): group descriptors corrupted! 16:25:31 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000021ce0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:31 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xd6020000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2592.224273] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:32 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000080000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2592.423178] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2592.442927] device bridge_slave_1 left promiscuous mode [ 2592.448707] bridge0: port 2(bridge_slave_1) entered disabled state 16:25:32 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2592.491544] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2592.529516] device bridge_slave_0 left promiscuous mode [ 2592.538920] EXT4-fs (loop5): group descriptors corrupted! [ 2592.541322] bridge0: port 1(bridge_slave_0) entered disabled state [ 2592.554275] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2592.592823] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2592.632298] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:25:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r4 = socket(0x0, 0x0, 0x0) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000001b40)={r6}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={r6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000000)={r6, 0x2b, "a7130f28aeed4f2bfda7bffc154590eedff3751ad79099e14512bf49b1e501c8bb1999f3ebfdc930431055"}, &(0x7f0000000040)=0x33) 16:25:32 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000001d20000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2592.713951] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2592.752570] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:25:32 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:32 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xe2010000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2592.852637] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2592.905368] EXT4-fs (loop0): group descriptors corrupted! [ 2593.011521] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2593.025048] device hsr_slave_1 left promiscuous mode [ 2593.042165] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2593.051752] EXT4-fs (loop5): group descriptors corrupted! [ 2593.071039] device hsr_slave_0 left promiscuous mode [ 2593.131525] team0 (unregistering): Port device team_slave_1 removed [ 2593.217831] team0 (unregistering): Port device team_slave_0 removed [ 2593.239921] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2593.277698] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 2593.285367] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2593.317955] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 2593.326766] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2593.364246] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2593.471434] bond0 (unregistering): Released all slaves [ 2593.526829] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2594.659970] IPVS: ftp: loaded support on port[0] = 21 [ 2594.728984] chnl_net:caif_netlink_parms(): no params data found [ 2594.759190] bridge0: port 1(bridge_slave_0) entered blocking state [ 2594.765875] bridge0: port 1(bridge_slave_0) entered disabled state [ 2594.773336] device bridge_slave_0 entered promiscuous mode [ 2594.780333] bridge0: port 2(bridge_slave_1) entered blocking state [ 2594.786871] bridge0: port 2(bridge_slave_1) entered disabled state [ 2594.794028] device bridge_slave_1 entered promiscuous mode [ 2594.816490] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2594.826231] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2594.845242] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2594.852799] team0: Port device team_slave_0 added [ 2594.858296] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2594.865889] team0: Port device team_slave_1 added [ 2594.871252] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2594.878727] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2594.933850] device hsr_slave_0 entered promiscuous mode [ 2595.002417] device hsr_slave_1 entered promiscuous mode [ 2595.052748] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2595.059918] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2595.074591] bridge0: port 2(bridge_slave_1) entered blocking state [ 2595.080973] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2595.087653] bridge0: port 1(bridge_slave_0) entered blocking state [ 2595.094229] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2595.129647] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2595.136500] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2595.146014] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2595.156263] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2595.163585] bridge0: port 1(bridge_slave_0) entered disabled state [ 2595.170279] bridge0: port 2(bridge_slave_1) entered disabled state [ 2595.177593] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2595.189484] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2595.195706] 8021q: adding VLAN 0 to HW filter on device team0 [ 2595.206211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2595.214309] bridge0: port 1(bridge_slave_0) entered blocking state [ 2595.220653] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2595.230566] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2595.238468] bridge0: port 2(bridge_slave_1) entered blocking state [ 2595.244959] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2595.264710] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2595.272841] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2595.283748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2595.297527] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2595.307576] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2595.318212] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2595.325491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2595.333608] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2595.344683] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2595.359333] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2595.366951] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2595.377771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2595.391707] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2595.460963] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 2595.488225] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 2595.499660] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2595.505300] CPU: 0 PID: 2253 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2595.512153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2595.521529] Call Trace: [ 2595.524131] dump_stack+0x172/0x1f0 [ 2595.527780] dump_header+0x15e/0xa55 [ 2595.531499] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2595.531920] net_ratelimit: 16 callbacks suppressed [ 2595.531927] protocol 88fb is buggy, dev hsr_slave_0 [ 2595.536600] ? ___ratelimit+0x60/0x595 [ 2595.536612] ? do_raw_spin_unlock+0x57/0x270 [ 2595.536633] oom_kill_process.cold+0x10/0x6ef [ 2595.541588] protocol 88fb is buggy, dev hsr_slave_1 [ 2595.546553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2595.546564] ? task_will_free_mem+0x139/0x6e0 [ 2595.546583] out_of_memory+0x362/0x1330 [ 2595.546604] ? lock_downgrade+0x880/0x880 [ 2595.582571] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2595.587668] ? oom_killer_disable+0x280/0x280 [ 2595.592183] ? find_held_lock+0x35/0x130 [ 2595.596289] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2595.601147] ? memcg_event_wake+0x230/0x230 [ 2595.605471] ? do_raw_spin_unlock+0x57/0x270 [ 2595.609873] ? _raw_spin_unlock+0x2d/0x50 [ 2595.614024] try_charge+0xef7/0x1480 [ 2595.617756] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2595.622603] ? mark_held_locks+0xb1/0x100 [ 2595.626843] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2595.631986] ? __sk_mem_raise_allocated+0x555/0x1390 [ 2595.637905] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2595.643459] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2595.648574] ? trace_hardirqs_on+0x67/0x220 [ 2595.653011] mem_cgroup_charge_skmem+0x1e1/0x3a0 [ 2595.657783] ? mem_cgroup_sk_free+0x90/0x90 [ 2595.662107] ? kasan_check_write+0x14/0x20 [ 2595.666340] ? __alloc_skb+0x3d6/0x5f0 [ 2595.670220] __sk_mem_raise_allocated+0x555/0x1390 [ 2595.675180] __sk_mem_schedule+0x6d/0xe0 [ 2595.679250] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2595.684791] tcp_sendmsg_locked+0x1967/0x3260 [ 2595.689303] ? tcp_sendpage+0x60/0x60 [ 2595.691934] protocol 88fb is buggy, dev hsr_slave_0 [ 2595.693108] ? trace_hardirqs_on+0x67/0x220 [ 2595.693126] ? lock_sock_nested+0x9a/0x120 [ 2595.698169] protocol 88fb is buggy, dev hsr_slave_1 [ 2595.702450] ? __local_bh_enable_ip+0x15a/0x270 [ 2595.702470] tcp_sendmsg+0x30/0x50 [ 2595.702486] inet_sendmsg+0x141/0x5d0 [ 2595.702503] ? ipip_gro_receive+0x100/0x100 [ 2595.728031] sock_sendmsg+0xd7/0x130 [ 2595.731733] ___sys_sendmsg+0x3e2/0x920 [ 2595.735708] ? copy_msghdr_from_user+0x430/0x430 [ 2595.740466] ? mark_held_locks+0x100/0x100 [ 2595.744694] ? kasan_check_read+0x11/0x20 [ 2595.748846] ? __might_fault+0x12b/0x1e0 [ 2595.752910] ? find_held_lock+0x35/0x130 [ 2595.756983] ? __might_fault+0x12b/0x1e0 [ 2595.761109] __sys_sendmmsg+0x1bf/0x4e0 [ 2595.765084] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2595.769474] ? _copy_to_user+0xc9/0x120 [ 2595.773467] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2595.779022] ? put_timespec64+0xda/0x140 [ 2595.783109] ? nsecs_to_jiffies+0x30/0x30 [ 2595.787396] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2595.792153] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2595.796922] ? do_syscall_64+0x26/0x620 [ 2595.800905] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2595.806365] ? do_syscall_64+0x26/0x620 [ 2595.810362] __x64_sys_sendmmsg+0x9d/0x100 [ 2595.814739] do_syscall_64+0xfd/0x620 [ 2595.818562] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2595.823755] RIP: 0033:0x45a219 [ 2595.826936] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2595.845936] RSP: 002b:00007fd4b10e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2595.853672] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219 [ 2595.860996] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2595.868350] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2595.875626] R10: 0000000004000000 R11: 0000000000000246 R12: 00007fd4b10e46d4 [ 2595.882925] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 00000000ffffffff [ 2595.890588] protocol 88fb is buggy, dev hsr_slave_0 [ 2595.895754] protocol 88fb is buggy, dev hsr_slave_1 [ 2595.905732] Task in /syz2 killed as a result of limit of /syz2 [ 2595.912107] memory: usage 307184kB, limit 307200kB, failcnt 1188 [ 2595.918270] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2595.925220] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2595.931437] Memory cgroup stats for /syz2: cache:104KB rss:152KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:124KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2595.952801] Memory cgroup out of memory: Kill process 2251 (syz-executor.2) score 1103 or sacrifice child [ 2595.962670] Killed process 2251 (syz-executor.2) total-vm:72592kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 2595.973994] oom_reaper: reaped process 2251 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB 16:25:35 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000003d40000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:35 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000004080000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:35 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xe2ffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:35 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xe41b0000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:35 executing program 4: r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)={0x3, 0x3f, 0x5, 0x0, 0x4, 0x1, 0x4, 0x5a, 0x7, 0x2, 0x1, 0xaf, 0x0, 0x6, 0x7, 0x3f, 0x40, 0x20, 0x81}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2596.161381] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 2596.214624] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2596.217311] syz-executor.2 cpuset= [ 2596.231924] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2596.232197] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2596.248911] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2596.276958] syz2 mems_allowed=0-1 [ 2596.298506] CPU: 0 PID: 2267 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2596.305401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2596.314755] Call Trace: [ 2596.317348] dump_stack+0x172/0x1f0 [ 2596.320980] dump_header+0x15e/0xa55 [ 2596.324692] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2596.329787] ? ___ratelimit+0x60/0x595 [ 2596.334284] ? do_raw_spin_unlock+0x57/0x270 [ 2596.338696] oom_kill_process.cold+0x10/0x6ef [ 2596.343183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2596.348724] ? task_will_free_mem+0x139/0x6e0 [ 2596.353322] out_of_memory+0x362/0x1330 [ 2596.357290] ? lock_downgrade+0x880/0x880 [ 2596.361431] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2596.366523] ? oom_killer_disable+0x280/0x280 [ 2596.371004] ? find_held_lock+0x35/0x130 [ 2596.375060] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2596.379914] ? memcg_event_wake+0x230/0x230 [ 2596.384323] ? do_raw_spin_unlock+0x57/0x270 [ 2596.388726] ? _raw_spin_unlock+0x2d/0x50 [ 2596.392891] try_charge+0xef7/0x1480 [ 2596.396626] ? find_held_lock+0x35/0x130 [ 2596.400695] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2596.405531] ? kasan_check_read+0x11/0x20 [ 2596.409671] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2596.414505] mem_cgroup_try_charge+0x259/0x6b0 [ 2596.419081] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2596.424001] __handle_mm_fault+0x1e50/0x3f80 [ 2596.428415] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2596.433259] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2596.438003] handle_mm_fault+0x1b5/0x690 [ 2596.442056] __do_page_fault+0x62a/0xe90 [ 2596.446125] ? vmalloc_fault+0x740/0x740 [ 2596.450176] ? trace_hardirqs_off_caller+0x65/0x220 [ 2596.455177] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2596.460095] ? page_fault+0x8/0x30 [ 2596.463643] do_page_fault+0x71/0x57d [ 2596.467550] ? page_fault+0x8/0x30 [ 2596.471117] page_fault+0x1e/0x30 [ 2596.474834] RIP: 0033:0x441461 [ 2596.478036] Code: 8d 15 a3 9d 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 2596.496950] RSP: 002b:00007ffe1524bbb8 EFLAGS: 00010202 [ 2596.502402] RAX: 0000000020001940 RBX: 000000000075c9a0 RCX: 00000000000000a5 [ 2596.509658] RDX: 0000000000000001 RSI: 00000000007605b8 RDI: 0000000020001940 [ 2596.516914] RBP: 0000000000760598 R08: 0000000000000000 R09: 0000000000000000 [ 2596.524169] R10: 00007ffe1524bc90 R11: 0000000000000246 R12: 000000000075bf20 [ 2596.531475] R13: 0000000000279d0e R14: 00000000007605a0 R15: 000000000075bf2c [ 2596.541874] Task in /syz2 killed as a result of limit of /syz2 16:25:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2596.546247] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2596.548115] memory: usage 307200kB, limit 307200kB, failcnt 1222 [ 2596.563779] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2596.571229] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2596.578576] Memory cgroup stats for /syz2: cache:104KB rss:8KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2596.599253] Memory cgroup out of memory: Kill process 2267 (syz-executor.2) score 1103 or sacrifice child [ 2596.609644] EXT4-fs (loop5): group descriptors corrupted! [ 2596.609745] Killed process 2267 (syz-executor.2) total-vm:72588kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 2596.628433] oom_reaper: reaped process 2267 (syz-executor.2), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 2596.635840] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:36 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4a0100, 0x0) ioctl$TCSETX(r0, 0x5433, &(0x7f0000000040)={0x1, 0xfffb, [0x2, 0x9, 0xfff9, 0x237c, 0x3], 0xfe01}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xe8030000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2596.658937] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2596.686969] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:25:36 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf4000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2596.732942] EXT4-fs (loop0): group descriptors corrupted! 16:25:36 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000003e20000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2596.879431] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 2596.891893] protocol 88fb is buggy, dev hsr_slave_0 [ 2596.892085] protocol 88fb is buggy, dev hsr_slave_0 [ 2596.896969] protocol 88fb is buggy, dev hsr_slave_1 [ 2596.902014] protocol 88fb is buggy, dev hsr_slave_1 16:25:36 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = dup2(r0, r0) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f00000000c0)={0x1}, 0x4) chdir(&(0x7f0000000000)='./file0\x00') r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) getsockopt$inet_buf(r2, 0x0, 0x2f, &(0x7f0000000040)=""/49, &(0x7f0000000080)=0x31) [ 2596.930315] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2596.974885] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2597.001411] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2597.005022] CPU: 1 PID: 2485 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2597.011132] EXT4-fs (loop5): group descriptors corrupted! [ 2597.017650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2597.017656] Call Trace: [ 2597.017679] dump_stack+0x172/0x1f0 [ 2597.017699] dump_header+0x15e/0xa55 [ 2597.017716] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2597.017730] ? ___ratelimit+0x60/0x595 [ 2597.017747] ? do_raw_spin_unlock+0x57/0x270 [ 2597.055913] oom_kill_process.cold+0x10/0x6ef [ 2597.060421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2597.065973] ? task_will_free_mem+0x139/0x6e0 [ 2597.070494] out_of_memory+0x362/0x1330 16:25:36 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000c0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2597.074485] ? lock_downgrade+0x880/0x880 [ 2597.078664] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2597.083785] ? oom_killer_disable+0x280/0x280 [ 2597.088280] ? find_held_lock+0x35/0x130 [ 2597.092339] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2597.097169] ? memcg_event_wake+0x230/0x230 [ 2597.101705] ? do_raw_spin_unlock+0x57/0x270 [ 2597.106114] ? _raw_spin_unlock+0x2d/0x50 [ 2597.110252] try_charge+0xef7/0x1480 [ 2597.113958] ? find_held_lock+0x35/0x130 [ 2597.118013] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2597.122864] ? kasan_check_read+0x11/0x20 [ 2597.127004] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2597.131884] mem_cgroup_try_charge+0x259/0x6b0 [ 2597.136482] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2597.141460] wp_page_copy+0x430/0x16a0 [ 2597.145356] ? pmd_pfn+0x1d0/0x1d0 [ 2597.148896] ? kasan_check_read+0x11/0x20 [ 2597.153034] ? do_raw_spin_unlock+0x57/0x270 [ 2597.157569] do_wp_page+0x57d/0x10b0 [ 2597.161356] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 2597.166061] ? kasan_check_write+0x14/0x20 [ 2597.170288] ? do_raw_spin_lock+0xc8/0x240 [ 2597.174518] __handle_mm_fault+0x2305/0x3f80 [ 2597.179005] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2597.183849] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2597.188508] handle_mm_fault+0x1b5/0x690 [ 2597.192579] __do_page_fault+0x62a/0xe90 [ 2597.196631] ? vmalloc_fault+0x740/0x740 [ 2597.200680] ? trace_hardirqs_off_caller+0x65/0x220 [ 2597.205686] ? __might_fault+0x12b/0x1e0 [ 2597.209755] do_page_fault+0x71/0x57d [ 2597.213575] page_fault+0x1e/0x30 [ 2597.217033] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 2597.222645] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a [ 2597.241539] RSP: 0018:ffff888045ff7998 EFLAGS: 00010206 [ 2597.246904] RAX: ffffed1008bfef4b RBX: 0000000000000028 RCX: 0000000000000005 [ 2597.254167] RDX: 0000000000000000 RSI: ffff888045ff7a30 RDI: 000000000071107b [ 2597.261557] RBP: ffff888045ff79d0 R08: 0000000000006f6c R09: ffffed1008bfef4b [ 2597.269530] R10: ffffed1008bfef4a R11: ffff888045ff7a57 R12: 000000000071107b [ 2597.276982] R13: ffff888045ff7a30 R14: 00000000007110a3 R15: 00007ffffffff000 [ 2597.284452] ? _copy_to_user+0xf7/0x120 [ 2597.288425] inet_gifconf+0x21d/0x360 [ 2597.292254] ? inet_netconf_get_devconf+0x560/0x560 [ 2597.297293] ? inet_netconf_get_devconf+0x560/0x560 [ 2597.302324] dev_ifconf+0xd0/0x230 [ 2597.305863] sock_do_ioctl+0x260/0x2f0 [ 2597.309748] ? compat_ifr_data_ioctl+0x160/0x160 [ 2597.314504] ? mark_held_locks+0x100/0x100 [ 2597.318739] sock_ioctl+0x325/0x610 [ 2597.322358] ? dlci_ioctl_set+0x40/0x40 [ 2597.326328] ? __fget+0x340/0x540 [ 2597.329865] ? __might_sleep+0x95/0x190 [ 2597.333847] ? dlci_ioctl_set+0x40/0x40 [ 2597.337826] do_vfs_ioctl+0xd5f/0x1380 [ 2597.341709] ? selinux_file_ioctl+0x46f/0x5e0 [ 2597.347063] ? selinux_file_ioctl+0x125/0x5e0 [ 2597.351564] ? ioctl_preallocate+0x210/0x210 [ 2597.355991] ? selinux_file_mprotect+0x620/0x620 [ 2597.360763] ? iterate_fd+0x360/0x360 [ 2597.364580] ? nsecs_to_jiffies+0x30/0x30 [ 2597.368733] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2597.374378] ? security_file_ioctl+0x8d/0xc0 [ 2597.378777] ksys_ioctl+0xab/0xd0 [ 2597.382237] __x64_sys_ioctl+0x73/0xb0 [ 2597.386128] do_syscall_64+0xfd/0x620 [ 2597.389940] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2597.395244] RIP: 0033:0x45a219 [ 2597.398520] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2597.417482] RSP: 002b:00007fd4b10e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2597.425218] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a219 [ 2597.432599] RDX: 00000000200000c0 RSI: 0000001000008912 RDI: 0000000000000004 [ 2597.440131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2597.447393] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4b10e46d4 [ 2597.454653] R13: 00000000004c1924 R14: 00000000004d55f0 R15: 00000000ffffffff [ 2597.468368] Task in /syz2 killed as a result of limit of /syz2 [ 2597.475280] memory: usage 307200kB, limit 307200kB, failcnt 1250 [ 2597.482549] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2597.490472] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 16:25:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2597.497910] Memory cgroup stats for /syz2: cache:104KB rss:140KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2597.541191] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:25:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2597.591379] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2597.600815] Memory cgroup out of memory: Kill process 2469 (syz-executor.2) score 1103 or sacrifice child 16:25:37 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000025e70000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2597.649273] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2597.659837] Killed process 2469 (syz-executor.2) total-vm:72588kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB 16:25:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2597.722174] EXT4-fs: failed to create workqueue [ 2597.726902] EXT4-fs (loop3): mount failed [ 2597.733682] oom_reaper: reaped process 2469 (syz-executor.2), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 2597.744989] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xeffdffff}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2597.843802] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:25:37 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf4ffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2597.912290] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2597.934152] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2597.949179] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 16:25:37 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r4 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) ioctl$EVIOCGABS0(r4, 0x80184540, &(0x7f0000000040)=""/128) r5 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r5, r2, r3) openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x62280, 0x0) r6 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000340)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000e00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba6b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ed00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb040800000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r7 = socket$inet(0xa, 0x801, 0x84) connect$inet(r7, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r7, 0x8) r8 = accept4(r7, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r8, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r9 = socket(0x0, 0x0, 0xff) r10 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000001b40)={r11}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r8, 0x84, 0x75, &(0x7f0000000000)={r11}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000140)={r11, 0xfffffff8, 0xf6e96a6d81fc829c}, &(0x7f00000001c0)=0xc) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000300)='tunl0\x00', 0x10) keyctl$set_timeout(0xf, r5, 0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2597.953598] EXT4-fs (loop0): group descriptors corrupted! [ 2597.971338] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2597.990078] EXT4-fs (loop5): group descriptors corrupted! [ 2597.996309] syz-executor.2 cpuset=syz2 mems_allowed=0-1 16:25:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2598.010275] CPU: 0 PID: 2645 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2598.017162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2598.026539] Call Trace: [ 2598.029152] dump_stack+0x172/0x1f0 [ 2598.032813] dump_header+0x15e/0xa55 [ 2598.036550] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2598.041672] ? ___ratelimit+0x60/0x595 [ 2598.042614] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2598.045575] ? do_raw_spin_unlock+0x57/0x270 [ 2598.045598] oom_kill_process.cold+0x10/0x6ef [ 2598.045617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2598.045633] ? task_will_free_mem+0x139/0x6e0 [ 2598.073233] out_of_memory+0x362/0x1330 [ 2598.077228] ? lock_downgrade+0x880/0x880 [ 2598.081430] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2598.086563] ? oom_killer_disable+0x280/0x280 [ 2598.091081] ? find_held_lock+0x35/0x130 [ 2598.095178] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2598.100045] ? memcg_event_wake+0x230/0x230 [ 2598.104387] ? do_raw_spin_unlock+0x57/0x270 [ 2598.108996] ? _raw_spin_unlock+0x2d/0x50 16:25:37 executing program 1: bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2598.113167] try_charge+0xef7/0x1480 [ 2598.116917] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2598.121788] ? mark_held_locks+0xb1/0x100 [ 2598.125962] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2598.130908] ? __sk_mem_raise_allocated+0x555/0x1390 [ 2598.136028] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2598.140981] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2598.145580] ? trace_hardirqs_on+0x67/0x220 [ 2598.149925] mem_cgroup_charge_skmem+0x1e1/0x3a0 [ 2598.154711] ? mem_cgroup_sk_free+0x90/0x90 [ 2598.159051] ? kasan_check_write+0x14/0x20 [ 2598.163310] ? __alloc_skb+0x3d6/0x5f0 [ 2598.167221] __sk_mem_raise_allocated+0x555/0x1390 [ 2598.172179] __sk_mem_schedule+0x6d/0xe0 [ 2598.176257] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2598.181818] tcp_sendmsg_locked+0x1967/0x3260 [ 2598.181852] ? tcp_sendpage+0x60/0x60 [ 2598.181868] ? trace_hardirqs_on+0x67/0x220 [ 2598.181882] ? lock_sock_nested+0x9a/0x120 [ 2598.181899] ? __local_bh_enable_ip+0x15a/0x270 [ 2598.181916] tcp_sendmsg+0x30/0x50 [ 2598.181934] inet_sendmsg+0x141/0x5d0 [ 2598.194538] ? ipip_gro_receive+0x100/0x100 [ 2598.194555] sock_sendmsg+0xd7/0x130 [ 2598.194569] ___sys_sendmsg+0x3e2/0x920 [ 2598.194590] ? copy_msghdr_from_user+0x430/0x430 [ 2598.227540] ? mark_held_locks+0x100/0x100 [ 2598.231802] ? kasan_check_read+0x11/0x20 [ 2598.235983] ? __might_fault+0x12b/0x1e0 [ 2598.240042] ? find_held_lock+0x35/0x130 [ 2598.244099] ? __might_fault+0x12b/0x1e0 [ 2598.248180] __sys_sendmmsg+0x1bf/0x4e0 [ 2598.252151] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2598.256471] ? _copy_to_user+0xc9/0x120 [ 2598.260439] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2598.265964] ? put_timespec64+0xda/0x140 [ 2598.270027] ? nsecs_to_jiffies+0x30/0x30 [ 2598.274172] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2598.278916] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2598.283660] ? do_syscall_64+0x26/0x620 [ 2598.287626] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2598.293089] ? do_syscall_64+0x26/0x620 [ 2598.297074] __x64_sys_sendmmsg+0x9d/0x100 [ 2598.301321] do_syscall_64+0xfd/0x620 [ 2598.305127] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2598.310322] RIP: 0033:0x45a219 [ 2598.313515] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2598.332419] RSP: 002b:00007fd4b10e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2598.340480] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219 [ 2598.347738] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2598.355007] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2598.362267] R10: 0000000004000000 R11: 0000000000000246 R12: 00007fd4b10e46d4 [ 2598.369623] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 00000000ffffffff 16:25:38 executing program 1: bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:38 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00ffff1f0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:38 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000002e80000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2598.442595] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2598.468691] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2598.480550] Task in /syz2 killed as a result of limit of /syz2 16:25:38 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d3, &(0x7f0000000100)={0x169, 0x0}) [ 2598.496005] memory: usage 307192kB, limit 307200kB, failcnt 1265 [ 2598.502450] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:25:38 executing program 1: bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2598.615045] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2598.640144] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2598.647472] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:38 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x10, 0x3, 0x0) r4 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[], 0xfffffe8b) write$RDMA_USER_CM_CMD_GET_EVENT(r4, &(0x7f0000000140)={0xc, 0x8, 0xfa00, {&(0x7f0000000300)}}, 0x10) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r3, 0x800442d3, &(0x7f00000000c0)={0x2, 0x3ff, 0x3f, @remote, 'ip_vti0\x00'}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xffffffffffffff02, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x2, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000080)={0x4, 0x8, 0xfa00, {r5, 0x400}}, 0x10) [ 2598.685256] Memory cgroup stats for /syz2: cache:104KB rss:140KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2598.733019] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2598.769905] Memory cgroup out of memory: Kill process 2642 (syz-executor.2) score 1103 or sacrifice child 16:25:38 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xf4010000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:38 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:38 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf5ffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2598.778583] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2598.781025] Killed process 2642 (syz-executor.2) total-vm:72720kB, anon-rss:156kB, file-rss:35840kB, shmem-rss:0kB [ 2598.815844] oom_reaper: reaped process 2642 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2598.820624] EXT4-fs (loop5): group descriptors corrupted! [ 2598.922659] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:25:38 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2598.986856] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2598.997992] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2599.007741] EXT4-fs (loop0): group descriptors corrupted! 16:25:38 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000003ec0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2599.042590] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:38 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000580)='/dev/vsock\x00', 0x100, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x173, 0x0}) [ 2599.088696] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:25:38 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2599.149360] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2599.166837] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 16:25:38 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c006b6b6b0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:38 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf6000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2599.233913] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2599.260262] CPU: 0 PID: 2924 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2599.267181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2599.276549] Call Trace: [ 2599.279157] dump_stack+0x172/0x1f0 [ 2599.282811] dump_header+0x15e/0xa55 [ 2599.286558] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2599.291685] ? ___ratelimit+0x60/0x595 [ 2599.295595] ? do_raw_spin_unlock+0x57/0x270 [ 2599.300020] oom_kill_process.cold+0x10/0x6ef [ 2599.304539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2599.310098] ? task_will_free_mem+0x139/0x6e0 [ 2599.314650] out_of_memory+0x362/0x1330 [ 2599.318644] ? lock_downgrade+0x880/0x880 [ 2599.322814] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2599.327941] ? oom_killer_disable+0x280/0x280 [ 2599.332455] ? find_held_lock+0x35/0x130 [ 2599.336550] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2599.341413] ? memcg_event_wake+0x230/0x230 [ 2599.345760] ? do_raw_spin_unlock+0x57/0x270 [ 2599.350191] ? _raw_spin_unlock+0x2d/0x50 [ 2599.354360] try_charge+0xef7/0x1480 [ 2599.358083] ? find_held_lock+0x35/0x130 [ 2599.362165] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2599.367023] ? kasan_check_read+0x11/0x20 [ 2599.371185] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2599.376048] mem_cgroup_try_charge+0x259/0x6b0 [ 2599.380737] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2599.380754] __handle_mm_fault+0x1e50/0x3f80 [ 2599.380772] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2599.390116] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2599.399600] handle_mm_fault+0x1b5/0x690 [ 2599.403687] __do_page_fault+0x62a/0xe90 [ 2599.407779] ? vmalloc_fault+0x740/0x740 [ 2599.411855] ? trace_hardirqs_off_caller+0x65/0x220 [ 2599.416884] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2599.421821] ? page_fault+0x8/0x30 [ 2599.421840] do_page_fault+0x71/0x57d [ 2599.421853] ? page_fault+0x8/0x30 16:25:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2599.421867] page_fault+0x1e/0x30 [ 2599.421877] RIP: 0033:0x441461 [ 2599.421890] Code: 8d 15 a3 9d 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 2599.421897] RSP: 002b:00007ffe1524bbb8 EFLAGS: 00010202 [ 2599.421913] RAX: 0000000020001940 RBX: 000000000075c9a0 RCX: 00000000000000a5 [ 2599.429256] RDX: 0000000000000001 RSI: 00000000007605b8 RDI: 0000000020001940 16:25:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2599.429264] RBP: 0000000000760598 R08: 0000000000000000 R09: 0000000000000000 [ 2599.429273] R10: 00007ffe1524bc90 R11: 0000000000000246 R12: 000000000075bf20 [ 2599.429281] R13: 000000000027a8d3 R14: 00000000007605a0 R15: 000000000075bf2c [ 2599.441887] Unknown ioctl -2147204141 [ 2599.471969] Task in [ 2599.510583] /syz2 killed as a result of limit of /syz2 [ 2599.517833] memory: usage 307200kB, limit 307200kB, failcnt 1318 [ 2599.524897] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2599.532167] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2599.538519] Memory cgroup stats for /syz2: cache:104KB rss:0KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2599.560942] Memory cgroup out of memory: Kill process 2924 (syz-executor.2) score 1103 or sacrifice child [ 2599.577482] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2599.587776] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2599.609426] Killed process 2924 (syz-executor.2) total-vm:72588kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 2599.612047] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:25:39 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x8000, 0x0) openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/capi/capi20\x00', 0x4000, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x5c, &(0x7f0000000040)=[@in6={0xa, 0x3, 0xaeba, @dev={0xfe, 0x80, [], 0xe}, 0x4}, @in={0x2, 0x4e23, @empty}, @in={0x2, 0x4e21, @rand_addr=0x80}, @in={0x2, 0x4e21, @local}, @in={0x2, 0x4e20, @loopback}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000180)={r1, @in={{0x2, 0x4e24, @empty}}, [0x0, 0x8a, 0x10001, 0x1, 0x3f, 0x6, 0xb, 0x80000000, 0x400, 0xfffffffffffffff7, 0x96, 0x9, 0x4, 0x8, 0xffffffffffffff40]}, &(0x7f0000000280)=0x100) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2599.652125] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2599.661896] EXT4-fs (loop5): group descriptors corrupted! [ 2599.679991] oom_reaper: reaped process 2924 (syz-executor.2), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 2599.692094] EXT4-fs (loop0): group descriptors corrupted! 16:25:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xf8030000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:39 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000c0ed0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2599.789082] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2599.814658] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:39 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x5c040, 0x0) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000040)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:39 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c008096980000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2599.892002] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:25:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2599.967402] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:39 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf6030000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2600.027994] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 2600.092105] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2600.097766] CPU: 1 PID: 3198 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2600.104613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2600.114004] Call Trace: [ 2600.116616] dump_stack+0x172/0x1f0 [ 2600.120268] dump_header+0x15e/0xa55 [ 2600.124008] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2600.129136] ? ___ratelimit+0x60/0x595 [ 2600.133037] ? do_raw_spin_unlock+0x57/0x270 [ 2600.137457] oom_kill_process.cold+0x10/0x6ef [ 2600.137475] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2600.147491] ? task_will_free_mem+0x139/0x6e0 [ 2600.147512] out_of_memory+0x362/0x1330 [ 2600.147530] ? lock_downgrade+0x880/0x880 [ 2600.147548] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2600.156094] ? oom_killer_disable+0x280/0x280 [ 2600.156110] ? find_held_lock+0x35/0x130 [ 2600.156137] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2600.165364] ? memcg_event_wake+0x230/0x230 [ 2600.165383] ? do_raw_spin_unlock+0x57/0x270 [ 2600.165399] ? _raw_spin_unlock+0x2d/0x50 [ 2600.165415] try_charge+0xef7/0x1480 [ 2600.165427] ? find_held_lock+0x35/0x130 [ 2600.165447] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2600.204233] ? kasan_check_read+0x11/0x20 [ 2600.209023] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2600.213884] mem_cgroup_try_charge+0x259/0x6b0 [ 2600.218475] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2600.223422] __handle_mm_fault+0x1e50/0x3f80 [ 2600.227874] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2600.232726] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2600.237418] handle_mm_fault+0x1b5/0x690 [ 2600.241475] __do_page_fault+0x62a/0xe90 [ 2600.245532] ? vmalloc_fault+0x740/0x740 [ 2600.249592] ? trace_hardirqs_off_caller+0x65/0x220 [ 2600.254601] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2600.259528] ? page_fault+0x8/0x30 [ 2600.263062] do_page_fault+0x71/0x57d [ 2600.266856] ? page_fault+0x8/0x30 [ 2600.270387] page_fault+0x1e/0x30 [ 2600.273829] RIP: 0033:0x4006c4 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2600.277012] Code: 01 e9 c9 00 00 00 48 8b 44 24 10 48 0b 44 24 28 be 08 00 00 00 48 8b 14 24 75 17 48 8b 7c 24 20 e8 01 5a 00 00 48 8b 4c 24 08 <48> 89 01 e9 9d 00 00 00 48 8b 44 24 08 48 8b 38 e8 e7 59 00 00 8a [ 2600.295914] RSP: 002b:00007ffe1524bb80 EFLAGS: 00010206 [ 2600.301284] RAX: 0000000000000000 RBX: 000000000075c9a0 RCX: 0000000020003b40 [ 2600.308557] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 2600.315814] RBP: 00000000007604f8 R08: 0000000000000000 R09: 0000000000000000 [ 2600.323078] R10: 00007ffe1524bc90 R11: 0000000000000246 R12: 000000000075bf20 [ 2600.330342] R13: 000000000027ac2c R14: 0000000000760500 R15: 000000000075bf2c 16:25:40 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x388, 0x0}) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xb, &(0x7f0000000000)=0x6, 0x4) [ 2600.349734] Task in /syz2 killed as a result of limit of /syz2 [ 2600.367629] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2600.376899] memory: usage 307200kB, limit 307200kB, failcnt 1347 [ 2600.392190] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2600.405603] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2600.407081] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2600.425577] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2600.432730] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2600.466603] EXT4-fs (loop0): group descriptors corrupted! 16:25:40 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0x0, 0x0, 0x4) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000000)=0x3) [ 2600.514268] Memory cgroup out of memory: Kill process 3198 (syz-executor.2) score 1103 or sacrifice child [ 2600.545794] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2600.560305] Killed process 3198 (syz-executor.2) total-vm:72588kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 2600.603670] oom_reaper: reaped process 3198 (syz-executor.2), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB 16:25:40 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000100000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2600.617142] EXT4-fs (loop5): group descriptors corrupted! [ 2600.644550] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2600.662089] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:40 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xfdffffff}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2600.706705] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:25:40 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000003f00000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2600.760309] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:40 executing program 4: ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:40 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf6ffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2600.892504] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 2600.908758] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2600.932031] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2600.937590] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2600.959445] CPU: 0 PID: 3551 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2600.966430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2600.971968] EXT4-fs (loop0): group descriptors corrupted! [ 2600.975789] Call Trace: [ 2600.975818] dump_stack+0x172/0x1f0 [ 2600.975840] dump_header+0x15e/0xa55 [ 2600.991306] ? _raw_spin_unlock_irqrestore+0xbd/0xe0 [ 2600.996435] ? ___ratelimit+0x60/0x595 [ 2601.000343] ? do_raw_spin_unlock+0x57/0x270 [ 2601.004795] oom_kill_process.cold+0x10/0x6ef [ 2601.009325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2601.015018] ? task_will_free_mem+0x139/0x6e0 [ 2601.019543] out_of_memory+0x362/0x1330 [ 2601.024240] ? lock_downgrade+0x880/0x880 [ 2601.028440] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2601.033569] ? oom_killer_disable+0x280/0x280 [ 2601.038084] ? find_held_lock+0x35/0x130 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2601.042172] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2601.047035] ? memcg_event_wake+0x230/0x230 [ 2601.051378] ? do_raw_spin_unlock+0x57/0x270 [ 2601.051893] net_ratelimit: 28 callbacks suppressed [ 2601.051901] protocol 88fb is buggy, dev hsr_slave_0 [ 2601.055797] ? _raw_spin_unlock+0x2d/0x50 [ 2601.055819] try_charge+0xef7/0x1480 [ 2601.055844] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2601.055863] ? mark_held_locks+0xb1/0x100 [ 2601.060831] protocol 88fb is buggy, dev hsr_slave_1 [ 2601.065786] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2601.065801] ? __sk_mem_raise_allocated+0x555/0x1390 [ 2601.065814] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2601.065828] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2601.065845] ? trace_hardirqs_on+0x67/0x220 [ 2601.070065] protocol 88fb is buggy, dev hsr_slave_0 [ 2601.073681] mem_cgroup_charge_skmem+0x1e1/0x3a0 [ 2601.073697] ? mem_cgroup_sk_free+0x90/0x90 [ 2601.073712] ? kasan_check_write+0x14/0x20 [ 2601.078567] protocol 88fb is buggy, dev hsr_slave_1 [ 2601.082667] ? __alloc_skb+0x3d6/0x5f0 [ 2601.082687] __sk_mem_raise_allocated+0x555/0x1390 16:25:40 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) lseek(r1, 0xffffffffffffffe1, 0x1) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2601.082709] __sk_mem_schedule+0x6d/0xe0 [ 2601.147674] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2601.153235] tcp_sendmsg_locked+0x1967/0x3260 [ 2601.157849] ? tcp_sendpage+0x60/0x60 [ 2601.161663] ? trace_hardirqs_on+0x67/0x220 [ 2601.166088] ? lock_sock_nested+0x9a/0x120 [ 2601.170344] ? __local_bh_enable_ip+0x15a/0x270 [ 2601.175039] tcp_sendmsg+0x30/0x50 [ 2601.178599] inet_sendmsg+0x141/0x5d0 [ 2601.182421] ? ipip_gro_receive+0x100/0x100 [ 2601.186756] sock_sendmsg+0xd7/0x130 [ 2601.190482] ___sys_sendmsg+0x3e2/0x920 [ 2601.191083] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2601.194468] ? copy_msghdr_from_user+0x430/0x430 [ 2601.194494] ? mark_held_locks+0x100/0x100 [ 2601.194510] ? kasan_check_read+0x11/0x20 [ 2601.194528] ? __might_fault+0x12b/0x1e0 [ 2601.194543] ? find_held_lock+0x35/0x130 [ 2601.194558] ? __might_fault+0x12b/0x1e0 [ 2601.194595] __sys_sendmmsg+0x1bf/0x4e0 [ 2601.194613] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2601.194638] ? _copy_to_user+0xc9/0x120 16:25:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2601.194656] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2601.194670] ? put_timespec64+0xda/0x140 [ 2601.194683] ? nsecs_to_jiffies+0x30/0x30 [ 2601.194704] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2601.194717] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2601.194730] ? do_syscall_64+0x26/0x620 [ 2601.194743] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2601.194756] ? do_syscall_64+0x26/0x620 [ 2601.194771] __x64_sys_sendmmsg+0x9d/0x100 [ 2601.194786] do_syscall_64+0xfd/0x620 [ 2601.194803] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2601.194813] RIP: 0033:0x45a219 [ 2601.194826] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2601.194832] RSP: 002b:00007fd4b10e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2601.194846] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219 [ 2601.194858] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 16:25:41 executing program 4: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0x0, 0x0, 0x4) write$P9_RAUTH(r0, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x21, 0x4, 0x5}}, 0x14) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d3, &(0x7f0000000100)={0xfffffffffffffd68, 0x0}) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000080)=@netrom={'nr', 0x0}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x100010, r3, 0x20) ioctl$KVM_SET_NR_MMU_PAGES(0xffffffffffffffff, 0xae44, 0x5) [ 2601.337313] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2601.346610] R10: 0000000004000000 R11: 0000000000000246 R12: 00007fd4b10e46d4 [ 2601.354086] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 00000000ffffffff [ 2601.361840] protocol 88fb is buggy, dev hsr_slave_0 [ 2601.367039] protocol 88fb is buggy, dev hsr_slave_1 [ 2601.379333] Task in /syz2 killed as a result of limit of /syz2 [ 2601.393438] memory: usage 307200kB, limit 307200kB, failcnt 1359 [ 2601.414363] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2601.438479] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2601.441651] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2601.455044] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2601.477700] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2601.486111] Memory cgroup out of memory: Kill process 3550 (syz-executor.2) score 1103 or sacrifice child [ 2601.508832] Killed process 3550 (syz-executor.2) total-vm:72588kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 2601.510546] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2601.529627] oom_reaper: reaped process 3550 (syz-executor.2), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 16:25:41 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000260100000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2601.529684] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2601.549870] EXT4-fs (loop5): group descriptors corrupted! [ 2601.557183] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2601.584025] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:41 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xfeffffff}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:41 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfb000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:41 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x1411a0, 0x0) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000080)={0x10d, 0x0}) 16:25:41 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000025f00000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2601.758213] syz-executor.2 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 2601.797457] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2601.836666] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2601.842935] CPU: 0 PID: 2244 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2601.849823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2601.859192] Call Trace: [ 2601.861801] dump_stack+0x172/0x1f0 [ 2601.865448] dump_header+0x15e/0xa55 [ 2601.869177] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2601.874304] ? ___ratelimit+0x60/0x595 [ 2601.878202] ? do_raw_spin_unlock+0x57/0x270 [ 2601.882628] oom_kill_process.cold+0x10/0x6ef [ 2601.887143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2601.892695] ? task_will_free_mem+0x139/0x6e0 [ 2601.897206] out_of_memory+0x362/0x1330 [ 2601.901203] ? lock_downgrade+0x880/0x880 [ 2601.905367] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2601.910483] ? oom_killer_disable+0x280/0x280 [ 2601.914990] ? find_held_lock+0x35/0x130 [ 2601.919077] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2601.923937] ? memcg_event_wake+0x230/0x230 [ 2601.928274] ? do_raw_spin_unlock+0x57/0x270 [ 2601.932698] ? _raw_spin_unlock+0x2d/0x50 [ 2601.936864] try_charge+0xef7/0x1480 [ 2601.940592] ? percpu_ref_tryget_live+0xef/0x290 [ 2601.945364] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2601.950222] ? get_mem_cgroup_from_mm+0x139/0x320 [ 2601.955114] ? find_held_lock+0x35/0x130 [ 2601.959189] ? get_mem_cgroup_from_mm+0x139/0x320 [ 2601.964052] memcg_kmem_charge_memcg+0x83/0x170 [ 2601.968750] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2601.973271] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2601.978129] memcg_kmem_charge+0x136/0x370 [ 2601.982376] __alloc_pages_nodemask+0x3c3/0x750 [ 2601.987068] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2601.992105] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2601.996696] ? trace_hardirqs_on+0x67/0x220 [ 2602.001026] ? kasan_check_read+0x11/0x20 [ 2602.005194] copy_process.part.0+0x3e0/0x7a30 [ 2602.009713] ? mark_held_locks+0x100/0x100 [ 2602.013966] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 2602.018661] ? __might_fault+0x12b/0x1e0 [ 2602.022751] ? __cleanup_sighand+0x70/0x70 [ 2602.026995] ? lock_downgrade+0x880/0x880 [ 2602.031772] _do_fork+0x257/0xfd0 16:25:41 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = gettid() perf_event_open(&(0x7f0000000540)={0x0, 0x70, 0x0, 0x0, 0x81, 0x11, 0x0, 0x40, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xe52c, 0x0, @perf_config_ext={0x3f, 0x401}, 0x100, 0x0, 0x7, 0x7, 0x2, 0x0, 0x9}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000000)='cmdline\x00') ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2602.035237] ? fork_idle+0x1d0/0x1d0 [ 2602.038970] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2602.043739] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2602.048507] ? do_syscall_64+0x26/0x620 [ 2602.052684] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2602.058060] ? do_syscall_64+0x26/0x620 [ 2602.062049] __x64_sys_clone+0xbf/0x150 [ 2602.066041] do_syscall_64+0xfd/0x620 [ 2602.069858] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2602.075059] RIP: 0033:0x4587ea [ 2602.078260] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2602.097175] RSP: 002b:00007ffe1524bd20 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2602.104965] RAX: ffffffffffffffda RBX: 00007ffe1524bd20 RCX: 00000000004587ea [ 2602.112283] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2602.119686] RBP: 00007ffe1524bd60 R08: 0000000000000001 R09: 00000000029f3940 [ 2602.126981] R10: 00000000029f3c10 R11: 0000000000000246 R12: 0000000000000001 16:25:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2602.134443] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe1524bdb0 [ 2602.143533] Task in /syz2 killed as a result of limit of /syz2 [ 2602.149728] memory: usage 308200kB, limit 307200kB, failcnt 1523 [ 2602.156072] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2602.163287] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2602.169690] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:48KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2602.212842] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2602.217363] Memory cgroup out of memory: Kill process 2244 (syz-executor.2) score 117 or sacrifice child [ 2602.233604] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2602.243204] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2602.252075] Killed process 2244 (syz-executor.2) total-vm:72456kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB 16:25:42 executing program 4: arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x1) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x80000, 0x0) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000040)={0x4, 0x6}, 0x2) syz_open_dev$swradio(&(0x7f0000000080)='/d\x00\x00\x00\x00\xff\xff\xff\xffio#\x00', 0x0, 0x2) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2602.269702] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2602.282629] EXT4-fs (loop0): group descriptors corrupted! [ 2602.288760] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2602.298012] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2602.316176] oom_reaper: reaped process 2244 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 2602.328493] EXT4-fs (loop5): group descriptors corrupted! [ 2602.357717] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2602.393103] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:42 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2602.659639] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2602.691950] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2602.732543] EXT4-fs (loop0): group descriptors corrupted! 16:25:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xfffffdef}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:42 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfb030000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:42 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x84e, 0x2000) accept$alg(r0, 0x0, 0x0) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000040)="4527a03662a611a39600cca4f656677bd8749994ef2a2a9c96206c294a1c8e7bf579187b", 0x3d1) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x10140, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000140)={&(0x7f0000000080)=[0x1, 0x100, 0x7, 0x8], 0x4, 0x40, 0x1, 0x5c3, 0x1, 0x5, {0x8, 0x2, 0xb127, 0x7, 0x2, 0x9, 0xfffe, 0x75, 0xfff, 0x5, 0xffff, 0x7, 0x7fffffff, 0x9, "4e1e8d10db1e7db84811caf9e304c5951a39ee9c3aca0d3eeb43eec60427ab2d"}}) 16:25:42 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000025f40000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:42 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000300000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2602.933234] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xffffff7f}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:42 executing program 4: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r1 = accept4(r0, &(0x7f0000000000)=@in={0x2, 0x0, @loopback}, &(0x7f0000000080)=0x80, 0x9ac55119bc40def6) getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f00000000c0)=0x1, &(0x7f0000000140)=0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2603.069230] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2603.079088] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2603.103765] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2603.136882] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2603.147103] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2603.196725] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2603.205934] EXT4-fs (loop5): group descriptors corrupted! [ 2603.212079] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2603.212190] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2603.221468] EXT4-fs (loop0): group descriptors corrupted! [ 2603.244388] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2603.255733] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:43 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000f60000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:43 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfbffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:43 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:43 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000000)={0x0, {0xfffffff8, 0x1}}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2603.632486] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2603.671996] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2603.679802] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2603.722082] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2603.737780] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2603.745175] EXT4-fs (loop5): group descriptors corrupted! [ 2603.752891] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2603.792436] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2603.802482] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, 0x0, 0x0, 0x4000000) 16:25:43 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000001f60000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2603.872459] EXT4-fs (loop0): group descriptors corrupted! 16:25:43 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={0x0, @remote, @loopback}, &(0x7f0000000500)=0xc) sendmsg$sock(r0, &(0x7f0000000740)={&(0x7f0000000540)=@ll={0x11, 0x15, r1, 0x1, 0x1, 0x6, @random="959f41159780"}, 0x80, &(0x7f0000000680)=[{&(0x7f00000005c0)="ab56a5cb223f249634cf675c03d593467bc9c45485b623e378dee10b78cd24638955", 0x22}, {&(0x7f0000000600)="e18e17548444026e77a7082d40ff37ff9c043bb9f732efa2e8c9fe672e9e2779c1f556092a2ebf376bb292ed8876c2124b9940a2cc09973e650f4bc5070d997d0aee889bf8bf592b61e188286af79fd68ee020f7a6f10afb9eb8f5661141320f55e86e2b93b6f6ba07e7", 0x6a}], 0x2, &(0x7f00000006c0)=[@mark={{0x14, 0x1, 0x24, 0x400}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @txtime={{0x18, 0x1, 0x3d, 0xfffffffffffffffb}}, @mark={{0x14, 0x1, 0x24, 0x7}}], 0x60}, 0x10) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2604.133054] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2604.158062] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2604.188263] EXT4-fs (loop5): group descriptors corrupted! [ 2605.504736] IPVS: ftp: loaded support on port[0] = 21 [ 2605.576227] chnl_net:caif_netlink_parms(): no params data found [ 2605.606809] bridge0: port 1(bridge_slave_0) entered blocking state [ 2605.614745] bridge0: port 1(bridge_slave_0) entered disabled state [ 2605.622036] device bridge_slave_0 entered promiscuous mode [ 2605.631648] bridge0: port 2(bridge_slave_1) entered blocking state [ 2605.638175] bridge0: port 2(bridge_slave_1) entered disabled state [ 2605.645416] device bridge_slave_1 entered promiscuous mode [ 2605.664995] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2605.674589] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2605.695530] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2605.703108] team0: Port device team_slave_0 added [ 2605.708619] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2605.716290] team0: Port device team_slave_1 added [ 2605.721623] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2605.729257] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2605.793943] device hsr_slave_0 entered promiscuous mode [ 2605.832236] device hsr_slave_1 entered promiscuous mode [ 2605.872533] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2605.879707] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2605.897907] bridge0: port 2(bridge_slave_1) entered blocking state [ 2605.904341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2605.910936] bridge0: port 1(bridge_slave_0) entered blocking state [ 2605.917375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2605.957835] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2605.964069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2605.973364] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2605.983703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2605.990867] bridge0: port 1(bridge_slave_0) entered disabled state [ 2605.997877] bridge0: port 2(bridge_slave_1) entered disabled state [ 2606.005353] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2606.017355] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2606.023972] 8021q: adding VLAN 0 to HW filter on device team0 [ 2606.034082] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2606.041700] bridge0: port 1(bridge_slave_0) entered blocking state [ 2606.048123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2606.058591] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2606.066320] bridge0: port 2(bridge_slave_1) entered blocking state [ 2606.072702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2606.090115] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2606.103991] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2606.111127] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2606.126142] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2606.136148] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2606.147624] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2606.154978] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2606.167672] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2606.175837] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2606.191407] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2606.199727] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2606.211608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2606.223670] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2606.258551] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2606.269785] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 2606.276404] CPU: 1 PID: 4604 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2606.283288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2606.292641] Call Trace: [ 2606.295242] dump_stack+0x172/0x1f0 [ 2606.298877] dump_header+0x15e/0xa55 [ 2606.302590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2606.308121] ? task_will_free_mem+0x139/0x6e0 [ 2606.312725] out_of_memory.cold+0xf/0x181 [ 2606.316878] ? cgroup_file_notify+0x140/0x1b0 [ 2606.321533] ? find_held_lock+0x35/0x130 [ 2606.325582] ? oom_killer_disable+0x280/0x280 [ 2606.330060] ? cgroup_file_notify+0x140/0x1b0 [ 2606.334570] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2606.339412] ? memcg_event_wake+0x230/0x230 [ 2606.343732] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2606.348927] ? cgroup_file_notify+0x140/0x1b0 [ 2606.353425] memory_max_write+0x169/0x300 [ 2606.357573] ? mem_cgroup_write+0x360/0x360 [ 2606.361896] ? lock_acquire+0x16f/0x3f0 [ 2606.366206] ? kernfs_fop_write+0x227/0x480 [ 2606.370518] cgroup_file_write+0x241/0x790 [ 2606.374835] ? mem_cgroup_write+0x360/0x360 [ 2606.379143] ? kill_css+0x380/0x380 [ 2606.382758] ? kill_css+0x380/0x380 [ 2606.386399] kernfs_fop_write+0x2b8/0x480 [ 2606.390546] __vfs_write+0x114/0x810 [ 2606.394286] ? kernfs_fop_open+0xd80/0xd80 [ 2606.398594] ? kernel_read+0x120/0x120 [ 2606.402466] ? __lock_is_held+0xb6/0x140 [ 2606.406654] ? rcu_read_lock_sched_held+0x110/0x130 [ 2606.411680] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 2606.416443] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2606.422060] ? __sb_start_write+0x1a9/0x360 [ 2606.426374] vfs_write+0x20c/0x560 [ 2606.429906] ksys_write+0x14f/0x2d0 [ 2606.433523] ? __ia32_sys_read+0xb0/0xb0 [ 2606.437581] ? do_syscall_64+0x26/0x620 [ 2606.441543] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2606.447065] ? do_syscall_64+0x26/0x620 [ 2606.451040] __x64_sys_write+0x73/0xb0 [ 2606.454935] do_syscall_64+0xfd/0x620 [ 2606.458939] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2606.465263] RIP: 0033:0x413cd0 [ 2606.468480] Code: b0 89 c8 f7 d8 eb ed b8 6e 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 3d 3d 43 66 00 00 75 14 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 c4 1b 00 00 c3 48 83 ec 08 e8 ca fc ff ff [ 2606.487390] RSP: 002b:00007ffd731ae298 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2606.495508] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000413cd0 [ 2606.503079] RDX: 0000000000000009 RSI: 00007ffd731ae2c0 RDI: 0000000000000003 [ 2606.510787] RBP: 00007ffd731ae2c0 R08: 0000000000000000 R09: 0000000000000009 [ 2606.518487] R10: 0000000000000064 R11: 0000000000000246 R12: 00007ffd731ae830 [ 2606.525965] R13: 0000000000000003 R14: 0000000000000000 R15: 00007ffd731ae7f0 [ 2606.535171] Memory limit reached of cgroup /syz2 [ 2606.539984] memory: usage 307608kB, limit 307200kB, failcnt 1526 [ 2606.546228] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2606.553232] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2606.559518] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2606.580250] Out of memory and no killable processes... [ 2606.588555] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2606.599802] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2606.606532] CPU: 1 PID: 4604 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2606.613383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2606.623341] Call Trace: [ 2606.625924] dump_stack+0x172/0x1f0 [ 2606.629537] dump_header+0x15e/0xa55 [ 2606.633263] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2606.638365] ? ___ratelimit+0x60/0x595 [ 2606.642252] ? do_raw_spin_unlock+0x57/0x270 [ 2606.646647] oom_kill_process.cold+0x10/0x6ef [ 2606.651137] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2606.656668] ? task_will_free_mem+0x139/0x6e0 [ 2606.661150] out_of_memory+0x362/0x1330 [ 2606.665109] ? lock_downgrade+0x880/0x880 [ 2606.669243] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2606.674327] ? oom_killer_disable+0x280/0x280 [ 2606.678803] ? find_held_lock+0x35/0x130 [ 2606.682861] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2606.687780] ? memcg_event_wake+0x230/0x230 [ 2606.692093] ? do_raw_spin_unlock+0x57/0x270 [ 2606.696496] ? _raw_spin_unlock+0x2d/0x50 [ 2606.700634] try_charge+0xef7/0x1480 [ 2606.704331] ? find_held_lock+0x35/0x130 [ 2606.708390] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2606.713221] ? kasan_check_read+0x11/0x20 [ 2606.717363] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2606.722190] mem_cgroup_try_charge+0x259/0x6b0 [ 2606.726758] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2606.731673] wp_page_copy+0x430/0x16a0 [ 2606.735580] ? pmd_pfn+0x1d0/0x1d0 [ 2606.739110] ? kasan_check_read+0x11/0x20 [ 2606.743267] ? do_raw_spin_unlock+0x57/0x270 [ 2606.747817] do_wp_page+0x57d/0x10b0 [ 2606.751528] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 2606.756231] ? kasan_check_write+0x14/0x20 [ 2606.760477] ? do_raw_spin_lock+0xc8/0x240 [ 2606.764710] __handle_mm_fault+0x2305/0x3f80 [ 2606.769110] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2606.773948] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2606.778605] handle_mm_fault+0x1b5/0x690 [ 2606.782655] __do_page_fault+0x62a/0xe90 [ 2606.786702] ? vmalloc_fault+0x740/0x740 [ 2606.790746] ? trace_hardirqs_off_caller+0x65/0x220 [ 2606.795744] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2606.800666] ? page_fault+0x8/0x30 [ 2606.804458] do_page_fault+0x71/0x57d [ 2606.808240] ? page_fault+0x8/0x30 [ 2606.811765] page_fault+0x1e/0x30 [ 2606.815209] RIP: 0033:0x441461 [ 2606.818385] Code: 8d 15 a3 9d 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 2606.837361] RSP: 002b:00007ffd731ae7a8 EFLAGS: 00010202 [ 2606.842711] RAX: 00000000007110e8 RBX: 0000000000000000 RCX: 0000000000000066 [ 2606.849962] RDX: 0000000000000007 RSI: 00000000004c90d8 RDI: 00000000007110e8 [ 2606.857218] RBP: 0000000000711160 R08: 0000000000000000 R09: 0000000000000001 [ 2606.864652] R10: 0000000000000064 R11: 0000000000000297 R12: 00000000007110e8 [ 2606.871920] R13: 00007ffd731ae7e0 R14: 0000000000000003 R15: 00007ffd731ae7f0 [ 2606.881046] Task in /syz2 killed as a result of limit of /syz2 [ 2606.887284] memory: usage 307568kB, limit 307200kB, failcnt 1534 [ 2606.894855] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2606.901640] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2606.907967] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2606.928156] Memory cgroup out of memory: Kill process 4604 (syz-executor.2) score 113 or sacrifice child [ 2606.938267] Killed process 4604 (syz-executor.2) total-vm:72460kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 2606.949600] oom_reaper: reaped process 4604 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 16:25:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, 0x0, 0x0, 0x4000000) 16:25:46 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000025f70000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:46 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfc010000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xfffffffd}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:46 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = socket(0x10, 0x3, 0x0) write(r3, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) syncfs(r3) sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x44, r2, 0x400, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x401}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xaf}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}]}]}, 0x44}}, 0x4000000) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:46 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000500000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2607.176801] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, 0x0, 0x0, 0x4000000) [ 2607.218881] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2607.307733] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2607.338640] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2607.348670] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2607.379798] EXT4-fs (loop5): group descriptors corrupted! [ 2607.391930] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}], 0x1, 0x4000000) [ 2607.422657] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2607.432738] EXT4-fs (loop0): bad geometry: first data block 1280 is beyond end of filesystem (1080) [ 2607.443241] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:47 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfc070400, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:47 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(0xffffffffffffffff, 0x0, r1) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe8) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000200)='./file0\x00', 0x13901632, 0x2, &(0x7f0000000280)=[{&(0x7f0000000240)="810c6d1d84d1ab3de1a9", 0xa, 0x80000001}, {&(0x7f0000000300)="91cbb42c5c8950a551d9de2ebc09a3e4fb64b794ca3d7b221a69855e5fe90d0f80019ae6fac078e9c96cb6be7ae0b31189dec060a16bf81ac3a1abc6eff5978cea0ba45cfc88c56f4c2f05acf2c4b1c17c30f110779003abfd4d1392e418918246264069f4ea71004e6a614e07666006205ed5073ec18c2aa0449b1588195bda4554acf3bc9f478628b18ffa4e002741c7b8e3a4e1525bafc6f64c722714f9", 0x9f, 0x80}], 0x8000, &(0x7f0000000680)={[{@noquota='noquota'}, {@gid={'gid', 0x3d, r1}}, {@discard='discard'}, {@integrity='integrity'}, {@usrquota='usrquota'}, {@umask={'umask', 0x3d, 0x5c49}}, {@nodiscard='nodiscard'}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@errors_remount='errors=remount-ro'}, {@nodiscard='nodiscard'}], [{@hash='hash'}, {@smackfsdef={'smackfsdef', 0x3d, '.GPL'}}, {@fowner_gt={'fowner>', r2}}, {@euid_gt={'euid>'}}, {@subj_role={'subj_role', 0x3d, ',,'}}, {@euid_lt={'euid<'}}, {@euid_eq={'euid'}}, {@fsname={'fsname', 0x3d, 'selinuxtrustedposix_acl_access'}}, {@subj_user={'subj_user', 0x3d, 'Lsystemvboxnet1wlan0+systemwlan0user-keyringprocselinux (\',(keyring'}}, {@pcr={'pcr', 0x3d, 0x2e}}]}) fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(0xffffffffffffffff, 0x0, r3) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe8) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000200)='./file0\x00', 0x13901632, 0x2, &(0x7f0000000280)=[{&(0x7f0000000240)="810c6d1d84d1ab3de1a9", 0xa, 0x80000001}, {&(0x7f0000000300)="91cbb42c5c8950a551d9de2ebc09a3e4fb64b794ca3d7b221a69855e5fe90d0f80019ae6fac078e9c96cb6be7ae0b31189dec060a16bf81ac3a1abc6eff5978cea0ba45cfc88c56f4c2f05acf2c4b1c17c30f110779003abfd4d1392e418918246264069f4ea71004e6a614e07666006205ed5073ec18c2aa0449b1588195bda4554acf3bc9f478628b18ffa4e002741c7b8e3a4e1525bafc6f64c722714f9", 0x9f, 0x80}], 0x8000, &(0x7f0000000680)={[{@noquota='noquota'}, {@gid={'gid', 0x3d, r3}}, {@discard='discard'}, {@integrity='integrity'}, {@usrquota='usrquota'}, {@umask={'umask', 0x3d, 0x5c49}}, {@nodiscard='nodiscard'}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@errors_remount='errors=remount-ro'}, {@nodiscard='nodiscard'}], [{@hash='hash'}, {@smackfsdef={'smackfsdef', 0x3d, '.GPL'}}, {@fowner_gt={'fowner>', r4}}, {@euid_gt={'euid>'}}, {@subj_role={'subj_role', 0x3d, ',,'}}, {@euid_lt={'euid<'}}, {@euid_eq={'euid'}}, {@fsname={'fsname', 0x3d, 'selinuxtrustedposix_acl_access'}}, {@subj_user={'subj_user', 0x3d, 'Lsystemvboxnet1wlan0+systemwlan0user-keyringprocselinux (\',(keyring'}}, {@pcr={'pcr', 0x3d, 0x2e}}]}) write$FUSE_ATTR(r0, &(0x7f0000000000)={0x78, 0xfffffffffffffff5, 0x7, {0xc248, 0x1f, 0x0, {0x4, 0x100000000, 0x7, 0x4, 0x6, 0x2, 0x5, 0x0, 0x101, 0x5, 0x81, r2, r3, 0x5, 0x2}}}, 0x78) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:47 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000001fc0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}], 0x1, 0x4000000) 16:25:47 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000000), 0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2607.830185] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2607.866119] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2607.880967] device bridge_slave_1 left promiscuous mode [ 2607.885617] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2607.887775] bridge0: port 2(bridge_slave_1) entered disabled state [ 2607.915612] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2607.930193] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2607.962028] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2607.969580] EXT4-fs (loop5): group descriptors corrupted! [ 2607.996747] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2608.005391] device bridge_slave_0 left promiscuous mode [ 2608.010898] bridge0: port 1(bridge_slave_0) entered disabled state [ 2608.208104] device hsr_slave_1 left promiscuous mode [ 2608.272483] device hsr_slave_0 left promiscuous mode [ 2608.326400] team0 (unregistering): Port device team_slave_1 removed [ 2608.347125] team0 (unregistering): Port device team_slave_0 removed [ 2608.367807] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 2608.427281] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 2608.537033] bond0 (unregistering): Released all slaves [ 2609.547827] IPVS: ftp: loaded support on port[0] = 21 [ 2609.637045] chnl_net:caif_netlink_parms(): no params data found [ 2609.674037] bridge0: port 1(bridge_slave_0) entered blocking state [ 2609.680499] bridge0: port 1(bridge_slave_0) entered disabled state [ 2609.688426] device bridge_slave_0 entered promiscuous mode [ 2609.698387] bridge0: port 2(bridge_slave_1) entered blocking state [ 2609.705288] bridge0: port 2(bridge_slave_1) entered disabled state [ 2609.713166] device bridge_slave_1 entered promiscuous mode [ 2609.736531] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2609.746888] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2609.770025] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2609.777695] team0: Port device team_slave_0 added [ 2609.783668] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2609.790882] team0: Port device team_slave_1 added [ 2609.796389] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2609.803748] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2609.873895] device hsr_slave_0 entered promiscuous mode [ 2609.912225] device hsr_slave_1 entered promiscuous mode [ 2609.952478] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2609.959562] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2609.977283] bridge0: port 2(bridge_slave_1) entered blocking state [ 2609.983677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2609.990273] bridge0: port 1(bridge_slave_0) entered blocking state [ 2609.996684] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2610.032963] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2610.039066] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2610.049335] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2610.058716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2610.067091] bridge0: port 1(bridge_slave_0) entered disabled state [ 2610.074481] bridge0: port 2(bridge_slave_1) entered disabled state [ 2610.084007] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2610.104838] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2610.110928] 8021q: adding VLAN 0 to HW filter on device team0 [ 2610.121588] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2610.129527] bridge0: port 1(bridge_slave_0) entered blocking state [ 2610.135930] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2610.148612] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2610.156423] bridge0: port 2(bridge_slave_1) entered blocking state [ 2610.162839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2610.183826] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2610.191610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2610.199888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2610.210964] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2610.221928] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2610.229224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2610.236781] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2610.244121] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2610.261226] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2610.269329] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2610.276199] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2610.291256] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2610.331691] syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 2610.344585] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2610.349990] CPU: 0 PID: 4960 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2610.356825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2610.366172] Call Trace: [ 2610.368783] dump_stack+0x172/0x1f0 [ 2610.372572] dump_header+0x15e/0xa55 [ 2610.376353] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2610.381447] ? ___ratelimit+0x60/0x595 [ 2610.385333] ? do_raw_spin_unlock+0x57/0x270 [ 2610.389751] oom_kill_process.cold+0x10/0x6ef [ 2610.394244] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2610.399783] ? task_will_free_mem+0x139/0x6e0 [ 2610.404288] out_of_memory+0x362/0x1330 [ 2610.408279] ? lock_downgrade+0x880/0x880 [ 2610.412439] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2610.417543] ? oom_killer_disable+0x280/0x280 [ 2610.422043] ? find_held_lock+0x35/0x130 [ 2610.426129] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2610.430978] ? memcg_event_wake+0x230/0x230 [ 2610.435294] ? do_raw_spin_unlock+0x57/0x270 [ 2610.439689] ? _raw_spin_unlock+0x2d/0x50 [ 2610.443956] try_charge+0xef7/0x1480 [ 2610.447690] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2610.452550] ? rcu_read_lock_sched_held+0x110/0x130 [ 2610.457565] ? __alloc_pages_nodemask+0x632/0x750 [ 2610.462490] ? do_raw_spin_unlock+0x57/0x270 [ 2610.466910] memcg_kmem_charge_memcg+0x83/0x170 [ 2610.471579] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2610.476090] ? cache_grow_begin+0x597/0x8c0 [ 2610.480418] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2610.485013] ? trace_hardirqs_on+0x67/0x220 [ 2610.489358] cache_grow_begin+0x3fa/0x8c0 [ 2610.493509] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2610.499050] ? __cpuset_node_allowed+0x136/0x540 [ 2610.503814] fallback_alloc+0x1fd/0x2d0 [ 2610.507817] ____cache_alloc_node+0x1be/0x1e0 [ 2610.512324] kmem_cache_alloc+0x1f3/0x700 [ 2610.517246] ? inet6_create+0x2ea/0xf70 [ 2610.521208] sk_prot_alloc+0x67/0x2e0 [ 2610.525184] ? lock_downgrade+0x880/0x880 [ 2610.529517] sk_alloc+0x39/0xf70 [ 2610.532900] inet6_create+0x360/0xf70 [ 2610.536706] __sock_create+0x3d8/0x730 [ 2610.540580] ? _raw_spin_unlock_irq+0x28/0x90 [ 2610.545076] __sys_socket+0x103/0x220 [ 2610.548968] ? move_addr_to_kernel+0x80/0x80 [ 2610.553374] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2610.558116] ? do_syscall_64+0x26/0x620 [ 2610.562087] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2610.567469] ? do_syscall_64+0x26/0x620 [ 2610.571454] __x64_sys_socket+0x73/0xb0 [ 2610.575418] do_syscall_64+0xfd/0x620 [ 2610.579209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2610.584391] RIP: 0033:0x45cd67 [ 2610.587586] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2d 8b fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2610.606499] RSP: 002b:00007ffe23a822b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2610.614215] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045cd67 [ 2610.621471] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 000000000000000a [ 2610.628742] RBP: 0000000000000029 R08: 0000000000000000 R09: 0000000000000000 [ 2610.636017] R10: 000000524f525245 R11: 0000000000000246 R12: 0000000000712b00 [ 2610.643282] R13: 00007ffe23a82980 R14: 0000000000000003 R15: 00007ffe23a82990 [ 2610.653224] Task in /syz2 killed as a result of limit of /syz2 [ 2610.659887] memory: usage 307196kB, limit 307200kB, failcnt 1551 [ 2610.666238] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2610.673068] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2610.679220] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2610.699483] Memory cgroup out of memory: Kill process 4960 (syz-executor.2) score 113 or sacrifice child [ 2610.710041] Killed process 4960 (syz-executor.2) total-vm:72460kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB [ 2610.721184] oom_reaper: reaped process 4960 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 16:25:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xfffffffe}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}], 0x1, 0x4000000) 16:25:50 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:50 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) pipe2$9p(&(0x7f0000000000), 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:50 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfeffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:50 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000fff0000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4000000) 16:25:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4000000) [ 2611.089336] EXT4-fs (loop0): bad geometry: first data block 1536 is beyond end of filesystem (1080) [ 2611.149234] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:25:50 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000700000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2611.197793] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2611.234685] EXT4-fs (loop5): group descriptors corrupted! 16:25:51 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) write$P9_RLINK(r1, &(0x7f0000000040)={0x7, 0x47, 0x1}, 0x7) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r3 = socket(0x10, 0x3, 0x0) write(r3, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000900000000000000210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r3, 0x800443d3, &(0x7f0000000000)={0x127, 0x0}) [ 2611.269121] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2611.303887] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:25:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4000000) 16:25:51 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000020100000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2611.392851] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2611.471384] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2611.522686] device bridge_slave_1 left promiscuous mode [ 2611.528487] bridge0: port 2(bridge_slave_1) entered disabled state [ 2611.594021] EXT4-fs (loop0): bad geometry: first data block 1792 is beyond end of filesystem (1080) [ 2611.604406] device bridge_slave_0 left promiscuous mode [ 2611.609909] bridge0: port 1(bridge_slave_0) entered disabled state [ 2611.719804] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2611.763222] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2611.802042] EXT4-fs (loop5): group descriptors corrupted! [ 2611.964652] device hsr_slave_1 left promiscuous mode [ 2612.026644] device hsr_slave_0 left promiscuous mode [ 2612.087288] team0 (unregistering): Port device team_slave_1 removed [ 2612.118456] team0 (unregistering): Port device team_slave_0 removed [ 2612.132040] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 2612.178503] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 2612.268839] bond0 (unregistering): Released all slaves [ 2613.288677] IPVS: ftp: loaded support on port[0] = 21 [ 2613.390592] chnl_net:caif_netlink_parms(): no params data found [ 2613.433882] bridge0: port 1(bridge_slave_0) entered blocking state [ 2613.440333] bridge0: port 1(bridge_slave_0) entered disabled state [ 2613.447780] device bridge_slave_0 entered promiscuous mode [ 2613.455621] bridge0: port 2(bridge_slave_1) entered blocking state [ 2613.462215] bridge0: port 2(bridge_slave_1) entered disabled state [ 2613.470164] device bridge_slave_1 entered promiscuous mode [ 2613.488180] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2613.498008] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2613.513650] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2613.521208] team0: Port device team_slave_0 added [ 2613.526921] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2613.535394] team0: Port device team_slave_1 added [ 2613.540654] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2613.548171] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2613.615078] device hsr_slave_0 entered promiscuous mode [ 2613.662367] device hsr_slave_1 entered promiscuous mode [ 2613.712537] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2613.719603] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2613.736541] bridge0: port 2(bridge_slave_1) entered blocking state [ 2613.743074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2613.749686] bridge0: port 1(bridge_slave_0) entered blocking state [ 2613.756102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2613.790803] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2613.798542] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2613.807817] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2613.818768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2613.826596] bridge0: port 1(bridge_slave_0) entered disabled state [ 2613.833770] bridge0: port 2(bridge_slave_1) entered disabled state [ 2613.841176] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2613.851544] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2613.858101] 8021q: adding VLAN 0 to HW filter on device team0 [ 2613.868934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2613.876658] bridge0: port 1(bridge_slave_0) entered blocking state [ 2613.883074] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2613.893592] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2613.901205] bridge0: port 2(bridge_slave_1) entered blocking state [ 2613.907697] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2613.925610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2613.935546] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2613.947457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2613.958617] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2613.971950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2613.982956] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2613.989190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2613.996877] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2614.010004] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2614.019075] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2614.026023] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2614.037699] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2614.111558] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 2614.139121] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 2614.150826] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2614.156292] CPU: 1 PID: 5221 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2614.163148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2614.172508] Call Trace: [ 2614.175093] dump_stack+0x172/0x1f0 [ 2614.178713] dump_header+0x15e/0xa55 [ 2614.182850] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2614.187943] ? ___ratelimit+0x60/0x595 [ 2614.191835] ? do_raw_spin_unlock+0x57/0x270 [ 2614.196235] oom_kill_process.cold+0x10/0x6ef [ 2614.200735] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2614.206274] ? task_will_free_mem+0x139/0x6e0 [ 2614.210768] out_of_memory+0x362/0x1330 [ 2614.214732] ? lock_downgrade+0x880/0x880 [ 2614.218875] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2614.223974] ? oom_killer_disable+0x280/0x280 [ 2614.228470] ? find_held_lock+0x35/0x130 [ 2614.232530] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2614.237361] ? memcg_event_wake+0x230/0x230 [ 2614.241676] ? do_raw_spin_unlock+0x57/0x270 [ 2614.246072] ? _raw_spin_unlock+0x2d/0x50 [ 2614.250210] try_charge+0xef7/0x1480 [ 2614.253936] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2614.258808] ? mark_held_locks+0xb1/0x100 [ 2614.262954] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2614.267875] ? __sk_mem_raise_allocated+0x555/0x1390 [ 2614.272972] ? mem_cgroup_charge_skmem+0x1cc/0x3a0 [ 2614.277950] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2614.282538] ? trace_hardirqs_on+0x67/0x220 [ 2614.286877] mem_cgroup_charge_skmem+0x1e1/0x3a0 [ 2614.291640] ? mem_cgroup_sk_free+0x90/0x90 [ 2614.295950] ? kasan_check_write+0x14/0x20 [ 2614.300177] ? __alloc_skb+0x3d6/0x5f0 [ 2614.304057] __sk_mem_raise_allocated+0x555/0x1390 [ 2614.309012] __sk_mem_schedule+0x6d/0xe0 [ 2614.313077] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2614.318614] tcp_sendmsg_locked+0x1967/0x3260 [ 2614.323126] ? tcp_sendpage+0x60/0x60 [ 2614.326918] ? trace_hardirqs_on+0x67/0x220 [ 2614.331242] ? lock_sock_nested+0x9a/0x120 [ 2614.335470] ? __local_bh_enable_ip+0x15a/0x270 [ 2614.340141] tcp_sendmsg+0x30/0x50 [ 2614.343687] inet_sendmsg+0x141/0x5d0 [ 2614.347491] ? ipip_gro_receive+0x100/0x100 [ 2614.351816] sock_sendmsg+0xd7/0x130 [ 2614.356919] ___sys_sendmsg+0x3e2/0x920 [ 2614.360894] ? copy_msghdr_from_user+0x430/0x430 [ 2614.365664] ? mark_held_locks+0x100/0x100 [ 2614.369889] ? kasan_check_read+0x11/0x20 [ 2614.374029] ? __might_fault+0x12b/0x1e0 [ 2614.378081] ? find_held_lock+0x35/0x130 [ 2614.382133] ? __might_fault+0x12b/0x1e0 [ 2614.386296] __sys_sendmmsg+0x1bf/0x4e0 [ 2614.390261] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2614.394599] ? _copy_to_user+0xc9/0x120 [ 2614.398567] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2614.404181] ? put_timespec64+0xda/0x140 [ 2614.408231] ? nsecs_to_jiffies+0x30/0x30 [ 2614.412377] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2614.417127] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2614.421961] ? do_syscall_64+0x26/0x620 [ 2614.426106] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2614.431913] ? do_syscall_64+0x26/0x620 [ 2614.435880] __x64_sys_sendmmsg+0x9d/0x100 [ 2614.440108] do_syscall_64+0xfd/0x620 [ 2614.443899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2614.449080] RIP: 0033:0x45a219 [ 2614.452271] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2614.471267] RSP: 002b:00007fd45c13cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2614.478982] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219 [ 2614.486243] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2614.493502] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2614.500760] R10: 0000000004000000 R11: 0000000000000246 R12: 00007fd45c13d6d4 [ 2614.508017] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 00000000ffffffff [ 2614.515551] protocol 88fb is buggy, dev hsr_slave_0 [ 2614.520650] protocol 88fb is buggy, dev hsr_slave_1 [ 2614.526988] protocol 88fb is buggy, dev hsr_slave_0 [ 2614.532146] protocol 88fb is buggy, dev hsr_slave_1 [ 2614.537756] protocol 88fb is buggy, dev hsr_slave_0 [ 2614.542907] protocol 88fb is buggy, dev hsr_slave_1 [ 2614.550258] Task in /syz2 killed as a result of limit of /syz2 [ 2614.556553] memory: usage 307196kB, limit 307200kB, failcnt 1582 [ 2614.573330] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2614.581148] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2614.587585] Memory cgroup stats for /syz2: cache:104KB rss:124KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:140KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2614.608867] Memory cgroup out of memory: Kill process 5220 (syz-executor.2) score 1103 or sacrifice child [ 2614.618954] Killed process 5220 (syz-executor.2) total-vm:72592kB, anon-rss:92kB, file-rss:34816kB, shmem-rss:0kB [ 2614.631908] protocol 88fb is buggy, dev hsr_slave_0 [ 2614.637097] protocol 88fb is buggy, dev hsr_slave_1 [ 2614.642942] oom_reaper: reaped process 5220 (syz-executor.2), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB 16:25:54 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}, 0xffffffff}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)}}], 0x2, 0x4000000) 16:25:54 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xff0f0000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:54 executing program 4: r0 = socket(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = dup(r1) r3 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r3, 0x0, 0x0, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f00000000c0)={r3, 0xc1, 0x8, r5}) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r6 = socket$inet(0xa, 0x801, 0x84) connect$inet(r6, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r6, 0x8) r7 = accept4(r6, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r8 = socket(0x0, 0x0, 0x0) r9 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r8, 0x84, 0x76, &(0x7f0000001b40)={r10}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000000)={r10}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={r10, 0x1000}, &(0x7f0000000040)=0x8) r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r11, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:54 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:54 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2614.736199] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2614.752178] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2614.769052] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2614.780355] CPU: 1 PID: 5213 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2614.787241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2614.796605] Call Trace: [ 2614.799220] dump_stack+0x172/0x1f0 [ 2614.802869] dump_header+0x15e/0xa55 [ 2614.806603] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2614.808446] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2614.811748] ? ___ratelimit+0x60/0x595 [ 2614.811760] ? do_raw_spin_unlock+0x57/0x270 [ 2614.811782] oom_kill_process.cold+0x10/0x6ef [ 2614.833494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2614.839042] ? task_will_free_mem+0x139/0x6e0 [ 2614.843556] out_of_memory+0x362/0x1330 [ 2614.847551] ? lock_downgrade+0x880/0x880 [ 2614.851723] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2614.856868] ? oom_killer_disable+0x280/0x280 [ 2614.861376] ? find_held_lock+0x35/0x130 [ 2614.865463] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2614.870322] ? memcg_event_wake+0x230/0x230 [ 2614.874668] ? do_raw_spin_unlock+0x57/0x270 [ 2614.879106] ? _raw_spin_unlock+0x2d/0x50 [ 2614.883274] try_charge+0xef7/0x1480 [ 2614.886996] ? find_held_lock+0x35/0x130 [ 2614.891078] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2614.895938] ? kasan_check_read+0x11/0x20 [ 2614.900103] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2614.904968] mem_cgroup_try_charge+0x259/0x6b0 [ 2614.909568] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2614.914520] wp_page_copy+0x430/0x16a0 [ 2614.918437] ? pmd_pfn+0x1d0/0x1d0 [ 2614.921986] ? kasan_check_read+0x11/0x20 [ 2614.926140] ? do_raw_spin_unlock+0x57/0x270 [ 2614.930558] do_wp_page+0x57d/0x10b0 [ 2614.934282] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 2614.938956] ? kasan_check_write+0x14/0x20 [ 2614.943199] ? do_raw_spin_lock+0xc8/0x240 [ 2614.947447] __handle_mm_fault+0x2305/0x3f80 [ 2614.951872] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2614.956750] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2614.956767] handle_mm_fault+0x1b5/0x690 [ 2614.956784] __do_page_fault+0x62a/0xe90 [ 2614.956802] ? vmalloc_fault+0x740/0x740 [ 2614.965515] ? trace_hardirqs_off_caller+0x65/0x220 [ 2614.978621] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2614.983564] ? page_fault+0x8/0x30 [ 2614.987119] do_page_fault+0x71/0x57d [ 2614.990923] ? page_fault+0x8/0x30 [ 2614.994462] page_fault+0x1e/0x30 [ 2614.994475] RIP: 0033:0x4312f6 [ 2614.994489] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 76 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 ec 59 64 00 85 c0 0f 84 [ 2614.994495] RSP: 002b:00007ffc52b5e5f0 EFLAGS: 00010206 [ 2614.994506] RAX: 0000000000019691 RBX: 0000000000717640 RCX: 0000000000008041 16:25:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)}}], 0x2, 0x4000000) 16:25:54 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$EVIOCGUNIQ(0xffffffffffffffff, 0x80404508, &(0x7f0000000000)=""/216) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2614.994512] RDX: 0000000001703930 RSI: 000000000170b970 RDI: 0000000000000003 [ 2614.994520] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001702940 [ 2614.994527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000717698 [ 2614.994535] R13: 0000000000717698 R14: 0000000000000000 R15: 0000000000002710 [ 2615.037645] Task in [ 2615.083870] EXT4-fs (loop0): bad geometry: first data block 2048 is beyond end of filesystem (1080) [ 2615.104271] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2615.120333] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2615.129139] /syz2 killed as a result of limit of /syz2 16:25:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)}}], 0x2, 0x4000000) [ 2615.155093] memory: usage 308140kB, limit 307200kB, failcnt 1731 [ 2615.187614] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2615.189603] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:25:54 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r1, 0x0, 0x0, 0x4) openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x20200, 0x0) mount$9p_xen(&(0x7f0000000080)='/dev/full\x00', &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="747292b119d93665d8616e733d78656e2c63616368653d6c6f79ef300f6f626a5f726f6c653d2c2a2c6d61736b3d4d41595f415050454e442c6f626a5f726f6c653d2f6465762f66756c6c802c00c3c64c2a6cbd140534c05012df62e9114c218f12b84b573803c7932f8ae29ac985a9a72ffa2404220132c248ee4f48c59240f1b03b21fe12c94e954da76489f14c41e401bc2bb44f0ad585c31eab49974c4366cc217a6f8d6a2dd8c2b1f719ea977cb928ce443974207372b957fc0095932d6eed828213734932b4c4a9"]) r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[], 0xfffffe8b) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000000)={0x1, 0x7}, 0x98161701c9a4ac57) [ 2615.203822] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2615.215075] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2615.225951] Memory cgroup stats for /syz2: cache:104KB rss:0KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:40KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2615.274021] 9pnet_virtio: no channels available for device /dev/full [ 2615.280629] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2615.285506] Memory cgroup out of memory: Kill process 5213 (syz-executor.2) score 113 or sacrifice child [ 2615.298976] EXT4-fs (loop5): group descriptors corrupted! 16:25:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{0x0}], 0x1}}], 0x2, 0x4000000) 16:25:55 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000030800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2615.322985] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2615.339533] Killed process 5213 (syz-executor.2) total-vm:72460kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB [ 2615.399889] oom_reaper: reaped process 5213 (syz-executor.2), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB [ 2615.548401] EXT4-fs (loop0): bad geometry: first data block 2051 is beyond end of filesystem (1080) 16:25:55 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:55 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xffff0300, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{0x0}], 0x1}}], 0x2, 0x4000000) 16:25:55 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000010200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:55 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) mmap$perf(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x80010, r1, 0x105) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x4000, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000000040)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000080)={0xfffffffffffffc95, 0x0}) dup(0xffffffffffffffff) 16:25:55 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000900000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{0x0}], 0x1}}], 0x2, 0x4000000) [ 2615.976095] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:25:55 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x2, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2616.018228] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2616.039934] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2616.072502] EXT4-fs (loop0): bad geometry: first data block 2304 is beyond end of filesystem (1080) [ 2616.087234] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2616.099623] EXT4-fs (loop5): group descriptors corrupted! 16:25:55 executing program 4: execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280), &(0x7f0000000380)=[&(0x7f00000002c0)='nodev\x00', &(0x7f0000000300)='ppp0\x00', &(0x7f0000000340)='ppp1\x00']) ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f00000003c0)={0xe0, 0x2, "45d1e464acbf49f4850907b3e31927643f21a4d1eb8a51882efeaa1b5eb4afca4476edc348abc75c1e672fe53b6e75e3cfbcac765f8354b67b3cf270430cd5cc835878bf9beba9700f38cd73db9f12b1a8245eb77773bd5a6200d85bce29ba4973a91b2eb7cbe589173602fd49ad130b84bd998db058440d4b5af3f82879b6550be983409f0d0cb3b511dafc2e48190f9b1dfda94cdeb7a1343d506902d4011c4f63afdf73f5958c6781259a05331e3ed9a1eb1486bd5d01401ff8b1b5f189235cb07eb351b0bdf87b8729775602a50f21041b7c02907e8dc1924db9706afee24ef73f193eb5ae801295f3393beb8e3ba2948d628c113818492856906b8a3b2f"}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)}], 0x1}}], 0x2, 0x4000000) [ 2616.121902] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2616.207315] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:25:56 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000a00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)}], 0x1}}], 0x2, 0x4000000) 16:25:56 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xffff1f00, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:56 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x104000) ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000080)) truncate(&(0x7f0000000000)='./file0\x00', 0x100000000) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:25:56 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000040200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)}], 0x1}}], 0x2, 0x4000000) [ 2616.546415] EXT4-fs (loop0): bad geometry: first data block 2560 is beyond end of filesystem (1080) [ 2616.606241] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2616.626722] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2616.642199] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2616.652418] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:25:56 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000000)={0x1e4, 0x0}) 16:25:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x1, 0x4000000) 16:25:56 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000030a00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2616.680863] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2616.691993] EXT4-fs (loop5): group descriptors corrupted! [ 2616.714142] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2616.976976] EXT4-fs (loop0): bad geometry: first data block 2563 is beyond end of filesystem (1080) [ 2618.337927] IPVS: ftp: loaded support on port[0] = 21 [ 2618.405464] chnl_net:caif_netlink_parms(): no params data found [ 2618.437060] bridge0: port 1(bridge_slave_0) entered blocking state [ 2618.443676] bridge0: port 1(bridge_slave_0) entered disabled state [ 2618.451038] device bridge_slave_0 entered promiscuous mode [ 2618.458338] bridge0: port 2(bridge_slave_1) entered blocking state [ 2618.464959] bridge0: port 2(bridge_slave_1) entered disabled state [ 2618.472615] device bridge_slave_1 entered promiscuous mode [ 2618.492156] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2618.501616] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2618.518681] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2618.526591] team0: Port device team_slave_0 added [ 2618.532426] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2618.539712] team0: Port device team_slave_1 added [ 2618.545246] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2618.553189] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2618.615170] device hsr_slave_0 entered promiscuous mode [ 2618.652380] device hsr_slave_1 entered promiscuous mode [ 2618.702527] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2618.709582] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2618.726131] bridge0: port 2(bridge_slave_1) entered blocking state [ 2618.732642] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2618.739293] bridge0: port 1(bridge_slave_0) entered blocking state [ 2618.745796] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2618.785794] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2618.794155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2618.803505] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2618.814784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2618.822886] bridge0: port 1(bridge_slave_0) entered disabled state [ 2618.829606] bridge0: port 2(bridge_slave_1) entered disabled state [ 2618.836865] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2618.848796] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2618.855274] 8021q: adding VLAN 0 to HW filter on device team0 [ 2618.866194] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2618.874341] bridge0: port 1(bridge_slave_0) entered blocking state [ 2618.880701] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2618.903514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2618.911143] bridge0: port 2(bridge_slave_1) entered blocking state [ 2618.917536] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2618.925580] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2618.933960] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2618.944382] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2618.951575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2618.964213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2618.974358] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2618.980443] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2619.018625] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2619.026114] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2619.033802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2619.045207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2619.083140] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2619.094692] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 2619.099865] CPU: 0 PID: 5930 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2619.106694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2619.116054] Call Trace: [ 2619.118650] dump_stack+0x172/0x1f0 [ 2619.122268] dump_header+0x15e/0xa55 [ 2619.125981] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2619.132146] ? task_will_free_mem+0x139/0x6e0 [ 2619.136645] out_of_memory.cold+0xf/0x181 [ 2619.140797] ? cgroup_file_notify+0x140/0x1b0 [ 2619.145344] ? find_held_lock+0x35/0x130 [ 2619.149405] ? oom_killer_disable+0x280/0x280 [ 2619.153902] ? cgroup_file_notify+0x140/0x1b0 [ 2619.158391] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2619.163227] ? memcg_event_wake+0x230/0x230 [ 2619.167568] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2619.172722] ? cgroup_file_notify+0x140/0x1b0 [ 2619.177220] memory_max_write+0x169/0x300 [ 2619.181376] ? mem_cgroup_write+0x360/0x360 [ 2619.185694] ? lock_acquire+0x16f/0x3f0 [ 2619.189691] ? kernfs_fop_write+0x227/0x480 [ 2619.194023] cgroup_file_write+0x241/0x790 [ 2619.198243] ? mem_cgroup_write+0x360/0x360 [ 2619.202572] ? kill_css+0x380/0x380 [ 2619.206190] ? kill_css+0x380/0x380 [ 2619.209902] kernfs_fop_write+0x2b8/0x480 [ 2619.214041] __vfs_write+0x114/0x810 [ 2619.217749] ? kernfs_fop_open+0xd80/0xd80 [ 2619.221974] ? kernel_read+0x120/0x120 [ 2619.226037] ? __lock_is_held+0xb6/0x140 [ 2619.230178] ? rcu_read_lock_sched_held+0x110/0x130 [ 2619.235376] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 2619.240210] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2619.246174] ? __sb_start_write+0x1a9/0x360 [ 2619.250579] vfs_write+0x20c/0x560 [ 2619.254169] ksys_write+0x14f/0x2d0 [ 2619.257786] ? __ia32_sys_read+0xb0/0xb0 [ 2619.261867] ? do_syscall_64+0x26/0x620 [ 2619.265850] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2619.271215] ? do_syscall_64+0x26/0x620 [ 2619.275202] __x64_sys_write+0x73/0xb0 [ 2619.279081] do_syscall_64+0xfd/0x620 [ 2619.282880] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2619.288079] RIP: 0033:0x413cd0 [ 2619.291269] Code: b0 89 c8 f7 d8 eb ed b8 6e 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 3d 3d 43 66 00 00 75 14 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 c4 1b 00 00 c3 48 83 ec 08 e8 ca fc ff ff [ 2619.311134] RSP: 002b:00007ffd90eff9d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2619.318834] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000413cd0 [ 2619.326149] RDX: 0000000000000009 RSI: 00007ffd90effa00 RDI: 0000000000000003 [ 2619.333421] RBP: 00007ffd90effa00 R08: 0000000000000000 R09: 0000000000000009 [ 2619.340682] R10: 0000000000000064 R11: 0000000000000246 R12: 00007ffd90efff70 [ 2619.348049] R13: 0000000000000003 R14: 0000000000000000 R15: 00007ffd90efff30 [ 2619.358566] Memory limit reached of cgroup /syz2 [ 2619.363469] memory: usage 307900kB, limit 307200kB, failcnt 1732 [ 2619.369621] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2619.376577] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2619.383604] Memory cgroup stats for /syz2: cache:104KB rss:0KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2619.404791] Out of memory and no killable processes... [ 2619.412080] syz-executor.2 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2619.423562] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 2619.429046] CPU: 0 PID: 5930 Comm: syz-executor.2 Not tainted 4.19.83 #0 [ 2619.435877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2619.445231] Call Trace: [ 2619.447820] dump_stack+0x172/0x1f0 [ 2619.451499] dump_header+0x15e/0xa55 [ 2619.455239] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2619.460348] ? ___ratelimit+0x60/0x595 [ 2619.464340] ? do_raw_spin_unlock+0x57/0x270 [ 2619.468840] oom_kill_process.cold+0x10/0x6ef [ 2619.473531] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2619.479443] ? task_will_free_mem+0x139/0x6e0 [ 2619.483960] out_of_memory+0x362/0x1330 [ 2619.487980] ? lock_downgrade+0x880/0x880 [ 2619.492125] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2619.497233] ? oom_killer_disable+0x280/0x280 [ 2619.501832] ? find_held_lock+0x35/0x130 [ 2619.505916] mem_cgroup_out_of_memory+0x1d2/0x240 [ 2619.510771] ? memcg_event_wake+0x230/0x230 [ 2619.515111] ? do_raw_spin_unlock+0x57/0x270 [ 2619.519694] ? _raw_spin_unlock+0x2d/0x50 [ 2619.523852] try_charge+0xef7/0x1480 [ 2619.528521] ? find_held_lock+0x35/0x130 [ 2619.533371] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2619.538311] ? kasan_check_read+0x11/0x20 [ 2619.542464] ? get_mem_cgroup_from_mm+0x156/0x320 [ 2619.547318] mem_cgroup_try_charge+0x259/0x6b0 [ 2619.551934] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2619.556869] wp_page_copy+0x430/0x16a0 [ 2619.560889] ? pmd_pfn+0x1d0/0x1d0 [ 2619.564435] ? kasan_check_read+0x11/0x20 [ 2619.568596] ? do_raw_spin_unlock+0x57/0x270 [ 2619.573018] do_wp_page+0x57d/0x10b0 [ 2619.577079] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 2619.581746] ? kasan_check_write+0x14/0x20 [ 2619.586080] ? do_raw_spin_lock+0xc8/0x240 [ 2619.590314] __handle_mm_fault+0x2305/0x3f80 [ 2619.594724] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 2619.599569] ? count_memcg_event_mm+0x2b1/0x4d0 [ 2619.604333] handle_mm_fault+0x1b5/0x690 [ 2619.608501] __do_page_fault+0x62a/0xe90 [ 2619.612661] ? vmalloc_fault+0x740/0x740 [ 2619.616721] ? trace_hardirqs_off_caller+0x65/0x220 [ 2619.621726] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2619.626659] ? page_fault+0x8/0x30 [ 2619.630199] do_page_fault+0x71/0x57d [ 2619.633996] ? page_fault+0x8/0x30 [ 2619.637534] page_fault+0x1e/0x30 [ 2619.640980] RIP: 0033:0x441461 [ 2619.644193] Code: 8d 15 a3 9d 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 2619.663108] RSP: 002b:00007ffd90effee8 EFLAGS: 00010202 [ 2619.668476] RAX: 00000000007110e8 RBX: 0000000000000000 RCX: 0000000000000066 [ 2619.675743] RDX: 0000000000000007 RSI: 00000000004c90d8 RDI: 00000000007110e8 [ 2619.683127] RBP: 0000000000711160 R08: 0000000000000000 R09: 0000000000000001 [ 2619.690402] R10: 0000000000000064 R11: 0000000000000297 R12: 00000000007110e8 [ 2619.697680] R13: 00007ffd90efff20 R14: 0000000000000003 R15: 00007ffd90efff30 [ 2619.710418] Task in /syz2 killed as a result of limit of /syz2 [ 2619.716578] memory: usage 307812kB, limit 307200kB, failcnt 1740 [ 2619.722918] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2619.729679] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2619.735926] Memory cgroup stats for /syz2: cache:104KB rss:0KB rss_huge:0KB shmem:120KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2619.756405] Memory cgroup out of memory: Kill process 5930 (syz-executor.2) score 113 or sacrifice child [ 2619.766192] Killed process 5930 (syz-executor.2) total-vm:72460kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB 16:25:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x1, 0x4000000) 16:25:59 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xffffff7f, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:59 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) recvfrom$llc(r1, &(0x7f0000000140)=""/171, 0xab, 0x40000000, 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000000)=0x800, &(0x7f0000000040)=0x4) 16:25:59 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000300000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:25:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x3, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:25:59 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000041000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2620.033871] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:25:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x1, 0x4000000) [ 2620.147128] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2620.192773] EXT4-fs (loop0): bad geometry: first data block 4100 is beyond end of filesystem (1080) [ 2620.195447] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:25:59 executing program 4: r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) write$FUSE_DIRENT(r0, &(0x7f0000000200)={0xf8, 0xfffffffffffffff5, 0x6, [{0x3, 0x3, 0x19, 0xffff, 'posix_acl_accesseth0,ppp1'}, {0x3, 0x3, 0x19, 0x7, '/selinux/avc/cache_stats\x00'}, {0x2, 0x7fffffff, 0xb, 0x78, '/dev/hwrng\x00'}, {0x6, 0x7, 0x0, 0x7fffffff}, {0x5, 0x2, 0x19, 0x800, '/selinux/avc/cache_stats\x00'}]}, 0xf8) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0xcc000000, &(0x7f0000000000)=[{&(0x7f0000000140)="2e0000003100050bd22780648c6394fb0324fc0010000b400c000200053582c137153e370900018025643000d1bd", 0x2e}], 0x1}, 0x0) ioctl$SIOCNRDECOBS(r0, 0x89e2) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x40, 0x0) syz_open_dev$vcsa(&(0x7f0000000300)='/dev/vcsa#\x00', 0x7, 0x2) accept4$nfc_llcp(r3, &(0x7f0000000080), &(0x7f0000000140)=0x60, 0x40800) r4 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$EVIOCSABS0(r4, 0x401845c0, &(0x7f0000000180)={0x0, 0x5, 0x2, 0xfff, 0x9, 0x8}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:00 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) [ 2620.234087] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2620.237563] EXT4-fs (loop5): group descriptors corrupted! [ 2620.303376] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2620.337172] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:00 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000002000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2620.432959] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:00 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) 16:26:00 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000ffff0300000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:00 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xffffff8c, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2620.564626] device bridge_slave_1 left promiscuous mode [ 2620.570330] bridge0: port 2(bridge_slave_1) entered disabled state [ 2620.684113] device bridge_slave_0 left promiscuous mode [ 2620.690347] bridge0: port 1(bridge_slave_0) entered disabled state [ 2620.734716] EXT4-fs (loop0): bad geometry: first data block 8192 is beyond end of filesystem (1080) [ 2620.795456] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2620.841959] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2620.871734] EXT4-fs (loop5): group descriptors corrupted! [ 2620.898940] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2620.961414] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2621.009423] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2621.049721] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2621.125634] device hsr_slave_1 left promiscuous mode [ 2621.188464] device hsr_slave_0 left promiscuous mode [ 2621.233130] team0 (unregistering): Port device team_slave_1 removed [ 2621.276532] team0 (unregistering): Port device team_slave_0 removed [ 2621.300477] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 2621.368088] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 2621.463082] bond0 (unregistering): Released all slaves [ 2622.501983] IPVS: ftp: loaded support on port[0] = 21 [ 2622.578746] chnl_net:caif_netlink_parms(): no params data found [ 2622.624938] bridge0: port 1(bridge_slave_0) entered blocking state [ 2622.631382] bridge0: port 1(bridge_slave_0) entered disabled state [ 2622.639769] device bridge_slave_0 entered promiscuous mode [ 2622.647667] bridge0: port 2(bridge_slave_1) entered blocking state [ 2622.654594] bridge0: port 2(bridge_slave_1) entered disabled state [ 2622.662513] device bridge_slave_1 entered promiscuous mode [ 2622.684778] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2622.694084] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2622.715358] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2622.723738] team0: Port device team_slave_0 added [ 2622.729554] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2622.737130] team0: Port device team_slave_1 added [ 2622.742691] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2622.750231] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2622.825132] device hsr_slave_0 entered promiscuous mode [ 2622.862354] device hsr_slave_1 entered promiscuous mode [ 2622.902827] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2622.910044] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2622.925792] bridge0: port 2(bridge_slave_1) entered blocking state [ 2622.932307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2622.938903] bridge0: port 1(bridge_slave_0) entered blocking state [ 2622.945318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2622.987605] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2622.993954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2623.003420] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2623.013410] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2623.020762] bridge0: port 1(bridge_slave_0) entered disabled state [ 2623.027822] bridge0: port 2(bridge_slave_1) entered disabled state [ 2623.035392] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2623.046151] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2623.053347] 8021q: adding VLAN 0 to HW filter on device team0 [ 2623.064311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2623.072128] bridge0: port 1(bridge_slave_0) entered blocking state [ 2623.078508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2623.103449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2623.111263] bridge0: port 2(bridge_slave_1) entered blocking state [ 2623.117687] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2623.126236] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2623.134575] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2623.142460] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2623.150776] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2623.162159] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2623.171586] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2623.177839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2623.194680] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2623.203774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2623.210559] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2623.222260] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2623.289031] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 16:26:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x4, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) 16:26:03 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) r2 = syz_open_pts(r1, 0x80) fcntl$setsig(r2, 0xa, 0xd) r3 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc058534b, &(0x7f0000000040)={0xff, 0x0, 0x7, 0x7, 0xba18, 0x3f}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:03 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:03 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000002200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:03 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xffffffe2, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) [ 2623.511989] protocol 88fb is buggy, dev hsr_slave_0 [ 2623.517258] protocol 88fb is buggy, dev hsr_slave_1 [ 2623.529765] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2623.541715] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2623.566226] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2623.580104] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2623.590783] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:26:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x5, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2623.627754] EXT4-fs (loop5): group descriptors corrupted! [ 2623.657106] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) 16:26:03 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfffffff4, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2623.704198] EXT4-fs (loop0): bad geometry: first data block 8704 is beyond end of filesystem (1080) 16:26:03 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) pipe2(&(0x7f0000000000), 0x543a0f845f09293c) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0xb6b0, 0x0}) 16:26:03 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000020400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:03 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000032200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) [ 2623.897953] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x6, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) 16:26:03 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x610800, 0x0) memfd_create(&(0x7f0000000080)='/dev/audio\x00', 0x3ce4ba70680b340c) r0 = dup(0xffffffffffffffff) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f00000000c0)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000000)={0x107, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001680)={{{@in=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000001780)=0xe8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000002b40)={'caif0\x00', 0x0}) sendmmsg$inet(r1, &(0x7f0000002f40)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000200)}, {&(0x7f0000000240)="7343c407c12590f4a12585586ddf61341af0d82c11da5d0258a1e774303d4af5166bde59d3bb95d9168adbf38090fe6616d83cd09a9d33dd47e08ffb4a0dc498624cf6c9c0f53b75675953f758ad6d80d32ec7144cdea9b4f6b98044febdd8f8f3d9acd052619a20b37556e61d40e63e0b46b0373cc53ef6b0282a0921eb3a52cc6ded8ac55e61beba04e19a6fef0d9538283a8f0ee76ac00bb1ac8360e32c0de78c5a7a472e876c66accc1be8d199a8ecc16d92f0b66dfa53f7088a28aa779fe2afc4bf7ced9c8ef8b523c0bc1277642a2da9ec7387b538a746da5ab9cf6abcd7d2891bdbaa4d7580c91f334ff938296f0c787c6d718514237f4c99843ffd9cae09e2547eb57e2eb83f217b0cfd28211665e29260a965aba5b7c8d2d6b85b2efcce476a2e5da65229f1f0b057d7bc23daf4e0b2a388f84e35da129f31a35598ccf0c1e6ae09ef0df537a0187457d12932c18f350a1760775701e2fea9ac530012d69cb5b86923f6abcd98381fb2dcfede4061ee58a5fcd9d53eda098ce02768353cbfdb540fc6390566d803a3e918931049321788cbb28257a2ea9479e96fe8283763ae356d9e2511a7107fd66e87ea07f24ea5a29dd6065a018e2af27a3c238e53259c6556b47cb327731ef3faf2211d2c8290b85086a7e0d324d6ec3f52c5466baed460c7aefc60075543287c19ab83b494c8af783d4613a232de58439e410a23d8bae7a6a2929d3f506720b76d4f95839e82ecb9c9453b85cfe1f6fbb05d0196a9bd3ca313d5632cdbe0e8f8fbae296360e42dddfb6abbe66d9f243e6a59ebd60bbf75ceea192676362b292676ef50cadca7aaa7173ec9927b2021f083446cf6c9515a9a0b029cdc5a50dd0ae16df1eb02ae8f166b7c979241c9766aa8f369bc9935a9ed7e1364b1325b9a8b473d41720c5a7988ed0d199562221168817bdf0612f30cc34019dbab9a4242e66a4317ef4bb08dde2294de92eb0e3daf677bc3b4c2a1063cbe8a7cb1e7ab6bd9b9476a3e8a6161a34c64a4de3094092e4cbe8f0ab648ef190f40acc16d94c5fad48bee81fbbcbbcb87b9ad0c8bb52654890038de2fdcf737e5a4f3dfbd1aaff1ec8b0377b6c97055a0f58aa6c97911985650ff59421a708848c1fa5e468bf46e60da8aaa831d45f2dcbb1c3d8794b052b5d381b27e3b8f7b527b33db19bd985c68d96663527831fbe20d987210ba6b26c224f9321e5a5d29d6cf7eea0d881d49129aaa4e8929fbc046b1b965af31083939dd3b3855310c3668956e874399a0328e83e74a6f3dbda23cb3ee765163ffef23132d0258bb636895e245b9add77ae291b43d6e3b1c0a6d3b981bbeaa43ef95e77c19b3a40419b1d5cd6277ca0bc11aad45bc25a21b46031694c857bb748c9241ef842919df7127dc52cb7ce2d47d22c25c08c2223f13a19c67e39656e67d35e3fcc25130302a5af09860be8c6124ae3f91f28684d17ace3d3fa5810ab094eb157ade29141c1f24d1541cfdc4bd7304ba737c82eafb6bf63028941e3432cb4634a745387fe4e4f3ef3cc37180af11c9fe3988157b2eb4cdc1651d65b97100379e72fd3e1d391ed38d804ce9da3171d87657a797b50b14266e11554dcc0484cea71331540cc6cc0e96a9de9545982904e862419c1d830e07a1247bdb2767d70b8b7959f309e50ba7bb632a24a27a8a75df73de0aaa03627ba65e74c1dacec7fe27fdab06bf96b7166fd775760e884ed003d8671c61341a852d6c5fa34040766a0d1702555a4c09c4167a46fab255ffd3d08361918492675e35f5e72e9ff33cff9da1631ab52f0354bb77127dd998cde778faec0e01be0f4ceece2b4ccdc9108b2a0345b5288b0d3858baf18d2d76894e337fb8698b75c06c8975324d92ceecc0c3497e32cad9157b36dcea02b3fa2d9fd2222940f53baf6cad9d494e27a7049ac93617b8f272659971b445db806863ecc2a2eab4078e8ebfc917261663ecc9c82976b1eab226935de868709bd9c072e4a831beb47151b8a8c9b2e66529f6eadfd86915bfd8acfe6182d5ff9598bfc43fe4f1ddac6b3ae0eeb553d63adf0ea04c99d8a6fd64072c394b25498149f818d999d14c352fba56fec8293c25a717c187ae3f10bd4d6d6b831a9cf4a23ce17305edf561719318ee457805f1975eb24522e7fe85ba4ce8fbfc407baf95051ad5cdb4db109e37c09d3eecd735bdc1c92eb46491ae91121b6fe4195045f5588ee3bed0e628e8d06f8e24cd2011ac02b909ca3db8a8d248fd9d9cbe54f1152110f0ae1dcb0ba171de7ab1e21a7340e8302f109c94745a712095a0040e5bd5af4b56432bbcbd9b896d41a3d91736508b15547866a0ccffd026b35f14e615ebd4d6f0833ba5f89be61e1cc3867d87a5cea407a68bee6a3e995645a7e58d2467143abfe818607f90ee8c79bfc7a03ab80698f663b2e22ffbe58a0e6d6e013db06c51e716a441705c08792e9a4ba0721585cdc6bfedca2559fbfcc9eca7a6be82bdd11caaeaefdb2d405b750ca796771b0a14ecff7e47e86b569fc0a9a9a22a9411e8272596c60830bdaf63a25bb53d8a64cd18fccb60e1cf34efd70d15614d44450f99318cccad10c62ca09d5179f48636cff9f1d5d23c8334d934a59e131ac402018dd94e9e492c65b05bd392a68391085e108e4f80e6c1d074323629f5974dd9b518a70b89a27618806c836f305b289ec0d680467172e52697a6995dcaa563c6156388f71f0a577590923cd44733a7b9c097b3cdbad8c374fb9953a0707f3a9ffc44d9c9b52e607949c2f3442edb4b0e19d5891f2f1872035326eb740c7bbb216a85b9069d96368a7449d7859518a09c3519108d552b23829bd61603bb3c4cd6f7b26ef0ac7f97aab3a5939f8e0be878a7b0f413ffafb4da3fbdf7e2a72b10dbcf54d1f05cf354a5368d75fd7fdd09a2b235c1fe3cc36d38eae8aec7a53687827ca7b1ce1795108a8bed9f365286f55b079648719d89fb7e31b0bb39461c3168a9d4e6e63644cf9c221facaa8faa7876482475d8d459951560ad9c4f423b88abdd2bc5695f1f1d826eb31f0d5fb25816076a7d39b91bb592886586d4b425b4b7827ea7666f594354b5bb73b96e77a71dd0e0a140a0f15354122d5191c65c55b8aa6eb57ed95b49a1efad7b6d13b1686bcf0de16e3d0fa0800ee9c702a0048b96645c0046dccba2df45f7ff03ab5d07d076e2eb5ad29c675d3dd45dbd9a80ec778db954b685f112419e5f5c938a600bf0dd9e3e5c5bea18edf05b8a20c3f620223790c85593909e4053ff84971d6031a9d23306b42058d9deb3a4fc773a2f495a8ac9d9036f98cbe76684334f39babb54493b947cf370900c54779545f5d444c678b180384ccbc957f33e5751b161274555a8532ecfa29a6e5cccc84fd424bc609e6eba3be0041744780208518ccc9f56c3daf6254b2f530d5a7bc9815ba3f768b038f749e6c9e1e23225b6ffc83b5c83b073547aa2f28e1d885a5a86d33279a9aaaa2e3f89cd5603b0e6c0f8145764b3c839be36649b2cbed426d67005608b1d8477186b11b42720ed9258f75dc9a34b6de5a272b8c2f23a85de54caa80e241c34feda0b642911f8f079a9a4f0423aad0e40870f8e49650ddaf2ffcd12c4000735b767f38bbb6361afe3a0b9fb0e0439f7c1aff86e0594f2673f739113d8819c2e8b39a44b57e24e288a29918fdacc7f739b562f2f921a67bd7c87ef8b8691b307b82c41fb8b1b44b2e7172451dd4cec776cc580e800a50914ea20ff7cc13df6992699af212448d1fcd1c9482ddec76f95606cf7ff4e3c012d26c9ad88134f1cfd75a80eba5bbadefbf9b21b0851fffffef8aa94d2e2471392ee5efc1cf9a4065797598bbe728eb03d3505ea314ca9c2cd208202991fe2b6b04c3503339d0242df8da31d55821e9a72f43435235e76928801b1d186c646af8573660d1c128125ca144b12ccfb16a7f5f997c341502cf4fcd53e7bfcb77d2426420b700146fae51bc4bf606ad8eb55bb565f137f7b2fd0151726a5022b3b724a77e541be86a56996f8078bc310e5d9e967421eee1ba9f77f1ae60b40b2b420228648c4117c515939c851dc2041d3b9c71a10125097776f524514872b14780ba03c08da1a71ff847c3fc259108641f90898823e5fae6a0f29a0dbba08fb03fc75f8480477763851386f63db90ca35a286617503684468985792f19c7f4a680e56903fa7f04c1777b07f31f6609c393a52ea400f5e433ff9afaac6292d59e0eb7c0584da0eeead4730875b6306b0645ab9b99ec1d0d3f3c61cd6b2ee4da99078163b7590d91bc626cb7f4a989a67a879d43c732f49799532981e8fee055a199f02507f6bf6bbf9d69e2b15c74853bb2d0be63a1fc765f9c21ed9fa24fb9796bf7b92c764730a98b4482d82375a294c2804a36e430a61d2134e396bbf4eb64a6bb73e31eb2d1238def559254a3452aba599cc2b38064c296099c0d7df25864faeabc7e723d6519fac26ba38a0428f7528ee41f604e91fabf7452c38305ea578a9387b299516e14a999b63442611eb492b879f89d8df43f6acec8e9e926eab32f31f0e500189faf76f5084d3ed279b8f1af66eb590843d388ee476ff19f706a54d2473e9bcd19b39d91f485ae84d752addbc464eb1b8d55d42a79c7e5ab143b19181826626d41feff03cc5e46d4908888b71c9567de1d81ac41f75141d7ae27b3b6733388f29ed7fecc9f2a94d60940a56d5073ab1b79f7dc6f7202daee72a0a6b7a41ea6ebccaa7d850c1f74fa7193209b4b0c7eac2ea9c20b5f9ff08fea0d8d29c6ab08b558b869d289a4b37bb645d40644f02733b590635b334d42102b277d1e7a53c2c7e00314524592042b710dc0a040bda679e0622b4c34d603acc7e01c09fd482b48a8f8841f04cb8fc41447e62107b9a17b0bfd8c9b3816e85d9c60b6cb2cf639b55319d2f743d6bbfd44264f90d2f20a19800694ab4650bff01a0a72f57ff49cf0284c1b5cea6cf10a03900aee5a7b1486b3bab637afa0262e350719fd5054ac528f02795b20b780f25e6e637f2f786cf6a3db847832e6164b7b216df1bb07046caf850cb44506c74b9b31ccd25a74397d268e62e97901bd6a6417f875c59e1489f64e7ae4d5283345e4b85c3241902ba41b091c4ae03b045f9379148442940a105881068a0ff919970a71aad0e0f99f904eabd1fbbb7895091d4045f90e3baf82f3430a560c9fc1d75bde082b821c4049278c34f1e1f7d1cd94ed0579dcb6f4d7137ba6ae14684ba6319a705630d178d165da2d77a5b0c06b28caf36a04266c82ae99dce23d9cca3d8846ba538dd0769e77f9136f04c1c904523f010c1f553f7f237ad9004ed064e8f77c896714e0332eead7b07e107d72eb519e3392a0f3cc729b6d447c6bf21144e2c7cf83e5fde2a091e9d1424509ee7ba57d9054543f910ca62ac09cc571b880047cd0d4dd040f58303873441436a647b5f0041400e6414330c420677f178694cd11f3cceaa0b991efca78f4accad347710dc07468b3fd7d931a1cd899370fa4d81c203119ba72179204d30ddb41d0b7cebe281e1479fc3e783d787116505eae49b2bd966cb957298adfa27c58d77e3487f285bc3a28f81cf3a511311166e25350b57840864b632380e587064e04e835b3ceb437014986c199cfacb71c692c86b0fcc1385a2b6a122311e5103f8fbce554f55524a740a866918c4b690108fd3a0212ef51b9b5cf1fe14ec71dd6427d3cd9037686af3038ec277ef6b5499031872337bf3b4c427ed87028088c93444fada", 0x1000}, {&(0x7f0000001240)="c7a2fb335ba64e11518f1072291e51e73566e4911033ad616fd8561d29a777250c96a0437945b856db10530a9d7b", 0x2e}, {&(0x7f0000001280)="f256d050df6fbc017a545bb9bd70f441196f348a46925a9ac3dcd31b5e48cffecc5baa14927924fbeaf828ac6460deb382e2721ac9eb91804929d6be98b8072925de712ccdb26e182d3cac2c63238733481434d77f5b487a49c2d62ece424d74c65cd13160feff17c15b675cc7549bae4806bcbb4876f870f57abf2a75eaf9530a0e9d56d7bbb682fb16239d6f6f5df73f9be5d552d67e1aff15708b36d20e740f799cff2c68e3d50e2c68227079cbc18be9cd28b87fcdb7611f8bec75969a75818019eb644e6ac7609fb5a421691c351a8d51d625d1a36195d81c7e46ffd10ccf0be2b2ecdd3e5e", 0xe8}, {&(0x7f0000001380)="961a2f12dc885dd6c9bec3b14e7527e594f13de8730fc98ff1f54c995db23e092481b437f525b980862526367c228ea28836b5af541f437953275ab7ab38aa962af5638e13f7dd250dc19b457b1773f86f7a71aeaf", 0x55}], 0x5}}, {{&(0x7f0000001480)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000001640)=[{&(0x7f00000014c0)="8e3a127e6ed429609096887d4ba0f1313fe232317f0e", 0x16}, {&(0x7f0000001500)="7e3ae70bd589d9b49e3603d22d889387bba8e91fca663656697fdc097853ac8d01f6aa0cf6cc41", 0x27}, {&(0x7f0000001540)="212e5fcd1c87e5fbbfc849d6288cb23393d07a9c0c92e25defb49196b0039048d650407af94433627479f5813078be21db8028e3ae06e47ac8d7b807af0eee9ab5e62fc03059290ac57135efbfecbcaf82f577d49b5c642e6cd4984946165574fb77a36d4fed42c077c5104aae387a5bebb52fa0167548f476cb59a7db779d8b06e061a03360cbb03d9f7469fc1c13418306adef6bc01c69fc22647d514f539e1fa239ac47bbabd3b57cdc99f4f789ee58bb220a1ed2359c9fe69f7e444f37f1ab2df8d93c29f64b2044a5c2eb6d5e8bf1ee2bd5a4b4ec5045ed40e10aa1736c79c4d9a969f1fa9a982fdbd455345fb3c87df72972", 0xf5}], 0x3, &(0x7f00000017c0)=ANY=[@ANYBLOB="9c00000000000000000000000700000000940600000002070f8be00000020000005e7f000001018653000000000203d50012ac902ac915a3c93634796a517998d929070bac4571719cb2bc467d0512d19102597391d3b1ccf0643ee20d59bf02087c566431f091000b83e602350134690d6602084a2801d2166f830705e0000002071302ac1e0101ffffffffe0000002fffffffa890551ce530000000000000011000000000000000000000001000000010000000000000014000000000000000000000002000000020000000000000070000000000000000000000007000000940600000006000723fb0000047300000005ac1e0001ac1414bbe0000002ac14141bac1414aae000000200070f080000000000000005ac141411000044082aae2c31e3680008ffd481bc0070891300ac1414107f000001ac1414bb00000000001400000000000000000000000200000080000000000000001400000000000000000000000100000041e40000000000001400000000000000000000000100000008000000000000001400000000000000000000000200000001800000000000001c000000000000000000000008000000", @ANYRES32=r2, @ANYBLOB="e0000001fa1eff0100000000140000000000000000000000010000000080000000000000"], 0x1d8}}, {{&(0x7f00000019c0)={0x2, 0x4e22, @empty}, 0x10, &(0x7f0000002b00)=[{&(0x7f0000001a00)="4d32ede7b0c90c221416de17f7467020167b822bdddbe107967c964039f1dfde28466ae971496f48453987a2d12d7d2e6b30855d278707fe2e3df29cadba09dbbc83e6c9392e95e884aa8a2c99e5094798fab7562b70ba413d78b7fbe670eb5d079068159c5397ea78efe355ec3a69cd80c23f8de83ca26c95b1e65521b227976ee1447683230581fc3dfcaa512a6b1e20309ada969adf252c48970cb723d1946da1b2f4e1269e9de0df22306de9b6e26bfe1f17fea080f8d5110f19af0b568c00cf6f8e5f09dfad731864c1b6ffd81edc42fc8a9bb0d43006713264d976a1104839116eb3a11fe0412935796a42537a72db4d8dc73beda7fb31a0e6acb05ef53a1aa969400994f3c93cf97e0d22349cd6265cb3f69f7cde2f26d38b5c68b80dd2d2c2fff25810b134c5d768d23c4a5270fcf737d9d68852569ef93af67392d8a7e7acdbc2587899d004d5f83ec1248cc2bfb9e8fda33bfcb8ad071ab58a3a546f9acdcdc6fe1776ebc10225e54dc4966c8dd346b04c4f8b5bc54c155b77384a659b2950cfd6203225b703b4a8cdcf9408ef26fc401200d4958a4bdbd338223375acabccf4636f5abf15ee85f1683bf63c65d4096967223c31e22d3df801bd31664d13a73d8e9c3de6a1446986236f19ff41b6f4ad4288d75be579e3ffdc47cc8ec08d76251b19315ab59e6448420e9f0d4fcaf21f10a0f461fe2aa56b7305e7a98f4055dee43ca982b52de4c04187bbd91911a6fff0fec43fc26faf8e9005d9c2fc017c231285fcf12e068659d039f7c60c74043c821c1ba9eca666cd34b940d294b207f27ecc5de6678801c49b56712c65978ca6a07fea5b1a978eda61ff72bfb0a769b20ac6501297c5fe6125aa50cff1c6aba9a806adf282013c16c52ceddcd776458f209594c4e3671e43d9a6a37aeaf851d8d7d54f701753b16eb1a98b18efb8602bd5fb847f1fb6e5c0dd7fbb2e2c03d73cafa5acd37710d5f5ddc64386a57b715d01519b2c14371a7861cf3df4a6dbfbe4e0fa31efcdf6651cadbbdefb44b83a17b2c484155790cb0e6bfb68fc289b24110440467af2c1568719d77b41bf44ab19bead81d4842f988e225571e6c8a73ff65edc11ba92cfdcf016ce878b48a771b0de9e71dda38426af67afe21bbe869d2cf7438c6e2393e0fdfae08130d77a27a55b625e45df6611a820af2c1c1f227942e025c88e874e34b12291908bd6ced8953a9348265498a5b10efdd5981b639d092ee9f577e622216719337c2291f1b804b9593a73caead37860179ce9d40e4f1b1873eb32be1d5d92d5b14d8a27c5bbaa5070a55345109273933e6c4bd2d7b60467d1b332873a6c6ffa31ef56fbfacad65426916ed69cf623ba7332d05aeb2bbdac8cad60782a9291b0ac35d81ef7abd2051220e9f3829f32eb42c4cd2141f84c1887590f60326403319e7015a8f59088805f005c6877b3bec31013e116c9ae123bfade6302c2279a4b54bcbff970e4cd929cc3b2fefb55006030cec9423c55b339b6f95756878302f6333da2a934acb846299e410d88db230b9aeed1fbc99a374650c45c7084d285ae0858bb5c75005d7e8aa77dbb6b0e7639de6aaa9d7dcec893fed20b95042736b7e8c0d19a9887b08e2bda247e6c7bf2a010f98996962d3b20d403271a30b70732a1e9309cdb01cde7755952babfe1f9e847deb322b36b5b293accbfebd3ebf47205fd1cf23c89c0cab7e44bf7869b92194b01e11ca7a373dc0218136f12b2bb4fa85009469f7b4b52405190c7976d6b3853261fd16fcf82a75482383ca5f151dc775bb385826cce489d0779c645f34183eccc9d1880323f2d2d32776c3d6c90840696b85c8726af64d727f39b1d3a89698848639af554c5c8c48c90a9631803bb3e2b12827c540778bdcb51e72296effe5f30663ece46b0f98da490036310f5fb87dcae15a7e258e5c725498b0813f4da1fee21629b6b5f3a9044394d985b2445c069b3520f2ead6704db768fbbb48ee599047e5837c47ef41a9afdb85f6a76d22241d004be3b899d7e1ae28e2bd9d7b65ebd0952161ee2f3af04e0a0ef71048b79d2b481fa49a6ee716121579085faf1479e19809045b8a9c02fca6d19edb5c5966e93d2d5ab5dcc1775e2fe438b13d3eb92241796ba93bf3d730fae2529431d86de4ee58c191ff34ca7c849cf18849048c32e8b3b87d4a0fbd08eb333b5ed727343c897e3568665be9c091463602704b7d6f1a38844d23c12379f1d2daeea359e61665a45c759d7e8ad8012499603467f0c4d547ac96d8fd1cd2c844b26c78d6e74d95ccf56c60ffae90c07b622d3050e69f277c4b91e52c42b280bb3a25f4897dee8914769fdfcfd434335a298bb54138aacefa7c36763605b32fe13beabc2233cadb204f00ba8925ca78593837511c1f33c9a9ef681da62db8a6760b087e00f1a1a7f53739c6c9a2dc04cae65aae2f524703250c3dca4c17cf7267ec63ce2b11938b10741d3e483e5ae37e90b8ec5bf2005290010cc32cf3f8f13b54bbeb4bd1b2e001864a20918902ecf901f128afb39010250e7435ac00c929c34c38b898e65b56a15fc518c8447c8144fc6ce3974555f703b5632887ed10b1bc61fb0cf54c01d901fd497138ea3ff378b99e63e5cbe32d529c86fae5a21ea25039b737ba13391d0c148110b964a9472778caab45a0b8d598f0e83f44272564a7447a7d99cc7c5799e731ef57ab7c645453c0ce891fa79dde60c31c2888eeda74da553fa80260c2944af3b252fb143549402bc0af2897a7bf8b4e9984c225f0b96897efded6f09e37df6db49ffab67927a558ba6ce307cb5eab3ae2cb0d47a58a7d3ab6b4ca8768060fd2ae17f370cb3da0dabd5e7307270768635ee7e819d0da15fdeb0068f25c36489ae4a4cb2cdbbec8d021c71c66e441efa57510df9311d4095aa8c5db0bbfc4bf7d6b4bbe16423212fb5d328a7e545afcea612bb4eb4e102048c65a70728351b99234afe61cf4fa7daf29b6278d8b34bb293d5869e522461ceb66c1caaa3beef49bcbc55226ab93e882bbc3ecfbfcd5795e80ddb25fec72765ff1df723a370af167442904b86b9ab9c4b5eb08d6b4dbe70b0302d1ad5f4f43071ab49f754bfa540e41a6f09a0363e51ebd306cd7a87f2b23e0cf25c358e7b5c902b7fcbe649d2bfc4e481592a162d698e8c66dfe7cd9d9c499f7427b61a35da9e2385b7c2c41ee8afac70f30a1cf06328bef5f9981e43c8618a3db2351f7185cfcf1194e27660812ec74a260731901670a0a34329c4b9e6631026d6192d6c736d11378c45c2b8bb67f27ece45e083eb789fb0cee20bbf279b9731b307e3ea5d1267ec6059ec8783b329f769869eed91c94b86ac302845e8cbf3898d74859a658eb0b79079f117edbbab66b46de3437359b2a61eacf4a532a37cc8e8be9f7cc912ba22f33ad5c9a9216d54a33a4d8df69e73735793dfc7e29ff3149c674dd95b6ca01fce1e8a2156833ed42c51608edb6ecd6a7bcd7d8714ee3e3b5a2ea4d2b1cd8d07989e3bd004bdd55787ceac1b2510ea370c24755855b40656d7a39e5dd5432b542b598541bc91c3573b6dfc5642c22f1dfe95a8d050aa383a5d9a57c1445ea8e40222ddcd7eed913c8006ca222e90c2598c10db2b4a197be9aa329dba0e145e10ad27a7bb953063bb8d699483f81a3c41b441307566e817c6f926edb32e56c548274e4308ea091bcf3d66e2f09633f9975fd1cf72bc7132ab947727fdcc41d0daab6f95b1f33317a5564961139d82007626d598ec6f3ec9a497d2ae78ee00b662611af7eb7ce75f5e2c0ce0ce329c3a610739e9a46fbbddbc09853c52195c457b9b8caf78ea2c9d54e3eb0e27ccf6ce19f781693db52b0adc2651b22f45488b780d3abdc644d04461a6136c2cfe6d0b5dc765f5d1b91298fa554ef5121b43080eda7dd48bcd984452dd914f3aa933f4b9bf7918f6f1edbfde2c2f612cc8ed0c2772bd3be9b56a1a41da94d8a9ad1864765f89158f0c8be0ed720f8226b2590f8e3fd5e29bf02e9ad413c06007499b7a3df87ac5430434a48a72a79e6e211b9ff4047860182513580bd0161750dbed4bbee045910b697447cd055dd768c065448e7ad63150a183bc58b3c6073e6e6de513046f297b150359eebf84b5d581aeb98cbce88e535361bd98e9775599f08eb084456cd91f871419126610f63ee099899bbaf4c16c5799b24742a773ce1c65e2f1abc3d29743ddb52bc9698673b67cae5f92e99957f86092be4a09952688f7eea92401dff06ac0992d204590363eb890ff979c2f9ef326673c35a3dcebb08fb660a1ba44b62ac0ace1b92a6aaaa64952c2d74a9b6e7a30c1ec2f8dbd3c9b965788f5f0444fd7f3a674707f668a763a1ffd149a59194de2e267bb1e2ba7379d901cb3b52e384ff7857278b21e354a74efa5977dbb81d5c88cdff86efee03151389e89ac49b1c35d4db5a528d85cae84d14de0bd1310f8fab1c8d4cf8005f982bed09f55017b691c6d668b51801652cd7d923bab2abeab78bfe6575307aef0bef06dceed5ef53c6b27b7bfd72a84efb6d6d8d28874c329a2e3577848008d71da30e86c8a677dde894547bf69a53f0fec3f8e614075c5ca5b820b742b7d23f5b6f3d4352ad50896c2052990f98283263e5a4fc31ced5cd8ca1ec63a0014c2d37919973980409f59d0e270c172f5f647f50a51ed50322ee2c81590cdc75237a175634a444187509a840de83de1bc0285260e65c2b3b789201c554c88dcac64f78297e7620a6b122ce5dd38b5b13147ea40ab6b998741fbd194496204c7edc8693f2eaf1faf74ad6f94a6b90f599bc6ce3d79aa5bc496fe1cdd9f284a7ed1857413fb30d7f64d1f9bd9e823d756f6335f0811fea682f1f2aa04f18127eb58c9b2cc0b750d00ee2ff25003328ef5c228c98fb2f4e52f0583089476f8cdd62706713b74b61d6493de387070e8b450b1c1f2b668aabe9eda09019be2f80dc7a814acf50044fd8abc8ac92349418f2a00fed2ae43afbcc37e296a535aefa0e6927211d6c3a0bb9c3b7470f1dc84d6303ff45c5c14d48cfaed98390c1825183440115b2ae7b515bfe8760c97f3def9533a08b34fd4f534de9880b12c4358f2d20845fa73cf3267a2a32149ba4a75921813ea1c87812e8392a85e39932212db929de1d6a1a04d25de3d6cbb7d75038d6f729412bb0106faba1eefde3180d646cd96365c25c66e9aa0146ef1c2510fa7b00848bf941010cb310f9a017e40a44203fe2dd1ef25c4b3d4ba41e92f7669334520a33ea272a2f3c882c4f87f30fba08cd6f47a012d3ca12ee0c9e1554a1b20a532d68b4289557431748cd9e93845b83556aa44b1870700c01a44266e026d498eddfae12a873bf028496803890aa09597d8f0bcc21b119c1ab8ba94910b1ac6cb6a8229e7af962830606417534855cdd7beb0cf8c45815ef477cc227e53d78fbe744ffe9ab848f68a85b2d28fa3680a767730bfa624092009e62e42b756d45174562e8355c3934f54fe7ceb68808476a6dbe664361fbaafc432022f1b04e384d088e5d6e1f28e9e580d1f34d00d42cae0a6130975064647810bb973eb19beb803cf1b5d6b8b88225129358a460fd9ec531500ca577b731a37433c80dfb6f655734ae96d7d5abe4bf4cf8cd532927b30200e89e26d5191526876f1589f383f553c53a432f3ac8901372cfca6807d959af22aa7ea8773604bc2510f65c20d109cae68b5b355af2d89f2b2c44817f02958a2578fc6eca0943cdf583cb806bb989658c0a2806eb70141", 0x1000}, {&(0x7f0000002a00)="4f0a89d8f0eed2dbbd9d9ecdfabc0f98d4873cfda67f98b0663737041f39fe78680477619e37d22145fedfb6d3b2154ed61bd133930a754ade0256e0cd9f3350829da6f7bbe3e7670547f57f308ac96e6dc8ed57b5b59b3843780bacb59d5d6b0e48411d18c5e2e30fbe97084d86cf19b728af079605e85963de6b3a24e001bde5b7430b91c048ca8f2d9df22ac67372efd4bba2f2ff3e32884c86ff06c3967cd0a2f19188f254218a0eca809c89618b094b3620eaa2b52045e4734b4c71575423", 0xc1}], 0x2, &(0x7f0000002b80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @loopback, @multicast2}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}, @ip_tos_u8={{0x11}}, @ip_retopts={{0x78, 0x0, 0x7, {[@generic={0x7, 0x9, "945dbea351bbe9"}, @ra={0x94, 0x6, 0x9}, @rr={0x7, 0x17, 0xc6, [@local, @local, @rand_addr=0x5, @rand_addr=0x10000, @empty]}, @timestamp={0x44, 0x14, 0x40, 0x0, 0x8, [{[@rand_addr=0xffff8000], 0x6}, {[], 0x1000}, {[], 0x1}]}, @rr={0x7, 0x7, 0x5, [@local]}, @timestamp={0x44, 0x14, 0x20, 0x3, 0xd, [{[], 0xfffffff7}, {[], 0x3ada}, {[@empty], 0xfffffff7}]}, @end, @end, @generic={0x1, 0xf, "e88c440b0f44743c8c947fe7ee"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x100}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x200}}], 0x128}}, {{&(0x7f0000002cc0)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000002dc0)=[{&(0x7f0000002d00)="766211d82b027d9c68d8a9a9965b178d000090b6be954c2abacd582acb3f3c972e81dc08d01a55808499524b3064ced27b785ba20542b76eb376d597dd32449dbbc35e834ab600976657d2d009ce873ab1447d02270383cae1fcd4b0fbf1f329579878117e2e5037ac905c1d1200942fc09ca8cbafe692a73ed54f7eaeab901d68a39bb2dd32", 0x86}], 0x1, &(0x7f0000002e00)=[@ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x48, 0x0, 0x7, {[@rr={0x7, 0xf, 0x9, [@local, @remote, @dev={0xac, 0x14, 0x14, 0x22}]}, @noop, @ssrr={0x89, 0x7, 0x2, [@broadcast]}, @ra={0x94, 0x6}, @timestamp={0x44, 0x14, 0x40, 0x0, 0x5, [{[], 0x4}, {[], 0x5}, {[@local], 0xd857}]}, @ra={0x94, 0x6, 0x3}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x83}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14}}], 0x108}}], 0x4, 0x4000) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x100, 0x0) openat$cgroup_subtree(r4, &(0x7f0000000180)='cgroup.subtree_control\x00', 0x2, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$TIOCMSET(r6, 0x5418, &(0x7f0000000100)=0x8) [ 2624.101624] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2624.129927] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2624.147535] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2624.156629] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2624.156641] EXT4-fs (loop5): group descriptors corrupted! 16:26:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x7, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2624.201662] EXT4-fs (loop0): bad geometry: first data block 8707 is beyond end of filesystem (1080) 16:26:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) [ 2624.244670] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2624.253972] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:04 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000fc070400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:04 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000002300000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2624.357634] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:04 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfffffff5, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:04 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) pread64(r0, &(0x7f0000000000)=""/233, 0xe9, 0x3f) 16:26:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) 16:26:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x8, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) [ 2624.569880] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2624.609732] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! 16:26:04 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r1, 0x0, 0x0, 0x4) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000000)=0x10000) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2624.664010] EXT4-fs (loop5): group descriptors corrupted! [ 2624.699733] EXT4-fs (loop0): bad geometry: first data block 8960 is beyond end of filesystem (1080) [ 2624.750048] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) [ 2624.794914] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:04 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000080400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xa, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:04 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000002400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2624.865546] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2624.899397] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x4000000) 16:26:04 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfffffff6, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2625.120429] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2625.131950] protocol 88fb is buggy, dev hsr_slave_0 [ 2625.137261] protocol 88fb is buggy, dev hsr_slave_1 16:26:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x0) 16:26:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:04 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = semget$private(0x0, 0x207, 0x0) semop(r1, &(0x7f0000000380)=[{0x0, 0x0, 0xd75d0dbb98fa3325}], 0x1) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000880)) r2 = shmget(0x3, 0x4000, 0x0, &(0x7f0000ff9000/0x4000)=nil) shmat(r2, &(0x7f0000ff9000/0x3000)=nil, 0x6000) semctl$IPC_INFO(r1, 0x0, 0x3, &(0x7f0000000000)=""/141) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2625.175212] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)! [ 2625.199053] EXT4-fs (loop0): bad geometry: first data block 9216 is beyond end of filesystem (1080) [ 2625.265401] EXT4-fs (loop5): group descriptors corrupted! 16:26:05 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000042800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x0) 16:26:05 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2625.356888] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:05 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) bind$vsock_dgram(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10) r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$DRM_IOCTL_FREE_BUFS(r2, 0x4010641a, &(0x7f0000000080)={0x9, &(0x7f0000000040)=[0x44a, 0x6, 0x3, 0x0, 0x5, 0x2136, 0x800, 0x80000000, 0x9]}) [ 2625.411518] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2625.451597] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2625.488292] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2625.520548] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x1}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1}], 0x1}}], 0x2, 0x0) 16:26:05 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfffffffb, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:05 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x10, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2625.643957] EXT4-fs (loop5): bad geometry: first data block 2048 is beyond end of filesystem (1080) 16:26:05 executing program 1: add_key$user(0x0, &(0x7f0000000540)={'syz'}, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getresgid(0x0, &(0x7f0000000300), 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x28c, 0x2, 0x0, 0x5, 0x5}, 0x17326a56bc819c21) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) unshare(0x2040400) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0) ioctl$sock_ifreq(r4, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) [ 2625.740583] EXT4-fs (loop0): bad geometry: first data block 10244 is beyond end of filesystem (1080) 16:26:05 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000040800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:05 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x422080, 0x0) openat$cgroup(r1, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2625.831195] bond0: Releasing backup interface bond_slave_1 [ 2625.893551] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2625.905989] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2625.916366] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2625.938651] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:05 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000002c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:05 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xfffffffe, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:05 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x11, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2626.152827] device 0 left promiscuous mode [ 2626.225664] EXT4-fs (loop0): bad geometry: first data block 11264 is beyond end of filesystem (1080) [ 2626.236431] device 1 left promiscuous mode 16:26:06 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = socket(0x10, 0x80802, 0xff) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = socket(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$bt_hci_HCI_FILTER(r4, 0x0, 0x2, &(0x7f0000000140)={0x8, 0x10001, 0x1000, 0x800}, 0x10) write(r3, &(0x7f0000000300)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_inet_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000040)={'netdevsim0\x00', {0x2, 0x4e23, @rand_addr=0x7}}) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r5 = socket(0x10, 0x3, 0x0) write(r5, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$SIOCAX25OPTRT(r5, 0x89e7, &(0x7f0000000000)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x2, 0x54}) getsockopt$inet_udp_int(r2, 0x11, 0x92083b2e7b1af1c6, &(0x7f00000000c0), &(0x7f0000000080)=0xfe90) [ 2626.279884] EXT4-fs (loop5): bad geometry: first data block 2052 is beyond end of filesystem (1080) 16:26:06 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000002d00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:06 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x49, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2626.342917] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2626.353908] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2626.364278] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2626.391096] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:06 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2626.487659] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2626.522145] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:06 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x1d, 0x0}) [ 2626.571878] protocol 88fb is buggy, dev hsr_slave_0 [ 2626.577127] protocol 88fb is buggy, dev hsr_slave_1 [ 2626.620231] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2626.649795] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2626.704742] EXT4-fs (loop0): bad geometry: first data block 11520 is beyond end of filesystem (1080) 16:26:06 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2626.881742] EXT4-fs (loop5): bad geometry: first data block 3072 is beyond end of filesystem (1080) [ 2626.972147] protocol 88fb is buggy, dev hsr_slave_0 [ 2626.977278] protocol 88fb is buggy, dev hsr_slave_1 [ 2626.982466] protocol 88fb is buggy, dev hsr_slave_0 [ 2626.987568] protocol 88fb is buggy, dev hsr_slave_1 16:26:06 executing program 1: syz_emit_ethernet(0x52, &(0x7f0000000180)={@local, @random="192bce5e2dfb", [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x1c, 0x2b, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[@srh], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16:26:06 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1f4dbb8d096, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:06 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000003500000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:06 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000ffff1f00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2627.166585] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:06 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/[n|\x05ol\x00', 0xa0000, 0x0) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) read$eventfd(r1, &(0x7f0000000000), 0x8) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f00000000c0)={0x6ec817, 0x0}) 16:26:07 executing program 1: r0 = socket(0x18, 0x400000002, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x682eb13985c518e6, 0x7}, 0x1c) connect$unix(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="0022f52e002d6a5c44298bdfa0c795ef7f08a7eb5a8b53df82328e42b919ec928b602ffd1fcd2ece1c492095a0861c413426e3bafbdaef39bc004e50bae276"], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) close(r0) r1 = socket(0x18, 0x3, 0x0) connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x7}, 0x1c) write(r0, &(0x7f0000000000)="baf2a3ac324f5d5b", 0x20f) 16:26:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x60, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2627.332965] EXT4-fs (loop5): bad geometry: first data block 8191 is beyond end of filesystem (1080) 16:26:07 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x803, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000017c0)="23000000560081aee4f80b00000f00fe078bc36f16000072fd670c87594d0063dac37b", 0x23}], 0x1}, 0x0) [ 2627.398390] EXT4-fs (loop0): bad geometry: first data block 13568 is beyond end of filesystem (1080) [ 2627.407966] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2627.463001] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2627.501941] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:07 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00006b6b6b00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:07 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000040), &(0x7f0000000080)=0x4) fadvise64(r1, 0x0, 0x0, 0x4) ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000000)=0xfff) syz_init_net_socket$llc(0x1a, 0x3, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2627.612594] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:07 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000043700000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:07 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xedc000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:07 executing program 4: r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0xfffffe8b) r1 = openat(r0, &(0x7f0000000000)='./file0\x00', 0x220080, 0x184) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x9, [0x1f, 0x800, 0x0, 0x400, 0xb9, 0x9d, 0x5, 0x6, 0x4]}, &(0x7f0000000080)=0x16) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2627.856893] EXT4-fs (loop5): bad geometry: first data block 27499 is beyond end of filesystem (1080) 16:26:07 executing program 1: read(0xffffffffffffffff, 0x0, 0x23b) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80802, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) bind$packet(r1, &(0x7f0000000040)={0x11, 0x800000000000004, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @empty}, {0x2, 0x4e20, @remote}, {0x2, 0x4e24, @empty}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x40}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x0, @rand_addr=0x7}, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, 0x20, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='vxcan1\x00', 0x3, 0x8001, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev={0xac, 0x2}}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000001240)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4620, 0x4, 'l\x02p\xaa[\xbb$\xf5\x9c\x00\x00\x04\x00', 0x17, 0x1f, 0x5b}, 0x2c) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) sendto$inet(r3, &(0x7f0000001300)="64c8574d1e3167bd094392e3ed2522d9b4dfa0f40f844d104af00320d4e16a3f9b188cf84dd974fa6ddafa55e15b4350a9dfbda4953fa3b4d1d79513adca774d389d9c7e1e9f0ce61e3ac0793522323331eca2d6fbc97ba6b237c4bf595dbff42f042cc16a88e3aa1ffdd8", 0x6b, 0x28080000, &(0x7f0000001280)={0x2, 0x4e22, @loopback}, 0x10) ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f00000012c0)) write$cgroup_int(r0, &(0x7f00000000c0)=0x4, 0x12) write$UHID_CREATE(r0, &(0x7f0000001100)={0x0, 'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000100)=""/4096, 0x1000, 0x8, 0x9e, 0x1, 0x0, 0x1}, 0x120) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = open(&(0x7f0000000080)='./file0\x00', 0x98940, 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setsig(r4, 0xa, 0x17) fcntl$setsig(0xffffffffffffffff, 0xa, 0xe) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$dri(&(0x7f0000001380)='/dev/dri/card#\x00', 0x6, 0x202000) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) syz_open_procfs(0x0, &(0x7f0000000200)='sched\x00') 16:26:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1cb, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:07 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000a0008000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2627.993163] EXT4-fs (loop0): bad geometry: first data block 14084 is beyond end of filesystem (1080) [ 2628.107651] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:07 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000043800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2628.160959] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2628.205467] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:07 executing program 4: getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000000)={0x0, 0x3d, "af8e4ac862891990ce41f5acae84d5803d8a69c35a5cb0e4c7712456d4e194a47d3ce3531dee3e9a30860515c1a2f6a81d9c545072295fd3edf211a7fe"}, &(0x7f0000000080)=0x45) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0)={r0, 0xfff}, 0x8) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2628.251172] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2628.262771] EXT4-fs (loop5): bad geometry: first data block 32768 is beyond end of filesystem (1080) 16:26:08 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:08 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000001000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2628.524125] EXT4-fs (loop0): bad geometry: first data block 14340 is beyond end of filesystem (1080) 16:26:08 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x15, 0x1, 0x20) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x1de, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7) sendmsg$nl_route(r1, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x701, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_PRIMARY={0x8, 0x14, r3}]}}}]}, 0x3c}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='\'\x00'}, 0x10) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, r3}, 0xc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) getuid() [ 2628.652405] net_ratelimit: 16 callbacks suppressed [ 2628.652412] protocol 88fb is buggy, dev hsr_slave_0 [ 2628.662532] protocol 88fb is buggy, dev hsr_slave_1 16:26:08 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000003f00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2628.709605] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2628.742274] EXT4-fs (loop5): bad geometry: first data block 65536 is beyond end of filesystem (1080) [ 2628.758455] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2628.830660] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:08 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1f4, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:08 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000002000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2628.923151] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:08 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2629.064349] EXT4-fs (loop0): bad geometry: first data block 16128 is beyond end of filesystem (1080) 16:26:08 executing program 4: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r3 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r3, r1, r2) r4 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r3) keyctl$set_timeout(0xf, r4, 0x7) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200000, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7) sendmsg$nl_route(r7, &(0x7f0000003740)={0x0, 0x38b, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x701, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_PRIMARY={0x8, 0x14, r9}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x804000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@bridge_dellink={0x70, 0x11, 0x0, 0x70bd28, 0x25dfdbfd, {0x7, 0x0, 0x0, r9, 0x0, 0x33c80}, [@IFLA_IF_NETNSID={0x8, 0x2e, 0x3}, @IFLA_EVENT={0x8, 0x2c, 0x1}, @IFLA_IFALIAS={0x14, 0x14, 'hwsim0\x00'}, @IFLA_CARRIER_CHANGES={0x8}, @IFLA_LINKMODE={0x8, 0x11, 0x8}, @IFLA_IFNAME={0x14, 0x3, 'rose0\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x7f}]}, 0x70}}, 0x40) ioctl$VIDIOC_S_HW_FREQ_SEEK(r6, 0x40305652, &(0x7f0000000040)={0x7fff, 0x2, 0x80, 0x494b9917, 0x8, 0x10e, 0x8}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r5, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:08 executing program 1: read(0xffffffffffffffff, 0x0, 0x23b) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80802, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) bind$packet(r1, &(0x7f0000000040)={0x11, 0x800000000000004, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @empty}, {0x2, 0x4e20, @remote}, {0x2, 0x4e24, @empty}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x40}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x0, @rand_addr=0x7}, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, 0x20, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='vxcan1\x00', 0x3, 0x8001, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev={0xac, 0x2}}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000001240)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4620, 0x4, 'l\x02p\xaa[\xbb$\xf5\x9c\x00\x00\x04\x00', 0x17, 0x1f, 0x5b}, 0x2c) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) sendto$inet(r3, &(0x7f0000001300)="64c8574d1e3167bd094392e3ed2522d9b4dfa0f40f844d104af00320d4e16a3f9b188cf84dd974fa6ddafa55e15b4350a9dfbda4953fa3b4d1d79513adca774d389d9c7e1e9f0ce61e3ac0793522323331eca2d6fbc97ba6b237c4bf595dbff42f042cc16a88e3aa1ffdd8", 0x6b, 0x28080000, &(0x7f0000001280)={0x2, 0x4e22, @loopback}, 0x10) ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f00000012c0)) write$cgroup_int(r0, &(0x7f00000000c0)=0x4, 0x12) write$UHID_CREATE(r0, &(0x7f0000001100)={0x0, 'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000100)=""/4096, 0x1000, 0x8, 0x9e, 0x1, 0x0, 0x1}, 0x120) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = open(&(0x7f0000000080)='./file0\x00', 0x98940, 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setsig(r4, 0xa, 0x17) fcntl$setsig(0xffffffffffffffff, 0xa, 0xe) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$dri(&(0x7f0000001380)='/dev/dri/card#\x00', 0x6, 0x202000) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) syz_open_procfs(0x0, &(0x7f0000000200)='sched\x00') 16:26:09 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000004000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2629.291271] EXT4-fs (loop5): bad geometry: first data block 131072 is beyond end of filesystem (1080) [ 2629.292427] protocol 88fb is buggy, dev hsr_slave_0 [ 2629.305810] protocol 88fb is buggy, dev hsr_slave_1 16:26:09 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000003000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2629.532130] protocol 88fb is buggy, dev hsr_slave_0 [ 2629.532411] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2629.537743] protocol 88fb is buggy, dev hsr_slave_1 [ 2629.567677] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2629.600682] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2629.649445] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2629.662925] EXT4-fs (loop5): bad geometry: first data block 196608 is beyond end of filesystem (1080) [ 2629.675025] EXT4-fs (loop0): bad geometry: first data block 16384 is beyond end of filesystem (1080) [ 2629.693028] protocol 88fb is buggy, dev hsr_slave_0 [ 2629.698749] protocol 88fb is buggy, dev hsr_slave_1 [ 2629.704349] protocol 88fb is buggy, dev hsr_slave_0 [ 2629.709809] protocol 88fb is buggy, dev hsr_slave_1 16:26:09 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:09 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000004000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:09 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044700000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:09 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) fgetxattr(r0, &(0x7f00000024c0)=@random={'trust\xee\xebWccc\x7f\x15T\x1c6\xb1k\xafO+\xa1\xc2\x984\x03e\xd1\xd1\xc14n\xce\x84\xca\xf2H\xb9\xa9\x980j\xa4\x17\x95\rYo', 'vmnet0em1\x00'}, &(0x7f0000000080)=""/174, 0xfffffffffffffeb9) ioprio_get$pid(0x2, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000000)={0xb109e2aa, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000002480)='tls\x00', 0x4) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x80a00, 0x0) sendmsg$nl_generic(r2, &(0x7f0000002440)={&(0x7f0000000180), 0xc, &(0x7f0000002400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="042200002000000281d64d12fcdbdf250500000004005f001800750014009100fe88000000000000000000000000010108007700", @ANYRES32=r0, @ANYBLOB="1400430008006100e000000108005500ff0f0000a4216c001ce14a5e1182aa7a9503b3e51d4b647aad2a52eeb8eb41db61a9542949a7da2573d7de567bd45ae60c0054000da30000000000009d13702e002dd5d7a530c130afeecd644dfc96d914f32f9f5f6dbe61b7395e74da972c26bae46621a1b313e978aef2ef6b72a548be7643fdbf82626cf3ec84dd43470a491b9e4e32a5b4715264b60fd341d15a8aae49cfeb919e40abee905fc33dd8cce3a6b8bebe54a1c3c166cd36e674dfdf1e2c4292f07fb41f2a98d14168e3321f2544ce339cbd6126d80d1a8ba769891e4ff368144afb8a825b43d4a953ab8601dc4020d7ed955c26a2094e62fb24a3626ac29f94f31c7f0d90c6bcec00f46941d9e631a585c0af843115f67841ed9ee9c124b7edfd9bfbcd7c213d99b2539a42aa68c44a503e002a621a4126b6bcc681ad1dc995283a9807818f898fd479f20221f45121513eda493d89ef3059eaf75df41a781d0812cfaa37344fcbdeb8cae096ff14b7a9b7ecf2db840c64ba2d40dfdc42612b802254d49f0611526542754ae59781abd2eb49aa36a47a9c15e20d29b11f9ea79817d7e2764474c600e22fb83e0927c6ba1e363cb3f66a362907fb674c40eb6a534baa29779a1a05df997554015ab064d24ef8dbe4cc6f40c1dec9d11f0582f7e4b589dc6ba4a55655dc90900a6240841b73a91b4c40193700624dcce96735a1823cf803203f3f3efcbae903fa1d3a284d0d89c5fc907a724939833d6494440535f79e6d8e7789acc9705842142d9ab398bce1923d63a66923a5953908e17e2ff3c4b2c57fbddfe4b5ef665112d1e3690842295b316a4ca0b13c81e02e4dca9cc9e193fa53d01b9209e27df88510fcc37b1a957925cd3703b1fb042f5b442967a562a22ecd3c2d608d04d51b04501a3f82fcf7aeba3dbf96084d4c71538535df40296f1eed7671373a29523c29dff4754cc9d908916411d913fd7809cd3239c62627dc97f3ed54df11c033222130a60d0c075e94a1268c0a71523ebd12789ead2455b065ced0514d8408e813ecbd54b49d9927db4122b3799827371a3e53312c15b9b3540adca0dc75d92f3072a226f3f524ffba6aee7526b3dc99072f3daf2ba8012cb35dced1e2567b59a88232c8e1c3961d777aa9023115538fa8357c41e4af223f3cd5120dfa15aaa7717a29b96bc450eb55cece1fdb085951d113b266d685874fb921ed564d951a7e5ac660f34f5d7965c50f4a495c80a7cc3e1c3dfdf95f77e8119a6366ea564b3eae981f8f79a5a58c05480e63e31d53858338cee6427a1a04783e43cd930ffb506d65a4a6871d1b72ada7dda7cb2132874756a2fcfd881b74103ce030ef91dedd0f08e1e9e27e1319b81cff510f0c529f0f64825c272f60dbfe9bb378f14ce69d2454932371996effe70a496d672f913299328a64edcc757b9d1fb5e8b45bc7e07523661aec4a4cf5674b7512c9e371407b715e0c7a3ea04e775584f355bf28309b62dfa28279a1dd1180cc0e93c01f4c78ae042aac964c73891b2000580ea5e3990a76005c58583e8b7dee4a0d5d637691d9afca3ca8bd540b940d0d1c95f15c4cee4edab3e40f4d4c4a9c609f861858e3ef0b652946fce6f43c99f612cdd9eae06bb6f196b64009267541cc8a90eb854690174f823e586b0bc228f318d383a597541b37ee85a37636e38be47ed091db7eba30417068b115c67dc370b0ae9e2a0d57526578171e9599dd74e3e1eb960e395332498e442141e6f54960df13e26da4607fc2de23260f953b5a49813f9858f0a98a72649a098cec5d7b80a89182cd5b782600b1b6a67d0c02318ffcb1d4d0ada75c2c401327e4e855a055248a179361ac176b18819d35ef9de18e64a7fee64313008dc6d72a06abe2d21a929ca932393602b9c746be28b4abce9a988045bf22ec3ca216150cad48681dcbbfe68c93e933ffa2c061a778bef90a34c1f92ff98c8a9d7983b511c3aa1a1b7fb71adfc0da15b7ec28c06473619d3ecb0b665c81205dac9ba0b8f57cdf38823ce235375dff6f4a8313d329ad39dae203fc712554b949bbf2bd76d45d98233ad879984feca2dfae7f9fe9cd762510c620f0587add474a554cc4efff2f30fc445f3a2d2945a659e3acef34d0268af5582d7d339865a67246c13df8279f4ed908ee587d9006bd955011907f0cb634ca0546a2da18c924fd752489cd2bb7b9ec332020db8fe3d98f913eab542ddf00e8a7af62762a27f8e4083e9b795c9bd0a315d3db4b45223ad637712734d61110f5503a4a24ce4265c49af0863cc15b48699482f66060bbe3880628ed620b73f8be7be7af31260805473f79e161af1ecd43ed5ff3ea29ca5b6c2c20f2249223447729af3fd667586edf4064837533ee8e819d97d9b14af58b965d09f4f8f681facd828f9945acc936ae3a872bd027354147e7fe99eece724207246ed7cdc320a73484d95f91f132dbad44d7c69bd0c2b2bf06d9edca425b48fe3ceb0305f925a572c9ceef26b26fd5bea865eb479fdce9b3e9710100d830bac1aa3447e06f5d83d9be86bfea580fc1eed7c17a4195d233f73ab5f4410525217763ed3ba762c5952ed0150bb7e9c8370cd81f83cd9613d4494986c244e3cf8777a7e762c288f1d62bec971374a335ccc5499b0c30c0c36f8c75f8cbccf22abb8cc54ca72cb9cd5e79f89134ca300e633fb5473b1446f4c898139f72c6c588b41cb358fa7e979fbbafd25207f1d06cde5bfaf3f71d2b3e051791bc4be909a18e719907aa419ee79a5d1c36171f706ce2c839741e00a53fe91898427625d995fc3551fbe8d348e52e4b7ba8f7c8e75bfce080a723e8906e3bc3b33bf43f52cb4892996d972b0e315ff18a113f4a4b63b8f599dca4f882d85e27aeac042783b2df2041bb3815f4d9b6cbb6e5e32655917975b468aa1b3e0781bdb2381f0ed6fbee6f6e76ab47b8bbe3fa172b0e6f1e4c7077c328dc3bd792c2d98d0b4234fc90211ab8c75453f321092d76c6b95baa8a41cd39e4e08a62d6cbde194514a37a61ca1dd6da1b19e6f58d74d318d3e396172830b04e19d2e473ba9199196cc3ae0a9ef47e619c68f346dd704875159cedbd6dbd5b4fd156196742d183ad9d4c140b4315cd2127ce2e3c335651dbe11a2b6f6529611f446b9de6512ee0129678da53f5e9f026d62a739efe640048739d2ededd3cae325d97f116281bab6f93219342c7290073ccb60cd5e56473f3125c97c0ab88f61de3cb199db3fd8963c38940d7f916fe8ed59a7a7ca5e0b747f1b0f0b9611aa76c8c604a36209ec94fd3b19997999ee48b366e3ce63c069712c91041b1a8334734127b0a6b7ae9d305f551ca674aac62c62dd5617c048ba87d31f5a4d14ec980a40ff430dcd4f39e77c7928b644bec0180c54fe7e5b08965d82f6db23b4fa1de501cb0eb1aecc829c759d809b88e8b1debf57b9779a28ba6a5d1558be5167714012e327cc89026f60bb9f96b743515a4be115a48f0932e6996214182e1d08db0d951e8929dc8a94e1ca8d344e6fb2a75084cfe39fb5f4ac014dcc7863e93aa312c3a1d1e3c371104720e3826e2fb9094a8b0f436adc5fa6db361638e719ec11cf890f8f412ec7721bedc1cfd2631448fa15e82b2b4fad034a08233f6229f338a1d8e7bda64953e232d6dca45edeeb2168f3fd54578829c47c117ba0c957819460774c6dc78aaf0418c511cdc894442a1df6020ad6a5d04fb134f40b4825ce48806bfafaebfa4b337ada4b5a784f28f85b9b903cde7a88ad8819e1c2305da0055ac9c045769a262c185e70568a0abbd188998d46bce1404f338367725792f52b3fa26cc0e59533096e9dacde6ad00cf3e6955215386f507ecb0666483ad426ffa8448733113cfac737d399ca24cfea767cbf238dd1f119bc122003fea6c16ab798edb3072f48df9642cd78ad12533120bcd952e64fbac7f861a0efcf693a057e066ffca5c797f48a80b00756ed2866be343c6be3427683d5302d9088b634f9363d40dfb6804e2dae2ca195d87eb0b905961470119d8c9958697cb9ba9232a9de4732731eb6e942e0bdae3aafdd4bf788d12bd809cc2dd1de354e9e9dc87113b5f84aa7abd6167e668be9d8f17ae985b735da13a2b54a05bfa295d956e099e99fc1119033aee8572d9ac3337b4bda3be8b8b1ad9ea936f3a748b9528b711d3f2f22a05a23fe6b8e809e88901df70269118e0d0884913e5fcadc8de7e9f347681734e5d85fe2779947eb442f2c8cf9a43efbfd43058e19d3485a3ebecd7f2eeddf8837cde53cae73b631afa0af779f834976e0a73a9147f349f35826370e89c481339ff12f6f421a38b40147a702ca84515f1c047baefa7e8dfca4c82573e603745352c585cfdd0b75afcd61def868ec59bafd246f7c84ea3eebf92a09c1b953cbc947e663e50eacd0795d0f17ea4b4bf4695685edeb16902e16c3d711c9b95db711d0ab292883afedcc071e7100ecba1dcbe075d2eb8319b87ebf293b2b7e1227801d87c9ec192c48967f4a3835dbbb5293be65f7cbc8acd33f16740cd2cd7e9c60052f7519484b1c7c6a771b1fb5474d1534bb30c9cebb3fc58293d833c55af98d8907e47edc61da9527d860391c4fb3a2d522b6ca6b252151dd066f7a3d0eff08cc32b9afb445fba6da8548c82b006669158e8ad68cedb739a92208326cbac2ebe3b18cdfd45161d7902681071b7dbb1685b5398ecfb0e54f2a49827b29ba2c95e65f15b8a9c1b661966eecf56e6c702376d09786e9992d95a3bc18a0632085477df453a85c2b2cfc64963c5d02da10a52c3e262ebd071e81691c6841efc9425455fc4d75efa110de1e2ac44a206791f37dc3fd9fbc58d00b5c9fc4a5fa12f75e9b96f6111921466a049797ebd473b83c003f2556856195b54029dc6adfaa028516dd2cd11eb96a7179c64148ca564fc8480eeb92fb26706b0b084f9c236b3f97ccd09147483537299e840eb1b97c80c3913bcd2e848c04606e8ec8fa12bc00d54318c19f2198bff495585239a615c7b0b65aebf0936b9ea4f955f656075a3316c3398ce6551d7c3fd9b7190aab8e48dfe46852bb3f9f3defcf8a29d87f22b290fee5a7a12807ac396e46d68c1f68a629e8ebed2f8be22be51053ee1bd33de4b7f16c0d360aafdacd464333a833ac9765eea895abab961e85229ba4c611840db0964b9d7848f5cb2fc9002f22d631185e58c1ab47f46d9dc59643aeaa4d94bae4b90393caab21f8ad6d3b883d9253cdf4830b138afb481d3f840e59514fa04cf022641433f355eaf2b4581427a6c403591af4c833613cc03e589b8ffaa68168107361376f32d8e287797c092c563137100d9fbc146100a3f642c9af8cd3e0fc9e5b6b17d65acd1283aa96c494b5655fbf3b3ad49a4bf4d7d668a23b1fb84285cce02b74343bbfd7f92c1475bbad547f67c1f4035b9194d30ec3a1faee55950bc1d7c8d72f2d0a3465c83fb3461832c587b3a5a012d65969893fddc1138b1e71726c928b91757798f67a691c091c49a6fa467c329a23b1e973ff4e859052f6887b277b8879fd0d7dbebbb3a2b043ccaa9365dfda6d293e34e5794b8b58dd02d6febd7e7a4519aacf243483390d16cdc831b5509a7d63c8b7ac6985ebeb5e179b4bf8d6a37fa6283471d5c06b5c2b6055692e5882c14b01e7440f2ca9f3e0e9286955586aa7e4821aee691cd5b0623874e5e46100e3c812d44f174e22033f4d9fd2b703a0c535b76ab88deab583f08c2d0ccd70b1ad37e07262bd86f1944eb7fa669c581bf343b67641acb9fb0575f80acddbcbce6f5abc1ae3016ba0a926dcfc3c38534b5b80d8be6182d263a45ae658acfd94f76bbb217a92e48129d5f2190818a07544d1ab964dfed19212df27dd48932f0d042c824c70bf23634f507a33c36297a79ff1b33b1849211e9bc67cd38a36b8092afd3d38d58c21d3065d99791d80f264d567a33c4fc79ac1832cbfea9aae0637359fef88129f0c4afb85c99dc296952d3e95fdff9d2e1f97f58d89f48e824f05c4ad671d7a867ce03910eba4cbc0dbb70631a0543e4f7034f947712af0a06f057257a13207c713552d1d3df9708000a000800000004105f005343d8c4f60d1b4a50322d326bac1aea8685201056b549b8d2013e4cedd2cb49186de187e2f133af1484d43945f0a9806ea5dfd09cbe477bc5c34cef13b325f37955774b408156b4228ddb52539a915ef3b51d84343751f80c6736cb6a10ca1cfb9bf1fbf53517cceeee50d48a6c22c5c77d2a7226e471ef42c7aaeb55525f6aeb62a6dae45bab953c23d80b57cec1ba464a88e014f2920575bce5ea770fd5352b933059952763c138dc02c0a48942bbb45f1f5cc35d05cba5706b2854c853d81162060b4f57cf87f5c8373691ac02ada499acc86cb7f28fa09fbebaafbdf972c730bf7f4ffa545ba09d4a68c346b14ddd11d6ed29e83f59f84dd6d19d7668ad9dbe2493b09814a34d441d4bcbf223357658996baa7f3a2ffb6ea66e24354c58f8180bb566dd5fc700f3b025ddba2ed16da0bc3fcef300703142c8c5ad2710dc7547a30b40d7ca9bd63c6ed4cebf0b65fb3b2544234b9b2a3329b3062ac3b4d549735b864ab6f7863373cc509609c1217b7c47ceb7b11b0d78b09c80eb4476b5339740edf75b992afdceadc3197c8da51851ec76b333d1664853cd07536a6b21dcd7cb13e8683fadbeda9cd303998648c95886ad2d1e5953917aa52688b07c78efaa66c298f9868045a48b9ed9d85a64c1cdc9d443f3c3501aa49c0ac3ea6f20dd0973445944c719dcf619f17fac37a58bfafbbe28f9dbb7cef99b42e9ed3776fd956d6fca5251912ce1acb6ca6f58612cf596c4dc98bd05ff971a8e23745af239086753b7668cf69f5e89abb2092d4fa88d901e6571e3501f266ec346592c63243f739bd751aec1cc3d47e06fa5e3554d4969d0e9e9c28a7005ab5b42417f5ea8d4001c523e95eb5c615c1eb345ad3b5b6983b13c946ec98772bfb9236153d98f5c032abfeb6130914ce9e17095c5e45b1367ddac3fd65fed4abec1763f6f07fa909d2cf80ae7f3f423a621a2e5c85fd6f95c004b3a614b15f4a506e3cdb581e4ba537ce245eb4741e24f2f92aa7643f51a1c8ca60ae9c947f090e1f1394346c768a8ae2fee88ff74f3aff3d985a4b56b66ea8736ec493cd6c2e0900054e16239bb5390e58cba1394d0ba40cc2ba9ecd51cf231cdd01ef601980a007e1d4769c33301e61cac20b2ce36ceac3b2621fe8be5d0d30baaf52d955d193869ab7cf57f680ddf19b9cc83ee6a8e320af8a70a75fa2d9c8316aba60ea30ee456d852801472dc1969fd8d0fcf8d50774e6677f6b7423faa9b8c6d915a03cf8154ff9ea654661fea8f9b5b6fbd38979d745233c07a4b9cd21dbf5b93725912960981723a2bfe1ea8b476daad9c5c1e8c8081a46b4220d4c07793351a1da72ad1e456bb11d33180a6b642c094bfe1453b10a5ef31fd2c890b2efe5263f7dd623a740960aadb360814e84034e797f5b3a95d7ede5b98b3de5be10155d15342fa035d44a6808d3679d3f0759a07167295e32a869dabbbc06881af3fdf4c8e39f742f048a498963bde8b2b5350649a8d36e4d9d98209378d0744d9dffc3a576a419196aa46ff08fe292a17d2c3d223ae4f98e4a05107ef7b2636d8f4719b7d89ad781f416ea4a0e26af7efd4a8d887bb59d953af397f76ab36b9b126038ca7e91c73eba858b0fe1e95f71128830cf0e3af828b814e4733e484855b72ec7b952bfcdef7a0b55700ede77323cb8128d0b939813cecd6bf8395cf079177014ab247b761ceffe04c3f433c26fe0d7f917b7ac6dd169292167b57e3bc3a240b48077f9a699c637e7f8e015648f7902ee3b0e1bfd3d039edbbbd4213b453be9f223156b629e8cd85d8ec36dfd666c9f549f5f9649de925a47c7ae937c40d51c1affcbb7979b1df0881650f3c4bc69a86212edd688aed668c9ab3b2c88595151d97542a6e281d1d1f4a72df3b373362de712e065d1a173b60b165f3865f17600f9995043f50edc6038ac3430c0bc29308066c38ca79a4c92d43c0921437c80dcba97092bcd8f79b18fdb277915265d1d9d1c3759657990da7e496cef1a1a10755196a091b182d0776cdb040c49d3f28f6dae5235e06d69eab2a522e8a6a8acf728fcbde9d90598e6deb3260af38051e86d0d803bf05c745f6978e7fedd8b36c9fd9954bfb1bdcb539e67c9a4173589693c9819f1c0fbbd024f8ca2ad374085223a03cc378c955427318badceac82b2d6c3b7e50e237ab8c39c8f8c0f6576a9be412f11fca49f4a43677aefb8fed06cee5809042f78a1ea11105aeee1a6b4918fe7eff9118dd934d1067d0bbc6b0c6cafcb58d07d4cca6fb79b8fd503b1d38883431b4290aba5fbdbcede8dec676d5b168250c2ae86ad78a71be4b2cc4bb4aa1df963f647abac24861c37e9f1d3f8b18716637a77696b17aa5508bbabc6b32620c303c04072d02e00cafe3bff9097365d979c8baa200b87e0f6649d6769d92b0c47464939b7e4744424b0dbc267a3f32a7fa4b25b8f13f930ee3966819605f09ab2dbaf476abae20f6f4b62476fe0136788fbc44cd879c2afd6cca01209de5451128f57d7d13b0712824e6b19ef7408a7bf35a7644b4b62c01f7ae89e47c3f2c771e8336b2b0378cd9780c35e7f565ea2d608cb7fde1db86bbb2ce92b8ca121217ed002bab94ed9d209f07043711fb77fcaf60be65e8168009ceaae36f196f65ec2e0b4431bd9a2cd465eedd27a1e72dd2292b18c6f3e0033a37d61fa2d4c7966164e186a39949df0cd7cd88778b56d1c30e73a8ee68214fe214764624b354a8b0c691a6cf93b3d1c4172fc6f1efce10d33a37991e1e68629271a26a1f106a82ff6f7d080a8fc6bb09d3a955e239309ab730ac2e0d3f47748802de21f4ee870adc178c07fdb08c5891c15b28bb7e3239db6ea2504b10b855058cc3a8c517065650e399d85dfb8f13f8adad8f9f5fc5dc1ff74c538354b15b9b7a52711c28c6b21a47d2f7079e43231733585dc2e99ac5fd4f21433b79f62d2468f7fa0d9a6204c4c2ac88d2d997146c384c10051160a5db988c1c3b67641195ebcada7940641e183872d887ba2a8a99c4aa94ac9a47dba16b7eed7bdc4ad3f5cd25e534923ccc40c349f561ba98167be832660da9a2ad17f2a6d910c23b5be5bbc5e8f3c0a45550c29f8b8582b632b7b3d03cf7ea7d515e3ecd6573768f2c89c2686ae42a780342886442547ddb25507a5068e0f5c2d2a80c996672e11a387a55ff6e112dda1030f69427e9cf88a93806a1fb617f07f97113bf029dae2a32a91c7b1794ede13f6a1772a97d4ef1c504e84cbcb1397ddfd0189d3bd8167a9f794184242c310f8950848ae8d1ca98f4a7a93778eb5b5a6eac656c8be847325107ae9c71be22f346f3b84498eeea9aec21da8d6ef90ed1db9480077a106f04948137396dadeb5672ced1150930ebd88c367c9d68d2bacadf1272afb78c3de62c81474d8e10ecc7bffa25a1309eb269234c01020ddb9a7c692ccd7b46d73d4054c84a7bea301fbcb99a171e526dfe5f5bfbecbffdf9ee38a004b08105749c03bf0061973f5666506a7f6982fe230da36391789f900ccb584b2c6da02a363481155c279af33da88b24378a933d00bcc1270f47dd76fa67ff9e1ea49f838f0a1f6bbeae4dc6aeb628b8c002b98e96507fef49d8e26d0763feb57aa2b191c8e6b08337a7536ccd1bbc7d4f4e20a8ca9fd284722397665d5dccc7bafcb29828193f20f685cb2b6773663786396c6a3b759fc31263d658f0f15cceb496098fa9a73fa079e4825386ff6521be2d5964769f82fd412fc6d8cc73c7766a1b24985de246740689edb991996de427e56ab656d061fe60d9a51078abb1c40f1c68ddaa94e08d8c44fb10a73d9e412bd9564e1f6e52ad8c155b81fb91c59752263459b9d110f547c5c7393d5e0d50d9768909bf9e269c84abf643d99e42f2d5fe57fedb6de09831b75ed4224897990e756302e5ce4bfdfe8f8da79ce056a317dd63a3ff3b17a6e2d52fd0379ebc5060be302505463cd61e8eeb45b12c0786f68d682c04257d09b1b243c7987f66403ddee4050fa30c01fe8710346190ed6489e8b49389e5d74cd97292a894386dfcbd4e249b67b0c2772798802cab6e6dd74a453b0a1966a748df8d7a6b46d130c6e5274087de9a6c4488c5a1338c03df363a5c69327bf03efb3fc553f20adcfd17faf503f663f6d6ee1e3e02d815ec071949937052fd882169acfc4b63336bf1a57d53b556c74581016719b2f41e781832c1335366bd2402d3e4c683096c5204946967306444925e4671e42e9af3083e20c2882e1647a6caa7e4d139072fa15d3c18762ff5b144912c9a33c43a6e9fb1c46689bc3a3f262314487a7abec7599af1bb352fd0a15f971293a2d229bf6f3fc101e2c3a4c109063d38b5cd41ab029687f0798b8b3aa7890e8251425092f0ca93aede091a3a90b96928987b4ddcecb424ef1c26b44f4b0ce794b7e88c1094d68ba15dd2b4a6871c8026755f2fe3d4272dda04d3d25b9955f121c2fb81ce4486ab6896b8086e8f1ea3ebdb316e4f49802e845b0434d14d75b11fd62cb04fd6a3b814ad8d2c0fa317cd73e9696a4b7c238e52b6feacc89d4b34cc82553b548f39a63b86e35efd07e5fbe6ea6c38f4849ad7601b98c9053f214302aa9e4f7c33c86eaf8e008e478b0764d05f9ebf3360ec65052c3e84e6a9a42a818ae2b1b3e1656c598054da8a91d11d7196436c770de0dd9dbcd8dba891d3af2aa3fb76508cf0ec18ef8fe9a2b154ded85bdb1088ccbf18388aeb8342e7a68ae82ef9a7e0eef56b86477767f91a40bac6e12565982a8ad90911e0eee9858eb8f8b640182d3390cb0252c026ef67f2eebcc4871f2acde4374ad182d8fae35e3a0e11ba115beb5a1dba4231d8f7d8a206a4658993013585c4894d9cc7ab7a901c2bfb0f92fe3dae0a1639ee8e19a99a4e23b17fc1e9bcd361063948f5ddd21b3f66f41614d8b9546ed38ec1171270e62ac146ee9b0d85561fcd7b0dc1f96a4b6ec1871ef93bd3bad433c94d13ba443b6009569da92b7a4bc264b38464841d7925a2d337b3ab3b7a36f9767f3c0c08125027cced161da586e3bf0ed71b1f0c933937238b62e5903fa211f1229500aa65b775adac67c854215a544954d37c00f8c5c206f5cf18c7ec82a066a133290d8f8b5c213628483d2b0de2b53d28ab8b47daee8b1b94054aeff063c54b20140c9ad63272740771c7254b0132236285877985908eee468f698ee5190e7543e1002096f0dc536614f2724b9646ce6c7f81e72557e7b51c84ccc833a29368d65865e3b8b5a749ec7fb2629d273ded3dd925902f050b3d9055bf4874bed9edef7cf95241b4c523f9e8ffe62e73a7601db0676108ecbdc8bcdf9330bfb685837b50170e364af3f56d42bc013f2f37fd1f612ff55a373607ed7fce32606ff1df94089ceaed0f0c3d832fcfc9cdedf72247d9583cded37c0842a6564bc269a26dd52205077923a45b7fe77f679fbda9ba28d521ee676214fc299b91c3d0e854d79b5f8465c92460c52830052cf2afdfeb88dcce3810153fd3e909aea9848e368fc8b97ca9b87132f792a1e6288cad3ba1f3b1e8bcc4792ee9c59462b43d3b901cc514d96551e06c9f76134e82c7700591b82b878a09c5e9843354095ef8930dadc886c03bae067d4c4e460ea6d2448281515ce61edb6ef5bf7620107e64efe763dda4cb144df38d2b685d39f7934641b1e7d2da3461526fd77fe4431da071a47f58f5536e066e7651caf26557ba0c524d2ff6e0343a325a86f4aaf0c718781ec516c8fc7d180cb6f7f0aa522f3999b8e6bd6623db51e12508003300ffffffff1815c7fd76183d776366406e73c800419d9752a1549b680bbd746c1182f8bdffbd27a3e75427846cb95cb9d9a9089c5c147163aa3c26682e1bf790ee1e5fdd0355f08e909168926652afd44cb6e0dcfd94dc23e188397dcfd0a19d169f31712595b11ab5bc0886906499c50c9f2758d53bb83d00d1222d1138bbc6ba12e62afc11cc70801740aed0365853ce9b29392112529935ff09978fa3965ef6bd504ee3fc303e455c7f971349e8641e51a4dce2d4bad2ec1f10a1bc8592e8f371243da5d600000014003e00fe880000000000000000000000000001"], 0x2204}, 0x1, 0x0, 0x0, 0x8800}, 0x40000) 16:26:09 executing program 1: read(0xffffffffffffffff, 0x0, 0x23b) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80802, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) bind$packet(r1, &(0x7f0000000040)={0x11, 0x800000000000004, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @empty}, {0x2, 0x4e20, @remote}, {0x2, 0x4e24, @empty}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x40}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x0, @rand_addr=0x7}, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, 0x20, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='vxcan1\x00', 0x3, 0x8001, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev={0xac, 0x2}}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000001240)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4620, 0x4, 'l\x02p\xaa[\xbb$\xf5\x9c\x00\x00\x04\x00', 0x17, 0x1f, 0x5b}, 0x2c) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) sendto$inet(r3, &(0x7f0000001300)="64c8574d1e3167bd094392e3ed2522d9b4dfa0f40f844d104af00320d4e16a3f9b188cf84dd974fa6ddafa55e15b4350a9dfbda4953fa3b4d1d79513adca774d389d9c7e1e9f0ce61e3ac0793522323331eca2d6fbc97ba6b237c4bf595dbff42f042cc16a88e3aa1ffdd8", 0x6b, 0x28080000, &(0x7f0000001280)={0x2, 0x4e22, @loopback}, 0x10) ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f00000012c0)) write$cgroup_int(r0, &(0x7f00000000c0)=0x4, 0x12) write$UHID_CREATE(r0, &(0x7f0000001100)={0x0, 'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000100)=""/4096, 0x1000, 0x8, 0x9e, 0x1, 0x0, 0x1}, 0x120) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = open(&(0x7f0000000080)='./file0\x00', 0x98940, 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setsig(r4, 0xa, 0x17) fcntl$setsig(0xffffffffffffffff, 0xa, 0xe) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$dri(&(0x7f0000001380)='/dev/dri/card#\x00', 0x6, 0x202000) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) syz_open_procfs(0x0, &(0x7f0000000200)='sched\x00') [ 2630.066767] EXT4-fs (loop5): bad geometry: first data block 262144 is beyond end of filesystem (1080) [ 2630.099931] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2630.142149] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2630.188745] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2630.204484] EXT4-fs (loop0): bad geometry: first data block 18180 is beyond end of filesystem (1080) [ 2630.256642] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:10 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x240, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:10 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000005000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:10 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:10 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000004800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2630.466370] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:10 executing program 1: read(0xffffffffffffffff, 0x0, 0x23b) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80802, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) bind$packet(r1, &(0x7f0000000040)={0x11, 0x800000000000004, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @empty}, {0x2, 0x4e20, @remote}, {0x2, 0x4e24, @empty}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x40}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x0, @rand_addr=0x7}, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, 0x20, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='vxcan1\x00', 0x3, 0x8001, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev={0xac, 0x2}}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000001240)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4620, 0x4, 'l\x02p\xaa[\xbb$\xf5\x9c\x00\x00\x04\x00', 0x17, 0x1f, 0x5b}, 0x2c) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) sendto$inet(r3, &(0x7f0000001300)="64c8574d1e3167bd094392e3ed2522d9b4dfa0f40f844d104af00320d4e16a3f9b188cf84dd974fa6ddafa55e15b4350a9dfbda4953fa3b4d1d79513adca774d389d9c7e1e9f0ce61e3ac0793522323331eca2d6fbc97ba6b237c4bf595dbff42f042cc16a88e3aa1ffdd8", 0x6b, 0x28080000, &(0x7f0000001280)={0x2, 0x4e22, @loopback}, 0x10) ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f00000012c0)) write$cgroup_int(r0, &(0x7f00000000c0)=0x4, 0x12) write$UHID_CREATE(r0, &(0x7f0000001100)={0x0, 'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000100)=""/4096, 0x1000, 0x8, 0x9e, 0x1, 0x0, 0x1}, 0x120) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = open(&(0x7f0000000080)='./file0\x00', 0x98940, 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setsig(r4, 0xa, 0x17) fcntl$setsig(0xffffffffffffffff, 0xa, 0xe) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$dri(&(0x7f0000001380)='/dev/dri/card#\x00', 0x6, 0x202000) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) syz_open_procfs(0x0, &(0x7f0000000200)='sched\x00') 16:26:10 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) request_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000140)=')em1@-cpusetvboxnet1.cpuset}md5sumvboxnet0\xb8mime_type[:&&posix_acl_access-vmnet1\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r4 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r4, r2, r3) keyctl$get_security(0x11, r4, &(0x7f00000000c0)=""/17, 0xfe5cfc90) [ 2630.693871] EXT4-fs (loop5): bad geometry: first data block 327680 is beyond end of filesystem (1080) [ 2630.694056] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2630.748890] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2630.763998] EXT4-fs (loop0): bad geometry: first data block 18432 is beyond end of filesystem (1080) [ 2630.806033] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:10 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) recvmmsg(r0, &(0x7f0000004380)=[{{&(0x7f0000000000)=@ipx, 0x80, &(0x7f0000002480)=[{&(0x7f0000000140)=""/240, 0xf0}, {&(0x7f0000000080)}, {&(0x7f0000000240)=""/190, 0xbe}, {&(0x7f00000000c0)=""/57, 0x39}, {&(0x7f0000000300)=""/181, 0xb5}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f00000023c0)=""/128, 0x80}, {&(0x7f0000002440)=""/7, 0x7}], 0x9, &(0x7f0000002540)=""/201, 0xc9}, 0xaab0}, {{&(0x7f0000002640)=@can, 0x80, &(0x7f0000002800)=[{&(0x7f00000026c0)=""/127, 0x7f}, {&(0x7f0000002740)=""/144, 0x90}, {0xffffffffffffffff}], 0x3}, 0xfff}, {{&(0x7f0000002840)=@ethernet={0x0, @broadcast}, 0x80, &(0x7f0000002940)=[{&(0x7f00000028c0)=""/69, 0x45}], 0x1, &(0x7f0000002980)=""/226, 0xe2}}, {{&(0x7f0000002a80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f0000002e00)=[{&(0x7f0000002b00)=""/86, 0x56}, {&(0x7f0000002b80)=""/142, 0x8e}, {&(0x7f0000002c40)=""/140, 0x8c}, {&(0x7f0000002d00)=""/72, 0x48}, {&(0x7f0000002d80)=""/103, 0x67}], 0x5, &(0x7f0000002e80)=""/214, 0xd6}, 0x6}, {{&(0x7f0000002f80)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f0000004040)=[{&(0x7f0000003000)}, {&(0x7f0000003040)=""/4096, 0x1000}], 0x2, &(0x7f0000004080)=""/16, 0x10}, 0x80000001}, {{&(0x7f00000040c0)=@caif=@dbg, 0x80, &(0x7f0000004340)=[{&(0x7f0000004140)=""/3, 0x3}, {&(0x7f0000004180)=""/210, 0xd2}, {&(0x7f0000004280)=""/163, 0xa3}], 0x3}, 0x1}], 0x6, 0x0, &(0x7f0000004500)={0x77359400}) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000004540)=[@in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e21, @multicast1}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x29}}, @in6={0xa, 0x4e21, 0x6, @dev={0xfe, 0x80, [], 0x1f}, 0x7}, @in6={0xa, 0x4e21, 0x5fd0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x13}}, 0x100}, @in6={0xa, 0x4e23, 0x2, @dev={0xfe, 0x80, [], 0x2a}, 0x8}], 0x94) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2630.879146] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:10 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000006000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:10 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000014800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:10 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4020000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:10 executing program 4: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x440, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000000)={0x30f, 0x0}) 16:26:10 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000040)=""/89, &(0x7f00000000c0)=0x59) [ 2631.202992] EXT4-fs (loop5): bad geometry: first data block 393216 is beyond end of filesystem (1080) [ 2631.301287] EXT4-fs (loop0): bad geometry: first data block 18433 is beyond end of filesystem (1080) [ 2631.315517] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2631.362442] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2631.404559] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2631.452727] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2631.653880] device gretap0 left promiscuous mode [ 2631.658848] bridge0: port 3(gretap0) entered disabled state 16:26:11 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x300, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:11 executing program 1: read(0xffffffffffffffff, 0x0, 0x23b) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80802, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) bind$packet(r1, &(0x7f0000000040)={0x11, 0x800000000000004, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @empty}, {0x2, 0x4e20, @remote}, {0x2, 0x4e24, @empty}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x40}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e22, @local}, {0x2, 0x0, @rand_addr=0x7}, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, 0x20, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='vxcan1\x00', 0x3, 0x8001, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev={0xac, 0x2}}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000001240)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4620, 0x4, 'l\x02p\xaa[\xbb$\xf5\x9c\x00\x00\x04\x00', 0x17, 0x1f, 0x5b}, 0x2c) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) sendto$inet(r3, &(0x7f0000001300)="64c8574d1e3167bd094392e3ed2522d9b4dfa0f40f844d104af00320d4e16a3f9b188cf84dd974fa6ddafa55e15b4350a9dfbda4953fa3b4d1d79513adca774d389d9c7e1e9f0ce61e3ac0793522323331eca2d6fbc97ba6b237c4bf595dbff42f042cc16a88e3aa1ffdd8", 0x6b, 0x28080000, &(0x7f0000001280)={0x2, 0x4e22, @loopback}, 0x10) ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f00000012c0)) write$cgroup_int(r0, &(0x7f00000000c0)=0x4, 0x12) write$UHID_CREATE(r0, &(0x7f0000001100)={0x0, 'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000100)=""/4096, 0x1000, 0x8, 0x9e, 0x1, 0x0, 0x1}, 0x120) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = open(&(0x7f0000000080)='./file0\x00', 0x98940, 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setsig(r4, 0xa, 0x17) fcntl$setsig(0xffffffffffffffff, 0xa, 0xe) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$dri(&(0x7f0000001380)='/dev/dri/card#\x00', 0x6, 0x202000) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) syz_open_procfs(0x0, &(0x7f0000000200)='sched\x00') 16:26:11 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000040)={0x0, 0x0}) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0x4073be3) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[], 0xfffffe8b) socket$xdp(0x2c, 0x3, 0x0) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000300)=""/4096) 16:26:11 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000007000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:11 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x7ffffffffffff, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:11 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2631.899260] EXT4-fs (loop0): bad geometry: first data block 18436 is beyond end of filesystem (1080) [ 2631.909669] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2631.932367] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2631.992557] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2632.010734] EXT4-fs (loop5): bad geometry: first data block 458752 is beyond end of filesystem (1080) 16:26:11 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044900000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2632.067891] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:11 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000008000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:11 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x8000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2632.268490] EXT4-fs (loop5): bad geometry: first data block 524288 is beyond end of filesystem (1080) 16:26:12 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0xfffffffd}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='cmdline\x00') preadv(r0, &(0x7f00000017c0), 0x1000000000000277, 0x400000000000) [ 2632.350419] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2632.367443] EXT4-fs (loop0): bad geometry: first data block 18692 is beyond end of filesystem (1080) 16:26:12 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000040)={0x0, 0x401, 0x0, &(0x7f0000000000)=0x4}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:12 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044a00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2632.579241] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2632.618841] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2632.696337] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2632.741070] EXT4-fs (loop0): bad geometry: first data block 18948 is beyond end of filesystem (1080) [ 2632.765343] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:12 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x3e8, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:12 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000308000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:12 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xedc000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:12 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x8040000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:12 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044b00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:12 executing program 4: syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@link_local, @random="62fd53f5da86", [{}], {@ipv6={0x86dd, {0x0, 0x6, "8000", 0x14, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @ipv4={[], [], @remote}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r4 = socket(0x0, 0x0, 0x0) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000001b40)={r6}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={r6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000140)={r6, @in6={{0xa, 0x4e22, 0x1000, @dev={0xfe, 0x80, [], 0x15}, 0x2}}, 0x91, 0x4}, &(0x7f0000000080)=0x90) r7 = socket(0x10, 0x3, 0x0) write(r7, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r7, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2633.139500] EXT4-fs (loop5): bad geometry: first data block 525056 is beyond end of filesystem (1080) [ 2633.164826] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2633.176157] EXT4-fs (loop0): bad geometry: first data block 19204 is beyond end of filesystem (1080) 16:26:12 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xedc000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2633.208607] device bridge_slave_1 left promiscuous mode [ 2633.221592] bridge0: port 2(bridge_slave_1) entered disabled state [ 2633.240720] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:13 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x3f8, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2633.283771] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2633.317760] device bridge_slave_0 left promiscuous mode 16:26:13 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000000)={'nr0\x00', {0x2, 0x4e21, @local}}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:13 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000009000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2633.332967] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2633.366327] bridge0: port 1(bridge_slave_0) entered disabled state 16:26:13 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000004c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2633.404816] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:13 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xc000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:13 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) prctl$PR_GET_TIMERSLACK(0x1e) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:13 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xedc000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2633.646277] EXT4-fs (loop5): bad geometry: first data block 589824 is beyond end of filesystem (1080) [ 2633.658091] EXT4-fs (loop0): bad geometry: first data block 19456 is beyond end of filesystem (1080) [ 2633.691905] net_ratelimit: 20 callbacks suppressed [ 2633.691913] protocol 88fb is buggy, dev hsr_slave_0 [ 2633.702039] protocol 88fb is buggy, dev hsr_slave_1 16:26:13 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmsg(r0, &(0x7f0000001500)={&(0x7f0000000000)=@tipc, 0x80, &(0x7f00000013c0)=[{&(0x7f0000000140)=""/142, 0x8e}, {&(0x7f0000000080)=""/67, 0x43}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/222, 0xde}, {&(0x7f0000001300)=""/62, 0x3e}, {&(0x7f0000001340)=""/81, 0x51}], 0x6, &(0x7f0000001440)=""/143, 0x8f}, 0x40000000) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xffffff78) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d3, &(0x7f0000000100)={0x399, 0x0}) [ 2633.851934] protocol 88fb is buggy, dev hsr_slave_0 [ 2633.857058] protocol 88fb is buggy, dev hsr_slave_1 [ 2633.862368] protocol 88fb is buggy, dev hsr_slave_0 [ 2633.867472] protocol 88fb is buggy, dev hsr_slave_1 [ 2633.879801] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:13 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000000a000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:13 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2633.911951] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2633.945299] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:13 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x6, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2633.982961] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2634.011928] protocol 88fb is buggy, dev hsr_slave_0 [ 2634.017133] protocol 88fb is buggy, dev hsr_slave_1 16:26:13 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x6b6b6b00000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2634.191500] EXT4-fs (loop5): bad geometry: first data block 655360 is beyond end of filesystem (1080) [ 2634.206103] EXT4-fs (loop0): bad geometry: first data block 19460 is beyond end of filesystem (1080) [ 2634.331917] protocol 88fb is buggy, dev hsr_slave_0 [ 2634.337116] protocol 88fb is buggy, dev hsr_slave_1 [ 2634.447334] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2634.482449] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2634.491707] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2634.517070] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2637.794529] bond13 (unregistering): Released all slaves [ 2637.811287] bond12 (unregistering): Released all slaves [ 2637.823982] bond11 (unregistering): Released all slaves [ 2637.834502] bond10 (unregistering): Released all slaves [ 2637.848001] bond9 (unregistering): Released all slaves [ 2637.860833] bond8 (unregistering): Released all slaves [ 2637.874131] bond7 (unregistering): Released all slaves [ 2637.887465] bond6 (unregistering): Released all slaves [ 2637.901068] bond5 (unregistering): Released all slaves [ 2637.914715] bond4 (unregistering): Released all slaves [ 2637.927323] bond3 (unregistering): Released all slaves [ 2637.940157] bond2 (unregistering): Released all slaves [ 2637.953757] bond1 (unregistering): Released all slaves [ 2638.015211] device hsr_slave_1 left promiscuous mode [ 2638.056691] device hsr_slave_0 left promiscuous mode [ 2638.127117] team0 (unregistering): Port device team_slave_1 removed [ 2638.139265] team0 (unregistering): Port device team_slave_0 removed [ 2638.151759] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 2638.208035] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 2638.297859] bond0 (unregistering): Released all slaves 16:26:18 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x500, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:18 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000030a000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:18 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000140)={0x0, 0x100, 0xc0, 0x87, 0x46, 0x4, 0x8}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_G_PARM(r2, 0xc0cc5615, &(0x7f0000000000)={0xa, @capture={0x1000, 0x1, {0x80, 0xff}, 0x2, 0x61}}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(0xffffffffffffffff, 0x0, r5) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe8) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000200)='./file0\x00', 0x13901632, 0x2, &(0x7f0000000280)=[{&(0x7f0000000240)="810c6d1d84d1ab3de1a9", 0xa, 0x80000001}, {&(0x7f0000000300)="91cbb42c5c8950a551d9de2ebc09a3e4fb64b794ca3d7b221a69855e5fe90d0f80019ae6fac078e9c96cb6be7ae0b31189dec060a16bf81ac3a1abc6eff5978cea0ba45cfc88c56f4c2f05acf2c4b1c17c30f110779003abfd4d1392e418918246264069f4ea71004e6a614e07666006205ed5073ec18c2aa0449b1588195bda4554acf3bc9f478628b18ffa4e002741c7b8e3a4e1525bafc6f64c722714f9", 0x9f, 0x80}], 0x8000, &(0x7f0000000680)={[{@noquota='noquota'}, {@gid={'gid', 0x3d, r5}}, {@discard='discard'}, {@integrity='integrity'}, {@usrquota='usrquota'}, {@umask={'umask', 0x3d, 0x5c49}}, {@nodiscard='nodiscard'}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@errors_remount='errors=remount-ro'}, {@nodiscard='nodiscard'}], [{@hash='hash'}, {@smackfsdef={'smackfsdef', 0x3d, '.GPL'}}, {@fowner_gt={'fowner>', r6}}, {@euid_gt={'euid>'}}, {@subj_role={'subj_role', 0x3d, ',,'}}, {@euid_lt={'euid<'}}, {@euid_eq={'euid'}}, {@fsname={'fsname', 0x3d, 'selinuxtrustedposix_acl_access'}}, {@subj_user={'subj_user', 0x3d, 'Lsystemvboxnet1wlan0+systemwlan0user-keyringprocselinux (\',(keyring'}}, {@pcr={'pcr', 0x3d, 0x2e}}]}) ioctl$TUNSETGROUP(r4, 0x400454ce, r5) 16:26:18 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044d00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:18 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x100000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:18 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf6000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2638.568268] EXT4-fs (loop0): bad geometry: first data block 19716 is beyond end of filesystem (1080) [ 2638.607849] EXT4-fs (loop5): bad geometry: first data block 656128 is beyond end of filesystem (1080) [ 2638.628577] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:18 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x594, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:18 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044e00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2638.690199] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2638.747173] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:18 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x9, 0x0) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r4 = socket(0x0, 0x0, 0x0) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000001b40)={r6}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={r6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000040)={r6, 0x7ff, 0x2, 0x1, 0x0, 0x20}, &(0x7f0000000080)=0x14) r7 = socket(0x10, 0x3, 0x0) write(r7, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$bt_BT_POWER(r7, 0x112, 0x9, &(0x7f0000000300)=0x3, 0x1) sendto$inet(r7, &(0x7f0000000180)="5d46901c1c3130d936a992b43e9f280001ab28b13b4e3363473f1e248d9d2e19a5bed0fc81f5cc09e9374e03a615eb53bb4a25718d44e6012fbc06c70b767068488a8a8dade32dcbcf45b6a9ddbcd2092e256e0f098ce9e7028e5894b2c17ac253abdfedbae659cb8f6ee6370a650f15270c45a3cb7f1b80d8655e3792454aed645dc4f40981ec27a7117112c92172a5f45883ac5bc776897d0d9a9f6e3a0f7c5ad3f0c5bab1cf354254d35d210f4b6fa1b96978846a3d8d50f07678d28975e99aa0aac400ab8ea9d0af5c2f4a2a2228d15a6c6b95f40bfab9e24673837b4c5306590870645c1586e52b3db2f8ee6c2906f274703d13", 0xf6, 0x4000800, &(0x7f00000000c0)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 16:26:18 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000410000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2638.822246] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:18 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf6000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2638.898722] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:18 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x200000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:18 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x600, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:18 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r2 = accept(0xffffffffffffffff, &(0x7f0000000000)=@isdn, &(0x7f0000000080)=0x80) r3 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r3, 0x0, 0x0, 0x4) readlinkat(r3, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)=""/39, 0x27) getsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000300), &(0x7f0000000340)=0x8) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) getsockopt$inet_mreqn(r4, 0x0, 0x4, &(0x7f0000002740)={@remote, @multicast1, 0x0}, &(0x7f00000001c0)=0xc) bind$bt_hci(r2, &(0x7f00000027c0)={0x1f, r5, 0x1}, 0xc) fadvise64(r1, 0x0, 0x0, 0x4) r6 = socket(0x10, 0x3, 0x0) write(r6, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r6) [ 2639.081452] EXT4-fs (loop0): bad geometry: first data block 19972 is beyond end of filesystem (1080) [ 2639.125361] EXT4-fs (loop5): bad geometry: first data block 1049600 is beyond end of filesystem (1080) [ 2639.195882] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:19 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000044f00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:19 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000012000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2639.277153] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:19 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xf6000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2639.354059] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2639.376983] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:19 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000040)={0x0, 0x0}) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x10) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) [ 2639.416975] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x700, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:19 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x300000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2639.588067] EXT4-fs (loop0): bad geometry: first data block 20228 is beyond end of filesystem (1080) [ 2639.612729] EXT4-fs (loop5): bad geometry: first data block 1179648 is beyond end of filesystem (1080) [ 2639.691922] net_ratelimit: 6 callbacks suppressed [ 2639.691929] protocol 88fb is buggy, dev hsr_slave_0 [ 2639.701946] protocol 88fb is buggy, dev hsr_slave_1 16:26:19 executing program 1: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000003d40000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:19 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000014000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xa00, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:19 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000045000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2639.970313] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2640.028686] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:19 executing program 1 (fault-call:3 fault-nth:0): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2640.071976] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2640.110635] EXT4-fs (loop5): bad geometry: first data block 1310720 is beyond end of filesystem (1080) [ 2640.159399] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2640.181657] EXT4-fs (loop0): bad geometry: first data block 20484 is beyond end of filesystem (1080) 16:26:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe00, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2640.228349] FAULT_INJECTION: forcing a failure. [ 2640.228349] name failslab, interval 1, probability 0, space 0, times 0 16:26:20 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000020000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2640.282400] CPU: 1 PID: 9881 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2640.289292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2640.298685] Call Trace: [ 2640.301301] dump_stack+0x172/0x1f0 [ 2640.304962] should_fail.cold+0xa/0x1b [ 2640.308879] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2640.314009] ? lock_downgrade+0x880/0x880 [ 2640.318191] __should_failslab+0x121/0x190 [ 2640.322451] should_failslab+0x9/0x14 [ 2640.326272] kmem_cache_alloc_node+0x26c/0x710 [ 2640.330887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2640.336444] ? tcp_established_options+0x2ae/0x480 [ 2640.341402] __alloc_skb+0xd5/0x5f0 [ 2640.345061] ? skb_scrub_packet+0x490/0x490 [ 2640.349404] ? audit_watch_log_rule_change.isra.0.part.0+0x92/0x1e0 [ 2640.355845] sk_stream_alloc_skb+0xc8/0x860 [ 2640.360200] tcp_sendmsg_locked+0xc93/0x3260 [ 2640.364648] ? tcp_sendpage+0x60/0x60 [ 2640.368467] ? trace_hardirqs_on+0x67/0x220 [ 2640.372815] ? lock_sock_nested+0x9a/0x120 [ 2640.377077] ? __local_bh_enable_ip+0x15a/0x270 16:26:20 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0x8000) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'syz_tun\x00', 0x20}) [ 2640.381775] tcp_sendmsg+0x30/0x50 [ 2640.385359] inet_sendmsg+0x141/0x5d0 [ 2640.389176] ? ipip_gro_receive+0x100/0x100 [ 2640.393512] sock_sendmsg+0xd7/0x130 [ 2640.397240] ___sys_sendmsg+0x3e2/0x920 [ 2640.401248] ? copy_msghdr_from_user+0x430/0x430 [ 2640.406036] ? lock_downgrade+0x880/0x880 [ 2640.410209] ? kasan_check_read+0x11/0x20 [ 2640.414380] ? __fget+0x367/0x540 [ 2640.417858] ? iterate_fd+0x360/0x360 [ 2640.421682] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2640.427235] ? proc_fail_nth_write+0x9d/0x1e0 [ 2640.431751] ? __fget_light+0x1a9/0x230 [ 2640.435745] ? __fdget+0x1b/0x20 [ 2640.439209] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2640.444763] ? sockfd_lookup_light+0xcb/0x180 [ 2640.449272] __sys_sendmmsg+0x1bf/0x4e0 [ 2640.453279] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2640.457627] ? kasan_check_write+0x14/0x20 [ 2640.461998] ? __sb_end_write+0xd9/0x110 [ 2640.466133] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2640.471689] ? fput+0x128/0x1a0 [ 2640.474984] ? ksys_write+0x1f1/0x2d0 [ 2640.478826] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2640.483595] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2640.488380] ? do_syscall_64+0x26/0x620 [ 2640.492716] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2640.498093] ? do_syscall_64+0x26/0x620 [ 2640.502087] __x64_sys_sendmmsg+0x9d/0x100 [ 2640.506344] do_syscall_64+0xfd/0x620 [ 2640.510164] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2640.515472] RIP: 0033:0x45a219 [ 2640.518675] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2640.537591] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2640.545321] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2640.552635] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2640.559924] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2640.567213] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2640.574498] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:20 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x400000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:20 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) 16:26:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1100, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:20 executing program 1 (fault-call:3 fault-nth:1): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:20 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000045100000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2640.848400] FAULT_INJECTION: forcing a failure. [ 2640.848400] name failslab, interval 1, probability 0, space 0, times 0 [ 2640.887756] EXT4-fs (loop5): bad geometry: first data block 2097152 is beyond end of filesystem (1080) [ 2640.930048] CPU: 0 PID: 10101 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2640.937029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2640.946402] Call Trace: [ 2640.949017] dump_stack+0x172/0x1f0 [ 2640.952670] should_fail.cold+0xa/0x1b [ 2640.956585] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2640.961714] ? lock_downgrade+0x880/0x880 [ 2640.965916] __should_failslab+0x121/0x190 [ 2640.970186] should_failslab+0x9/0x14 [ 2640.974011] kmem_cache_alloc_node_trace+0x274/0x720 [ 2640.979141] ? __alloc_skb+0xd5/0x5f0 [ 2640.982979] __kmalloc_node_track_caller+0x3d/0x80 [ 2640.987944] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2640.992640] __alloc_skb+0x10b/0x5f0 [ 2640.996395] ? skb_scrub_packet+0x490/0x490 [ 2641.000761] ? audit_watch_log_rule_change.isra.0.part.0+0x92/0x1e0 [ 2641.007208] sk_stream_alloc_skb+0xc8/0x860 [ 2641.011661] tcp_sendmsg_locked+0xc93/0x3260 [ 2641.016121] ? tcp_sendpage+0x60/0x60 [ 2641.019947] ? trace_hardirqs_on+0x67/0x220 [ 2641.024292] ? lock_sock_nested+0x9a/0x120 16:26:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1650, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2641.028536] ? __local_bh_enable_ip+0x15a/0x270 [ 2641.033244] tcp_sendmsg+0x30/0x50 [ 2641.036802] inet_sendmsg+0x141/0x5d0 [ 2641.040620] ? ipip_gro_receive+0x100/0x100 [ 2641.044949] sock_sendmsg+0xd7/0x130 [ 2641.044967] ___sys_sendmsg+0x3e2/0x920 [ 2641.044983] ? copy_msghdr_from_user+0x430/0x430 [ 2641.045004] ? lock_downgrade+0x880/0x880 [ 2641.061574] ? kasan_check_read+0x11/0x20 [ 2641.065748] ? __fget+0x367/0x540 [ 2641.069225] ? iterate_fd+0x360/0x360 [ 2641.073039] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2641.078591] ? proc_fail_nth_write+0x9d/0x1e0 [ 2641.083108] ? __fget_light+0x1a9/0x230 [ 2641.087101] ? __fdget+0x1b/0x20 [ 2641.090474] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2641.096025] ? sockfd_lookup_light+0xcb/0x180 [ 2641.100540] __sys_sendmmsg+0x1bf/0x4e0 [ 2641.104529] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2641.108867] ? kasan_check_write+0x14/0x20 [ 2641.113131] ? __sb_end_write+0xd9/0x110 [ 2641.117208] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2641.122759] ? fput+0x128/0x1a0 [ 2641.126065] ? ksys_write+0x1f1/0x2d0 [ 2641.129881] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2641.134735] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2641.139507] ? do_syscall_64+0x26/0x620 [ 2641.143499] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2641.148872] ? do_syscall_64+0x26/0x620 [ 2641.152872] __x64_sys_sendmmsg+0x9d/0x100 [ 2641.157122] do_syscall_64+0xfd/0x620 [ 2641.160963] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2641.166159] RIP: 0033:0x45a219 [ 2641.169455] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2641.188372] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2641.196103] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2641.203389] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2641.210673] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2641.217952] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 16:26:20 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfe75) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000000)={0x0, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000004680)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xa059786d16093a7e) prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000780)='/dev/dlm_plock\x00', 0x400100, 0x0) ioctl$VIDIOC_QUERYMENU(r2, 0xc02c5625, &(0x7f00000007c0)={0x9, 0x8001, @value}) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000300)=@security={'security\x00', 0xe, 0x4, 0x408, 0x120, 0x120, 0x250, 0x120, 0x370, 0x370, 0x370, 0x370, 0x370, 0x370, 0x4, &(0x7f00000001c0), {[{{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@icmp={0x28, 'icmp\x00', 0x0, {0xc, 0x3, 0xe0}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev={[], 0x18}, 0x6, 0xe, [0x20, 0x3c, 0x1e, 0x31, 0x3b, 0x7, 0x15, 0x2e, 0x25, 0xb, 0xd, 0x2b, 0x34, 0x3, 0x35, 0x10], 0x0, 0x80000000}}}, {{@uncond, 0x0, 0x108, 0x130, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x5, [0x1, 0x401, 0x2, 0x0, 0x80000001, 0x1ff], 0xe1, 0x4}}}, @common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x803, 0x181, 0x0, 0x1}}]}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x1}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0xff000000, 0xffffffff, 'bpq0\x00', '\x00', {0x7f}, {}, 0x29, 0x7, 0x2}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x420, 0xbd4dbf5faae3d407, 0x1}}, @common=@ah={0x30, 'ah\x00', 0x0, {0x9, 0x200, 0x1}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0xe, 0x80, 0x6}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x468) syz_open_dev$vcsn(&(0x7f0000000800)='/dev/vcs#\x00', 0x9bb, 0x40000) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r5 = socket$inet(0xa, 0x801, 0x84) connect$inet(r5, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r5, 0x8) r6 = accept4(r5, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r7 = socket(0x0, 0x0, 0x0) r8 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000001e80)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000001b40)={r9}, 0x8) r10 = socket(0x10, 0x3, 0x0) write(r10, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) sendmmsg$inet(r10, &(0x7f0000004480)=[{{&(0x7f0000000900)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000001d40)=[{&(0x7f0000000940)="dce09bb3ad6c25e806d408998f54862917dda48a19e29d22949165c9fbc52e9d899395e93d19aa73b23ff594d831c8815d7a6806df236c8f71a375bb258d2e5bb91fef917918a972bc4f6bd99482954300133ae38f009de90a74c94c8c4c321781c34c21d4794dfa7236d004477cd6687a6f5d31ca90", 0x76}, {&(0x7f00000009c0)="98e54ce79ad9db41640fefe8c05c0ba4a7fb056151948ad725ae0aeffd34353cb97df414912b38a515f6059966afeb85d9c887331ac6a0e7a5be2a6e3e70091e5b8a87cfc5021dfde030e203ced7579a8a5da9dc0f58deb01c9ee0053065fef214d064179d3cc1f7ce6b26e3ffb752a6d8f0dfe0f5281e496bf13111802a9d384139535e02382a2fa2ed802abe1111c6a202afb17b3df4837eba7c096a803ecf1d36171da69f929f36bb18cd7577ae6ab2780f99adac3c2d0efb3333e7adbb9c530df286a505cba7d4f32e529b74d7e102751a58b86fa908b19adeb35a9b479a8f69aee0b1e44f826e8b962e1c323c94523ea0", 0xf3}, {&(0x7f0000000ac0)="6cdb916a2ffa330c3e915197489de24363d28ff2df8a08f9efc0302faf9c3da9746e21ec307c0d28dd57f39ea00db72751d7c040e49a38edd803fadecbb95deba712a70edc1c04eb327ce4ca3174bb03f4dbb88d6d1c9dfe07a2d8f94add50372e22ef0fbcf6e33549ca6d368f8370098d211284d7fa27d0433bc1324ada1c0ac6082bffe17eef5b9ba8fe6726867f719814cbf93987c77480f279b2e4601f930fb56c944f1093cb22203e3ba9cb005154e6df4781b6d6e1c7f14c5b37a1b82e9ca2e0c87db7b1b81c03db1e80f89be5439e0e3ea398beb412157af82473dd8cf8b1e2648b6c418b81de401b64f03d2f4b89a364474ad943a21ca329f80266dafc2c26f8a479cb3ec7cef91b3a65a434feff707ba848a5a7bf7e87e56f796564a1de3b96d102f7986b9236eb543dcb9862945db366482580e52dc2cc3223a3fa276512a4d0e43721f84ccd466b17ec756d6b5ec8e2556afe5d684de912ae4a237e6439e957fd9eaff1a08724e1e5b62c799332dff87d52efdaf1c57397e018fbe0b3cf1d73d42f5d0dfdb8b547db0655afdbfe3098482edae17571869a404d1f593ed2f66877f8d093db7d0182aa623d90efe64f971de8eb65ac7de718b823df027185c04db21bd5d4dcc2b072d4dd7a266a0d06ac7d6f035ff4f3bbff7521b92eaf8f3f4f24c25bec534ecd5727ab08bb9b9e628e497e535224e1efcde02e31b2ca44206eb2cb1813bf52ba469ea1f87a32e73fc619f07aa97a4709b5e812e0620dfba4ae8ff66043128c796b157e300b75d26ae86d77cf7a6e0751440dac74a1142e3c67c1e46d1a759671ace308f27d95f0a8d2ec1774b64a8b6dbc028c5850fed68dc31562a990af009586f4f1aef60d56187460f78d7021cf37c01e8e2b9a9a80625b06a53046cd8f66804f0769d3a1f4b3b7abc2076007dc836fa4c6ad6757e9db4d9c336057c63fa2fa564441fb11cc3f120675ff726bd5c7ded3e2916080ffa2457b5331b6d2e20d6b89c2b10015f55dba75825e10950f0c8a8edfa382516aef859bd90bab5d5b1a417fe7bacdfaa9c8c71699434d6606332e76babbbd282fed732115a07390608abbcd3283189211c5d64594930a5f1a8a5bffcd3e9b5afb65f777d10d7e8498c80150cd557f704b9e3c6c440875be0ab1ed49a177e1edd95ed62af8f8aeba896c41813cf8fe4479768740048689be9e8f7313be041ea48d94229e2bde43b066c5d360368b58c1797ed668bd21271894700feb59928d31a4281a6cf96320a60d23748cb7f1bff84de7ab81868b5d0899c189234a2fcee545c498eecdba542d4e479b5c1a3319c620cc30b79b91c9a4af52504579c2a634fb243db1b567a0fa90b7ac95ff5b259260f71f976a2d237b467aed8384a264d0326932e9d28f5cc94b56e790e48e7f80820237b376ba801de3f65a8e9f40f9a0f11240c0e62c1fcb6788de90b34baaa377c60b5b0d7b4cf1787843dfac34f49d525e77f21a686fcc108c5e3979f3a9a961a8e3667a30017140983e2309fc050eb09ac2ffc8315bc48c61d899515d127f5067a8557d4b1d8faa564d70b3efc24265e82852591745dc78e52e150c393706e353ae1318d5598bb91bade54198995365280eccc90033b392ff868d1c64075f9b8d95913b73d128f7523121005806ee34b5a98feea100f47946a59115c7c5bf8e18b1af638305df9a0a4928b56a32ef54e3e293602c40ca39364742f370d0fc4c7084353e26896f3251d53ac19af6a6f5bbfdc5c7b0fbb2e2c6c9f5ed58445884ea15f5f13297384dbbfbae3e4ce6695bcf9f6b14cd80c0bfde4c9fd09a52c5e00318b5bf5998f492455cc02213cca946bc425f8dc34d2ffee4010590ad4aeafb0cd4fa512afd7fd89a1b3dddfb451398e643bc71268e5d8b811725ded6f7aed778b15c42169762f8bad793540e85426dc389bdf5f0dc7d1965247ff3cb81d4083b2dbde663775f66d4e4fc54a793326cdaca7f209659f153bb6b7b3bc009e4f2a19552d53fbf3e657f482705fd52e1bd72b78e8ae92d5a9439d36d19fe9c8064bbf5ad15785f9f83ed596496346c5253b1b7dd8da6336ba56e6b80b40d2bab6d2a4c9fb48844d43b4821a0d481a1742467dc7e985fcd9793a7dd8d2c8092448da03d845125b994746cea1325bc3d8a1d1cd8e2af4560e57fe81715e1581206358c873afddd7230121023c66276cf4de91db5ce1d5f5428ab3fdb5c1c47a62ca16554ac8db03f93a9ec6786a8f57e7c532df6a68aadf349d5c02bffcc5c7cc716d099ba77f1437154e610b666d777e9c01738988861e1feebd64a8bdfffb2fc08781f973842e254f65d44d1b4e769d433802e4725563087ecc50e5eeffd50f5db4f4145b02208998a91de757840cfb97fb5a15d8431044b9f3d199a84187da24865c734d9a879d8b1e1a9875ddc4101688d0e4fc55b54d884b203659dcd3b50a602c4d0b2e731ec875353ac184d6191d47cf716a0e83cd6d4c1d63e05dce13d01baf918f16a87c4e9c4c8dde5326fc7f936302b25521933db1afeffdbea7bcca3cecb3c65b524fbf0c911cc7f144766ea171fe7663ea8ab665a52173633731cbd6e52f3f4a6cf8679817a9cf613ed9be89e2b1b5d8863225a73e255deec4e02666822e7d921e54004d06e6a4bb2c6d896b63bad87f8b20350a086e151b99d57edd9cdf7f22156744447976d9faba8f8b94bd7ac5a8672e138f762d57efed264e0077a7f7223d509220703eb593411e9db1e0cb26c3e7f941ba1b6bc4c70efa6313111e3741b93fc0577d16ea90a5aeb66d123bd25b526933ed5619c52dfb0493d954bf4b33cbabaad69ae570d3100a72b7181e4670cd884a7f3cf8e6d2232543369cfcc555f26a1561de8db3c58bd9eb0b94884011fc41bfebd32e2dc82b2d482efe446a385f19d21357e9434483dcf7d5aac59e39921ca695b49c6daabc0b59137b7d470ab13e3f488fa2798d8a898839aedeb52c13d622d560ea61d89577b3c25237c40161dd78e448707111c776b1f3f4ad22d390765291be650c25eb9fb641ef0398bf928c5137367e95820078774a2a8ea57464901b320a3b3b545d7495e0df7645d9a1a1ccea07e0acbfd7b2591d7ae052d666dabc94d06cf48d6fc28b975d984a4afb0d37b2c571d94c359b0be69c99a45561a7ed25003b16d5b06636485685b00080a1cf083a61584bcb3e4ca6bdd714be3c4a67fbcc79e555d26dbf76cb7320670a56216866847ce3ddbb209d4c653fd59aac6df6fb76df4b9fa060477ed222d7bf776fda84490be1e841b61913eaaa1f75e764f249b1b626f98e3d1412a5e411485a81dbc0862143b3c9431884d57bdac81e7a4cbc600047915aa527db2de55d9862627f634f4d98c5051b26d5049ce5a4af8f18c4462f18de81a3aeb7cb0875135f72f3be765640ac5a4138406577733a58f1f668a9d1ccc3cc5f6c7969d9026cdc3832dbc9ac7a3e1c0e8892854edc0bd7590b0f65cf719ffe18eb4bf872613a6717b37b852820eae93def522607c57b30074020da9d6311a468a8b61bbbb9bca5fc669bda25c1654c0ae3b31c3e272e9431452582513572094eb45eb4f9520ece6ae82a721d3674602fa041f23718604c104cd43b5b8bee30de31bb73b6e9055af3eb0dd60774ea561d8283512d8530e364b5f45976f6f68c2b0ad86f2e75cb20cdffe7ca84c6217c4555326926a19992d9cec4b768447906ffd0154a3b7e44dd8048da70258c118c5639b02b4fe1af585e359d811768b61d34197b3f4cfc0f76c2e702178ab2e5c6574e6455f49a91c9f537902c11124c056dbcb5976038a1799171a8d2376c464c05fe3b3e95fcd89fb1992d4d9241f1e1ee50b06696b0a984bb917b808786e851f21d986ecc12e79d08d62887ab13b0a13b1cf2eae5aa51cc674dbeb66c9ddb88fe83275b802049d7e7f6a1d73e8345fb2cda5a08f5efd8fb8e4925d24228e7db26b994a18b502cbb533b452f0f7cf8f0077d388c4d3215a80ed5cead778116ea276adb5fc91890f280041624bbc7eb109e64084361ae26ffeb9f274ca532353322e8e1ed1d5ab0332c8a79cd206733e0e310c852d02107cb0b305341ab360f99943c45451fc62aa2c48bcfa9bbc53c81d3d50be2f2ff690f32d28e9962ffaa7c365804155ec2d364790c98c83e743122da79f458674cf51395c5cdb16fd4db8f2de282217228472bb65dd1a929d8c6fb73e12c209c3e5f3b0f14e86ad667570d18b3654d5c3b6028ad8fd7aaa956088c00b9d8a0e3ef626a80c74c8ec8576e01e98b726a6e200343b2dff79083206a3ae577fcf05dfcfc820ac3b05e416c9f4483cf6fa8e501b721f69daef543d22700b662a21712b5c7347edec07d4ffa6626df59a34041b8622ce82fb05c1089358f82dd86970985ce8d692bde3be61103e5f45170466a9042684511218882174b73f7719deb3f1c291b1b570c86f394d7538125130f6b407d2817df6baecd8976dddb5fbffc3e25212e8dd251d72e961b4a045736396823d2cdc5273bf590698bd5770eb7229b19f3a15460d72d9e5ff086880cd32afa00efded26a7d2605d8dbdb6f332cbdafb6f5d77480ce07254b552d25340c6c023b86bd70ac95ffd39c748b1683f2a2395bb2230fbf97625d8f1c6fda651fcd4b75a9679210e36d91145ccbbe9f22d2a30f99a4b55bb22f0cc97c702910b682ed368cae1b28015290335e8da53435f6598e8672b3621e267c3c34292e5ec16e29fa42d00a97567b81009b9143d24488ea9384d96aa6e62ce9fc123412ba2916b7535da6740b030cbf3c1c30c04e6a7636338bc0a16ae363a179e2622d9c23294b5bd78c5660760c03fc94ded0b9b1503180e87c0dd68ce33fe4739e48a6af8914cf17b122a3f71d9f19a6b9ae1c9a97d79f23be5cfc73d137c5acbebe68ebc47d4b4d102bde2e0784c230d397506fa34c01dbeb0f35bc186c05727007a4784c83ca69ca53343a79dc61cd390221170f6b7b4ac99fff4608ff8e08aad32aa941751cc03b3fa877c5e69eb1f6d9decd771a30993f2d6fd243427ca37aae30c0950afa2b4ff29704dbf7c3b4f051453142b14c719bb30392d7c9e74067310a818231c9a733f29b1cb78c84b834d306ffb55d9c54d39757162ec2ef12851cc64ca2a8ede747a95247695d5426f7bc0faa7703a3e5586a345944795e809ff02fe74f77ed55725e50602745d88aa8c4dfb335ef1290465b26edc6066a2374387409f318a3bdd0abbe229d7c7573f66bcf3db90ed34c80dd00efed2ea30f9b0b2e53052819f778cf7e7505f87349a4204c441ae0a66668673855219c6c25c208aa5fdaf3b929e3ba7ad489a1e2d34dcfc7a0a661b4e8e7acb50b690fe7abc190385a7f233e390ff0cbf4d6628b538fa99a4d345b68be249c06c60615d7153a03acf9c787fa0f7ba99a95d82c2e4802addafe604bf0c19fd0b09e3a175ce0ea246db1437e4809e238590366744e7266fb33accaedf3ecb6e38a0d6a4698e492a9e2d43b3af6f3f6e47ac4b7332fbac1144f98efa242829ca35b814432c9c45018628297ad9051f0806b96f987c7dc25d4362640ce0e6018e46c86dc5379f1a8f7964ddd2021e2aaedb1926ed6a1fb77467d0ce496ad7d188781eb1c998ea996a094d5e51c5c79c08bd01daf194ad3cfe965949948b3ea98e3b2d2268fdad5673043658f76b822ccc8ed44692e213af68bc9fa915bdc3527ba376e146e15811bf47f40b56589660b9ba3c2aa72a6a159de3ad0320e56fc95fc749d2cac0f3", 0x1000}, {&(0x7f0000001b80)="56eca8fa878e9f2ca0e5ad856baac8a635045c953d51ea155b2f1ddaeae4fb72617723aa5cb14d41b2a6a9be495e30b4b6d1cbec90199e18e5202e47ce95581947521d7ae2f1c6f6b4fe3f8f89fbe716769ee7bc4361156b6ce0723d69a6901e4d493d9dd827533a8378917f7ba159559a543e41f3c1504134350e0d83f1d2065b8681a753252b3f12", 0x89}, {&(0x7f0000001ac0)="bbed4bfe74b9b79850589f203d0555de92", 0x11}, {&(0x7f0000001c40)="31fb5d27de5267acefb3860b08665965b0be998f1b4e404e52486fd99dad3ffc0a51c86ae3638f943ea27ff0a839a46f3894492070e7de3b6b34ac35195637a85cd133509ace0e5ecd4da89e20becdb22284f98b20a431c7b80f14d7241ac883130085c05cfcc04717a85afe5b36a4e3cb04f60e600e01257fbaab6fe28c346ea3e43fef3479f9985df54e4a0ec6e0757cc8927139d77c9ef742a5247a6262b65ca905af7c90255d664c48e380c92efdec8c08a95c2bb23256165bb0e22936b6b3ee1d88b4fdfbbfc9efa356bd94833f04520949b7d6335c", 0xd8}], 0x6, &(0x7f0000004540)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x80}}, @ip_retopts={{0xac, 0x0, 0x7, {[@cipso={0x86, 0x35, 0x200, [{0x4, 0xe, "d0488d0fb0b7bde8bc04cb49"}, {0xc3fad63cb597689a, 0x6, "773440e4"}, {0x1, 0x6, "7fb37cfc"}, {0x2, 0xa, "ea29f9777ea51a24"}, {0x7, 0xb, "7ee06eaa66d06a7c0b"}]}, @ssrr={0x89, 0xb, 0xb1, [@multicast1, @multicast2]}, @ssrr={0x89, 0xf, 0x8d, [@rand_addr=0x8001, @broadcast, @broadcast]}, @cipso={0x86, 0x47, 0xffffffff, [{0x71275c50f16736ba, 0x6, "2b989faf"}, {0x6, 0x10, "9bfbf0a2611731ae6b71aa570104"}, {0x5, 0xf, "0a97684b1ec2f762589eccec8e"}, {0x7ef5913bc32a6b74, 0xc, "2c1096e593378bc71b11"}, {0x1, 0x10, "aaa3c11422b022cda78bc36aea37"}]}, @ra={0x94, 0x6, 0x3}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}], 0x130}}, {{&(0x7f0000001b00)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000041c0)=[{&(0x7f0000001ec0)="6d0f3a18450fba7d8e7478dc576f30300c3b849e5384e994879037fb585317039cc75babd06bba0f845ad99f1356eee6ca8d3bb906e5b727fc66fb0417e503c7e337bebed29e0634bec8d77e2f2c00a7e3488b8c0beb5ff08447b139b811c9554633bf42fd021629e5ac88ed2a0d2ddeeea1f71bc203c6a3c9f8aea4e20b9853b15bc4aa5e87d6cc6d8b60ff65892eccf848de6e024c29e2be85d397b1bc97", 0x9f}, {&(0x7f0000001f80)}, {&(0x7f0000001fc0)="27c304a3e7c0ea3f00fdb737313e6f66f003d4cd1a5d8acf36e096a2edf991f078daab03650f6878b57a1184416e541fbb7395126e27", 0x36}, {&(0x7f0000002000)="90e8714e41f93e737085e3e0601968070a1847b61555f2a4a64b0a3cd1500eeabd2142f6642a8031597a5f41cd03ba49c8dc77912a029c590f403deb7139236f188a2e677228821e89e0a3e89e3820d70ec3737e5390197450faffb8d3d337704b3c31d8541c2e83ae4999363d78a20f27a9ec5e9920", 0x76}, {&(0x7f0000002080)="0be43b58fddc9578498b6412ba89f8786799e073646c0f282506285cf5f8b0f133b199aa84acf4fdd035ac357a5ac755d0ed80cee101003086b23f79addfc75a0e8a4da2a7e0de25", 0x48}, {&(0x7f0000002100)="3a827bd4558ea231483062c77341fb707b98cf784f2c2b7ba76137abb03409c2d5f4eccd1c235b1fc2e6aa9168c0b9f3f7e6147fa4724ab388646136a040fe203c5ff680d2a5437de0d250807a6a077c86f4038b7d08ee2eff2311ca60a8e53344d45d694ae1562c5f187d1e80a2b47a822c4592a5a33c876b2f355cf46b9e8cb3db2469019a03a7d5a9278cefbf928436ad04bee1f958de163b0e8ce9ab8291c89b64302df2fe4168f042b01421e28da662f1b056cf726b29ce316aae94b92676df2f2facd7805c17b06c0dc585850f03653f738d00f8d0dbcbb78412c4ec62d42c61b3c0768e8b38bdda9bdac75e71653c6011ee5237e885e6c605c814be71fd4c4ce5fc19d762ccd1d3e18509f14db9466edac5dad6546a01422c1db974bbb2789be5a234d8b468d16e64899ed600dd97f7b371e61b09c4a5f143e41a1b7e9e556eeb4b12fdabb2eeed90039988dc8e3eab1f63912b1714918fe8b78f0014d3bd1bc68f20f0af193e230e8298da23a2abc4613e18fcb4b72f4e5db52390ae0c72a5203da9094befe3e4b06d78ac0de0d29697fe13092ba0541fb875600ed37e75207544c4dab9f87e4318a4306297e7ba400a7c372ecf9176da00d2571847b827934b2ab6103f6fe418fa472526e32813383f6fe9c2f2953b1f8597f4edf7388584c85330e89609fca3c647854240f2eda0b1aebf2e625e702e26d80ca0b28d93bf0e5b8889746027f5eeaeb4725891727b94f1e055305fa9674c2a106d0307423fe7425eba4ab8d6106b5223e2d1b0ab298c1954ce833815c66b35be4a0b7b385e4d835e67eaeac6a622ca9759952c7d1dc8fad65f9f5392cc1339c5c6c35f091301ae06c273487759022ab2007caca3366bf2bb9b971050e9d4438b5aaf188f78e1849938be9a62c0b71d6e16879420f24a92885c91af511a85f06b98e96cd753693d4290eafdf1d499237ddd94c781009d7d32f3d9dd0949a3c18963a76c45248becd3648ee70e955ba286d29a74feb939ef663d7c6fa4400c65e5b1d9be4c7c39da7390979bbdc80f44297824a43c4365c2ab0ffed218898c71c9170bdc561ecea3ac009753a1204247bb9a47157f4316ddcef3b2429292a38367dae937c1a2276b723d6ce0cbb62cd1af20706946b5cce73a2f9616705a232f3f85b6fd125fe902a7e0074013b1a0329330b048db4a4d9fba47ecd0b1cb6e36890857e2786319e2d1382c712773521c2a127f0acee4d8db855a2c748ba476bc9e6eb3f54788d8a0cb7004697eb57373198c38471042e9c79fa2fc638ca5a4d239edb4dd020c3e5c8f340e809de21d1f7948262817f7b6fb6859a57b8dda8b292491b151e34790be6de20c180018cc3c9bad065230a662a3e8871bbd366b4a7e3334de0d1a1ef7e2f8b22d605355ae8412f292ab55e47b4ce39f31ecbb763d7052fdf699c4b1882a9c65077d15312dbcd361ffc51c619a05d27c910e2ea1f39a6003526ea9cb6eccee0e62975b8cdac9a94b02fc700012102d64d2a8ff514e21bea658f5ee0f08fccfd13993b936a1a9727f77a49ec30ea9310a3f786e3989add245bd4307e9a5d5282fa714c5a07a22a9e19ac95d0c55fa370198d5d8739e638a2e1ac249b5263695cf130385f6f6999e6f1e5f1ed4a12d6f4ea91a2feaea32be250770a55dc6482f898dc209af703b2bce1932facb0614bc2f88a14db11be3e53ca8303b18a6bdbddba11dd58f043e2aa03e54884e3a4b5a04f25d02d55c58964bc595cb112afcdba7227d7dee89b995bbc9ffff64b0803f8a627f7bd946191dfc5e69febf21bdddcd9d23c0559abb4ee7c47899622fbb1d764211c7b9f3b7207acd44eaa74e6e696063a0a38944796cfb775028e2bad50a6a7d07d767f2bf7b83094f78a9da86a1c50090700f95789ae24a943953d1b40bcea3511c45a86bc17d5ccec36c67bba9c85de199b1814547195b3d871ec773c9db723aa76824e1fd92195b6c8578c737a4e2638c05454d83fb986177159c60662ce5835da825351f556d31bf08d7490d778fbdcbcf1c7e626e6de2baf3fd818f1c593f8d78e5f94483b1929514add84de8a1af159fcd46f66547761414f32b18ea502cc14b4ba2acde9586dd60ef05bc5f6e7113764875e4cf92d6d8b5d9ca9ed80bae2322c0c2a74998cc0b3ec040b44d0aff6199f8c06244247660b5ba891783492afd4c7fbe4dff39a7bf29209d9d2a8e432993f58e6526cdfeeb4d4b37f5851e9a0cee0878ae4a08926f20c5b38837cbd15d85ec04b20d2e5e33f3f6be25d3b1bb06ae7fe875907b0f46c17e6e19134cb8834a027bccc04378305e713a373bd68b838c4be14899880408f6eab5812c72cdc68131cd2dff8e895c7e96a62b0a4ce2b5da2603f4dbf1867080126c319fbf9fbaff5198b597fa0bf5cdb108544ceffef6557cefc420b275cc60c925b137301fdf089a8fdbde4c0e9fea0ee5dae5be7923b30258741027902b3a4b89fb2bedd523b8e5ea12cb3db45a7f8e5e5465799d5bfea8069bec4038339ffd08542c9a145e945eec91c07c939711527c703cef58b07c7cdefc0b745f8e06737765b8a01eba018ba95e8b54c1f6f9757ba28f88911885eb8cda2bbc980f164926de18029b8895a79d34784908f61fa0043eeab646aaa49f0a0010762d1e55b1d48cc2f77211a069cdcf39081571767c9ce45c241372760122f69a052d207eccdb9b9bdc7a15c706b8ddc0eab0e6c3ccf420ff334a35b841ac51364f07333704386c2b9abdf14a53c0e63f702ada42351e3ad5f1dbe4626a12151166bd785c885bd1b22d88b0789bc4081f5d399493d492012371d88704e99721f43ab99417b24689bc494b7f680185530d729fa6c89bb1b5e0af4b7d49ed04407ffdfcbc32c99bd5e422456d787c0b7409cffb2b30208d24ad6c288c438ea26f425212a745e9a06511ec05f77ec372434481897382328b62b6e5626a06a43887f4113222e5ff32da10019b0760fbd05b6c01944de9e0e8ffe9c726be48584ee7cd445546b660555249ea18dfa364024e2587d7e2d8dec857d6edf4bf905eb6cd08e1c83e92131ac6739f4ea767056749c398f07a6cb5c260b935e8681d40b403e55259d1ac77542cebd091cf22bdf3ba7f9582fb29f52a0b1ee7a06b7032c851624eb7ec58b04e31868d7426e7de37d3588a961be997bf96a83db014fc59e35e912366307e4956be73f1385ab9d21797b07d96372abedd51d69efe25a66bf6614493e21fb834cd5175806a4bcfe1a39c3a8bf2ca6e3b1de7c4e3199bea67402b267e9b5bf456d2c555cc4c3027d36981bc51f1fdb62ac386238b0fb9fad737836ad4adc4bf0c2db6508b091a4ff0b604c5a96cb1b044549754ad5c9ab06696bc9ba434344bf1341499fe25bb1c34e90f6360db669933d09242a19b955c81610dc38516de55504481f8f5a7f64a3abd4222c9d8c2b40db5aa4f04b7d392f3df92055ca806c39394da6354be7e0fba742d4cee487971b0b53ee3327b356f2cbe0431acb3d8acfe82ed0390f941d53e02025a77c02d69f494ab569a00ea2809d4d1d886ab14e8c5325a722253781ab436a448420a2afc736955f2bd26f09b66234de7b8b0cd3c622a09eb938f4978675235d16f6e2554d76fa2425164ccb6e2f6b502f7034f52c90ccf154d939136ae6f608960122f2f8757f5362e54501abff55dbb75e509affdb480cf6e0a77bb802a45f50a7a756070c20e669b09520853313601c1669e7a4b1a38ba991bd416bbda9f8b96d06555d816e280c28b6949bfa42b62750821503a98e17e47981958cfc4a58f4df89911e1b2fa665b5fae9a82c2b25355ebbdc1e6e8c5abeb0c17cf634f4b939aa991e7ab927da28a1206d65ea24271a135ffd9c603fe28fb111e99717be38b098f8bb7745559daf74f8aa08b0c0ae422b6524083bb074aa44168ef8f539869c90017caaa26eb905b8a70b9cfb71cf6a213b6a150a05526838d48ad8f20a2e36ab4dac3666e48f18cff007c41b8b484885cc7d5a309f630b6774cabedb54f409813ede6125fb50dc56190eb1a0c0183ef9091788545cbe66e880e223157a5db52ac0fc78d4e8a1ece94b0e3b1e16fd9d82933a92dc1378ed0e7d933abef6bc2f38bd4d99833df1bd434053c57e7011e27f2c5bc279d6bafccf3b23cb240607d5472be4b14c0bb6c8d0193f090522f793c11b7a53e9702867075ae9f5087875bbf069b02167e3c730885bc7e6620eaf0c8cef5831bc02c7bc7452f3bbf6d05a24d08ce32a959459fc3906e9ffa7f3e68a1e8e5dcfbf64e4e82ed9ac45dce2ed4bce56a5ff62d0a0c0178d45cce2158f411d0c4aa5e8589404ed99a2b2dfc040b3f1b8467578f8387a1b9fd756c93514f964260d8465371d9ebcdd43f7e43132b44b6c5bc6a4e5f9030a19f567fbe8ed5ebadfbb3186dd2d7603e7b4422be55438e1a8c05e2db37890d5f2474457f3e5e8c20e872f197391eae180d1835e6b3de47fd7e0b19d00388f39d9dbb2961f262c542de9de667492caf666bb3acb770613156214c131cd499031d0e723110fcd5625d21bb0094902a7705bc131bd54839f4b17128674cfe9e8fc27d02d0878848c15e81e71c4e39d58edd9b785906ab81c02d23cd99fd41ee06318eeee0ebcf7aab6e5809ca8ad78d38dde83d649f0e8b613af9c68ef55da9ad30871d86102183c079a75147bcd9f618194737ab1ab5f39ea3b7703cdc27145355aff9cd6f6ea6403ef44b6a55b87e99c0526ef04f1e5adf22f9d52e9f2d6828756d604b892736e196f74977729903d198912ea9182857d60377a5d903fd2d62d1f74bfc3fb4f75644bcdda53701bb16560db395e862a81266e34ee03a88c51eaf944ed1e96b3c3a0ed322140f00ba003f488a7079a18a76b328f0fd9b750f8d3f5185c0ad3b60f1c2cfa792df034322123f40cad7eb4e827225ae0a8bb35fbe28e86df58aae2163285b9fe99fdbcf8568f529f23b497cd496371a1bfc6a0d0a9319f35f5a24d37386e94a6b05ad0ee2b96d412e406824ed69ba6dc986f7658ecbce789093194a9d19e0375e907bcd1f5ccfd8a40d6ce18a5c7cbdd0832fe17bd497ae57960a7dc19326d3316957ef5982916e67d312bcae0f719ea4aff57c0e07604ded2eb8c042c4fef4cb7dedaf56c33acb2e7a5ee41b4cf6ed76827e9a7ca6f46050020c3a289badd62a62434c06fdfd2547014af412dbac136c28bea37413cb7946e738f9ea733f2aa151137493f2ee1392e415aff200cb3d71739f315c9f95c849fe4e8d387166415dd073d64d0984744315f0c97a7ec8b183c96810a2468685bf0836776e6ae4174543a96177cc401d54a869f61ee233756fed28ce6c22241f8ae49e0fbeb3331e82642819737547c5aacfbb562995d2fd673f9eb02bf02c9f512a15cb810e25ba025ab06f6a4adfea4dd8cd0efc0f4148845c2f0b8f9c5e9f602c562e400c43990b0959bebe164cf0b40317cbabe561bfd173575e20e870715a374ebd2b07193b287c3d2d59f644c4ecfcba19fb3c8b8dea28269be0dee0c0db50fe1e5ec29e3ea9507896b3c4dda07a05f5abdddf0ceab2527697a1b6f6cb95b6a78b330726166925a65763c682bbc96542171be4496ec9cfba3ce90053399dba1af746e94942af0a7771caedce3fe071562590b0163f445bfdd6a8445480b3f80c460e375c6de984857f66b0f91c6d21b148de52b9c551ce09c7100c1a1107bfe5a305f20447846fa8280eb5ad94982c6f14c2e7a431b9f773b658c5fa0872e530ad19", 0x1000}, {&(0x7f0000003100)="dc6a83c1c36b30f6773c79973ea7bd3045b5b96f9752b8d575fcf9303658ae2be7602bb47484c650dba9a82bc477265f9576176352d80aac4ad9d68b519530cdc47e813a188e2a9fb1c35b3b27e575e2c220e1cbf9286fd55806465832db74e91e66f645f7afb784ce4732887ada806ec1d931f36b4a7235368483b73f04b23d530a41d01933255e9fa872569ba4a5cbc65ea1b55fc31470ea812685dc1ad815ebb77f11ff23cc82b4fb9e36443cd6c0c52ea5f317bf4d1e41edab7ec03e8641a288a704d3a56a9c82feec1f21ba4ac996a727f993322a3f03a51b9cbc1e7c5b1665429dbaff1fadf51c6fd7a3d03076bb24a105c7a47df693e7b9a786282801012dcdc0bfdd393e1d62afab2ce1abc02e457b250749f0f0ffadb4e80222bf0373ef17313bd8700d7ddef2181269cd1d190f2e98d798a4513479b867def896a8c3bd8f8bd9999db47b062f00202493970c632ead2b442e7bcac78edd494da0773d728f4b15d912bcad251443677424f8454d7285e2564f17b025757295be738b781b97f00ab83a27394e502f9da1c383b0ab6962b98aa57f95ed659d5eb4e0ce47038cfbaba488006ca59a21c167a8c33e12525fefdfe4a7d2b219fcf8e27a80103ec459b8f55fc8243799885ecc293994191f49baca71ff52298a202748d1b3ee3dff8bc016edf3a545bd3780068c452ad1a12c9d0e39bc671013b5c0ed13df8132966bf295e35e67ea0c49579d686d5dfe037505145eed362aa9bde2884e9445b3c4e2d600665e12b0f6923bbbe710d17db7283d56e977cc6382f70a17b1518dc2373c4d852d3d7da38e7b4f82294fa03774e850d3a2109aacb349fa5e8970028f25f1185b3ba5b8445fcd84077de62cf6e2279eceae87b9a7564b9b16a00b587102e60aa8a62ac159503aeabc1d08028f7fe9c81464850110d9a1c4cd6e880232e682f1e32a5642f0288d83d397a2ef29cf85231a79e107b3fdcdfd3550c62934584a0fa763b2ef043b94d678513c5942322fa32a2b954ca8eed88c110a7d44d5e9397cdf2810a7c58026c4cd1398128ff25f4fd486d774cbcb9951591b78fdaae2a0506990edb7064657f297add80e2626ae2a40b4254b1369cd88dede0af60403d61b6fb1e0ec234aca772c51e53b6dad5814004069032d4db3b0b717fe76141a72275c03df943c3a26c83b8d6c762ec7ffe0ca7bc025364b14a478842a7d6df733c58a12bf724957e02aa51eb8b57db52c3b094c3a536d2c61ef430af1d643281eff0edb2c66abbf68b46833b91b8709da7eaef9dba479c02f328065e1c6911a588366c9df8b3110fac657657bec30df11c61f5ff41ed1cd71db244ad5157e74e45e36d726061bf66541212e96149cb93ba15fbe14d76576d0524a04c958f1323ce7de5264e49dd78b7a5095ba28ad38a3c4215fbefd0d63dedba49b5b9b9e8a9e03d7d5f37d0fed8c00f91c5a8b4f0ad2803411629fd1023f3a6c18be16d280dea38908d95ce59cc79ab1177224164ebda18c6e040a7643711248e03f223bf86d6e02f3e6afc064cdb93dfd42cf1741b88060196bf0a7f1fb13db1a0f9f0c99b995c428e3ab3180a3b10ce5e22980e3fd48247849ea1c0639687939636b7a608c2da1675eeb49ff671dd754dc6f8e6b6574e886a88fe8a3ca7f66bac07b53c4565fabec777f33f50fb25bd005183a7a6b2c2576648b3f7a0a584fc7670a1122f86d02c417387d9f5279590b77ccf7a513b30cbe90ce5c66917be22d87081682c4e4488a806d289f608c70530658d7dbfb514b645374bd3e9c59e8d997ec0f2f2986ee78a2ae259be7b172478a846a24aeb97cb8dca77addeac251c0468ee49a1a7ae3e70167da65d9b88ba9710048022409cf1f55824bbd28d9a42e5c480e4fca9dca9d16c98a9c083e26e0f3cf149a4741f5da68b17a5ab627d5b5faecb2b89122104dd17136ffe393c1b42936c5bac3fa4ae974f714ff08819017dce62c57fe6df904646d34e67e66ba5e74d118d2748c6e0b6a8b38fcb01f34d6caf1890093c278c81ae4c90e6b050dd330ee4352a521db6c11aecb47998737854d72106e40f53ee5e9ade31fa4af76077de5c03e5e01b93c178565df8e96834be1bbf416a5218e38243c8dc51bfaae9b480f11f00073de232ff92d58d1e0f1521998732f5e621b2bf08485b705f3be63c6c8cc20f648e5e297747c97770cfc485c09f94f83e591a3bff79de01f0cf0e7d4e2481f3b7939f7bf66ddabb723bc5401633385ea035b3403f259d637796e5f570980b114ecfd889a232d6877adda817c915ab39e1f16e857789e075baf432f414af78538c63373eca273763a50ab7fcafbb6a35e4c0223455993db99b999033bf234eaf88adbfd0edab1a6f9c647f980b0c98641778054bb2bf006b6ee1c76a6e2324181f3dbe3b8c2d6c52146201d723d88fde7694abf17432e6ef9a66d19afcd550eb7646e88d005b41c881de9da73f7454c6b006817276185ccfc66eb60ba6f27598b8ea736c80cdf584481b46f179bd36850ac5f55a362ee3d0b2cb1f76a5413de5c84d87fb72ffe901055bb256ed7ebc48df80dfd1b1513ce10d017731454af0c0390a321711b5e2f5b013978f0ea650c048304b964e8053e382876c3add83e2ed73667aea8c131f5302053054b6639a93702659f37c0be141aeaf46506e7b6086c1ad7f38fd25589c9ac708abe25e511ff1cad35dac7074d2ec5f91d7f13fedaac2e6c58a69017bcb43ee8f54b4942ff88c328f2c79877b9e51fa73ac9954a11c73651e9063586a62d8ba41763599bc4649240ac55efc2ba58e2fa495337f84bf73153beb62b4237ef89bd4900db24537bb068d2f505ec3283427b5dab8ccabad9da0cd3a3605e35eb313db5514370ba1b0356c21b911b4b5e5255e55e5bee788a2b1870036ea988c542b2fe697bc353d49b6ac22d9a4fa340865c390a2e164ac54735258280f4a264941cf92f086a542e91c9c75effe179290a9d828701db6580e2a733b29240d71e2a7a905c20089d90f36257332e7936e9ee8319ce18872ff21de5fc13b35835201632506f00373aeefdbe97ea2db27495ba94446d0645218b38146d9bb873bf70ea1afa81b299e8dd0862704aff674f35239d3fffccfa56ec854cc215f401ef66c0a123cb2348e930de1fa861a43ce15671bbe5625aded38a98052d4ec965fc0b0461c54509db5798fa5598184907dcf1898cf93b35c61dde57ae77ada6abe5f9ca3cfc0e75120b315a2ec7ff9366142408a8e3988485f1adf7e70f84f1573c917f6fc723e658d5e2d4ea30b432dda22e325c61cbbf897ab842233ac8e2b7d8c02961d030507b814a2e5f5d86074cf1094ff4d6695661f5e2d6c891d43d5826fbde79b51e5b6a2b12df384b95a1cf4b03cf21e5e56ffe642269721a8732be898ba514f1f1b9dc1528ff1b001227816806388a46a51e0c3aca911f30b3485c0e75ce32842ed21349a58ff17955a1f6abe7e7aec7d3bfe1711f45b70b317bf5976f8929e8a63876325851248383d3091bda5a25a80b822cb40308d2af7bb72e068ec6fc790a476cddf038cde0f5561693c20422e1d943e488850552fb292f05bb1ad97ed8427d344ee107497510245f9105a00405915987d941834335fc863993a0c8200b3c3348e983eea33dff46acb01f8cc8c2ff1b324f073593a05bf769cc2cec7c5c3df013052a2014183fb4143a1a3c870d5cfb0a555c560202bde53d38234605461ad9107df93998e323ef88b67850c4d8100cd3f5562b503cba3f2a948eb5ce8b60a8c2d2008c2ca0b4d7d5fe10e8de1e200703a25c5e259e8006c9e6fd2232ba4f0f733acc93597d2f94c286181251ba860a38932b4cc2a40b967815d562780ae7db5c7164819cea39abb2de86f3a2f7002d6868503d4e3836db092a320cab95a843bc1ab2c29fbcdc2d2bc3c0220a69805068f71504a568986816877edcffa393722cc190e7759cfb917f3bdfb7197da43dd321d32dc95e691114c652a7c4d028da42b7b8602ba5da396790055bad82661b07d382891cf2066443b7b481520eccda72cb495dceabea62d35b55b8e5b791030ef25cd998c1beeb9a0d05573895836e063baf8b1e029623f96141cb2a9ecaa0cbbe74e1481cd57a2c1a35e817e7be68e2b6c9415b056e97e258c7eb179a4aea227a1523c7f4826caf962872b90f6e9c894ed1bbbbaba6cdf8d236f1f99b10b105551094252dbb88babd6592c76f15f1354a7363985846dbe27be4f6475d79e6407edbd79b241cf7343e849ae493b1dd4291686b3d605fb8440f62bd5350b3b47d86acd2f25205393ba192f3a7393b93990d86077efb098e13fe6e2ca4d36274e44b0747f2a618f028eec408a0bfb61a702c72f8b04d32732dee20784fcf52558e46c08a10a75c0840f65601d4b8cad2f8f70c4f6911491cf805bcd7632b51b162f8d09c59f7dbf01eed34d4902835c651eff9a54ea8e61e7da0ae095ccaef0a4848bef3c01b88d0b79a2a62d767d2138a4fad181e4763812b4ca7feab1703f1b8eaeb5de2b7fcd8640e444347548a5eef4d9b293c07a997a7cad2af80150a79f2e5a5d3be7890e3061b193c371375212efe8fa978491d443f330e2a6ad87be9e68c76c49f529770707031b382a7063cb8400b087750fbf2f6452662b9059bb4809fef8d09be67299f41329577a36026ef4a1a054f22e7c8c054b4e3ae2d437427c45a49ab8a9181a3e960e7378bafbfe648cca3322b52cbcfafe267ffa1ed1f83c069c130e7283c9d5ffbcc0df8130f6f41086047edd588cb0018606a540833c90efcb2b7017a5fa376e2bc7af69e7e73f3df453955885b2bfea54d52356509e7251dc304b8b9fae4cf4772d985a431c201a9ea989a54f060bcf5d7e53e82d9e60cd8c90b24aca739dfcef90c78f176bc0247ba09cc19cf33b9c729fbd95799514b2633ebfbf244a4ac210b45038411b5a170c3d5559c8a4548e743da02b441e0a3e0d8c64dc3495f751b261229405e9fb0cdd1c90ee979c8385b494dcc9228b7cd64d2fdfabdaa881eb7df7228a22403515bab39af8c5ffbd5332b318754657c00de40330baaa18626e67c53c31f79bf9a28f2a2f16573fd88e0a845b171ef3ec21f68c74f2387095349c7fbb17e2fb0ec2ba722909f6c4c001d4f1cc0ac90951b13fab34d26102a5df4c09aa6e8a14150157aadc1908d5d12a3868fdd6b82c97a3bd2ec5145b14af006450d0950d6355a1dce10372be6e8054797422cda3377838cb992f5a294e6b6bdca90af107bd1f35b41db5440a4adf5b631245e29546e8c9ea1b2e5bc38bd688e575131a0a9894af174dcd11970e453b57ed6340ecc59749531de5d25532570aabfabad153e908dbcfe202acfef960673c63d161af8488b0daf88c5e64e870d7ba39dd72b817653f7a0d9a79164745ace38f57da1940aa8241a23ca93927b15126a3fa6a983640ca95689504fe9d494505054cfac0505355fc8453962d6e42f3b624f4bed2a3049ca96b8c3411acc2fb602cc9666fecfa07a356689b93ead7e9594f27de79cdab021631d9a15e765de41a2edde1a10669b9ac1043f433476bef9db123e9c52ca961d6dfe3e1c14602c5706e7fa28d4969f1c4eb53974c846e3d2548f553b4a7580e3d3a6677e6e95ff17281f99e3da8acea5134355b4e41b90b23128c3dd9c474ed1d7f63b40e83663b6e18db73b88cfa60ef62d95cbfe3f2cc58f037a66d1ce025e2ecb334d85101a478ffd2d86fc4b6857c723ccd108ce64ff803e2f8c", 0x1000}, {&(0x7f0000004100)="45177ca2951a084e37777df5717ccc9d87e29bcceb36119666143b798e56367a6cfa6fc055d9db6258ed6df4e7892644e46fa44d9aaf5ef0bb637a952d4cb6d30628d62fb32b0e4078892fe274a5f8951bc790756dc939840f282a6eba69502b4bb3e4f2e9b514e0aac61c46e2649cb9f1556ec83c9b0e4b5b94650c57daab8f8e3db36ab241bd56663e8c842eda15", 0x8f}], 0x8, &(0x7f0000004240)=ANY=[@ANYBLOB="580000000000000000000000070000004410068300000000000000030000003a83074060000002443006430000000000000030ac1414bbfffeffffac1414bb00000009004000040000ffff7f000001fffffffd000000040014000000000000000000000001000000974700000000000014000000000000000000000001000000710c000000000000110000000000000000000000010000000600000000000000"], 0xa0}}, {{&(0x7f0000004300)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10, &(0x7f0000004380)=[{&(0x7f0000004340)="d089c7143c484a46e7cacbab4b5894147a498522049a82327817e2430499733c30b5d2b6f879958d75d7c4838fedbd7d3b388ae415615a63eaf8f036", 0x3c}], 0x1, &(0x7f0000001dc0)=[@ip_retopts={{0x80, 0x0, 0x7, {[@ssrr={0x89, 0x1f, 0x20, [@local, @rand_addr=0xa1de, @local, @broadcast, @broadcast, @multicast2, @multicast1]}, @rr={0x7, 0x7, 0x90, [@multicast2]}, @ssrr={0x89, 0x1f, 0x14, [@broadcast, @loopback, @loopback, @loopback, @dev={0xac, 0x14, 0x14, 0x27}, @loopback, @multicast2]}, @generic={0x82, 0x8, "3c92561eacbf"}, @ssrr={0x89, 0xb, 0x8, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2]}, @generic={0x87, 0x10, "18a1c0c6614d92180959d0f09a29"}, @ra={0x94, 0x6, 0x4}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}], 0xb0}}], 0x3, 0xc000) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000000)={r9}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000840)={r9, 0x5}, &(0x7f0000000880)=0x8) poll(&(0x7f00000008c0)=[{r0, 0x101}], 0x1, 0x401) sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4020004}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r3, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0xfffffffffffffd0e, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0x8, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5eb1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8cfc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x157c}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000080) [ 2641.225490] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:21 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000022000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2641.291143] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2641.305998] EXT4-fs (loop0): bad geometry: first data block 20740 is beyond end of filesystem (1080) [ 2641.317260] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:21 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1be4, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2641.359493] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2641.431486] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:21 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000045200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2641.495717] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:21 executing program 1 (fault-call:3 fault-nth:2): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:21 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x0, 0x1000}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) 16:26:21 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x500000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2641.621123] EXT4-fs (loop5): bad geometry: first data block 2228224 is beyond end of filesystem (1080) [ 2641.653209] FAULT_INJECTION: forcing a failure. [ 2641.653209] name failslab, interval 1, probability 0, space 0, times 0 [ 2641.665060] CPU: 1 PID: 10239 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2641.673015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2641.682398] Call Trace: [ 2641.685012] dump_stack+0x172/0x1f0 [ 2641.688677] should_fail.cold+0xa/0x1b [ 2641.692590] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2641.697718] ? tcp_packet.cold+0x142/0x17c [ 2641.701963] __should_failslab+0x121/0x190 [ 2641.706193] should_failslab+0x9/0x14 [ 2641.709989] kmem_cache_alloc+0x47/0x700 [ 2641.714142] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2641.719668] ? check_preemption_disabled+0x48/0x290 [ 2641.724674] ? lock_acquire+0x16f/0x3f0 [ 2641.728661] skb_clone+0x156/0x3e0 [ 2641.732200] dev_queue_xmit_nit+0x309/0xa10 [ 2641.736517] ? validate_xmit_xfrm+0x1f7/0xda0 [ 2641.741006] dev_hard_start_xmit+0xa7/0x980 [ 2641.745429] ? check_preemption_disabled+0x48/0x290 [ 2641.750441] __dev_queue_xmit+0x2704/0x2fe0 [ 2641.754752] ? mark_held_locks+0x100/0x100 [ 2641.759002] ? netdev_pick_tx+0x300/0x300 [ 2641.763237] ? ip_finish_output+0x737/0xce0 [ 2641.767564] ? find_held_lock+0x35/0x130 [ 2641.771631] ? ip_finish_output+0x737/0xce0 [ 2641.775950] ? mark_held_locks+0xb1/0x100 [ 2641.780103] ? ip_finish_output2+0x1295/0x1730 [ 2641.784677] ? ip_finish_output+0x737/0xce0 [ 2641.789105] ? ip_finish_output2+0x1295/0x1730 [ 2641.793713] dev_queue_xmit+0x18/0x20 [ 2641.797516] ? dev_queue_xmit+0x18/0x20 [ 2641.801489] ip_finish_output2+0x1041/0x1730 [ 2641.805891] ? ip_output+0x451/0x650 [ 2641.809600] ? ip_copy_metadata+0xce0/0xce0 [ 2641.813916] ? __lock_is_held+0xb6/0x140 [ 2641.817994] ip_finish_output+0x737/0xce0 [ 2641.822151] ? ip_finish_output+0x737/0xce0 [ 2641.826487] ip_output+0x225/0x650 [ 2641.830038] ? ip_mc_output+0xf50/0xf50 [ 2641.834018] ? ip_fragment.constprop.0+0x240/0x240 [ 2641.838952] ip_local_out+0xbb/0x190 [ 2641.842662] __ip_queue_xmit+0x86f/0x1bc0 [ 2641.846805] ? kasan_check_write+0x14/0x20 [ 2641.851035] ip_queue_xmit+0x5a/0x70 [ 2641.854844] __tcp_transmit_skb+0x1aeb/0x39f0 [ 2641.859340] ? __tcp_select_window+0x860/0x860 [ 2641.863981] ? sched_clock+0x2e/0x50 [ 2641.867688] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2641.872699] tcp_write_xmit+0x1381/0x51c0 [ 2641.876865] __tcp_push_pending_frames+0xb4/0x280 [ 2641.881716] tcp_push+0x4d3/0x6d0 [ 2641.885181] ? __check_object_size+0x3d/0x42a [ 2641.889679] tcp_sendmsg_locked+0x28a7/0x3260 [ 2641.894177] ? tcp_sendpage+0x60/0x60 [ 2641.898063] ? trace_hardirqs_on+0x67/0x220 [ 2641.902387] ? lock_sock_nested+0x9a/0x120 [ 2641.906642] ? __local_bh_enable_ip+0x15a/0x270 [ 2641.911493] tcp_sendmsg+0x30/0x50 [ 2641.915031] inet_sendmsg+0x141/0x5d0 [ 2641.918830] ? ipip_gro_receive+0x100/0x100 [ 2641.923141] sock_sendmsg+0xd7/0x130 [ 2641.926854] ___sys_sendmsg+0x3e2/0x920 [ 2641.930822] ? copy_msghdr_from_user+0x430/0x430 [ 2641.935579] ? lock_downgrade+0x880/0x880 [ 2641.939731] ? kasan_check_read+0x11/0x20 [ 2641.943887] ? __fget+0x367/0x540 [ 2641.947350] ? iterate_fd+0x360/0x360 [ 2641.951142] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2641.956671] ? proc_fail_nth_write+0x9d/0x1e0 [ 2641.961164] ? __fget_light+0x1a9/0x230 [ 2641.965129] ? __fdget+0x1b/0x20 [ 2641.968487] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2641.974018] ? sockfd_lookup_light+0xcb/0x180 [ 2641.978508] __sys_sendmmsg+0x1bf/0x4e0 [ 2641.982477] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2641.986790] ? kasan_check_write+0x14/0x20 [ 2641.991021] ? __sb_end_write+0xd9/0x110 [ 2641.995089] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2642.000616] ? fput+0x128/0x1a0 [ 2642.003898] ? ksys_write+0x1f1/0x2d0 [ 2642.007696] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2642.012458] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2642.017204] ? do_syscall_64+0x26/0x620 [ 2642.021185] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2642.026542] ? do_syscall_64+0x26/0x620 [ 2642.030513] __x64_sys_sendmmsg+0x9d/0x100 [ 2642.034743] do_syscall_64+0xfd/0x620 [ 2642.038540] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2642.043731] RIP: 0033:0x45a219 [ 2642.046928] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2642.065835] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2642.073645] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2642.080912] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2642.088185] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2642.095447] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2642.102704] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2642.110521] protocol 88fb is buggy, dev hsr_slave_0 [ 2642.115684] protocol 88fb is buggy, dev hsr_slave_1 16:26:21 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000322000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2642.121335] protocol 88fb is buggy, dev hsr_slave_0 [ 2642.126463] protocol 88fb is buggy, dev hsr_slave_1 [ 2642.154972] EXT4-fs (loop0): bad geometry: first data block 20996 is beyond end of filesystem (1080) [ 2642.171883] protocol 88fb is buggy, dev hsr_slave_0 [ 2642.177031] protocol 88fb is buggy, dev hsr_slave_1 [ 2642.182848] protocol 88fb is buggy, dev hsr_slave_0 [ 2642.188279] protocol 88fb is buggy, dev hsr_slave_1 16:26:22 executing program 1 (fault-call:3 fault-nth:3): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:22 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x3f00, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:22 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000025400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:22 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x68) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x240, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x4}}, 0x20) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/btrfs-control\x00', 0x240080, 0x0) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f0000000180)={0x14, 0xfffffffffffffc66, 0xfa00, {r4, 0x0, 0x0, @ib={0x1b, 0x9, 0x8, {"0072756a671f00000024a8c7818a0c86"}, 0x6, 0xa, 0x7}}}, 0xfffffffffffffc8b) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000000)={0xf586f1cf, 0x0}) r5 = socket(0x10, 0x3, 0x0) write(r5, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x8fc, @loopback, 0x400}, @in6={0xa, 0x4e23, 0x10001, @mcast2, 0x1}, @in6={0xa, 0x4e24, 0x6, @rand_addr="b093bbc96666e7d0c497fec7bd857382", 0x831e}], 0x54) [ 2642.414465] FAULT_INJECTION: forcing a failure. [ 2642.414465] name failslab, interval 1, probability 0, space 0, times 0 [ 2642.472226] CPU: 1 PID: 10357 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2642.479201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2642.479207] Call Trace: [ 2642.479232] dump_stack+0x172/0x1f0 [ 2642.479253] should_fail.cold+0xa/0x1b [ 2642.479274] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2642.504112] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2642.508958] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2642.508978] ? should_fail+0x14d/0x85c [ 2642.508997] __should_failslab+0x121/0x190 [ 2642.509013] should_failslab+0x9/0x14 [ 2642.527305] kmem_cache_alloc_node_trace+0x5a/0x720 [ 2642.532338] ? __alloc_skb+0xd5/0x5f0 [ 2642.536149] __kmalloc_node_track_caller+0x3d/0x80 [ 2642.541087] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2642.545762] __alloc_skb+0x10b/0x5f0 [ 2642.549486] ? skb_scrub_packet+0x490/0x490 [ 2642.553812] __tcp_send_ack.part.0+0x6a/0x5e0 [ 2642.558303] tcp_send_ack+0x88/0xa0 [ 2642.561920] __tcp_ack_snd_check+0x165/0x8c0 [ 2642.566322] tcp_rcv_established+0xa40/0x1f10 [ 2642.570817] ? tcp_data_queue+0x4250/0x4250 [ 2642.575127] ? __local_bh_enable_ip+0x15a/0x270 [ 2642.579791] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2642.584372] ? __release_sock+0xca/0x390 [ 2642.588437] ? trace_hardirqs_on+0x67/0x220 [ 2642.592752] tcp_v4_do_rcv+0x61f/0x8d0 [ 2642.596645] __release_sock+0x129/0x390 [ 2642.600616] release_sock+0x59/0x1c0 [ 2642.604321] tcp_sendmsg+0x3b/0x50 [ 2642.607855] inet_sendmsg+0x141/0x5d0 [ 2642.611669] ? ipip_gro_receive+0x100/0x100 [ 2642.616037] sock_sendmsg+0xd7/0x130 [ 2642.619757] ___sys_sendmsg+0x3e2/0x920 [ 2642.623727] ? copy_msghdr_from_user+0x430/0x430 [ 2642.628480] ? lock_downgrade+0x880/0x880 [ 2642.632626] ? kasan_check_read+0x11/0x20 [ 2642.636794] ? __fget+0x367/0x540 [ 2642.640266] ? iterate_fd+0x360/0x360 [ 2642.644059] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2642.649689] ? proc_fail_nth_write+0x9d/0x1e0 [ 2642.654183] ? __fget_light+0x1a9/0x230 [ 2642.658150] ? __fdget+0x1b/0x20 [ 2642.661520] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2642.667050] ? sockfd_lookup_light+0xcb/0x180 [ 2642.671538] __sys_sendmmsg+0x1bf/0x4e0 [ 2642.675504] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2642.679819] ? kasan_check_write+0x14/0x20 [ 2642.684049] ? __sb_end_write+0xd9/0x110 [ 2642.688104] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2642.693630] ? fput+0x128/0x1a0 [ 2642.703774] ? ksys_write+0x1f1/0x2d0 [ 2642.707572] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2642.712330] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2642.717076] ? do_syscall_64+0x26/0x620 [ 2642.721039] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2642.726409] ? do_syscall_64+0x26/0x620 [ 2642.730380] __x64_sys_sendmmsg+0x9d/0x100 [ 2642.734613] do_syscall_64+0xfd/0x620 [ 2642.738407] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2642.743582] RIP: 0033:0x45a219 [ 2642.746770] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2642.765664] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2642.773393] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2642.780835] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2642.788099] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2642.795363] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2642.802640] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2642.883196] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2642.915262] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2642.933723] EXT4-fs (loop5): bad geometry: first data block 2228992 is beyond end of filesystem (1080) [ 2642.956924] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:22 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x4000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2643.004886] EXT4-fs (loop0): bad geometry: first data block 21506 is beyond end of filesystem (1080) [ 2643.015356] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:22 executing program 4: ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000140)=""/141, 0x8d}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = dup3(r1, 0xffffffffffffffff, 0x80000) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000001200), &(0x7f0000001240)=0x14) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r6 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r6, r4, r5) r7 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r10 = socket(0x0, 0x3, 0x1) ioctl$PPPIOCGCHAN(r10, 0x80047437, &(0x7f0000001280)) r11 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r11, r8, r9) r12 = add_key(&(0x7f0000000000)='blacklist\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="143dee17fe34f1b11971a70f4630a4e7c6cbe66c94ff92efe54ae2b7239a912a1f140373f72e398b7cee7d7ce013e26a275759dde44659c5de90beb778ac5382757971f5a399914aeeea2b12be45876ccbc30f4737c2fb3833861786a28b29efaea0617250489b96ffb590b70a11e7efe3c19e4e7a9980742902812eb9d272f8219010dae68943a7f577a1b84923d21ecf7106cc8475f695d67465643e51422666d95a90196f38f9418a69b5d1c0c5bb5bac38944306080ffdf22bda7c36e1d106e26a8f4b7408781fc596fbaa44ff3817a871058cdf24082d392df4248b906773f7bb84210376ee2251c08c8c642484e612794e392e7349b4d4c2872ffa20a0d7367bb3492c92793d713731790c20ea60752c5e97f432d3946bea7ed692729ffc315d101536518104077c091aee3cf48b3000e6e488d14ce71718269163262aa487c2cd65ba1d22ebc50681d14c77c7c51b7043342c16be71edf40d7dd1f1a2822ac574aa38480148c5aab7bbd6016db2579049871aae17efb36986f126ff0b340bbcbe2478af8794f823ffaaa98eb54a40de2b97448d617703117cd732b0440bcdc30408b766fc5ea68e9d01492cd8ff616d8676a232a0705b69ed9a2b82aedada237f51c2f33911a042ab49809af9ffff94df2772d86422e3b01a2536cb477a743ff9b54265650b63cefd3c7db4c4e8db145520f8b242abfca94bc28f74c8a080a73f8c95f7662f45700c8f2fbb802b0f5ec46d2b1c5a7e077ed586bb607f10c6c7831e69599a41d5b11c4e6de67db08d53e20e70c5d07624e3d753bb4e6d9d3de6b259ea850cfbcadae747784018a8174275cd22a443c8705b0ae4a6d78c04b4336f7826de2f2f18fc3b3e22b9b76d699659733c272d4b2b7dce514c012181b5ca8877c0a62a066c2f4a99d39127638de8a1047d3d8d1853b09cacfd2b042fbb3681c5298f7c4ca216cfc25f9f7c081a14fac604ef9982762d30292a38da7861d3bece11393155011274fe821a666f79299e18d1371d3b93cffc7ebb79bc8a10da7a686b19cddcc49bfa3ef7559ab88140c46facd83bda71c80c4f7fa41b9d426b2dc459f1f3cd14b27a0b874ad075d814ea4595a5f4595b20ec427001c162959fa93876a43b1f1402291a85f4782881cb5463437187d36fcad6a8ded45a756b1275e5855fe72236b16f3c783f357f178b1fe0cc343ae1bd5109e16819174e24ca8ba2609be1b5ffa1d516049137013112ca63aaf9739b1a96d2ceb0c1b6e9cb7aac90c5be2c35c83498bc8e408c51829caf11490c8d411e92c1adc0fd35af255b4e5b229f28521ed481e923c5f120a0ff6baedbe7016941b094a1b30221a7cd8ebe320f06385f2d2de8072a97eb3209aa5bd97c2928e5bf87039afe8d4e712b374e16c858cb165f9379a60d71c3fc683b72bff6cd90d0ed40732cef3b60677b85497bd5a837e2680ec9567b57a47c0bc9e1cff7f9614e36014ca58e3625aa995865ad39cfb7959c07696ddc6a00c1f774c71b10dac61fd02e275fe5cd6eec677b8196c9a97deaa26d06545ca2bc3589c1326d97c70be4cb8173ffb040dfb5275618b5d833647f51cae0389de94427ace838b7bebb19e834d528907784a1fec9b53133bd453b484c37e540b42e72443cad881d55963550189f88530bfbdeca3735f69a965608581c05da39edd8a64df19b2971ff666899ae29b827c0afcaa5531077918d0a1719667ceeb65b6b6f8b3e2702fb5a3c5163dcfb7f35084b19a1fd91221c7fa72f94150921d72b25f0dc5acd3ccc5455701fc6fc3f77d111a17f33ea019b4f721a32e7bd02d3cb6b447b7c764c4e6b6f2aad109938f48e56cf0550c998f309284f6261aa00cfc0f4a59ed4377137e5560b4b64988525e699f4109b72dd3335deb68abbca6d1fb57f85f02d2cea2d6f0483eeb2afbc85f87840ffa1b6868b5e8b952096468dfb4a80b6b8ca129cae5acd8dbf9f3e0c51395e4bdac65520ae5bfada2eea5defad84efac22ca1d1974a54419ab1323dfc3140fa3de56b1920d7d3cb86b0288dc0193407bf6565716c3ced037c6aa25e643520526ca187d3d890ce11b673b8340bdb8f8b1fcb81e74228a01a532b0394a9e7812543a05eab7c8b98672199875b80e75959d9c3daca26b280de94d27d6b7e1d561d51638a9285e6b7da88ff347e5633cc332417e9e98dc8350dc5be27b5eb6d5ed1211093aa95b55a3ce58dbf8a0628b7989d9afaca2151c320d0eea6544fe5c0e66d1d6224d3990b06c6bdede3e9297aa955c4c0e31d400c5afa4cb2ef75c5b16e7007577a7c0d5a6e6ecfd7c0538dd9cf44bc983867d85c0dacb21e3ec1b316f2b4f102fbfd57e126329c609abe9bb3a20424f8d7131882219aa5d12bdd47af3dc149e4cb4e21d222fbb1819783b65d0452c9f891f2ad5882184ed75888c4173f6a24c6f0deef7324f89908b5e842c972dd2b35034fb4426c9503d6313b74259f77ab2e9523167c64af2699579ffcdea5691e88d070d5eeed78ab920c9c30a545fd4d1344638c2316605520210a5b97baec7b1611a28c4d41656b9ac6fa61207698652f52f26e79a6a42d7d131ba21457851380b360398a706ab535a2ea8aea51b866ad1c822bd4bc723180b3d70244debc19e12eea28f01d033671e5510a43829c9464da980471af89661ce02c3c79f916477c2c6122f0054f6863570938fada1451461768fa6d5233b7522b2ac10d70eff868167a42c895dc8c24c2e9282b04abcb52cc1a60f3facd575ca31735400e30a40887924e7a111e26ad59f71b3a5d0e7e225157db66aa8b7ca7a71d20df82bc0b5e81d67bc84f2efc79cdc98e27871f328d4fe90f61f54b4ad2c1198a7ef7cc198cb5df77580715d1648598d0f70c9ad437a9b8449175ad91395215c04854ab52ce7f71509f9f7102b394663aadf46c644efeb260ae03c52d9f96a289ec30321a4c618ba278dcd1a7b226faacc76807d3bf0d3ef8a0ac09f210c68a33d4b4158320c3df130a698eff9cfec12d1fa63236ac7715a1f3790c37a4d8191d4d67aa867df2a2dd02376db11c084d8b0dab19b9e201d1bb5fd582fef2698fc0d188651f2b77793c2b4e40da1ba210fbb76a8e422d4bbf75598f53ba600dec63d180d97cae601c16cbee477046d268d893c015981e8484fcacd8e0f5e6f0d7c0ea8f0996a68a39b3e9036ca9ab696a34238473cf074be9c7a1faeb8f8728698d203bbc0819a0587b210cab1c76a018c8b84031a0e4cae7b1aa53b89768e84be5e549c683662a5710d6b9b484f9b2263d0fa28962439d6ef475883879c89bd73fad7b2fa1679eb304dd43079b5edb1ac81953eb50af6f77f80717f36b0f4213c942207680b43fd32de61957abfeacf73f79d20138d7945ff2296acebf10a74a68e80c1158585ef362e368e4970eaf494993d5ccc9e970611c83b654dac437aa61d292ce9a6d523b5c2bca9ac8a1dcf46a2289ef122bada34df89d7fc18de2b465da63747f710764af825cb5d5afb1182ff67e153e4746748dc645545460630ee2c1ba0781b47fa784f1ec41444cf039d2ab0ee05fbe1f8497061ccabec4d62a67a5038cebe5719ea25d7e77004270508491dbf70ed424014c65fe5407cf9de558c6e8e44a38770951d2c87a65e160038632e3b7f8e4ce05bdbb52265c3c16d2f5bfbbadd7f42a1937439474a247921a0eb6bcbdace1509e150a288dda5c685599bfe57d68168ee6d00f1ce967e098131ad5ecf4ae2a7c84749393ba810e147d4f841534dfb858e4ef919a7d725386d1e86d546050471acf9166b886843da1292579c5f0093b6522d9e9555e06f1ced461c9da767da7ac4adbf835bcab8f2c10d92e481d1fd5fab0ada7778d0cb05f0fd40c1caa20e686b958189e946aadb8de5597a0f49330fa1386c52406606cadee1c9ddb63f983863b076a84eb33bddcb11b5b001e0bc7275bafd546f6d660e5d1d1d23355aa27a4f6f831b138e70e3ed422156b48a57ee04add3abd6e9ada28667928dc80f2cecd73b63ab3be6156c930ee054c8a6e832e71eeb117fbd1c5964af67a338ab523ede1cb222f240bdaa12f4a4a72c4d74d39cbcf11a535048a65211dd9f1965232fe408123b7b452502c8e0854ac706ad8818d5b2e4818b43324417ce21d87786d174d5a77ca14360e3ab67f638cf5d7fefa1f9cd47e43d55f487942896516af78a36d29f1ecb06d5915982692405b3abd8aca30f54fd1bb58866b8aab2f70f4b435fcea186636ada3fac7f7d01d65027fe9e9acc10d35a309e702623b547ade039216a73d1a0ecaa8170fc0bf5c75d14bbed256d1f54d8d10a236d3a54a1249b97a65444d450884c9154bac4556a2c6b18c447954f786d898266eca902aa99febf37e11228f11cefde91b2833205e3572665275a27c080b51809bdbecf5ac388e17b5780b8bd6c0b7e00df00a071f7026c2804f39a92f667c3b35b116317198fb5e8631bd65bd04926fcde806be3bded94c5013599e2da5b253a2c0ec1c955528de3f48bd54a444db161a01389ff58ba2864e80fefc7c5bc828396d3c2139d7289d0f19b56258904db4e2292806dd3d2e6f736c46db54a1057c206e0396fe85a741ff5dd4bfd0dfcfc5c5efafdfff294d99258e7495e89a2485e3254c307dbc1d3f7b505547816344231c8c382b6da643267c0ffc9b2100898c78d99b25da1d7d969ada8c9ea0dcb9217b651bc269f8446a281ccbca51b8d3d8e947b8ff77995d7ae46d07f9522491767bf66b84cdda8a0f7a334528ff7e7cec05a9039729d1bbad7dbcfa8dbfb5d812abf6dc0b01736fd9b78abef26247a689c1d0336fa137152dcab1f062903da5505d4b1c6ed6f089463bc0ef2bf0972cf8e8f6c487a0fa9c5cf28ad707ff747ef331b80d767b28839abcf060a93669eb161c9444c3451969844170b022f856fce77273dff0f88710f45c20cefa66d3056ed2bc1ace69002b6ef0a7240b3da4cd8374850a7401c70734ad2da5ed7403f41132a80d37586c408af3ad4888cbe6c4daf556b232186ca63cdc5fce992ce0bbbd75a5e15ecae649a0506dfcad087a2611a31b29f66087a837d7902a6e49f96314bc26849cb71e3e31443082f27805b39bc0c9651e01f7733717b56a4d9c6c1b93e8b74ae662d17c90a6b75d43f3a7858cacb505796865909df45fb2480ac0681ee64130fe44baedd51e04dfc7772b6ce2261726e62662c369971fa9774b2854042aed75b5fec2e3f7575e4ff0fafe8038112c2722bd2360eec2a506df0351051acf2ebda9aef9303912b87c4769ee59e916169b64337bebf9d38b29df99748222a898b55189e3d5a72609967bfef942d356d96a469d325c8b824a3541b0fff870546091afd92a95468d5a824a324f1a1e227b47f2c2faf29f1bf299c4e4941f0e483177ec1940f9b54681c217396a959de69dacbe8bf945cd1ca749415e0de6568fb6a2187c17d9a795ac5ffb4e19cf29045c0683c5f4a753bfc8c66b9c9c8b96c10cf9d2ca1f26fe977d0cfba0e09f381010d2a88cb607e8a093527e547d240e6647eadf96e60c3b7880ee5324b3e1e3740203aae6891505f1d9cf21805af45639df169e7f83edb7c6af090babdcaedffa9672339088c26e3aac873f7f67ea85e114b3410478c0deabcd22c694eb63a101ab29bf1d1ec2f7c3d1bade8f10682bb959764c9b5899a6bbc3edba1d3ec4df7db4f79c42133a0168152597132bf23bda2b511b41398f5f16594234c62fe33a3851d71cc85cc55236fe03b8a41d6526a2773e9d1", 0x1000, r11) keyctl$negate(0xd, r6, 0x6, r12) 16:26:22 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x600000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2643.129512] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:22 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000005600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:22 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000023000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:22 executing program 1 (fault-call:3 fault-nth:4): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:23 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1650, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x4002, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2643.383220] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2643.398311] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2643.429798] FAULT_INJECTION: forcing a failure. [ 2643.429798] name failslab, interval 1, probability 0, space 0, times 0 [ 2643.435461] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2643.480703] CPU: 0 PID: 10497 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2643.487703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2643.497153] Call Trace: [ 2643.499752] dump_stack+0x172/0x1f0 [ 2643.503392] should_fail.cold+0xa/0x1b [ 2643.507303] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2643.512411] ? lock_downgrade+0x880/0x880 [ 2643.516560] __should_failslab+0x121/0x190 [ 2643.520787] should_failslab+0x9/0x14 [ 2643.524606] kmem_cache_alloc_node+0x26c/0x710 [ 2643.529181] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2643.534724] ? tcp_established_options+0x2ae/0x480 [ 2643.539665] __alloc_skb+0xd5/0x5f0 [ 2643.543286] ? skb_scrub_packet+0x490/0x490 [ 2643.547605] ? audit_watch_log_rule_change.isra.0.part.0+0x92/0x1e0 [ 2643.554035] sk_stream_alloc_skb+0xc8/0x860 [ 2643.558353] tcp_sendmsg_locked+0xc93/0x3260 [ 2643.562766] ? tcp_sendpage+0x60/0x60 [ 2643.566559] ? trace_hardirqs_on+0x67/0x220 [ 2643.570883] ? lock_sock_nested+0x9a/0x120 [ 2643.575115] ? __local_bh_enable_ip+0x15a/0x270 [ 2643.579789] tcp_sendmsg+0x30/0x50 [ 2643.583332] inet_sendmsg+0x141/0x5d0 [ 2643.587125] ? ipip_gro_receive+0x100/0x100 [ 2643.591439] sock_sendmsg+0xd7/0x130 [ 2643.595142] ___sys_sendmsg+0x3e2/0x920 [ 2643.599109] ? copy_msghdr_from_user+0x430/0x430 [ 2643.603868] ? mark_held_locks+0x100/0x100 [ 2643.608107] ? kasan_check_read+0x11/0x20 [ 2643.612251] ? __might_fault+0x12b/0x1e0 [ 2643.616314] ? find_held_lock+0x35/0x130 [ 2643.620382] ? __might_fault+0x12b/0x1e0 [ 2643.624451] __sys_sendmmsg+0x1bf/0x4e0 [ 2643.628452] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2643.632770] ? kasan_check_write+0x14/0x20 [ 2643.637018] ? __sb_end_write+0xd9/0x110 [ 2643.641085] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2643.646618] ? fput+0x128/0x1a0 [ 2643.649891] ? ksys_write+0x1f1/0x2d0 [ 2643.653687] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2643.658436] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2643.663190] ? do_syscall_64+0x26/0x620 [ 2643.667165] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2643.672520] ? do_syscall_64+0x26/0x620 [ 2643.676502] __x64_sys_sendmmsg+0x9d/0x100 [ 2643.680730] do_syscall_64+0xfd/0x620 [ 2643.684527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2643.689817] RIP: 0033:0x45a219 [ 2643.693001] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2643.711893] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2643.719609] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2643.727055] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2643.734315] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2643.741593] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2643.748853] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2643.771688] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2643.802359] EXT4-fs (loop0): bad geometry: first data block 22016 is beyond end of filesystem (1080) 16:26:23 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1650, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:23 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x700000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x4900, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2643.978776] EXT4-fs (loop5): bad geometry: first data block 2293760 is beyond end of filesystem (1080) 16:26:23 executing program 1 (fault-call:3 fault-nth:5): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:23 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000024000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:23 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000035c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:23 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1650, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2644.161644] FAULT_INJECTION: forcing a failure. [ 2644.161644] name failslab, interval 1, probability 0, space 0, times 0 [ 2644.199863] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x5016, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2644.222189] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2644.265911] CPU: 1 PID: 10724 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2644.272900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2644.282273] Call Trace: [ 2644.284890] dump_stack+0x172/0x1f0 [ 2644.288549] should_fail.cold+0xa/0x1b [ 2644.292473] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2644.297601] ? lock_downgrade+0x880/0x880 [ 2644.301798] __should_failslab+0x121/0x190 [ 2644.306047] should_failslab+0x9/0x14 [ 2644.309868] kmem_cache_alloc_node_trace+0x274/0x720 [ 2644.314995] ? __alloc_skb+0xd5/0x5f0 [ 2644.318823] __kmalloc_node_track_caller+0x3d/0x80 [ 2644.323774] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2644.328465] __alloc_skb+0x10b/0x5f0 [ 2644.332213] ? skb_scrub_packet+0x490/0x490 [ 2644.336559] ? audit_watch_log_rule_change.isra.0.part.0+0x92/0x1e0 [ 2644.343002] sk_stream_alloc_skb+0xc8/0x860 [ 2644.343176] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2644.347337] tcp_sendmsg_locked+0xc93/0x3260 [ 2644.347371] ? tcp_sendpage+0x60/0x60 [ 2644.347385] ? trace_hardirqs_on+0x67/0x220 [ 2644.347406] ? lock_sock_nested+0x9a/0x120 [ 2644.373093] ? __local_bh_enable_ip+0x15a/0x270 [ 2644.377784] tcp_sendmsg+0x30/0x50 [ 2644.381346] inet_sendmsg+0x141/0x5d0 [ 2644.385168] ? ipip_gro_receive+0x100/0x100 [ 2644.389503] sock_sendmsg+0xd7/0x130 [ 2644.389521] ___sys_sendmsg+0x3e2/0x920 [ 2644.389539] ? copy_msghdr_from_user+0x430/0x430 [ 2644.389564] ? mark_held_locks+0x100/0x100 [ 2644.389579] ? kasan_check_read+0x11/0x20 [ 2644.389598] ? __might_fault+0x12b/0x1e0 [ 2644.397348] ? find_held_lock+0x35/0x130 [ 2644.397367] ? __might_fault+0x12b/0x1e0 [ 2644.397406] __sys_sendmmsg+0x1bf/0x4e0 [ 2644.397425] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2644.397441] ? kasan_check_write+0x14/0x20 [ 2644.406644] ? __sb_end_write+0xd9/0x110 [ 2644.406666] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2644.411470] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2644.414873] ? fput+0x128/0x1a0 [ 2644.414887] ? ksys_write+0x1f1/0x2d0 [ 2644.414907] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2644.414922] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2644.414937] ? do_syscall_64+0x26/0x620 [ 2644.414952] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2644.414968] ? do_syscall_64+0x26/0x620 [ 2644.431377] __x64_sys_sendmmsg+0x9d/0x100 [ 2644.431397] do_syscall_64+0xfd/0x620 [ 2644.431418] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2644.431427] RIP: 0033:0x45a219 [ 2644.431443] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2644.439718] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2644.439733] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2644.439742] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2644.439750] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2644.439759] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2644.439767] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x5580, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2644.598929] EXT4-fs (loop0): bad geometry: first data block 23555 is beyond end of filesystem (1080) 16:26:24 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x800000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:24 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1100, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2644.648630] EXT4-fs (loop5): bad geometry: first data block 2359296 is beyond end of filesystem (1080) 16:26:24 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000006000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:24 executing program 1 (fault-call:3 fault-nth:6): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2644.811908] net_ratelimit: 4 callbacks suppressed [ 2644.811916] protocol 88fb is buggy, dev hsr_slave_0 [ 2644.822998] protocol 88fb is buggy, dev hsr_slave_1 [ 2644.828137] protocol 88fb is buggy, dev hsr_slave_0 [ 2644.861014] FAULT_INJECTION: forcing a failure. [ 2644.861014] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2644.881554] CPU: 1 PID: 10855 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2644.888600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2644.897960] Call Trace: [ 2644.897987] dump_stack+0x172/0x1f0 [ 2644.898006] should_fail.cold+0xa/0x1b [ 2644.898024] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2644.898040] ? __kmalloc_node_track_caller+0x3d/0x80 [ 2644.898060] ? rcu_read_lock_sched_held+0x110/0x130 [ 2644.923870] ? kmem_cache_alloc_node_trace+0x34f/0x720 [ 2644.929176] __alloc_pages_nodemask+0x1ee/0x750 [ 2644.933876] ? find_held_lock+0x35/0x130 [ 2644.937960] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2644.943013] ? lock_downgrade+0x880/0x880 [ 2644.947184] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2644.952219] ? iov_iter_advance+0x261/0xe30 [ 2644.956562] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2644.962117] alloc_pages_current+0x107/0x210 [ 2644.966566] skb_page_frag_refill+0x277/0x460 [ 2644.971092] sk_page_frag_refill+0x55/0x1f0 [ 2644.975439] tcp_sendmsg_locked+0xff7/0x3260 [ 2644.980490] ? tcp_sendpage+0x60/0x60 [ 2644.984308] ? trace_hardirqs_on+0x67/0x220 [ 2644.988643] ? lock_sock_nested+0x9a/0x120 [ 2644.992899] ? __local_bh_enable_ip+0x15a/0x270 [ 2644.997594] tcp_sendmsg+0x30/0x50 [ 2645.001140] inet_sendmsg+0x141/0x5d0 [ 2645.004955] ? ipip_gro_receive+0x100/0x100 [ 2645.009282] sock_sendmsg+0xd7/0x130 [ 2645.012996] ___sys_sendmsg+0x3e2/0x920 [ 2645.016963] ? copy_msghdr_from_user+0x430/0x430 [ 2645.021714] ? mark_held_locks+0x100/0x100 [ 2645.025955] ? kasan_check_read+0x11/0x20 [ 2645.030111] ? __might_fault+0x12b/0x1e0 [ 2645.034346] ? find_held_lock+0x35/0x130 [ 2645.038410] ? __might_fault+0x12b/0x1e0 [ 2645.042489] __sys_sendmmsg+0x1bf/0x4e0 [ 2645.046458] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2645.050773] ? kasan_check_write+0x14/0x20 [ 2645.055016] ? __sb_end_write+0xd9/0x110 [ 2645.059089] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2645.064619] ? fput+0x128/0x1a0 [ 2645.067888] ? ksys_write+0x1f1/0x2d0 [ 2645.071686] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2645.076443] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2645.081190] ? do_syscall_64+0x26/0x620 [ 2645.085155] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2645.090511] ? do_syscall_64+0x26/0x620 [ 2645.094500] __x64_sys_sendmmsg+0x9d/0x100 [ 2645.098727] do_syscall_64+0xfd/0x620 [ 2645.102533] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2645.107724] RIP: 0033:0x45a219 [ 2645.110921] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2645.129832] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2645.137535] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2645.144796] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2645.152053] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 16:26:24 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000428000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:24 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1100, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2645.159329] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2645.166614] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x6000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2645.244866] EXT4-fs (loop5): bad geometry: first data block 2622464 is beyond end of filesystem (1080) 16:26:25 executing program 1 (fault-call:3 fault-nth:7): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2645.331117] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2645.355218] EXT4-fs (loop0): bad geometry: first data block 24576 is beyond end of filesystem (1080) 16:26:25 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1100, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2645.399850] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:25 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000429000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2645.447569] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2645.462387] FAULT_INJECTION: forcing a failure. [ 2645.462387] name failslab, interval 1, probability 0, space 0, times 0 16:26:25 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x8055, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2645.510573] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2645.525174] CPU: 0 PID: 11081 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2645.532157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2645.541612] Call Trace: [ 2645.544234] dump_stack+0x172/0x1f0 [ 2645.548080] should_fail.cold+0xa/0x1b [ 2645.551999] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2645.557213] ? lock_downgrade+0x880/0x880 [ 2645.561393] __should_failslab+0x121/0x190 [ 2645.565710] should_failslab+0x9/0x14 [ 2645.569534] kmem_cache_alloc_node+0x26c/0x710 [ 2645.574220] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2645.579812] ? tcp_established_options+0x2ae/0x480 [ 2645.584779] __alloc_skb+0xd5/0x5f0 [ 2645.588444] ? skb_scrub_packet+0x490/0x490 [ 2645.592778] ? __sk_flush_backlog+0x30/0x40 [ 2645.597122] ? trace_hardirqs_on+0x67/0x220 [ 2645.601471] sk_stream_alloc_skb+0xc8/0x860 [ 2645.605821] tcp_sendmsg_locked+0xc93/0x3260 16:26:25 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000016600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2645.610264] ? tcp_sendpage+0x60/0x60 [ 2645.614094] ? trace_hardirqs_on+0x67/0x220 [ 2645.619795] ? lock_sock_nested+0x9a/0x120 [ 2645.624071] ? __local_bh_enable_ip+0x15a/0x270 [ 2645.628960] tcp_sendmsg+0x30/0x50 [ 2645.632698] inet_sendmsg+0x141/0x5d0 [ 2645.636963] ? ipip_gro_receive+0x100/0x100 [ 2645.641857] sock_sendmsg+0xd7/0x130 [ 2645.645614] ___sys_sendmsg+0x3e2/0x920 [ 2645.649614] ? copy_msghdr_from_user+0x430/0x430 [ 2645.654402] ? mark_held_locks+0x100/0x100 [ 2645.658658] ? kasan_check_read+0x11/0x20 [ 2645.662831] ? __might_fault+0x12b/0x1e0 [ 2645.666920] ? find_held_lock+0x35/0x130 [ 2645.670995] ? __might_fault+0x12b/0x1e0 [ 2645.675089] __sys_sendmmsg+0x1bf/0x4e0 [ 2645.679081] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2645.683424] ? kasan_check_write+0x14/0x20 [ 2645.687690] ? __sb_end_write+0xd9/0x110 [ 2645.691773] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2645.697364] ? fput+0x128/0x1a0 [ 2645.700664] ? ksys_write+0x1f1/0x2d0 [ 2645.704492] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2645.709275] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2645.714740] ? do_syscall_64+0x26/0x620 [ 2645.718716] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2645.718733] ? do_syscall_64+0x26/0x620 [ 2645.728594] __x64_sys_sendmmsg+0x9d/0x100 [ 2645.732862] do_syscall_64+0xfd/0x620 [ 2645.736688] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2645.741886] RIP: 0033:0x45a219 16:26:25 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x900000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2645.745085] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2645.764592] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2645.764611] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2645.764617] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2645.764624] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2645.764633] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2645.764641] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:25 executing program 4: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x300000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2645.822739] EXT4-fs (loop5): bad geometry: first data block 2688000 is beyond end of filesystem (1080) 16:26:25 executing program 1 (fault-call:3 fault-nth:8): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2645.922990] EXT4-fs (loop0): bad geometry: first data block 26113 is beyond end of filesystem (1080) 16:26:25 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x9405, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:25 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000002c000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2646.037090] FAULT_INJECTION: forcing a failure. [ 2646.037090] name failslab, interval 1, probability 0, space 0, times 0 16:26:25 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000006800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2646.154692] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2646.186199] CPU: 1 PID: 11209 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2646.193196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2646.202564] Call Trace: [ 2646.205181] dump_stack+0x172/0x1f0 [ 2646.208834] should_fail.cold+0xa/0x1b [ 2646.208857] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2646.217833] ? lock_downgrade+0x880/0x880 [ 2646.217857] __should_failslab+0x121/0x190 [ 2646.217873] should_failslab+0x9/0x14 [ 2646.230029] kmem_cache_alloc_node_trace+0x274/0x720 [ 2646.235148] ? __alloc_skb+0xd5/0x5f0 [ 2646.239575] __kmalloc_node_track_caller+0x3d/0x80 [ 2646.244536] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2646.249209] __alloc_skb+0x10b/0x5f0 [ 2646.252920] ? skb_scrub_packet+0x490/0x490 [ 2646.257260] ? __sk_flush_backlog+0x30/0x40 [ 2646.261572] ? trace_hardirqs_on+0x67/0x220 [ 2646.265888] sk_stream_alloc_skb+0xc8/0x860 [ 2646.270299] tcp_sendmsg_locked+0xc93/0x3260 [ 2646.274707] ? tcp_sendpage+0x60/0x60 [ 2646.278498] ? trace_hardirqs_on+0x67/0x220 [ 2646.282818] ? lock_sock_nested+0x9a/0x120 [ 2646.287042] ? __local_bh_enable_ip+0x15a/0x270 [ 2646.291721] tcp_sendmsg+0x30/0x50 [ 2646.295253] inet_sendmsg+0x141/0x5d0 [ 2646.299051] ? ipip_gro_receive+0x100/0x100 [ 2646.303362] sock_sendmsg+0xd7/0x130 [ 2646.307063] ___sys_sendmsg+0x3e2/0x920 [ 2646.311024] ? copy_msghdr_from_user+0x430/0x430 [ 2646.315777] ? mark_held_locks+0x100/0x100 [ 2646.320009] ? kasan_check_read+0x11/0x20 [ 2646.324149] ? __might_fault+0x12b/0x1e0 [ 2646.328196] ? find_held_lock+0x35/0x130 [ 2646.332244] ? __might_fault+0x12b/0x1e0 [ 2646.336311] __sys_sendmmsg+0x1bf/0x4e0 [ 2646.340279] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2646.344589] ? kasan_check_write+0x14/0x20 [ 2646.348821] ? __sb_end_write+0xd9/0x110 [ 2646.352871] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2646.358393] ? fput+0x128/0x1a0 [ 2646.361661] ? ksys_write+0x1f1/0x2d0 [ 2646.365461] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2646.370205] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2646.374948] ? do_syscall_64+0x26/0x620 [ 2646.378930] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2646.384296] ? do_syscall_64+0x26/0x620 [ 2646.388274] __x64_sys_sendmmsg+0x9d/0x100 [ 2646.392508] do_syscall_64+0xfd/0x620 [ 2646.396324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2646.401633] RIP: 0033:0x45a219 [ 2646.404835] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2646.423732] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2646.431443] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2646.438701] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2646.445991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2646.453260] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2646.460525] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2646.468121] protocol 88fb is buggy, dev hsr_slave_0 [ 2646.472297] protocol 88fb is buggy, dev hsr_slave_0 [ 2646.473244] protocol 88fb is buggy, dev hsr_slave_1 [ 2646.478223] protocol 88fb is buggy, dev hsr_slave_1 [ 2646.483412] protocol 88fb is buggy, dev hsr_slave_0 [ 2646.488404] protocol 88fb is buggy, dev hsr_slave_0 [ 2646.493383] protocol 88fb is buggy, dev hsr_slave_1 [ 2646.499414] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2646.516156] EXT4-fs (loop5): bad geometry: first data block 2883584 is beyond end of filesystem (1080) 16:26:26 executing program 1 (fault-call:3 fault-nth:9): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2646.556582] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:26 executing program 4 (fault-call:1 fault-nth:0): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:26 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000002d000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xcb01, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2646.635631] EXT4-fs (loop0): bad geometry: first data block 26624 is beyond end of filesystem (1080) [ 2646.658629] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:26 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:26 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xa00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2646.737297] FAULT_INJECTION: forcing a failure. [ 2646.737297] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2646.798989] CPU: 1 PID: 11238 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2646.805965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2646.815462] Call Trace: [ 2646.818105] dump_stack+0x172/0x1f0 [ 2646.821860] should_fail.cold+0xa/0x1b [ 2646.825778] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2646.830911] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2646.835511] ? retint_kernel+0x2d/0x2d [ 2646.839412] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2646.844356] __alloc_pages_nodemask+0x1ee/0x750 [ 2646.849039] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2646.854167] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2646.859199] ? iov_iter_advance+0x261/0xe30 [ 2646.863537] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2646.869085] alloc_pages_current+0x107/0x210 [ 2646.873491] skb_page_frag_refill+0x277/0x460 [ 2646.877977] sk_page_frag_refill+0x55/0x1f0 [ 2646.882296] tcp_sendmsg_locked+0xff7/0x3260 [ 2646.886706] ? tcp_sendpage+0x60/0x60 [ 2646.890498] ? trace_hardirqs_on+0x67/0x220 [ 2646.895377] ? lock_sock_nested+0x9a/0x120 [ 2646.899599] ? __local_bh_enable_ip+0x15a/0x270 [ 2646.904305] tcp_sendmsg+0x30/0x50 [ 2646.907850] inet_sendmsg+0x141/0x5d0 [ 2646.911682] ? ipip_gro_receive+0x100/0x100 [ 2646.916265] sock_sendmsg+0xd7/0x130 [ 2646.920018] ___sys_sendmsg+0x3e2/0x920 [ 2646.923990] ? copy_msghdr_from_user+0x430/0x430 [ 2646.928783] ? mark_held_locks+0x100/0x100 [ 2646.933216] ? kasan_check_read+0x11/0x20 [ 2646.937358] ? __might_fault+0x12b/0x1e0 [ 2646.941467] ? find_held_lock+0x35/0x130 [ 2646.949119] ? __might_fault+0x12b/0x1e0 [ 2646.953189] __sys_sendmmsg+0x1bf/0x4e0 [ 2646.957250] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2646.961567] ? kasan_check_write+0x14/0x20 [ 2646.965832] ? __sb_end_write+0xd9/0x110 [ 2646.969896] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2646.975639] ? fput+0x128/0x1a0 [ 2646.978918] ? ksys_write+0x1f1/0x2d0 [ 2646.982709] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2646.987609] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2646.992407] ? do_syscall_64+0x26/0x620 [ 2646.996462] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2647.001822] ? do_syscall_64+0x26/0x620 [ 2647.005806] __x64_sys_sendmmsg+0x9d/0x100 [ 2647.010472] do_syscall_64+0xfd/0x620 [ 2647.014264] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2647.019452] RIP: 0033:0x45a219 [ 2647.022635] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2647.041625] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:26 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x2, &(0x7f0000000100)={0x0, 0x0}) 16:26:26 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00006b6b6b00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2647.049326] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2647.056586] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2647.063848] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2647.071107] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2647.078372] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:26 executing program 1 (fault-call:3 fault-nth:10): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe41b, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2647.179191] EXT4-fs (loop5): bad geometry: first data block 2949120 is beyond end of filesystem (1080) 16:26:26 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x4b47, &(0x7f0000000100)={0x0, 0x0}) [ 2647.249195] FAULT_INJECTION: forcing a failure. [ 2647.249195] name failslab, interval 1, probability 0, space 0, times 0 [ 2647.266440] CPU: 1 PID: 11258 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2647.273569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2647.282948] Call Trace: [ 2647.285561] dump_stack+0x172/0x1f0 [ 2647.289213] should_fail.cold+0xa/0x1b [ 2647.293115] ? fault_create_debugfs_attr+0x1e0/0x1e0 16:26:27 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x4b49, &(0x7f0000000100)={0x0, 0x0}) [ 2647.298244] ? lock_downgrade+0x880/0x880 [ 2647.302424] __should_failslab+0x121/0x190 [ 2647.306675] should_failslab+0x9/0x14 [ 2647.310488] kmem_cache_alloc_node+0x26c/0x710 [ 2647.315081] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2647.320633] ? tcp_established_options+0x2ae/0x480 [ 2647.325584] __alloc_skb+0xd5/0x5f0 [ 2647.329232] ? skb_scrub_packet+0x490/0x490 [ 2647.334090] ? __sk_flush_backlog+0x30/0x40 [ 2647.338429] ? trace_hardirqs_on+0x67/0x220 [ 2647.342770] sk_stream_alloc_skb+0xc8/0x860 16:26:27 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x541b, &(0x7f0000000100)={0x0, 0x0}) 16:26:27 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x5421, &(0x7f0000000100)={0x0, 0x0}) [ 2647.347105] tcp_sendmsg_locked+0xc93/0x3260 [ 2647.351546] ? tcp_sendpage+0x60/0x60 [ 2647.355362] ? trace_hardirqs_on+0x67/0x220 [ 2647.359699] ? lock_sock_nested+0x9a/0x120 [ 2647.363952] ? __local_bh_enable_ip+0x15a/0x270 [ 2647.368646] tcp_sendmsg+0x30/0x50 [ 2647.372198] inet_sendmsg+0x141/0x5d0 [ 2647.376006] ? ipip_gro_receive+0x100/0x100 [ 2647.380510] sock_sendmsg+0xd7/0x130 [ 2647.384238] ___sys_sendmsg+0x3e2/0x920 [ 2647.388228] ? copy_msghdr_from_user+0x430/0x430 [ 2647.393015] ? mark_held_locks+0x100/0x100 [ 2647.397262] ? kasan_check_read+0x11/0x20 [ 2647.401439] ? __might_fault+0x12b/0x1e0 [ 2647.405519] ? find_held_lock+0x35/0x130 [ 2647.409686] ? __might_fault+0x12b/0x1e0 [ 2647.413792] __sys_sendmmsg+0x1bf/0x4e0 [ 2647.417799] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2647.422131] ? kasan_check_write+0x14/0x20 [ 2647.426371] ? __sb_end_write+0xd9/0x110 [ 2647.430647] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2647.436275] ? fput+0x128/0x1a0 [ 2647.439561] ? ksys_write+0x1f1/0x2d0 [ 2647.443470] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2647.448226] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2647.452987] ? do_syscall_64+0x26/0x620 [ 2647.457053] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2647.462528] ? do_syscall_64+0x26/0x620 [ 2647.467571] __x64_sys_sendmmsg+0x9d/0x100 [ 2647.471911] do_syscall_64+0xfd/0x620 [ 2647.475720] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2647.480904] RIP: 0033:0x45a219 [ 2647.484092] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2647.503236] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2647.510939] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2647.518200] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2647.525460] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2647.532721] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2647.539984] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2647.601738] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:27 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000035000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:27 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x5450, &(0x7f0000000100)={0x0, 0x0}) 16:26:27 executing program 1 (fault-call:3 fault-nth:11): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2647.643492] EXT4-fs (loop0): bad geometry: first data block 27499 is beyond end of filesystem (1080) [ 2647.665760] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2647.706539] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2647.736782] FAULT_INJECTION: forcing a failure. [ 2647.736782] name failslab, interval 1, probability 0, space 0, times 0 [ 2647.775387] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2647.817589] CPU: 1 PID: 11280 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2647.824585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2647.833959] Call Trace: [ 2647.836570] dump_stack+0x172/0x1f0 [ 2647.840225] should_fail.cold+0xa/0x1b [ 2647.844143] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2647.849274] ? lock_downgrade+0x880/0x880 [ 2647.853455] __should_failslab+0x121/0x190 [ 2647.857703] should_failslab+0x9/0x14 [ 2647.861518] kmem_cache_alloc_node_trace+0x274/0x720 [ 2647.866628] ? __alloc_skb+0xd5/0x5f0 [ 2647.866651] __kmalloc_node_track_caller+0x3d/0x80 [ 2647.875359] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2647.875376] __alloc_skb+0x10b/0x5f0 [ 2647.875393] ? skb_scrub_packet+0x490/0x490 [ 2647.875412] ? __sk_flush_backlog+0x30/0x40 [ 2647.892404] ? trace_hardirqs_on+0x67/0x220 [ 2647.896747] sk_stream_alloc_skb+0xc8/0x860 [ 2647.901077] tcp_sendmsg_locked+0xc93/0x3260 [ 2647.905494] ? tcp_sendpage+0x60/0x60 [ 2647.909290] ? trace_hardirqs_on+0x67/0x220 [ 2647.913700] ? lock_sock_nested+0x9a/0x120 [ 2647.917943] ? __local_bh_enable_ip+0x15a/0x270 [ 2647.922617] tcp_sendmsg+0x30/0x50 [ 2647.926152] inet_sendmsg+0x141/0x5d0 [ 2647.929945] ? ipip_gro_receive+0x100/0x100 [ 2647.934271] sock_sendmsg+0xd7/0x130 [ 2647.937974] ___sys_sendmsg+0x3e2/0x920 [ 2647.941941] ? copy_msghdr_from_user+0x430/0x430 [ 2647.946696] ? mark_held_locks+0x100/0x100 [ 2647.950933] ? kasan_check_read+0x11/0x20 [ 2647.955074] ? __might_fault+0x12b/0x1e0 [ 2647.959135] ? find_held_lock+0x35/0x130 [ 2647.963199] ? __might_fault+0x12b/0x1e0 [ 2647.967288] __sys_sendmmsg+0x1bf/0x4e0 [ 2647.971253] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2647.975571] ? kasan_check_write+0x14/0x20 [ 2647.979823] ? __sb_end_write+0xd9/0x110 [ 2647.984062] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2647.989587] ? fput+0x128/0x1a0 [ 2647.992856] ? ksys_write+0x1f1/0x2d0 [ 2647.996658] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2648.001495] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2648.006250] ? do_syscall_64+0x26/0x620 [ 2648.010217] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2648.015571] ? do_syscall_64+0x26/0x620 [ 2648.019541] __x64_sys_sendmmsg+0x9d/0x100 [ 2648.023768] do_syscall_64+0xfd/0x620 [ 2648.027571] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2648.032751] RIP: 0033:0x45a219 [ 2648.035952] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2648.054847] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2648.062550] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2648.069808] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2648.077067] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2648.084413] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2648.091673] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:27 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xc03000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:27 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x5451, &(0x7f0000000100)={0x0, 0x0}) 16:26:27 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000006c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:27 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe803, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:27 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x5452, &(0x7f0000000100)={0x0, 0x0}) 16:26:27 executing program 1 (fault-call:3 fault-nth:12): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2648.223035] EXT4-fs (loop5): bad geometry: first data block 3473408 is beyond end of filesystem (1080) 16:26:28 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x5460, &(0x7f0000000100)={0x0, 0x0}) [ 2648.322124] EXT4-fs (loop0): bad geometry: first data block 27648 is beyond end of filesystem (1080) 16:26:28 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xf401, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:28 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000437000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2648.376092] FAULT_INJECTION: forcing a failure. [ 2648.376092] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2648.426529] CPU: 0 PID: 11308 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2648.433510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2648.442889] Call Trace: [ 2648.445509] dump_stack+0x172/0x1f0 [ 2648.449166] should_fail.cold+0xa/0x1b [ 2648.453084] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2648.458301] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2648.462962] ? retint_kernel+0x2d/0x2d [ 2648.466870] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2648.471826] __alloc_pages_nodemask+0x1ee/0x750 [ 2648.476549] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2648.481591] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2648.486630] ? iov_iter_advance+0x261/0xe30 [ 2648.490974] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2648.496541] alloc_pages_current+0x107/0x210 [ 2648.500975] skb_page_frag_refill+0x277/0x460 [ 2648.505514] sk_page_frag_refill+0x55/0x1f0 [ 2648.509862] tcp_sendmsg_locked+0xff7/0x3260 [ 2648.514306] ? tcp_sendpage+0x60/0x60 [ 2648.518128] ? trace_hardirqs_on+0x67/0x220 [ 2648.522474] ? lock_sock_nested+0x9a/0x120 [ 2648.526818] ? __local_bh_enable_ip+0x15a/0x270 [ 2648.531597] tcp_sendmsg+0x30/0x50 [ 2648.535162] inet_sendmsg+0x141/0x5d0 [ 2648.538985] ? ipip_gro_receive+0x100/0x100 [ 2648.543334] sock_sendmsg+0xd7/0x130 [ 2648.547092] ___sys_sendmsg+0x3e2/0x920 [ 2648.551086] ? copy_msghdr_from_user+0x430/0x430 [ 2648.555995] ? mark_held_locks+0x100/0x100 [ 2648.560257] ? kasan_check_read+0x11/0x20 [ 2648.564428] ? __might_fault+0x12b/0x1e0 [ 2648.568507] ? find_held_lock+0x35/0x130 [ 2648.572587] ? __might_fault+0x12b/0x1e0 16:26:28 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8901, &(0x7f0000000100)={0x0, 0x0}) [ 2648.577414] __sys_sendmmsg+0x1bf/0x4e0 [ 2648.581417] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2648.585846] ? kasan_check_write+0x14/0x20 [ 2648.590122] ? __sb_end_write+0xd9/0x110 [ 2648.594211] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2648.599762] ? fput+0x128/0x1a0 [ 2648.603089] ? ksys_write+0x1f1/0x2d0 [ 2648.606931] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2648.611709] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2648.616497] ? do_syscall_64+0x26/0x620 [ 2648.620491] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 16:26:28 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000007400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2648.626559] ? do_syscall_64+0x26/0x620 [ 2648.630810] __x64_sys_sendmmsg+0x9d/0x100 [ 2648.630829] do_syscall_64+0xfd/0x620 [ 2648.630847] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2648.630861] RIP: 0033:0x45a219 [ 2648.647621] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2648.666631] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:28 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8902, &(0x7f0000000100)={0x0, 0x0}) [ 2648.666645] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2648.666653] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2648.666660] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2648.666668] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2648.666676] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2648.746301] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2648.815509] EXT4-fs (loop5): bad geometry: first data block 3605504 is beyond end of filesystem (1080) [ 2648.835785] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2648.876167] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2648.905737] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:28 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1004000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:28 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xf803, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:28 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8903, &(0x7f0000000100)={0x0, 0x0}) 16:26:28 executing program 1 (fault-call:3 fault-nth:13): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:28 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000438000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2648.934545] EXT4-fs (loop0): bad geometry: first data block 29696 is beyond end of filesystem (1080) [ 2649.006507] FAULT_INJECTION: forcing a failure. [ 2649.006507] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2649.026420] CPU: 0 PID: 11341 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2649.033393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2649.042788] Call Trace: [ 2649.045441] dump_stack+0x172/0x1f0 [ 2649.049117] should_fail.cold+0xa/0x1b [ 2649.053038] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2649.058164] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2649.062780] ? retint_kernel+0x2d/0x2d [ 2649.066696] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2649.071657] __alloc_pages_nodemask+0x1ee/0x750 [ 2649.076344] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2649.081389] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2649.086603] ? iov_iter_advance+0x261/0xe30 [ 2649.090944] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2649.096505] alloc_pages_current+0x107/0x210 [ 2649.100943] skb_page_frag_refill+0x277/0x460 [ 2649.105460] sk_page_frag_refill+0x55/0x1f0 [ 2649.109789] tcp_sendmsg_locked+0xff7/0x3260 [ 2649.114223] ? tcp_sendpage+0x60/0x60 [ 2649.118033] ? trace_hardirqs_on+0x67/0x220 [ 2649.122364] ? lock_sock_nested+0x9a/0x120 [ 2649.126612] ? __local_bh_enable_ip+0x15a/0x270 [ 2649.131314] tcp_sendmsg+0x30/0x50 [ 2649.134875] inet_sendmsg+0x141/0x5d0 [ 2649.138683] ? ipip_gro_receive+0x100/0x100 [ 2649.143012] sock_sendmsg+0xd7/0x130 [ 2649.143027] ___sys_sendmsg+0x3e2/0x920 [ 2649.143041] ? copy_msghdr_from_user+0x430/0x430 [ 2649.143064] ? mark_held_locks+0x100/0x100 [ 2649.143081] ? kasan_check_read+0x11/0x20 [ 2649.143101] ? __might_fault+0x12b/0x1e0 [ 2649.143115] ? find_held_lock+0x35/0x130 [ 2649.143130] ? __might_fault+0x12b/0x1e0 [ 2649.143167] __sys_sendmmsg+0x1bf/0x4e0 [ 2649.156020] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2649.156039] ? kasan_check_write+0x14/0x20 [ 2649.156063] ? __sb_end_write+0xd9/0x110 [ 2649.176651] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2649.184917] ? fput+0x128/0x1a0 [ 2649.184929] ? ksys_write+0x1f1/0x2d0 [ 2649.184946] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2649.184959] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2649.184973] ? do_syscall_64+0x26/0x620 [ 2649.184986] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2649.184999] ? do_syscall_64+0x26/0x620 [ 2649.185018] __x64_sys_sendmmsg+0x9d/0x100 [ 2649.185035] do_syscall_64+0xfd/0x620 [ 2649.185051] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2649.185062] RIP: 0033:0x45a219 16:26:29 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8904, &(0x7f0000000100)={0x0, 0x0}) 16:26:29 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000007a00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2649.185075] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2649.185081] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2649.185094] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2649.185101] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2649.185108] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2649.185115] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 16:26:29 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8940, &(0x7f0000000100)={0x0, 0x0}) [ 2649.185122] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2649.312750] EXT4-fs (loop5): bad geometry: first data block 3671040 is beyond end of filesystem (1080) 16:26:29 executing program 1 (fault-call:3 fault-nth:14): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:29 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x33661, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:29 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8941, &(0x7f0000000100)={0x0, 0x0}) 16:26:29 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000043d000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2649.512128] FAULT_INJECTION: forcing a failure. [ 2649.512128] name failslab, interval 1, probability 0, space 0, times 0 [ 2649.538122] EXT4-fs (loop0): bad geometry: first data block 31232 is beyond end of filesystem (1080) [ 2649.568435] CPU: 1 PID: 11365 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2649.575416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2649.584798] Call Trace: [ 2649.587415] dump_stack+0x172/0x1f0 [ 2649.591069] should_fail.cold+0xa/0x1b [ 2649.594984] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2649.600114] ? lock_downgrade+0x880/0x880 [ 2649.604298] __should_failslab+0x121/0x190 [ 2649.608564] should_failslab+0x9/0x14 [ 2649.612559] kmem_cache_alloc_node+0x26c/0x710 [ 2649.617620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2649.623187] ? tcp_established_options+0x2ae/0x480 [ 2649.628242] __alloc_skb+0xd5/0x5f0 [ 2649.631897] ? skb_scrub_packet+0x490/0x490 [ 2649.636229] ? __sk_flush_backlog+0x30/0x40 [ 2649.640809] ? trace_hardirqs_on+0x67/0x220 [ 2649.645231] sk_stream_alloc_skb+0xc8/0x860 [ 2649.649552] tcp_sendmsg_locked+0xc93/0x3260 [ 2649.654752] ? tcp_sendpage+0x60/0x60 [ 2649.658541] ? trace_hardirqs_on+0x67/0x220 [ 2649.662857] ? lock_sock_nested+0x9a/0x120 [ 2649.667094] ? __local_bh_enable_ip+0x15a/0x270 [ 2649.671764] tcp_sendmsg+0x30/0x50 [ 2649.675300] inet_sendmsg+0x141/0x5d0 [ 2649.679524] ? ipip_gro_receive+0x100/0x100 [ 2649.683836] sock_sendmsg+0xd7/0x130 [ 2649.687569] ___sys_sendmsg+0x3e2/0x920 [ 2649.691545] ? copy_msghdr_from_user+0x430/0x430 [ 2649.696297] ? mark_held_locks+0x100/0x100 [ 2649.700523] ? kasan_check_read+0x11/0x20 [ 2649.704664] ? __might_fault+0x12b/0x1e0 [ 2649.708712] ? find_held_lock+0x35/0x130 [ 2649.712798] ? __might_fault+0x12b/0x1e0 [ 2649.716880] __sys_sendmmsg+0x1bf/0x4e0 [ 2649.720844] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2649.725167] ? kasan_check_write+0x14/0x20 [ 2649.729496] ? __sb_end_write+0xd9/0x110 [ 2649.733564] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2649.739096] ? fput+0x128/0x1a0 [ 2649.742561] ? ksys_write+0x1f1/0x2d0 [ 2649.746357] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2649.751143] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2649.756251] ? do_syscall_64+0x26/0x620 [ 2649.760214] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2649.765567] ? do_syscall_64+0x26/0x620 [ 2649.769531] __x64_sys_sendmmsg+0x9d/0x100 [ 2649.773765] do_syscall_64+0xfd/0x620 [ 2649.777744] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2649.782933] RIP: 0033:0x45a219 [ 2649.786119] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2649.805557] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2649.813254] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2649.820618] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2649.827877] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2649.835287] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2649.842667] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2649.882441] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2649.912219] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2649.926347] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2649.953168] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:29 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1203000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:29 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x894c, &(0x7f0000000100)={0x0, 0x0}) 16:26:29 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x33665, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:29 executing program 1 (fault-call:3 fault-nth:15): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:29 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000037a00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2650.064808] FAULT_INJECTION: forcing a failure. [ 2650.064808] name failslab, interval 1, probability 0, space 0, times 0 [ 2650.119928] CPU: 0 PID: 11388 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2650.126919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2650.136295] Call Trace: [ 2650.138908] dump_stack+0x172/0x1f0 [ 2650.142566] should_fail.cold+0xa/0x1b [ 2650.146563] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2650.151686] ? lock_downgrade+0x880/0x880 [ 2650.155860] __should_failslab+0x121/0x190 [ 2650.160113] should_failslab+0x9/0x14 [ 2650.163944] kmem_cache_alloc_node+0x26c/0x710 [ 2650.168539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2650.174097] ? tcp_established_options+0x2ae/0x480 [ 2650.179088] __alloc_skb+0xd5/0x5f0 [ 2650.182748] ? skb_scrub_packet+0x490/0x490 [ 2650.187081] ? __sk_flush_backlog+0x30/0x40 [ 2650.191411] ? trace_hardirqs_on+0x67/0x220 [ 2650.195751] sk_stream_alloc_skb+0xc8/0x860 [ 2650.200099] tcp_sendmsg_locked+0xc93/0x3260 [ 2650.204549] ? tcp_sendpage+0x60/0x60 [ 2650.208371] ? trace_hardirqs_on+0x67/0x220 [ 2650.212708] ? lock_sock_nested+0x9a/0x120 [ 2650.216959] ? __local_bh_enable_ip+0x15a/0x270 [ 2650.221648] tcp_sendmsg+0x30/0x50 [ 2650.225203] inet_sendmsg+0x141/0x5d0 [ 2650.229023] ? ipip_gro_receive+0x100/0x100 [ 2650.233358] sock_sendmsg+0xd7/0x130 [ 2650.237091] ___sys_sendmsg+0x3e2/0x920 [ 2650.241095] ? copy_msghdr_from_user+0x430/0x430 [ 2650.245972] ? mark_held_locks+0x100/0x100 [ 2650.250238] ? kasan_check_read+0x11/0x20 [ 2650.254412] ? __might_fault+0x12b/0x1e0 [ 2650.258498] ? find_held_lock+0x35/0x130 [ 2650.262579] ? __might_fault+0x12b/0x1e0 [ 2650.266682] __sys_sendmmsg+0x1bf/0x4e0 [ 2650.270687] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2650.275034] ? kasan_check_write+0x14/0x20 [ 2650.287132] ? __sb_end_write+0xd9/0x110 [ 2650.291231] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2650.296793] ? fput+0x128/0x1a0 [ 2650.300090] ? ksys_write+0x1f1/0x2d0 [ 2650.304179] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2650.308959] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2650.313736] ? do_syscall_64+0x26/0x620 16:26:29 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8980, &(0x7f0000000100)={0x0, 0x0}) 16:26:29 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8981, &(0x7f0000000100)={0x0, 0x0}) 16:26:30 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8982, &(0x7f0000000100)={0x0, 0x0}) [ 2650.317727] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2650.323103] ? do_syscall_64+0x26/0x620 [ 2650.327097] __x64_sys_sendmmsg+0x9d/0x100 [ 2650.331344] do_syscall_64+0xfd/0x620 [ 2650.335166] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2650.340374] RIP: 0033:0x45a219 [ 2650.343571] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2650.343580] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:30 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x8983, &(0x7f0000000100)={0x0, 0x0}) [ 2650.343596] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2650.343606] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2650.343613] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2650.343625] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2650.399486] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2650.437407] EXT4-fs (loop5): bad geometry: first data block 3998720 is beyond end of filesystem (1080) [ 2650.458165] EXT4-fs (loop0): bad geometry: first data block 31235 is beyond end of filesystem (1080) 16:26:30 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x40000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:30 executing program 1 (fault-call:3 fault-nth:16): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:30 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000003f000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2650.665885] FAULT_INJECTION: forcing a failure. [ 2650.665885] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2650.725472] CPU: 1 PID: 11416 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2650.732453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2650.741939] Call Trace: [ 2650.744553] dump_stack+0x172/0x1f0 [ 2650.748193] should_fail.cold+0xa/0x1b [ 2650.752075] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2650.757189] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2650.761778] ? retint_kernel+0x2d/0x2d [ 2650.765708] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2650.770636] __alloc_pages_nodemask+0x1ee/0x750 [ 2650.775301] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2650.780310] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2650.785318] ? iov_iter_advance+0x261/0xe30 [ 2650.789631] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2650.795164] alloc_pages_current+0x107/0x210 [ 2650.799571] skb_page_frag_refill+0x277/0x460 [ 2650.804060] sk_page_frag_refill+0x55/0x1f0 [ 2650.808378] tcp_sendmsg_locked+0xff7/0x3260 [ 2650.812845] ? tcp_sendpage+0x60/0x60 [ 2650.816747] ? trace_hardirqs_on+0x67/0x220 [ 2650.821059] ? lock_sock_nested+0x9a/0x120 [ 2650.825286] ? __local_bh_enable_ip+0x15a/0x270 [ 2650.829989] tcp_sendmsg+0x30/0x50 [ 2650.833876] inet_sendmsg+0x141/0x5d0 [ 2650.837677] ? ipip_gro_receive+0x100/0x100 [ 2650.841986] sock_sendmsg+0xd7/0x130 [ 2650.845685] ___sys_sendmsg+0x3e2/0x920 [ 2650.849648] ? copy_msghdr_from_user+0x430/0x430 [ 2650.854398] ? mark_held_locks+0x100/0x100 [ 2650.858626] ? kasan_check_read+0x11/0x20 [ 2650.862775] ? __might_fault+0x12b/0x1e0 [ 2650.866837] ? find_held_lock+0x35/0x130 [ 2650.870902] ? __might_fault+0x12b/0x1e0 [ 2650.874981] __sys_sendmmsg+0x1bf/0x4e0 [ 2650.878970] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2650.883302] ? kasan_check_write+0x14/0x20 [ 2650.887538] ? __sb_end_write+0xd9/0x110 [ 2650.891615] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2650.897171] ? fput+0x128/0x1a0 [ 2650.900531] ? ksys_write+0x1f1/0x2d0 [ 2650.904321] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2650.909063] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2650.913807] ? do_syscall_64+0x26/0x620 [ 2650.917779] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2650.923134] ? do_syscall_64+0x26/0x620 [ 2650.927114] __x64_sys_sendmmsg+0x9d/0x100 [ 2650.931429] do_syscall_64+0xfd/0x620 [ 2650.935232] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2650.940527] RIP: 0033:0x45a219 [ 2650.943713] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2650.962615] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2650.970324] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2650.977581] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2650.985012] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2650.992269] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2650.999526] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2651.025029] EXT4-fs (loop5): bad geometry: first data block 4128768 is beyond end of filesystem (1080) [ 2651.035668] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2651.071968] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2651.111963] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2651.130595] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:30 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1400000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:30 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x89a0, &(0x7f0000000100)={0x0, 0x0}) 16:26:30 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000098968000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:30 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x142800, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:30 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000040000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:30 executing program 1 (fault-call:3 fault-nth:17): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2651.256183] FAULT_INJECTION: forcing a failure. [ 2651.256183] name failslab, interval 1, probability 0, space 0, times 0 [ 2651.267532] CPU: 1 PID: 11438 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2651.274472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2651.283860] Call Trace: [ 2651.286468] dump_stack+0x172/0x1f0 [ 2651.290128] should_fail.cold+0xa/0x1b [ 2651.294074] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2651.299208] ? tcp_packet.cold+0x142/0x17c [ 2651.303474] __should_failslab+0x121/0x190 [ 2651.307730] should_failslab+0x9/0x14 [ 2651.311541] kmem_cache_alloc+0x47/0x700 [ 2651.315617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2651.321174] ? check_preemption_disabled+0x48/0x290 [ 2651.326204] ? lock_acquire+0x16f/0x3f0 [ 2651.330221] skb_clone+0x156/0x3e0 [ 2651.335427] dev_queue_xmit_nit+0x309/0xa10 [ 2651.339760] ? validate_xmit_xfrm+0x1f7/0xda0 [ 2651.344275] dev_hard_start_xmit+0xa7/0x980 [ 2651.348613] ? check_preemption_disabled+0x48/0x290 16:26:31 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x89a1, &(0x7f0000000100)={0x0, 0x0}) 16:26:31 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c8, &(0x7f0000000100)={0x0, 0x0}) [ 2651.353648] __dev_queue_xmit+0x2704/0x2fe0 [ 2651.357992] ? mark_held_locks+0x100/0x100 [ 2651.362259] ? netdev_pick_tx+0x300/0x300 [ 2651.366425] ? ip_finish_output+0x737/0xce0 [ 2651.370758] ? find_held_lock+0x35/0x130 [ 2651.374900] ? ip_finish_output+0x737/0xce0 [ 2651.379254] ? mark_held_locks+0xb1/0x100 [ 2651.383417] ? ip_finish_output2+0x1295/0x1730 [ 2651.388011] ? ip_finish_output+0x737/0xce0 [ 2651.392347] ? ip_finish_output2+0x1295/0x1730 [ 2651.396949] dev_queue_xmit+0x18/0x20 [ 2651.400768] ? dev_queue_xmit+0x18/0x20 [ 2651.404737] ip_finish_output2+0x1041/0x1730 [ 2651.409252] ? ip_output+0x451/0x650 [ 2651.413008] ? ip_copy_metadata+0xce0/0xce0 [ 2651.417326] ? __lock_is_held+0xb6/0x140 [ 2651.421388] ip_finish_output+0x737/0xce0 [ 2651.425530] ? ip_finish_output+0x737/0xce0 [ 2651.429853] ip_output+0x225/0x650 [ 2651.433397] ? ip_mc_output+0xf50/0xf50 [ 2651.437386] ? ip_fragment.constprop.0+0x240/0x240 [ 2651.442340] ip_local_out+0xbb/0x190 [ 2651.446074] __ip_queue_xmit+0x86f/0x1bc0 [ 2651.450241] ? kasan_check_write+0x14/0x20 [ 2651.454505] ip_queue_xmit+0x5a/0x70 [ 2651.458220] __tcp_transmit_skb+0x1aeb/0x39f0 [ 2651.462728] ? __tcp_select_window+0x860/0x860 [ 2651.467370] ? sched_clock+0x2e/0x50 [ 2651.471116] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2651.476132] tcp_write_xmit+0x1381/0x51c0 [ 2651.480286] tcp_push_one+0xdd/0x110 [ 2651.484005] tcp_sendmsg_locked+0xa40/0x3260 [ 2651.488429] ? tcp_sendpage+0x60/0x60 [ 2651.492222] ? trace_hardirqs_on+0x67/0x220 [ 2651.496539] ? lock_sock_nested+0x9a/0x120 [ 2651.500761] ? __local_bh_enable_ip+0x15a/0x270 [ 2651.505420] tcp_sendmsg+0x30/0x50 [ 2651.508964] inet_sendmsg+0x141/0x5d0 [ 2651.512761] ? ipip_gro_receive+0x100/0x100 [ 2651.517086] sock_sendmsg+0xd7/0x130 [ 2651.520798] ___sys_sendmsg+0x3e2/0x920 [ 2651.524782] ? copy_msghdr_from_user+0x430/0x430 [ 2651.529539] ? mark_held_locks+0x100/0x100 [ 2651.533773] ? kasan_check_read+0x11/0x20 [ 2651.537911] ? __might_fault+0x12b/0x1e0 [ 2651.541971] ? find_held_lock+0x35/0x130 [ 2651.546026] ? __might_fault+0x12b/0x1e0 [ 2651.550181] __sys_sendmmsg+0x1bf/0x4e0 [ 2651.554145] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2651.558514] ? kasan_check_write+0x14/0x20 [ 2651.562761] ? __sb_end_write+0xd9/0x110 [ 2651.566909] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2651.572435] ? fput+0x128/0x1a0 [ 2651.575700] ? ksys_write+0x1f1/0x2d0 [ 2651.579491] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2651.584233] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2651.589024] ? do_syscall_64+0x26/0x620 [ 2651.593000] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2651.598374] ? do_syscall_64+0x26/0x620 [ 2651.602496] __x64_sys_sendmmsg+0x9d/0x100 [ 2651.606740] do_syscall_64+0xfd/0x620 [ 2651.610570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2651.616107] RIP: 0033:0x45a219 [ 2651.619298] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2651.640163] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2651.647866] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 16:26:31 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x40049409, &(0x7f0000000100)={0x0, 0x0}) [ 2651.655127] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2651.662389] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2651.669660] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2651.676927] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:31 executing program 1 (fault-call:3 fault-nth:18): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2651.762882] EXT4-fs (loop0): bad geometry: first data block 32918 is beyond end of filesystem (1080) [ 2651.772976] EXT4-fs (loop5): bad geometry: first data block 4194304 is beyond end of filesystem (1080) 16:26:31 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x40086602, &(0x7f0000000100)={0x0, 0x0}) 16:26:31 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x281400, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2651.947125] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2651.954556] FAULT_INJECTION: forcing a failure. [ 2651.954556] name failslab, interval 1, probability 0, space 0, times 0 [ 2652.002736] CPU: 1 PID: 11563 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2652.009719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2652.019095] Call Trace: [ 2652.021849] dump_stack+0x172/0x1f0 [ 2652.025522] should_fail.cold+0xa/0x1b [ 2652.029435] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2652.034552] ? lock_downgrade+0x880/0x880 [ 2652.038757] __should_failslab+0x121/0x190 [ 2652.043010] should_failslab+0x9/0x14 [ 2652.043251] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2652.047624] kmem_cache_alloc_node+0x26c/0x710 [ 2652.059679] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2652.061206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2652.075668] ? tcp_established_options+0x2ae/0x480 [ 2652.080619] __alloc_skb+0xd5/0x5f0 [ 2652.084265] ? skb_scrub_packet+0x490/0x490 [ 2652.084282] ? __sk_flush_backlog+0x30/0x40 [ 2652.084295] ? trace_hardirqs_on+0x67/0x220 [ 2652.084312] sk_stream_alloc_skb+0xc8/0x860 [ 2652.084331] tcp_sendmsg_locked+0xc93/0x3260 [ 2652.091737] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2652.092996] ? tcp_sendpage+0x60/0x60 [ 2652.093012] ? trace_hardirqs_on+0x67/0x220 [ 2652.093029] ? lock_sock_nested+0x9a/0x120 [ 2652.101662] ? __local_bh_enable_ip+0x15a/0x270 [ 2652.114195] tcp_sendmsg+0x30/0x50 [ 2652.114214] inet_sendmsg+0x141/0x5d0 [ 2652.114228] ? ipip_gro_receive+0x100/0x100 [ 2652.114244] sock_sendmsg+0xd7/0x130 [ 2652.146771] ___sys_sendmsg+0x3e2/0x920 [ 2652.150769] ? copy_msghdr_from_user+0x430/0x430 [ 2652.155554] ? mark_held_locks+0x100/0x100 [ 2652.159801] ? kasan_check_read+0x11/0x20 [ 2652.163968] ? __might_fault+0x12b/0x1e0 [ 2652.168019] ? find_held_lock+0x35/0x130 [ 2652.172807] ? __might_fault+0x12b/0x1e0 [ 2652.176885] __sys_sendmmsg+0x1bf/0x4e0 [ 2652.180871] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2652.185183] ? kasan_check_write+0x14/0x20 [ 2652.189413] ? __sb_end_write+0xd9/0x110 [ 2652.193464] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2652.198990] ? fput+0x128/0x1a0 [ 2652.202415] ? ksys_write+0x1f1/0x2d0 [ 2652.206348] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2652.211120] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2652.215874] ? do_syscall_64+0x26/0x620 [ 2652.219843] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2652.225212] ? do_syscall_64+0x26/0x620 [ 2652.229220] __x64_sys_sendmmsg+0x9d/0x100 [ 2652.233473] do_syscall_64+0xfd/0x620 [ 2652.237315] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2652.242504] RIP: 0033:0x45a219 [ 2652.245686] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2652.264589] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2652.272358] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2652.279622] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2652.286895] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2652.294165] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2652.301436] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:32 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1601000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:32 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000408700000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x40087602, &(0x7f0000000100)={0x0, 0x0}) 16:26:32 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000048000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:32 executing program 1 (fault-call:3 fault-nth:19): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:32 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x490000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x4020940d, &(0x7f0000000100)={0x0, 0x0}) [ 2652.508802] FAULT_INJECTION: forcing a failure. [ 2652.508802] name failslab, interval 1, probability 0, space 0, times 0 [ 2652.516932] EXT4-fs (loop0): bad geometry: first data block 34624 is beyond end of filesystem (1080) 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000100)={0x0, 0x0}) [ 2652.580047] CPU: 1 PID: 11587 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2652.587025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2652.596494] Call Trace: [ 2652.599107] dump_stack+0x172/0x1f0 [ 2652.602758] should_fail.cold+0xa/0x1b [ 2652.606665] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2652.611793] ? lock_downgrade+0x880/0x880 [ 2652.615979] __should_failslab+0x121/0x190 [ 2652.620233] should_failslab+0x9/0x14 [ 2652.624054] kmem_cache_alloc_node_trace+0x274/0x720 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d3, &(0x7f0000000100)={0x0, 0x0}) [ 2652.629183] ? __alloc_skb+0xd5/0x5f0 [ 2652.633009] __kmalloc_node_track_caller+0x3d/0x80 [ 2652.637962] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2652.642655] __alloc_skb+0x10b/0x5f0 [ 2652.646386] ? skb_scrub_packet+0x490/0x490 [ 2652.650716] ? __sk_flush_backlog+0x30/0x40 [ 2652.655054] ? trace_hardirqs_on+0x67/0x220 [ 2652.659401] sk_stream_alloc_skb+0xc8/0x860 [ 2652.663746] tcp_sendmsg_locked+0xc93/0x3260 [ 2652.668899] ? tcp_sendpage+0x60/0x60 [ 2652.672730] ? trace_hardirqs_on+0x67/0x220 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x80086601, &(0x7f0000000100)={0x0, 0x0}) [ 2652.677604] ? lock_sock_nested+0x9a/0x120 [ 2652.681864] ? __local_bh_enable_ip+0x15a/0x270 [ 2652.686559] tcp_sendmsg+0x30/0x50 [ 2652.690117] inet_sendmsg+0x141/0x5d0 [ 2652.693946] ? ipip_gro_receive+0x100/0x100 [ 2652.698286] sock_sendmsg+0xd7/0x130 [ 2652.702011] ___sys_sendmsg+0x3e2/0x920 [ 2652.706007] ? copy_msghdr_from_user+0x430/0x430 [ 2652.710801] ? mark_held_locks+0x100/0x100 [ 2652.715067] ? kasan_check_read+0x11/0x20 [ 2652.719428] ? __might_fault+0x12b/0x1e0 [ 2652.723507] ? find_held_lock+0x35/0x130 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x80087601, &(0x7f0000000100)={0x0, 0x0}) [ 2652.727585] ? __might_fault+0x12b/0x1e0 [ 2652.731721] __sys_sendmmsg+0x1bf/0x4e0 [ 2652.735724] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2652.740071] ? kasan_check_write+0x14/0x20 [ 2652.744327] ? __sb_end_write+0xd9/0x110 [ 2652.748407] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2652.753967] ? fput+0x128/0x1a0 [ 2652.757273] ? ksys_write+0x1f1/0x2d0 [ 2652.761093] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2652.765867] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2652.770648] ? do_syscall_64+0x26/0x620 [ 2652.774647] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x0}) [ 2652.780026] ? do_syscall_64+0x26/0x620 [ 2652.784023] __x64_sys_sendmmsg+0x9d/0x100 [ 2652.788298] do_syscall_64+0xfd/0x620 [ 2652.792298] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2652.797502] RIP: 0033:0x45a219 [ 2652.800706] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2652.819885] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2652.827745] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2652.835139] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2652.842427] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2652.849754] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2652.857034] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2652.927460] EXT4-fs (loop5): bad geometry: first data block 4718592 is beyond end of filesystem (1080) [ 2652.938979] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2652.967330] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2653.022288] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:32 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x0}) 16:26:32 executing program 1 (fault-call:3 fault-nth:20): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:32 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:32 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000038c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:32 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000148000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2653.095270] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2653.164487] FAULT_INJECTION: forcing a failure. [ 2653.164487] name fail_page_alloc, interval 1, probability 0, space 0, times 0 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0xc0189436, &(0x7f0000000100)={0x0, 0x0}) [ 2653.214524] CPU: 1 PID: 11619 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2653.221595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2653.230966] Call Trace: [ 2653.233611] dump_stack+0x172/0x1f0 [ 2653.237267] should_fail.cold+0xa/0x1b [ 2653.241194] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2653.246326] ? mark_held_locks+0xb1/0x100 [ 2653.250503] __alloc_pages_nodemask+0x1ee/0x750 [ 2653.255812] ? find_held_lock+0x35/0x130 [ 2653.259906] ? __alloc_pages_slowpath+0x2870/0x2870 16:26:32 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0xc020660b, &(0x7f0000000100)={0x0, 0x0}) [ 2653.265029] ? lock_downgrade+0x880/0x880 [ 2653.269189] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2653.274217] ? iov_iter_advance+0x261/0xe30 [ 2653.278562] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2653.284133] alloc_pages_current+0x107/0x210 [ 2653.288569] skb_page_frag_refill+0x277/0x460 [ 2653.293137] sk_page_frag_refill+0x55/0x1f0 [ 2653.297488] tcp_sendmsg_locked+0xff7/0x3260 [ 2653.301943] ? tcp_sendpage+0x60/0x60 [ 2653.305935] ? trace_hardirqs_on+0x67/0x220 [ 2653.310283] ? lock_sock_nested+0x9a/0x120 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2653.314538] ? __local_bh_enable_ip+0x15a/0x270 [ 2653.319229] tcp_sendmsg+0x30/0x50 [ 2653.322790] inet_sendmsg+0x141/0x5d0 [ 2653.326607] ? ipip_gro_receive+0x100/0x100 [ 2653.330947] sock_sendmsg+0xd7/0x130 [ 2653.334685] ___sys_sendmsg+0x3e2/0x920 [ 2653.338680] ? copy_msghdr_from_user+0x430/0x430 [ 2653.343468] ? mark_held_locks+0x100/0x100 [ 2653.347720] ? kasan_check_read+0x11/0x20 [ 2653.351893] ? __might_fault+0x12b/0x1e0 [ 2653.355968] ? find_held_lock+0x35/0x130 [ 2653.360053] ? __might_fault+0x12b/0x1e0 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x1000000, 0x0}) 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x8040, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000040)={0x3, 0x4, [0x200]}) [ 2653.364149] __sys_sendmmsg+0x1bf/0x4e0 [ 2653.368143] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2653.372479] ? kasan_check_write+0x14/0x20 [ 2653.376737] ? __sb_end_write+0xd9/0x110 [ 2653.380819] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2653.386369] ? fput+0x128/0x1a0 [ 2653.389659] ? ksys_write+0x1f1/0x2d0 [ 2653.393482] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2653.398254] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2653.403026] ? do_syscall_64+0x26/0x620 [ 2653.407009] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2653.412386] ? do_syscall_64+0x26/0x620 [ 2653.416391] __x64_sys_sendmmsg+0x9d/0x100 [ 2653.420658] do_syscall_64+0xfd/0x620 [ 2653.424497] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2653.429705] RIP: 0033:0x45a219 [ 2653.432915] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2653.451842] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl(r1, 0x1546b4e0, &(0x7f0000000140)="8d86eb36566d0af3234c4e2e484a022cb448baa9030984f05a7a95297f8787a927b9f400e258defec5196b4bd5bc3f50b66eb973d70bbc43f266954ae0d6c3b9764eef9251baf91667e3e96f418858c8aadbe3db6efe29d655eeeed73330898ca4965cc22bbd20dd9cda0088f6f9789c430d8beea260dbac5d508d9978a69a1a0afa918de95b6889e2375df9a9d8ff97c59bc96a769264") ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0xd3, 0x20e0c0) ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000040)={0x6, 0x6, 0x4, 0x80000, {0x0, 0x7530}, {0x2, 0x2, 0xfe, 0x40, 0x4, 0x60, "b91890c1"}, 0xb0f1, 0x3, @offset=0x5, 0x4}) [ 2653.459578] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2653.466872] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2653.474168] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2653.481467] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2653.488754] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2653.528355] EXT4-fs (loop0): bad geometry: first data block 35843 is beyond end of filesystem (1080) [ 2653.542498] EXT4-fs (loop5): bad geometry: first data block 4718848 is beyond end of filesystem (1080) [ 2653.550779] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2653.730804] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2653.776648] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2653.800458] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:33 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2200000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x1010000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:33 executing program 1 (fault-call:3 fault-nth:21): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:33 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00ffffff8c00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x123800, 0x0) ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000040)=0x8) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:33 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000004c000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2653.821136] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2653.903938] Unknown ioctl -1073457625 [ 2653.905168] FAULT_INJECTION: forcing a failure. [ 2653.905168] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2653.942015] CPU: 1 PID: 11866 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2653.949076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2653.958537] Call Trace: [ 2653.961179] dump_stack+0x172/0x1f0 [ 2653.965281] should_fail.cold+0xa/0x1b [ 2653.969215] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2653.974345] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2653.978944] ? retint_kernel+0x2d/0x2d [ 2653.982930] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2653.988143] __alloc_pages_nodemask+0x1ee/0x750 [ 2653.992833] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2653.997877] ? __sanitizer_cov_trace_cmp8+0x18/0x20 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = add_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$restrict_keyring(0x1d, r1, &(0x7f0000000080)='rxrpc_s\x00', &(0x7f00000000c0)='#$trusted$\\\x00') [ 2654.003191] ? iov_iter_advance+0x261/0xe30 [ 2654.007625] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2654.013212] alloc_pages_current+0x107/0x210 [ 2654.017648] skb_page_frag_refill+0x277/0x460 [ 2654.023666] sk_page_frag_refill+0x55/0x1f0 [ 2654.028018] tcp_sendmsg_locked+0xff7/0x3260 [ 2654.032733] ? tcp_sendpage+0x60/0x60 [ 2654.036562] ? trace_hardirqs_on+0x67/0x220 [ 2654.040915] ? lock_sock_nested+0x9a/0x120 [ 2654.045303] ? __local_bh_enable_ip+0x15a/0x270 [ 2654.050008] tcp_sendmsg+0x30/0x50 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) prctl$PR_SET_UNALIGN(0x6, 0x2) [ 2654.053564] inet_sendmsg+0x141/0x5d0 [ 2654.057380] ? ipip_gro_receive+0x100/0x100 [ 2654.061718] sock_sendmsg+0xd7/0x130 [ 2654.065455] ___sys_sendmsg+0x3e2/0x920 [ 2654.069466] ? copy_msghdr_from_user+0x430/0x430 [ 2654.074249] ? mark_held_locks+0x100/0x100 [ 2654.078511] ? kasan_check_read+0x11/0x20 [ 2654.082716] ? __might_fault+0x12b/0x1e0 [ 2654.087062] ? find_held_lock+0x35/0x130 [ 2654.091148] ? __might_fault+0x12b/0x1e0 [ 2654.095507] __sys_sendmmsg+0x1bf/0x4e0 [ 2654.099682] ? __ia32_sys_sendmsg+0xb0/0xb0 16:26:33 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x612200, 0x0) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, &(0x7f0000000080)={0x34, 0x0, &(0x7f0000000040)}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) inotify_add_watch(r3, &(0x7f00000000c0)='./file0\x00', 0x60000018) flistxattr(r0, &(0x7f0000000100)=""/102400, 0xfffffffffffffcec) [ 2654.104174] ? kasan_check_write+0x14/0x20 [ 2654.108442] ? __sb_end_write+0xd9/0x110 [ 2654.112540] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2654.118189] ? fput+0x128/0x1a0 [ 2654.121487] ? ksys_write+0x1f1/0x2d0 [ 2654.125316] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2654.130094] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2654.134871] ? do_syscall_64+0x26/0x620 [ 2654.138853] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2654.144250] ? do_syscall_64+0x26/0x620 [ 2654.148249] __x64_sys_sendmmsg+0x9d/0x100 [ 2654.152508] do_syscall_64+0xfd/0x620 [ 2654.156338] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2654.161537] RIP: 0033:0x45a219 [ 2654.164737] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2654.183674] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2654.192014] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 16:26:33 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000080), 0x1, &(0x7f00000000c0)={[{@degraded='degraded'}, {@space_cache='space_cache'}], [{@seclabel='seclabel'}, {@appraise_type='appraise_type=imasig'}]}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpu.stat\x00', 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) [ 2654.199323] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2654.206606] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2654.213888] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2654.221454] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:34 executing program 1 (fault-call:3 fault-nth:22): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2654.280635] EXT4-fs (loop5): bad geometry: first data block 4980736 is beyond end of filesystem (1080) [ 2654.293562] EXT4-fs (loop0): bad geometry: first data block 36095 is beyond end of filesystem (1080) 16:26:34 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x2000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2654.449912] FAULT_INJECTION: forcing a failure. [ 2654.449912] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2654.502051] CPU: 1 PID: 12379 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2654.509025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2654.518566] Call Trace: [ 2654.521269] dump_stack+0x172/0x1f0 [ 2654.524916] should_fail.cold+0xa/0x1b [ 2654.529355] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2654.534733] ? mark_held_locks+0xb1/0x100 [ 2654.538885] __alloc_pages_nodemask+0x1ee/0x750 [ 2654.543547] ? find_held_lock+0x35/0x130 [ 2654.547604] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2654.552713] ? lock_downgrade+0x880/0x880 [ 2654.556859] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2654.561864] ? iov_iter_advance+0x261/0xe30 [ 2654.566175] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2654.571704] alloc_pages_current+0x107/0x210 [ 2654.576206] skb_page_frag_refill+0x277/0x460 [ 2654.580694] sk_page_frag_refill+0x55/0x1f0 [ 2654.585009] tcp_sendmsg_locked+0xff7/0x3260 [ 2654.589417] ? tcp_sendpage+0x60/0x60 [ 2654.593220] ? trace_hardirqs_on+0x67/0x220 [ 2654.597619] ? lock_sock_nested+0x9a/0x120 [ 2654.601853] ? __local_bh_enable_ip+0x15a/0x270 [ 2654.606516] tcp_sendmsg+0x30/0x50 [ 2654.610054] inet_sendmsg+0x141/0x5d0 [ 2654.613847] ? ipip_gro_receive+0x100/0x100 [ 2654.618160] sock_sendmsg+0xd7/0x130 [ 2654.621864] ___sys_sendmsg+0x3e2/0x920 [ 2654.625918] ? copy_msghdr_from_user+0x430/0x430 [ 2654.630780] ? mark_held_locks+0x100/0x100 [ 2654.635705] ? kasan_check_read+0x11/0x20 [ 2654.639851] ? __might_fault+0x12b/0x1e0 [ 2654.643904] ? find_held_lock+0x35/0x130 [ 2654.647961] ? __might_fault+0x12b/0x1e0 [ 2654.652029] __sys_sendmmsg+0x1bf/0x4e0 [ 2654.656013] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2654.660328] ? kasan_check_write+0x14/0x20 [ 2654.664561] ? __sb_end_write+0xd9/0x110 [ 2654.668613] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2654.674144] ? fput+0x128/0x1a0 [ 2654.677422] ? ksys_write+0x1f1/0x2d0 [ 2654.681229] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2654.686082] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2654.690835] ? do_syscall_64+0x26/0x620 [ 2654.694807] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2654.700165] ? do_syscall_64+0x26/0x620 [ 2654.704171] __x64_sys_sendmmsg+0x9d/0x100 [ 2654.708401] do_syscall_64+0xfd/0x620 [ 2654.712206] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2654.717393] RIP: 0033:0x45a219 [ 2654.720575] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2654.739640] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2654.747355] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2654.754617] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2654.761891] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2654.769149] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2654.776410] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2654.848420] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2654.857999] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2654.867453] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2654.878274] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:34 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2300000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:34 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000044e000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:34 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000bf8d00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:34 executing program 4: r0 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000001480)=0x7ff, 0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/=\xa0\x1a\x0e\n=\xb8\xe3i20\x00', 0x101020, 0x0) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r4 = socket(0x0, 0x0, 0x0) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000001b40)={r6}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={r6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000040)={r6, @in6={{0xa, 0x4e22, 0x9, @empty, 0x10001}}}, &(0x7f0000000140)=0x84) r7 = dup(0xffffffffffffffff) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r7, 0x400443c9, &(0x7f0000000100)={0x2f7, 0x0}) 16:26:34 executing program 1 (fault-call:3 fault-nth:23): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:34 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x3000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2655.030716] FAULT_INJECTION: forcing a failure. [ 2655.030716] name failslab, interval 1, probability 0, space 0, times 0 [ 2655.104952] CPU: 0 PID: 12401 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2655.111920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2655.121314] Call Trace: [ 2655.123941] dump_stack+0x172/0x1f0 [ 2655.127603] should_fail.cold+0xa/0x1b [ 2655.131519] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2655.136648] ? lock_downgrade+0x880/0x880 [ 2655.140822] __should_failslab+0x121/0x190 [ 2655.145075] should_failslab+0x9/0x14 [ 2655.145092] kmem_cache_alloc_node+0x26c/0x710 [ 2655.145108] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2655.145126] ? tcp_established_options+0x2ae/0x480 [ 2655.145147] __alloc_skb+0xd5/0x5f0 [ 2655.145164] ? skb_scrub_packet+0x490/0x490 [ 2655.145178] ? __sk_flush_backlog+0x30/0x40 [ 2655.145190] ? trace_hardirqs_on+0x67/0x220 [ 2655.145207] sk_stream_alloc_skb+0xc8/0x860 [ 2655.159153] tcp_sendmsg_locked+0xc93/0x3260 [ 2655.159182] ? tcp_sendpage+0x60/0x60 [ 2655.193257] ? trace_hardirqs_on+0x67/0x220 [ 2655.197583] ? lock_sock_nested+0x9a/0x120 [ 2655.201913] ? __local_bh_enable_ip+0x15a/0x270 [ 2655.206585] tcp_sendmsg+0x30/0x50 [ 2655.210135] inet_sendmsg+0x141/0x5d0 [ 2655.213938] ? ipip_gro_receive+0x100/0x100 [ 2655.218251] sock_sendmsg+0xd7/0x130 [ 2655.221958] ___sys_sendmsg+0x3e2/0x920 [ 2655.225924] ? copy_msghdr_from_user+0x430/0x430 [ 2655.230676] ? mark_held_locks+0x100/0x100 [ 2655.234902] ? kasan_check_read+0x11/0x20 [ 2655.239044] ? __might_fault+0x12b/0x1e0 [ 2655.243098] ? find_held_lock+0x35/0x130 [ 2655.247165] ? __might_fault+0x12b/0x1e0 [ 2655.251232] __sys_sendmmsg+0x1bf/0x4e0 [ 2655.255203] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2655.259531] ? kasan_check_write+0x14/0x20 [ 2655.263762] ? __sb_end_write+0xd9/0x110 [ 2655.267824] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2655.273350] ? fput+0x128/0x1a0 [ 2655.276619] ? ksys_write+0x1f1/0x2d0 [ 2655.280416] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2655.285182] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2655.289958] ? do_syscall_64+0x26/0x620 [ 2655.293964] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2655.299322] ? do_syscall_64+0x26/0x620 [ 2655.303293] __x64_sys_sendmmsg+0x9d/0x100 [ 2655.307522] do_syscall_64+0xfd/0x620 [ 2655.311316] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2655.316493] RIP: 0033:0x45a219 [ 2655.319689] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2655.338582] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2655.346280] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2655.353554] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2655.360813] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2655.368077] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2655.375348] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2655.383072] net_ratelimit: 5 callbacks suppressed [ 2655.383079] protocol 88fb is buggy, dev hsr_slave_0 [ 2655.393050] protocol 88fb is buggy, dev hsr_slave_1 [ 2655.398221] protocol 88fb is buggy, dev hsr_slave_0 16:26:35 executing program 4: socket$bt_hidp(0x1f, 0x3, 0x6) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000000)=0x1f, 0xffffffffffffffc0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x400443c9, &(0x7f0000000100)={0xfffffec7, 0x0}) [ 2655.403338] protocol 88fb is buggy, dev hsr_slave_1 16:26:35 executing program 1 (fault-call:3 fault-nth:24): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2655.439617] EXT4-fs (loop5): bad geometry: first data block 5112832 is beyond end of filesystem (1080) [ 2655.449743] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2655.529872] FAULT_INJECTION: forcing a failure. [ 2655.529872] name failslab, interval 1, probability 0, space 0, times 0 [ 2655.543693] CPU: 1 PID: 12554 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2655.550684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2655.560058] Call Trace: [ 2655.562675] dump_stack+0x172/0x1f0 [ 2655.566332] should_fail.cold+0xa/0x1b [ 2655.570340] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2655.575470] ? lock_downgrade+0x880/0x880 16:26:35 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x4000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2655.579647] __should_failslab+0x121/0x190 [ 2655.583895] should_failslab+0x9/0x14 [ 2655.587716] kmem_cache_alloc_node_trace+0x274/0x720 [ 2655.592848] ? __alloc_skb+0xd5/0x5f0 [ 2655.596686] __kmalloc_node_track_caller+0x3d/0x80 [ 2655.601639] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2655.606331] __alloc_skb+0x10b/0x5f0 [ 2655.610679] ? skb_scrub_packet+0x490/0x490 [ 2655.615019] ? __sk_flush_backlog+0x30/0x40 [ 2655.619372] ? trace_hardirqs_on+0x67/0x220 [ 2655.623717] sk_stream_alloc_skb+0xc8/0x860 16:26:35 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f00000000c0)={0xfffffffffffffe42, 0x0}) [ 2655.628055] tcp_sendmsg_locked+0xc93/0x3260 [ 2655.633095] ? tcp_sendpage+0x60/0x60 [ 2655.637048] ? trace_hardirqs_on+0x67/0x220 [ 2655.641401] ? lock_sock_nested+0x9a/0x120 [ 2655.645659] ? __local_bh_enable_ip+0x15a/0x270 [ 2655.650354] tcp_sendmsg+0x30/0x50 [ 2655.653912] inet_sendmsg+0x141/0x5d0 [ 2655.657729] ? ipip_gro_receive+0x100/0x100 [ 2655.662070] sock_sendmsg+0xd7/0x130 [ 2655.665799] ___sys_sendmsg+0x3e2/0x920 [ 2655.669793] ? copy_msghdr_from_user+0x430/0x430 [ 2655.674575] ? mark_held_locks+0x100/0x100 [ 2655.678843] ? kasan_check_read+0x11/0x20 [ 2655.683014] ? __might_fault+0x12b/0x1e0 [ 2655.687095] ? find_held_lock+0x35/0x130 [ 2655.691181] ? __might_fault+0x12b/0x1e0 [ 2655.695281] __sys_sendmmsg+0x1bf/0x4e0 [ 2655.699281] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2655.703625] ? kasan_check_write+0x14/0x20 [ 2655.707884] ? __sb_end_write+0xd9/0x110 [ 2655.711966] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2655.717518] ? fput+0x128/0x1a0 [ 2655.720815] ? ksys_write+0x1f1/0x2d0 [ 2655.724636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2655.729407] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2655.734180] ? do_syscall_64+0x26/0x620 [ 2655.738178] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2655.743681] ? do_syscall_64+0x26/0x620 [ 2655.747674] __x64_sys_sendmmsg+0x9d/0x100 [ 2655.751933] do_syscall_64+0xfd/0x620 [ 2655.755768] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2655.760974] RIP: 0033:0x45a219 [ 2655.764183] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2655.783083] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2655.783099] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2655.783107] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2655.783116] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2655.783124] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2655.783133] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:35 executing program 1 (fault-call:3 fault-nth:25): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2655.813841] EXT4-fs (loop0): bad geometry: first data block 36287 is beyond end of filesystem (1080) [ 2655.848954] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:35 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = gettid() r2 = socket(0x0, 0x3, 0x2) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$SIOCRSSL2CALL(r2, 0x89e2, &(0x7f0000000140)=@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}) perf_event_open(&(0x7f0000000540)={0x0, 0x70, 0x0, 0x0, 0x81, 0x11, 0x0, 0x40, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xe52c, 0x0, @perf_config_ext={0x3f, 0x401}, 0x100, 0x0, 0x7, 0x7, 0x2, 0x0, 0x9}, r1, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r1) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x4000, 0x0) ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000040)={0x0, @reserved}) [ 2655.902048] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2655.933262] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2655.946185] FAULT_INJECTION: forcing a failure. [ 2655.946185] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2655.949043] EXT4-fs: failed to create workqueue [ 2655.963696] EXT4-fs (loop3): mount failed [ 2655.972105] CPU: 1 PID: 12740 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2655.979061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2655.988425] Call Trace: [ 2655.991037] dump_stack+0x172/0x1f0 [ 2655.994871] should_fail.cold+0xa/0x1b [ 2655.998790] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2656.003923] ? mark_held_locks+0xb1/0x100 [ 2656.008104] __alloc_pages_nodemask+0x1ee/0x750 [ 2656.012787] ? find_held_lock+0x35/0x130 [ 2656.016862] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2656.021902] ? lock_downgrade+0x880/0x880 [ 2656.026052] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2656.031080] ? iov_iter_advance+0x261/0xe30 [ 2656.035415] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2656.040975] alloc_pages_current+0x107/0x210 [ 2656.045483] skb_page_frag_refill+0x277/0x460 [ 2656.049999] sk_page_frag_refill+0x55/0x1f0 [ 2656.054343] tcp_sendmsg_locked+0xff7/0x3260 [ 2656.058791] ? tcp_sendpage+0x60/0x60 [ 2656.062605] ? trace_hardirqs_on+0x67/0x220 [ 2656.066946] ? lock_sock_nested+0x9a/0x120 [ 2656.071195] ? __local_bh_enable_ip+0x15a/0x270 [ 2656.075865] tcp_sendmsg+0x30/0x50 [ 2656.079392] inet_sendmsg+0x141/0x5d0 [ 2656.083211] ? ipip_gro_receive+0x100/0x100 [ 2656.087529] sock_sendmsg+0xd7/0x130 [ 2656.091248] ___sys_sendmsg+0x3e2/0x920 [ 2656.095222] ? copy_msghdr_from_user+0x430/0x430 [ 2656.100319] ? mark_held_locks+0x100/0x100 [ 2656.104596] ? kasan_check_read+0x11/0x20 [ 2656.108758] ? __might_fault+0x12b/0x1e0 [ 2656.112837] ? find_held_lock+0x35/0x130 [ 2656.116892] ? __might_fault+0x12b/0x1e0 [ 2656.120985] __sys_sendmmsg+0x1bf/0x4e0 [ 2656.125076] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2656.129423] ? kasan_check_write+0x14/0x20 [ 2656.133684] ? __sb_end_write+0xd9/0x110 [ 2656.137738] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2656.143263] ? fput+0x128/0x1a0 [ 2656.146569] ? ksys_write+0x1f1/0x2d0 [ 2656.150435] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2656.155190] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2656.159945] ? do_syscall_64+0x26/0x620 [ 2656.164097] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2656.169462] ? do_syscall_64+0x26/0x620 [ 2656.173431] __x64_sys_sendmmsg+0x9d/0x100 [ 2656.177681] do_syscall_64+0xfd/0x620 [ 2656.181473] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2656.186648] RIP: 0033:0x45a219 [ 2656.189865] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2656.208846] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2656.216548] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2656.223821] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2656.231084] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2656.238430] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2656.245694] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:36 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2904000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:36 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000044f000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:36 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000039200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x5000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:36 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = signalfd4(r0, &(0x7f0000000000)={0x1}, 0x8, 0x80000) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000500)="fc00008b096d0a562e877600090077070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae406d5e1d22a8338a2ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de08448dd74598528ad01d6cf9f87da9daa00d9e25b3309fbd3c90eba5cef69a7b084fc8575c62ce5a66de78a3c23981e0794c35d71db0956087062387706821464fe5e526dcb1c453b1d0887cd685d4fc0adfd1d9b90eb42d81827d19d0161b9d1f0d36ba6ffcd5cf3255b141a5e97ac05175194514f20ada220cdd6a3a4e44694494c8135c4555707e7b64a2c9cc966e4ff1d2e156b34d8d4e0600259996c9e96f7942950f8f1f6ec62bae6b866b54592e142a481f43d6ac8c562a5fd9cc23aecf548e2f5d3e9bdc3ece39abca759037bf82ebb3cabf7d05c9a14c8d50226afdc10538f5381e7e51a5410440dfb8b183c483e05e925369f5128ec858bdc02c2c1", 0x1fc) dup2(r1, r2) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:36 executing program 1 (fault-call:3 fault-nth:26): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2656.321552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27913 sclass=netlink_route_socket pig=12847 comm=syz-executor.4 [ 2656.354422] FAULT_INJECTION: forcing a failure. [ 2656.354422] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2656.366538] CPU: 1 PID: 12850 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2656.373480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2656.382837] Call Trace: [ 2656.382864] dump_stack+0x172/0x1f0 [ 2656.382886] should_fail.cold+0xa/0x1b [ 2656.382903] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2656.382923] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2656.402700] ? retint_kernel+0x2d/0x2d [ 2656.406603] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2656.411558] __alloc_pages_nodemask+0x1ee/0x750 [ 2656.416252] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2656.421284] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2656.426318] ? iov_iter_advance+0x261/0xe30 [ 2656.430655] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2656.436215] alloc_pages_current+0x107/0x210 [ 2656.440824] skb_page_frag_refill+0x277/0x460 [ 2656.445362] sk_page_frag_refill+0x55/0x1f0 [ 2656.449707] tcp_sendmsg_locked+0xff7/0x3260 [ 2656.454176] ? tcp_sendpage+0x60/0x60 [ 2656.458002] ? trace_hardirqs_on+0x67/0x220 [ 2656.462340] ? lock_sock_nested+0x9a/0x120 [ 2656.466597] ? __local_bh_enable_ip+0x15a/0x270 16:26:36 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r1, 0x0, 0x0, 0x4) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r3 = socket$inet(0xa, 0x801, 0x84) connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r3, 0x9) r4 = accept4(r3, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r5 = socket(0x0, 0x0, 0x0) r6 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000001b40)={r7}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000000)={r7}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000040)={r7, 0x3}, &(0x7f0000000080)=0x8) ioctl$SG_SET_DEBUG(r1, 0x227e, &(0x7f0000000000)) [ 2656.471285] tcp_sendmsg+0x30/0x50 [ 2656.474846] inet_sendmsg+0x141/0x5d0 [ 2656.478687] ? ipip_gro_receive+0x100/0x100 [ 2656.483018] sock_sendmsg+0xd7/0x130 [ 2656.486754] ___sys_sendmsg+0x3e2/0x920 [ 2656.490749] ? copy_msghdr_from_user+0x430/0x430 [ 2656.495530] ? mark_held_locks+0x100/0x100 [ 2656.499782] ? kasan_check_read+0x11/0x20 [ 2656.503950] ? __might_fault+0x12b/0x1e0 [ 2656.508114] ? find_held_lock+0x35/0x130 [ 2656.512187] ? __might_fault+0x12b/0x1e0 [ 2656.516283] __sys_sendmmsg+0x1bf/0x4e0 [ 2656.520270] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2656.521498] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2656.524610] ? kasan_check_write+0x14/0x20 [ 2656.524635] ? __sb_end_write+0xd9/0x110 [ 2656.524654] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2656.524665] ? fput+0x128/0x1a0 [ 2656.524679] ? ksys_write+0x1f1/0x2d0 [ 2656.554223] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2656.559052] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2656.563825] ? do_syscall_64+0x26/0x620 16:26:36 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r3 = fcntl$dupfd(r1, 0x406, r2) ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0xf1) [ 2656.567808] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2656.573189] ? do_syscall_64+0x26/0x620 [ 2656.577190] __x64_sys_sendmmsg+0x9d/0x100 [ 2656.581447] do_syscall_64+0xfd/0x620 [ 2656.585262] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2656.590459] RIP: 0033:0x45a219 [ 2656.593680] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2656.612860] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:36 executing program 1 (fault-call:3 fault-nth:27): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2656.620758] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2656.622966] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2656.628140] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2656.628150] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2656.628164] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2656.628172] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2656.687780] FAULT_INJECTION: forcing a failure. [ 2656.687780] name failslab, interval 1, probability 0, space 0, times 0 [ 2656.707027] CPU: 1 PID: 13060 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2656.713995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2656.723361] Call Trace: [ 2656.725970] dump_stack+0x172/0x1f0 [ 2656.729616] should_fail.cold+0xa/0x1b [ 2656.733637] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2656.738762] ? lock_downgrade+0x880/0x880 [ 2656.742950] __should_failslab+0x121/0x190 [ 2656.747205] should_failslab+0x9/0x14 [ 2656.751023] kmem_cache_alloc_node+0x26c/0x710 [ 2656.755625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2656.761176] ? tcp_established_options+0x2ae/0x480 [ 2656.766114] __alloc_skb+0xd5/0x5f0 [ 2656.769746] ? skb_scrub_packet+0x490/0x490 [ 2656.774082] ? __sk_flush_backlog+0x30/0x40 [ 2656.778407] ? trace_hardirqs_on+0x67/0x220 [ 2656.782773] sk_stream_alloc_skb+0xc8/0x860 [ 2656.787115] tcp_sendmsg_locked+0xc93/0x3260 [ 2656.791523] ? tcp_sendpage+0x60/0x60 [ 2656.795320] ? trace_hardirqs_on+0x67/0x220 [ 2656.799653] ? lock_sock_nested+0x9a/0x120 [ 2656.803876] ? __local_bh_enable_ip+0x15a/0x270 [ 2656.808539] tcp_sendmsg+0x30/0x50 [ 2656.812184] inet_sendmsg+0x141/0x5d0 [ 2656.815973] ? ipip_gro_receive+0x100/0x100 [ 2656.820284] sock_sendmsg+0xd7/0x130 [ 2656.823989] ___sys_sendmsg+0x3e2/0x920 [ 2656.827952] ? copy_msghdr_from_user+0x430/0x430 [ 2656.832728] ? mark_held_locks+0x100/0x100 [ 2656.836956] ? kasan_check_read+0x11/0x20 [ 2656.841094] ? __might_fault+0x12b/0x1e0 [ 2656.845149] ? find_held_lock+0x35/0x130 [ 2656.849199] ? __might_fault+0x12b/0x1e0 [ 2656.853264] __sys_sendmmsg+0x1bf/0x4e0 [ 2656.857241] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2656.861558] ? kasan_check_write+0x14/0x20 [ 2656.865795] ? __sb_end_write+0xd9/0x110 [ 2656.869847] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2656.875371] ? fput+0x128/0x1a0 [ 2656.878638] ? ksys_write+0x1f1/0x2d0 [ 2656.882450] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2656.887218] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2656.891974] ? do_syscall_64+0x26/0x620 [ 2656.895948] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2656.901309] ? do_syscall_64+0x26/0x620 [ 2656.905299] __x64_sys_sendmmsg+0x9d/0x100 [ 2656.909539] do_syscall_64+0xfd/0x620 [ 2656.913331] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2656.918511] RIP: 0033:0x45a219 [ 2656.921693] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2656.940583] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2656.948287] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2656.955549] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2656.962820] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2656.970094] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2656.977360] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:36 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4) 16:26:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x6000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2657.089026] EXT4-fs (loop5): bad geometry: first data block 5178368 is beyond end of filesystem (1080) 16:26:36 executing program 1 (fault-call:3 fault-nth:28): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2657.230411] FAULT_INJECTION: forcing a failure. [ 2657.230411] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2657.259013] CPU: 0 PID: 13281 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2657.266003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2657.266010] Call Trace: [ 2657.266035] dump_stack+0x172/0x1f0 [ 2657.266057] should_fail.cold+0xa/0x1b [ 2657.285656] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2657.290796] ? mark_held_locks+0xb1/0x100 [ 2657.290821] __alloc_pages_nodemask+0x1ee/0x750 [ 2657.290832] ? find_held_lock+0x35/0x130 [ 2657.290850] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2657.308771] ? lock_downgrade+0x880/0x880 [ 2657.313026] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2657.318086] ? iov_iter_advance+0x261/0xe30 [ 2657.322421] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2657.327979] alloc_pages_current+0x107/0x210 [ 2657.332404] skb_page_frag_refill+0x277/0x460 [ 2657.336919] sk_page_frag_refill+0x55/0x1f0 [ 2657.341248] tcp_sendmsg_locked+0xff7/0x3260 [ 2657.345716] ? tcp_sendpage+0x60/0x60 [ 2657.349516] ? trace_hardirqs_on+0x67/0x220 [ 2657.353856] ? lock_sock_nested+0x9a/0x120 [ 2657.358102] ? __local_bh_enable_ip+0x15a/0x270 [ 2657.362781] tcp_sendmsg+0x30/0x50 [ 2657.366330] inet_sendmsg+0x141/0x5d0 [ 2657.370126] ? ipip_gro_receive+0x100/0x100 [ 2657.374451] sock_sendmsg+0xd7/0x130 [ 2657.378165] ___sys_sendmsg+0x3e2/0x920 [ 2657.382154] ? copy_msghdr_from_user+0x430/0x430 [ 2657.386904] ? mark_held_locks+0x100/0x100 [ 2657.391149] ? kasan_check_read+0x11/0x20 [ 2657.395289] ? __might_fault+0x12b/0x1e0 [ 2657.399349] ? find_held_lock+0x35/0x130 [ 2657.403412] ? __might_fault+0x12b/0x1e0 [ 2657.407488] __sys_sendmmsg+0x1bf/0x4e0 [ 2657.411467] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2657.415810] ? kasan_check_write+0x14/0x20 [ 2657.420040] ? __sb_end_write+0xd9/0x110 [ 2657.424097] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2657.429633] ? fput+0x128/0x1a0 [ 2657.432915] ? ksys_write+0x1f1/0x2d0 [ 2657.436709] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2657.441462] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2657.446224] ? do_syscall_64+0x26/0x620 [ 2657.450189] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2657.455551] ? do_syscall_64+0x26/0x620 [ 2657.459567] __x64_sys_sendmmsg+0x9d/0x100 [ 2657.463896] do_syscall_64+0xfd/0x620 [ 2657.467706] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2657.472888] RIP: 0033:0x45a219 [ 2657.476072] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2657.495231] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2657.502947] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2657.510207] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2657.517471] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2657.524743] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2657.532622] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2657.586321] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2657.608488] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2657.621423] EXT4-fs (loop0): bad geometry: first data block 37379 is beyond end of filesystem (1080) [ 2657.644215] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2657.667613] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:37 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2a04000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:37 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000254000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:37 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000029600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:37 executing program 1 (fault-call:3 fault-nth:29): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x7000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:37 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) [ 2657.857893] FAULT_INJECTION: forcing a failure. [ 2657.857893] name failslab, interval 1, probability 0, space 0, times 0 [ 2657.908968] EXT4-fs (loop5): bad geometry: first data block 5505536 is beyond end of filesystem (1080) [ 2657.930636] CPU: 1 PID: 13301 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2657.937629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2657.947005] Call Trace: [ 2657.949616] dump_stack+0x172/0x1f0 [ 2657.953418] should_fail.cold+0xa/0x1b 16:26:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x8000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2657.957339] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2657.962463] ? lock_downgrade+0x880/0x880 [ 2657.966681] __should_failslab+0x121/0x190 [ 2657.970936] should_failslab+0x9/0x14 [ 2657.974745] kmem_cache_alloc_node+0x26c/0x710 [ 2657.979469] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2657.984070] ? retint_kernel+0x2d/0x2d [ 2657.987973] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2657.992918] __alloc_skb+0xd5/0x5f0 [ 2657.996578] ? skb_scrub_packet+0x490/0x490 [ 2658.000905] ? retint_kernel+0x2d/0x2d [ 2658.004982] sk_stream_alloc_skb+0xc8/0x860 [ 2658.009323] tcp_sendmsg_locked+0xc93/0x3260 [ 2658.013758] ? tcp_sendpage+0x60/0x60 [ 2658.013774] ? trace_hardirqs_on+0x67/0x220 [ 2658.013792] ? lock_sock_nested+0x9a/0x120 [ 2658.022013] ? __local_bh_enable_ip+0x15a/0x270 [ 2658.022036] tcp_sendmsg+0x30/0x50 [ 2658.022054] inet_sendmsg+0x141/0x5d0 [ 2658.022068] ? ipip_gro_receive+0x100/0x100 [ 2658.022082] sock_sendmsg+0xd7/0x130 [ 2658.022099] ___sys_sendmsg+0x3e2/0x920 [ 2658.034897] ? copy_msghdr_from_user+0x430/0x430 [ 2658.034923] ? mark_held_locks+0x100/0x100 [ 2658.034940] ? kasan_check_read+0x11/0x20 [ 2658.034960] ? __might_fault+0x12b/0x1e0 [ 2658.043079] ? find_held_lock+0x35/0x130 [ 2658.043096] ? __might_fault+0x12b/0x1e0 [ 2658.043134] __sys_sendmmsg+0x1bf/0x4e0 [ 2658.043152] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2658.043167] ? kasan_check_write+0x14/0x20 [ 2658.043191] ? __sb_end_write+0xd9/0x110 [ 2658.092851] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2658.098412] ? fput+0x128/0x1a0 [ 2658.101737] ? ksys_write+0x1f1/0x2d0 [ 2658.105570] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2658.110343] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2658.115243] ? do_syscall_64+0x26/0x620 [ 2658.119216] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2658.124698] ? do_syscall_64+0x26/0x620 [ 2658.128685] __x64_sys_sendmmsg+0x9d/0x100 [ 2658.132932] do_syscall_64+0xfd/0x620 [ 2658.136754] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2658.141946] RIP: 0033:0x45a219 [ 2658.145137] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2658.164037] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2658.171758] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2658.179202] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2658.186470] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2658.194879] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2658.202147] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:38 executing program 1 (fault-call:3 fault-nth:30): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:38 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xa000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2658.253915] EXT4-fs (loop0): bad geometry: first data block 38402 is beyond end of filesystem (1080) [ 2658.283769] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:38 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2658.332053] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:38 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000056000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2658.375495] FAULT_INJECTION: forcing a failure. [ 2658.375495] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2658.416832] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2658.431088] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2658.465711] CPU: 0 PID: 13438 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2658.467630] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2658.472686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2658.472693] Call Trace: [ 2658.472734] dump_stack+0x172/0x1f0 [ 2658.472756] should_fail.cold+0xa/0x1b [ 2658.472774] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2658.472792] ? mark_held_locks+0xb1/0x100 [ 2658.472813] __alloc_pages_nodemask+0x1ee/0x750 16:26:38 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000039800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2658.472831] ? find_held_lock+0x35/0x130 [ 2658.518976] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2658.524027] ? lock_downgrade+0x880/0x880 [ 2658.528199] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2658.533234] ? iov_iter_advance+0x261/0xe30 [ 2658.537584] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2658.543165] alloc_pages_current+0x107/0x210 [ 2658.547608] skb_page_frag_refill+0x277/0x460 [ 2658.552125] sk_page_frag_refill+0x55/0x1f0 [ 2658.556463] tcp_sendmsg_locked+0xff7/0x3260 [ 2658.560903] ? tcp_sendpage+0x60/0x60 [ 2658.564718] ? trace_hardirqs_on+0x67/0x220 [ 2658.569049] ? lock_sock_nested+0x9a/0x120 [ 2658.569066] ? __local_bh_enable_ip+0x15a/0x270 [ 2658.569086] tcp_sendmsg+0x30/0x50 [ 2658.581522] inet_sendmsg+0x141/0x5d0 [ 2658.585359] ? ipip_gro_receive+0x100/0x100 [ 2658.585376] sock_sendmsg+0xd7/0x130 [ 2658.585391] ___sys_sendmsg+0x3e2/0x920 [ 2658.585408] ? copy_msghdr_from_user+0x430/0x430 [ 2658.585429] ? mark_held_locks+0x100/0x100 [ 2658.606427] ? kasan_check_read+0x11/0x20 [ 2658.610598] ? __might_fault+0x12b/0x1e0 [ 2658.614680] ? find_held_lock+0x35/0x130 [ 2658.618761] ? __might_fault+0x12b/0x1e0 [ 2658.622875] __sys_sendmmsg+0x1bf/0x4e0 [ 2658.626871] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2658.631207] ? kasan_check_write+0x14/0x20 [ 2658.631234] ? __sb_end_write+0xd9/0x110 [ 2658.631253] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2658.645072] ? fput+0x128/0x1a0 [ 2658.648360] ? ksys_write+0x1f1/0x2d0 [ 2658.649241] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2658.652194] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2658.652209] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2658.652222] ? do_syscall_64+0x26/0x620 [ 2658.652236] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2658.652248] ? do_syscall_64+0x26/0x620 [ 2658.652266] __x64_sys_sendmmsg+0x9d/0x100 [ 2658.652288] do_syscall_64+0xfd/0x620 [ 2658.652305] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2658.652315] RIP: 0033:0x45a219 [ 2658.652329] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2658.652335] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2658.652349] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2658.652356] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2658.652362] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2658.652370] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2658.652378] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:38 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2c00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:38 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x400400, 0x0) bind$rxrpc(r1, &(0x7f0000000080)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x24}}}, 0x24) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000000)=0x6f6f, 0x2) 16:26:38 executing program 1 (fault-call:3 fault-nth:31): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2658.776335] EXT4-fs (loop5): bad geometry: first data block 5636096 is beyond end of filesystem (1080) [ 2658.797798] EXT4-fs (loop0): bad geometry: first data block 38915 is beyond end of filesystem (1080) 16:26:38 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2658.854031] FAULT_INJECTION: forcing a failure. [ 2658.854031] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2658.888345] CPU: 0 PID: 13561 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2658.895327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2658.904690] Call Trace: [ 2658.907301] dump_stack+0x172/0x1f0 [ 2658.910952] should_fail.cold+0xa/0x1b [ 2658.914865] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2658.919991] ? mark_held_locks+0xb1/0x100 [ 2658.924286] __alloc_pages_nodemask+0x1ee/0x750 [ 2658.929149] ? find_held_lock+0x35/0x130 [ 2658.933230] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2658.938442] ? lock_downgrade+0x880/0x880 [ 2658.942690] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2658.947729] ? iov_iter_advance+0x261/0xe30 [ 2658.952075] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2658.957635] alloc_pages_current+0x107/0x210 [ 2658.962058] skb_page_frag_refill+0x277/0x460 [ 2658.966574] sk_page_frag_refill+0x55/0x1f0 [ 2658.970925] tcp_sendmsg_locked+0xff7/0x3260 [ 2658.975456] ? tcp_sendpage+0x60/0x60 [ 2658.979270] ? trace_hardirqs_on+0x67/0x220 [ 2658.983603] ? lock_sock_nested+0x9a/0x120 [ 2658.987850] ? __local_bh_enable_ip+0x15a/0x270 [ 2658.992539] tcp_sendmsg+0x30/0x50 [ 2658.996089] inet_sendmsg+0x141/0x5d0 [ 2658.999896] ? ipip_gro_receive+0x100/0x100 16:26:38 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x2, 0x40000) getsockopt$CAN_RAW_JOIN_FILTERS(r1, 0x65, 0x6, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 2659.004244] sock_sendmsg+0xd7/0x130 [ 2659.007982] ___sys_sendmsg+0x3e2/0x920 [ 2659.011974] ? copy_msghdr_from_user+0x430/0x430 [ 2659.016775] ? mark_held_locks+0x100/0x100 [ 2659.021039] ? kasan_check_read+0x11/0x20 [ 2659.025385] ? __might_fault+0x12b/0x1e0 [ 2659.029464] ? find_held_lock+0x35/0x130 [ 2659.033542] ? __might_fault+0x12b/0x1e0 [ 2659.037643] __sys_sendmmsg+0x1bf/0x4e0 [ 2659.042592] ? __ia32_sys_sendmsg+0xb0/0xb0 16:26:38 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000035c000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2659.042612] ? kasan_check_write+0x14/0x20 [ 2659.042638] ? __sb_end_write+0xd9/0x110 [ 2659.042657] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2659.042670] ? fput+0x128/0x1a0 [ 2659.042684] ? ksys_write+0x1f1/0x2d0 [ 2659.042704] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2659.042719] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2659.042733] ? do_syscall_64+0x26/0x620 16:26:38 executing program 1 (fault-call:3 fault-nth:32): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:38 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000009900000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2659.042749] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2659.042762] ? do_syscall_64+0x26/0x620 [ 2659.042781] __x64_sys_sendmmsg+0x9d/0x100 [ 2659.042799] do_syscall_64+0xfd/0x620 [ 2659.042817] entry_SYSCALL_64_after_hwframe+0x49/0xbe 16:26:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x10000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2659.042829] RIP: 0033:0x45a219 [ 2659.042844] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2659.042852] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:39 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000060000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2659.042868] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2659.042877] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2659.042886] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2659.042895] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2659.042904] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:39 executing program 1 (fault-call:3 fault-nth:33): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2659.266100] EXT4-fs (loop5): bad geometry: first data block 6030080 is beyond end of filesystem (1080) [ 2659.348690] FAULT_INJECTION: forcing a failure. [ 2659.348690] name failslab, interval 1, probability 0, space 0, times 0 16:26:39 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2c04000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2659.348709] CPU: 1 PID: 13774 Comm: syz-executor.1 Not tainted 4.19.83 #0 16:26:39 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000029900000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2659.348718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 16:26:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x11000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2659.348722] Call Trace: [ 2659.348744] dump_stack+0x172/0x1f0 [ 2659.348765] should_fail.cold+0xa/0x1b [ 2659.348784] ? fault_create_debugfs_attr+0x1e0/0x1e0 16:26:39 executing program 1 (fault-call:3 fault-nth:34): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2659.348805] ? lock_downgrade+0x880/0x880 [ 2659.348830] __should_failslab+0x121/0x190 [ 2659.348845] should_failslab+0x9/0x14 [ 2659.348863] kmem_cache_alloc_node_trace+0x274/0x720 16:26:39 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000166000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2659.348887] ? __alloc_skb+0xd5/0x5f0 [ 2659.348918] __kmalloc_node_track_caller+0x3d/0x80 [ 2659.348937] __kmalloc_reserve.isra.0+0x40/0xf0 [ 2659.348957] __alloc_skb+0x10b/0x5f0 [ 2659.348976] ? skb_scrub_packet+0x490/0x490 [ 2659.348991] ? __sk_flush_backlog+0x30/0x40 [ 2659.349004] ? trace_hardirqs_on+0x67/0x220 [ 2659.349024] sk_stream_alloc_skb+0xc8/0x860 [ 2659.349046] tcp_sendmsg_locked+0xc93/0x3260 16:26:39 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x100, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2659.349077] ? tcp_sendpage+0x60/0x60 [ 2659.349092] ? trace_hardirqs_on+0x67/0x220 [ 2659.349105] ? lock_sock_nested+0x9a/0x120 [ 2659.349122] ? __local_bh_enable_ip+0x15a/0x270 [ 2659.349140] tcp_sendmsg+0x30/0x50 [ 2659.349156] inet_sendmsg+0x141/0x5d0 [ 2659.349172] ? ipip_gro_receive+0x100/0x100 [ 2659.349185] sock_sendmsg+0xd7/0x130 [ 2659.349199] ___sys_sendmsg+0x3e2/0x920 [ 2659.349215] ? copy_msghdr_from_user+0x430/0x430 [ 2659.349235] ? mark_held_locks+0x100/0x100 [ 2659.349250] ? kasan_check_read+0x11/0x20 [ 2659.349268] ? __might_fault+0x12b/0x1e0 [ 2659.349283] ? find_held_lock+0x35/0x130 [ 2659.349298] ? __might_fault+0x12b/0x1e0 [ 2659.349331] __sys_sendmmsg+0x1bf/0x4e0 [ 2659.349349] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2659.349363] ? kasan_check_write+0x14/0x20 [ 2659.349387] ? __sb_end_write+0xd9/0x110 [ 2659.349404] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2659.349415] ? fput+0x128/0x1a0 [ 2659.349429] ? ksys_write+0x1f1/0x2d0 [ 2659.349447] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2659.349461] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2659.349473] ? do_syscall_64+0x26/0x620 [ 2659.349487] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2659.349499] ? do_syscall_64+0x26/0x620 [ 2659.349516] __x64_sys_sendmmsg+0x9d/0x100 [ 2659.349532] do_syscall_64+0xfd/0x620 [ 2659.349550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2659.349561] RIP: 0033:0x45a219 [ 2659.349574] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2659.349582] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2659.349596] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2659.349605] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2659.349621] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2659.349629] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2659.349638] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2659.356809] EXT4-fs (loop0): bad geometry: first data block 39168 is beyond end of filesystem (1080) [ 2659.456361] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2659.456375] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2659.456385] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2659.502807] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2659.609884] FAULT_INJECTION: forcing a failure. [ 2659.609884] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2659.609904] CPU: 0 PID: 13818 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2659.609912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2659.609918] Call Trace: [ 2659.609941] dump_stack+0x172/0x1f0 [ 2659.609964] should_fail.cold+0xa/0x1b [ 2659.609984] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2659.610001] ? mark_held_locks+0xb1/0x100 [ 2659.610038] __alloc_pages_nodemask+0x1ee/0x750 [ 2659.610053] ? find_held_lock+0x35/0x130 [ 2659.610073] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2659.610096] ? lock_downgrade+0x880/0x880 [ 2659.610110] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2659.610125] ? iov_iter_advance+0x261/0xe30 [ 2659.610139] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2659.610159] alloc_pages_current+0x107/0x210 [ 2659.610180] skb_page_frag_refill+0x277/0x460 [ 2659.610197] sk_page_frag_refill+0x55/0x1f0 [ 2659.610213] tcp_sendmsg_locked+0xff7/0x3260 [ 2659.610241] ? tcp_sendpage+0x60/0x60 [ 2659.610256] ? trace_hardirqs_on+0x67/0x220 [ 2659.610270] ? lock_sock_nested+0x9a/0x120 [ 2659.610286] ? __local_bh_enable_ip+0x15a/0x270 [ 2659.610305] tcp_sendmsg+0x30/0x50 [ 2659.610319] inet_sendmsg+0x141/0x5d0 [ 2659.610333] ? ipip_gro_receive+0x100/0x100 [ 2659.610346] sock_sendmsg+0xd7/0x130 [ 2659.610359] ___sys_sendmsg+0x3e2/0x920 [ 2659.610373] ? copy_msghdr_from_user+0x430/0x430 [ 2659.610393] ? mark_held_locks+0x100/0x100 [ 2659.610408] ? kasan_check_read+0x11/0x20 [ 2659.610428] ? __might_fault+0x12b/0x1e0 [ 2659.610442] ? find_held_lock+0x35/0x130 [ 2659.610460] ? __might_fault+0x12b/0x1e0 [ 2659.610500] __sys_sendmmsg+0x1bf/0x4e0 [ 2659.610520] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2659.610538] ? kasan_check_write+0x14/0x20 [ 2659.610565] ? __sb_end_write+0xd9/0x110 [ 2659.610584] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2659.610598] ? fput+0x128/0x1a0 [ 2659.610613] ? ksys_write+0x1f1/0x2d0 [ 2659.610634] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2659.610650] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2659.610665] ? do_syscall_64+0x26/0x620 [ 2659.610681] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2659.610695] ? do_syscall_64+0x26/0x620 [ 2659.610715] __x64_sys_sendmmsg+0x9d/0x100 [ 2659.610734] do_syscall_64+0xfd/0x620 [ 2659.610753] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2659.610766] RIP: 0033:0x45a219 [ 2659.610781] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2659.610790] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2659.610808] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2659.610817] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2659.610825] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2659.610839] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2659.610850] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2659.684701] EXT4-fs (loop5): bad geometry: first data block 6291456 is beyond end of filesystem (1080) [ 2659.804912] EXT4-fs (loop0): bad geometry: first data block 39170 is beyond end of filesystem (1080) [ 2659.870784] FAULT_INJECTION: forcing a failure. [ 2659.870784] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2659.902338] CPU: 0 PID: 13836 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2659.962386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2659.962391] Call Trace: [ 2659.962413] dump_stack+0x172/0x1f0 [ 2659.962432] should_fail.cold+0xa/0x1b [ 2659.962448] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2659.962464] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2659.962476] ? retint_kernel+0x2d/0x2d [ 2659.962497] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2660.478336] __alloc_pages_nodemask+0x1ee/0x750 [ 2660.483013] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2660.488022] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2660.493033] ? iov_iter_advance+0x261/0xe30 [ 2660.497347] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2660.502879] alloc_pages_current+0x107/0x210 [ 2660.507284] skb_page_frag_refill+0x277/0x460 [ 2660.511777] sk_page_frag_refill+0x55/0x1f0 [ 2660.516112] tcp_sendmsg_locked+0xff7/0x3260 [ 2660.520540] ? tcp_sendpage+0x60/0x60 [ 2660.524335] ? trace_hardirqs_on+0x67/0x220 [ 2660.528665] ? lock_sock_nested+0x9a/0x120 [ 2660.532899] ? __local_bh_enable_ip+0x15a/0x270 [ 2660.537573] tcp_sendmsg+0x30/0x50 [ 2660.541112] inet_sendmsg+0x141/0x5d0 [ 2660.544904] ? ipip_gro_receive+0x100/0x100 [ 2660.549220] sock_sendmsg+0xd7/0x130 [ 2660.552945] ___sys_sendmsg+0x3e2/0x920 [ 2660.556913] ? copy_msghdr_from_user+0x430/0x430 [ 2660.561664] ? mark_held_locks+0x100/0x100 [ 2660.565897] ? kasan_check_read+0x11/0x20 [ 2660.570045] ? __might_fault+0x12b/0x1e0 [ 2660.574098] ? find_held_lock+0x35/0x130 [ 2660.578150] ? __might_fault+0x12b/0x1e0 [ 2660.582219] __sys_sendmmsg+0x1bf/0x4e0 [ 2660.586201] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2660.590621] ? kasan_check_write+0x14/0x20 [ 2660.594857] ? __sb_end_write+0xd9/0x110 [ 2660.598920] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2660.604448] ? fput+0x128/0x1a0 [ 2660.607726] ? ksys_write+0x1f1/0x2d0 [ 2660.611532] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2660.616280] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2660.621029] ? do_syscall_64+0x26/0x620 [ 2660.625006] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2660.630365] ? do_syscall_64+0x26/0x620 [ 2660.634612] __x64_sys_sendmmsg+0x9d/0x100 [ 2660.638841] do_syscall_64+0xfd/0x620 [ 2660.642657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2660.647840] RIP: 0033:0x45a219 [ 2660.651044] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2660.669970] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2660.677675] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2660.684936] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2660.692215] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2660.699475] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2660.706745] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:40 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x3f000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:40 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000019e00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:40 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$EVIOCGUNIQ(r1, 0x80404508, &(0x7f0000000140)=""/184) lsetxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x2) [ 2660.783837] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:40 executing program 1 (fault-call:3 fault-nth:35): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2660.853240] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2660.885575] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2660.937022] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2660.988017] EXT4-fs (loop0): bad geometry: first data block 40449 is beyond end of filesystem (1080) [ 2661.004575] FAULT_INJECTION: forcing a failure. [ 2661.004575] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2661.017859] EXT4-fs (loop5): bad geometry: first data block 6684928 is beyond end of filesystem (1080) [ 2661.063672] CPU: 0 PID: 14091 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2661.070661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2661.080037] Call Trace: [ 2661.082648] dump_stack+0x172/0x1f0 [ 2661.086313] should_fail.cold+0xa/0x1b [ 2661.090234] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2661.095360] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2661.099966] ? retint_kernel+0x2d/0x2d [ 2661.103870] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2661.108823] __alloc_pages_nodemask+0x1ee/0x750 [ 2661.113657] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2661.118700] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2661.123741] ? iov_iter_advance+0x261/0xe30 [ 2661.128079] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2661.133663] alloc_pages_current+0x107/0x210 [ 2661.138094] skb_page_frag_refill+0x277/0x460 [ 2661.142608] sk_page_frag_refill+0x55/0x1f0 [ 2661.146945] tcp_sendmsg_locked+0xff7/0x3260 [ 2661.151384] ? tcp_sendpage+0x60/0x60 [ 2661.155199] ? trace_hardirqs_on+0x67/0x220 [ 2661.159538] ? lock_sock_nested+0x9a/0x120 [ 2661.163804] ? __local_bh_enable_ip+0x15a/0x270 [ 2661.168534] tcp_sendmsg+0x30/0x50 [ 2661.172096] inet_sendmsg+0x141/0x5d0 [ 2661.175916] ? ipip_gro_receive+0x100/0x100 [ 2661.180251] sock_sendmsg+0xd7/0x130 [ 2661.183984] ___sys_sendmsg+0x3e2/0x920 [ 2661.187971] ? copy_msghdr_from_user+0x430/0x430 [ 2661.192755] ? mark_held_locks+0x100/0x100 [ 2661.197015] ? kasan_check_read+0x11/0x20 [ 2661.201401] ? __might_fault+0x12b/0x1e0 [ 2661.205484] ? find_held_lock+0x35/0x130 [ 2661.209578] ? __might_fault+0x12b/0x1e0 [ 2661.213679] __sys_sendmmsg+0x1bf/0x4e0 [ 2661.217764] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2661.222111] ? kasan_check_write+0x14/0x20 [ 2661.226373] ? __sb_end_write+0xd9/0x110 [ 2661.230464] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2661.236022] ? fput+0x128/0x1a0 [ 2661.239317] ? ksys_write+0x1f1/0x2d0 [ 2661.243142] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2661.247919] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2661.252693] ? do_syscall_64+0x26/0x620 [ 2661.256684] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2661.262183] ? do_syscall_64+0x26/0x620 [ 2661.266187] __x64_sys_sendmmsg+0x9d/0x100 [ 2661.270446] do_syscall_64+0xfd/0x620 [ 2661.274272] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2661.279479] RIP: 0033:0x45a219 [ 2661.282682] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2661.301599] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:41 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x40000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2661.309334] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2661.316623] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2661.323909] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2661.331196] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2661.338488] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:41 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000068000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:41 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2d00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:41 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000001ac00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:41 executing program 1 (fault-call:3 fault-nth:36): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:41 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x40020000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2661.618664] EXT4-fs (loop5): bad geometry: first data block 6815744 is beyond end of filesystem (1080) [ 2661.679478] FAULT_INJECTION: forcing a failure. [ 2661.679478] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2661.729024] CPU: 0 PID: 14106 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2661.736008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2661.745379] Call Trace: [ 2661.748002] dump_stack+0x172/0x1f0 [ 2661.751656] should_fail.cold+0xa/0x1b [ 2661.755603] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2661.760724] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2661.765336] ? retint_kernel+0x2d/0x2d [ 2661.769237] ? trace_hardirqs_on_caller+0x6a/0x220 [ 2661.772208] protocol 88fb is buggy, dev hsr_slave_0 [ 2661.774185] __alloc_pages_nodemask+0x1ee/0x750 [ 2661.779252] protocol 88fb is buggy, dev hsr_slave_1 [ 2661.783850] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2661.783871] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2661.783886] ? iov_iter_advance+0x261/0xe30 [ 2661.783897] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2661.783916] alloc_pages_current+0x107/0x210 [ 2661.789017] protocol 88fb is buggy, dev hsr_slave_0 [ 2661.793948] skb_page_frag_refill+0x277/0x460 [ 2661.793965] sk_page_frag_refill+0x55/0x1f0 [ 2661.793983] tcp_sendmsg_locked+0xff7/0x3260 [ 2661.799039] protocol 88fb is buggy, dev hsr_slave_1 [ 2661.803304] ? tcp_sendpage+0x60/0x60 [ 2661.803324] ? trace_hardirqs_on+0x67/0x220 [ 2661.844722] ? lock_sock_nested+0x9a/0x120 [ 2661.848982] ? __local_bh_enable_ip+0x15a/0x270 [ 2661.853673] tcp_sendmsg+0x30/0x50 [ 2661.857224] inet_sendmsg+0x141/0x5d0 [ 2661.861035] ? ipip_gro_receive+0x100/0x100 [ 2661.865375] sock_sendmsg+0xd7/0x130 [ 2661.869109] ___sys_sendmsg+0x3e2/0x920 [ 2661.873099] ? copy_msghdr_from_user+0x430/0x430 [ 2661.877878] ? mark_held_locks+0x100/0x100 [ 2661.882131] ? kasan_check_read+0x11/0x20 [ 2661.886299] ? __might_fault+0x12b/0x1e0 [ 2661.890377] ? find_held_lock+0x35/0x130 [ 2661.894467] ? __might_fault+0x12b/0x1e0 [ 2661.898572] __sys_sendmmsg+0x1bf/0x4e0 [ 2661.902567] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2661.906910] ? kasan_check_write+0x14/0x20 [ 2661.911165] ? __sb_end_write+0xd9/0x110 [ 2661.915244] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2661.920796] ? fput+0x128/0x1a0 [ 2661.924086] ? ksys_write+0x1f1/0x2d0 [ 2661.927906] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2661.932687] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2661.937457] ? do_syscall_64+0x26/0x620 [ 2661.941444] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2661.946819] ? do_syscall_64+0x26/0x620 [ 2661.951325] __x64_sys_sendmmsg+0x9d/0x100 [ 2661.955581] do_syscall_64+0xfd/0x620 [ 2661.959403] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2661.964603] RIP: 0033:0x45a219 [ 2661.967807] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2661.986808] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2661.994630] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2662.001921] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2662.009198] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2662.016679] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2662.023968] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:41 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000006b6b6b000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2662.129068] EXT4-fs (loop0): bad geometry: first data block 44033 is beyond end of filesystem (1080) 16:26:41 executing program 1 (fault-call:3 fault-nth:37): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:41 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x50160000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2662.284777] FAULT_INJECTION: forcing a failure. [ 2662.284777] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2662.327467] CPU: 0 PID: 14126 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2662.334440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2662.343810] Call Trace: [ 2662.346429] dump_stack+0x172/0x1f0 [ 2662.350085] should_fail.cold+0xa/0x1b [ 2662.354000] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2662.359131] ? mark_held_locks+0xb1/0x100 [ 2662.363405] __alloc_pages_nodemask+0x1ee/0x750 [ 2662.368084] ? find_held_lock+0x35/0x130 [ 2662.372163] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2662.377199] ? lock_downgrade+0x880/0x880 [ 2662.381353] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2662.386386] ? iov_iter_advance+0x261/0xe30 [ 2662.390726] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2662.396284] alloc_pages_current+0x107/0x210 [ 2662.400712] skb_page_frag_refill+0x277/0x460 [ 2662.405234] sk_page_frag_refill+0x55/0x1f0 [ 2662.409584] tcp_sendmsg_locked+0xff7/0x3260 [ 2662.414026] ? tcp_sendpage+0x60/0x60 [ 2662.417834] ? trace_hardirqs_on+0x67/0x220 [ 2662.422166] ? lock_sock_nested+0x9a/0x120 [ 2662.426418] ? __local_bh_enable_ip+0x15a/0x270 [ 2662.431107] tcp_sendmsg+0x30/0x50 [ 2662.434674] inet_sendmsg+0x141/0x5d0 [ 2662.438498] ? ipip_gro_receive+0x100/0x100 [ 2662.442836] sock_sendmsg+0xd7/0x130 [ 2662.446567] ___sys_sendmsg+0x3e2/0x920 [ 2662.450562] ? copy_msghdr_from_user+0x430/0x430 [ 2662.455340] ? mark_held_locks+0x100/0x100 [ 2662.459585] ? kasan_check_read+0x11/0x20 [ 2662.463772] ? __might_fault+0x12b/0x1e0 [ 2662.467859] ? find_held_lock+0x35/0x130 [ 2662.471945] ? __might_fault+0x12b/0x1e0 [ 2662.476044] __sys_sendmmsg+0x1bf/0x4e0 [ 2662.480035] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2662.484366] ? kasan_check_write+0x14/0x20 [ 2662.488634] ? __sb_end_write+0xd9/0x110 [ 2662.492892] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2662.498447] ? fput+0x128/0x1a0 [ 2662.501761] ? ksys_write+0x1f1/0x2d0 [ 2662.505794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2662.510568] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2662.515337] ? do_syscall_64+0x26/0x620 [ 2662.519361] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2662.524753] ? do_syscall_64+0x26/0x620 [ 2662.528755] __x64_sys_sendmmsg+0x9d/0x100 [ 2662.533012] do_syscall_64+0xfd/0x620 [ 2662.536840] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2662.542045] RIP: 0033:0x45a219 [ 2662.545251] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2662.564167] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 16:26:42 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000be00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2662.571904] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2662.579198] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2662.586489] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2662.593777] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2662.601156] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2662.637512] EXT4-fs (loop5): bad geometry: first data block 7039851 is beyond end of filesystem (1080) 16:26:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x60000000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2662.754239] EXT4-fs (loop0): bad geometry: first data block 48640 is beyond end of filesystem (1080) 16:26:42 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000006c000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:42 executing program 1 (fault-call:3 fault-nth:38): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2662.811916] protocol 88fb is buggy, dev hsr_slave_0 [ 2662.817080] protocol 88fb is buggy, dev hsr_slave_1 [ 2662.822283] protocol 88fb is buggy, dev hsr_slave_0 [ 2662.827355] protocol 88fb is buggy, dev hsr_slave_1 [ 2662.869871] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2662.880120] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2662.899027] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:42 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000edc000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2662.966147] EXT4-fs: failed to create workqueue [ 2662.998213] EXT4-fs (loop3): mount failed [ 2663.003834] FAULT_INJECTION: forcing a failure. [ 2663.003834] name failslab, interval 1, probability 0, space 0, times 0 [ 2663.026616] CPU: 0 PID: 14154 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2663.033593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2663.042965] Call Trace: [ 2663.045590] dump_stack+0x172/0x1f0 [ 2663.049253] should_fail.cold+0xa/0x1b [ 2663.053173] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2663.058305] ? lock_downgrade+0x880/0x880 [ 2663.062486] __should_failslab+0x121/0x190 [ 2663.066741] should_failslab+0x9/0x14 [ 2663.070557] kmem_cache_alloc_node+0x26c/0x710 [ 2663.075166] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2663.080720] ? tcp_established_options+0x2ae/0x480 [ 2663.085679] __alloc_skb+0xd5/0x5f0 [ 2663.089332] ? skb_scrub_packet+0x490/0x490 [ 2663.093675] ? __sk_flush_backlog+0x30/0x40 [ 2663.098014] ? trace_hardirqs_on+0x67/0x220 [ 2663.102360] sk_stream_alloc_skb+0xc8/0x860 [ 2663.106732] tcp_sendmsg_locked+0xc93/0x3260 [ 2663.111189] ? tcp_sendpage+0x60/0x60 [ 2663.115005] ? trace_hardirqs_on+0x67/0x220 [ 2663.119345] ? lock_sock_nested+0x9a/0x120 [ 2663.123601] ? __local_bh_enable_ip+0x15a/0x270 [ 2663.128314] tcp_sendmsg+0x30/0x50 [ 2663.131870] inet_sendmsg+0x141/0x5d0 [ 2663.135678] ? ipip_gro_receive+0x100/0x100 [ 2663.140010] sock_sendmsg+0xd7/0x130 [ 2663.143738] ___sys_sendmsg+0x3e2/0x920 [ 2663.147728] ? copy_msghdr_from_user+0x430/0x430 [ 2663.152535] ? mark_held_locks+0x100/0x100 [ 2663.156793] ? kasan_check_read+0x11/0x20 [ 2663.160957] ? __might_fault+0x12b/0x1e0 [ 2663.165035] ? find_held_lock+0x35/0x130 [ 2663.169110] ? __might_fault+0x12b/0x1e0 [ 2663.173208] __sys_sendmmsg+0x1bf/0x4e0 [ 2663.177222] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2663.181571] ? kasan_check_write+0x14/0x20 [ 2663.185839] ? __sb_end_write+0xd9/0x110 [ 2663.189917] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2663.195469] ? fput+0x128/0x1a0 [ 2663.198763] ? ksys_write+0x1f1/0x2d0 [ 2663.202584] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2663.207350] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2663.212118] ? do_syscall_64+0x26/0x620 [ 2663.216106] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2663.221500] ? do_syscall_64+0x26/0x620 [ 2663.225496] __x64_sys_sendmmsg+0x9d/0x100 [ 2663.229753] do_syscall_64+0xfd/0x620 [ 2663.233580] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2663.238779] RIP: 0033:0x45a219 [ 2663.241987] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2663.261426] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2663.269158] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2663.276458] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2663.283748] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2663.291040] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2663.298328] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2663.354696] EXT4-fs (loop5): bad geometry: first data block 7077888 is beyond end of filesystem (1080) 16:26:43 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2d04000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x61360300, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:43 executing program 1 (fault-call:3 fault-nth:39): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2663.502471] FAULT_INJECTION: forcing a failure. [ 2663.502471] name failslab, interval 1, probability 0, space 0, times 0 [ 2663.514494] EXT4-fs (loop0): bad geometry: first data block 49389 is beyond end of filesystem (1080) [ 2663.525105] CPU: 1 PID: 14166 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2663.532071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2663.541440] Call Trace: [ 2663.544052] dump_stack+0x172/0x1f0 [ 2663.547709] should_fail.cold+0xa/0x1b [ 2663.551621] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2663.556743] ? lock_downgrade+0x880/0x880 [ 2663.560921] __should_failslab+0x121/0x190 [ 2663.565174] should_failslab+0x9/0x14 [ 2663.568991] kmem_cache_alloc_node+0x26c/0x710 [ 2663.573597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2663.579258] ? tcp_established_options+0x2ae/0x480 [ 2663.584210] __alloc_skb+0xd5/0x5f0 [ 2663.587872] ? skb_scrub_packet+0x490/0x490 [ 2663.592214] ? __sk_flush_backlog+0x30/0x40 [ 2663.596550] ? trace_hardirqs_on+0x67/0x220 [ 2663.600990] sk_stream_alloc_skb+0xc8/0x860 [ 2663.605341] tcp_sendmsg_locked+0xc93/0x3260 [ 2663.609789] ? tcp_sendpage+0x60/0x60 [ 2663.613610] ? trace_hardirqs_on+0x67/0x220 [ 2663.618052] ? lock_sock_nested+0x9a/0x120 [ 2663.622333] ? __local_bh_enable_ip+0x15a/0x270 [ 2663.627035] tcp_sendmsg+0x30/0x50 [ 2663.630620] inet_sendmsg+0x141/0x5d0 [ 2663.634441] ? ipip_gro_receive+0x100/0x100 [ 2663.638897] sock_sendmsg+0xd7/0x130 [ 2663.642661] ___sys_sendmsg+0x3e2/0x920 [ 2663.647261] ? copy_msghdr_from_user+0x430/0x430 [ 2663.652070] ? mark_held_locks+0x100/0x100 [ 2663.656323] ? kasan_check_read+0x11/0x20 [ 2663.660494] ? __might_fault+0x12b/0x1e0 [ 2663.664710] ? find_held_lock+0x35/0x130 [ 2663.668797] ? __might_fault+0x12b/0x1e0 [ 2663.672912] __sys_sendmmsg+0x1bf/0x4e0 [ 2663.676917] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2663.681292] ? kasan_check_write+0x14/0x20 [ 2663.685555] ? __sb_end_write+0xd9/0x110 [ 2663.689644] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2663.695205] ? fput+0x128/0x1a0 [ 2663.698504] ? ksys_write+0x1f1/0x2d0 [ 2663.702332] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2663.707108] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2663.711884] ? do_syscall_64+0x26/0x620 [ 2663.715877] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2663.721260] ? do_syscall_64+0x26/0x620 [ 2663.725259] __x64_sys_sendmmsg+0x9d/0x100 [ 2663.729512] do_syscall_64+0xfd/0x620 [ 2663.733340] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2663.738543] RIP: 0033:0x45a219 [ 2663.741746] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2663.760661] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2663.768399] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2663.775700] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2663.782988] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2663.790275] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2663.797561] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 16:26:43 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000c600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:43 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000074000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x65360300, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2664.017878] EXT4-fs (loop5): bad geometry: first data block 7602176 is beyond end of filesystem (1080) [ 2664.096373] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2664.137124] EXT4-fs (loop0): bad geometry: first data block 50688 is beyond end of filesystem (1080) [ 2664.152083] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:43 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000007a000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2664.192271] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:44 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000021ce00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2664.248564] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x80550000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:44 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2e04000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2664.446616] EXT4-fs (loop5): bad geometry: first data block 7995392 is beyond end of filesystem (1080) [ 2664.508938] EXT4-fs (loop0): bad geometry: first data block 52769 is beyond end of filesystem (1080) 16:26:44 executing program 1 (fault-call:3 fault-nth:40): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:44 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000037a000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2664.694942] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2664.695471] FAULT_INJECTION: forcing a failure. [ 2664.695471] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2664.715858] CPU: 0 PID: 14219 Comm: syz-executor.1 Not tainted 4.19.83 #0 [ 2664.722803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2664.732172] Call Trace: [ 2664.734790] dump_stack+0x172/0x1f0 [ 2664.738445] should_fail.cold+0xa/0x1b [ 2664.742362] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2664.747496] ? mark_held_locks+0x100/0x100 [ 2664.751882] __alloc_pages_nodemask+0x1ee/0x750 [ 2664.756563] ? timer_reduce+0x11d0/0x11d0 [ 2664.760718] ? __alloc_pages_slowpath+0x2870/0x2870 [ 2664.765767] cache_grow_begin+0x91/0x8c0 [ 2664.769836] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2664.775386] ? check_preemption_disabled+0x48/0x290 [ 2664.780427] kmem_cache_alloc_node+0x64d/0x710 [ 2664.785054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2664.790615] ? tcp_established_options+0x2ae/0x480 [ 2664.793091] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2664.795564] __alloc_skb+0xd5/0x5f0 [ 2664.795587] ? skb_scrub_packet+0x490/0x490 [ 2664.813343] ? __sk_flush_backlog+0x30/0x40 [ 2664.817688] ? trace_hardirqs_on+0x67/0x220 [ 2664.822033] sk_stream_alloc_skb+0xc8/0x860 [ 2664.826382] tcp_sendmsg_locked+0xc93/0x3260 [ 2664.830825] ? tcp_sendpage+0x60/0x60 [ 2664.834644] ? trace_hardirqs_on+0x67/0x220 [ 2664.838997] ? lock_sock_nested+0x9a/0x120 [ 2664.843253] ? __local_bh_enable_ip+0x15a/0x270 [ 2664.847947] tcp_sendmsg+0x30/0x50 [ 2664.851552] inet_sendmsg+0x141/0x5d0 [ 2664.855372] ? ipip_gro_receive+0x100/0x100 [ 2664.855576] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2664.859698] sock_sendmsg+0xd7/0x130 [ 2664.859715] ___sys_sendmsg+0x3e2/0x920 [ 2664.859733] ? copy_msghdr_from_user+0x430/0x430 [ 2664.881290] ? mark_held_locks+0x100/0x100 [ 2664.885536] ? kasan_check_read+0x11/0x20 [ 2664.885557] ? __might_fault+0x12b/0x1e0 [ 2664.885575] ? find_held_lock+0x35/0x130 [ 2664.893780] ? __might_fault+0x12b/0x1e0 [ 2664.893818] __sys_sendmmsg+0x1bf/0x4e0 [ 2664.893835] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2664.893852] ? kasan_check_write+0x14/0x20 [ 2664.893874] ? __sb_end_write+0xd9/0x110 [ 2664.893891] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2664.893902] ? fput+0x128/0x1a0 [ 2664.893914] ? ksys_write+0x1f1/0x2d0 [ 2664.893932] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2664.893946] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2664.893959] ? do_syscall_64+0x26/0x620 16:26:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x94050000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:44 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000001d200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2664.893971] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2664.893983] ? do_syscall_64+0x26/0x620 [ 2664.894001] __x64_sys_sendmmsg+0x9d/0x100 [ 2664.894016] do_syscall_64+0xfd/0x620 [ 2664.894033] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2664.894045] RIP: 0033:0x45a219 [ 2664.894059] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2664.894066] RSP: 002b:00007f0e79e64c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2664.894081] RAX: ffffffffffffffda RBX: 00007f0e79e64c90 RCX: 000000000045a219 [ 2664.894088] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 2664.894097] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2664.894105] R10: 0000000004000000 R11: 0000000000000246 R12: 00007f0e79e656d4 [ 2664.894111] R13: 00000000004c7fb3 R14: 00000000004de3f8 R15: 0000000000000004 [ 2665.005305] EXT4-fs (loop5): bad geometry: first data block 7996160 is beyond end of filesystem (1080) [ 2665.039729] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:44 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2f04000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xcb010000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2665.291884] protocol 88fb is buggy, dev hsr_slave_0 [ 2665.297049] protocol 88fb is buggy, dev hsr_slave_1 16:26:45 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000038c000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2665.338776] EXT4-fs (loop0): bad geometry: first data block 53761 is beyond end of filesystem (1080) 16:26:45 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000003d400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe41b0000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2665.570201] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2665.614288] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2665.654481] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2665.667092] EXT4-fs (loop5): bad geometry: first data block 9175808 is beyond end of filesystem (1080) 16:26:45 executing program 1 (fault-call:3 fault-nth:41): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2665.715747] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2665.753388] EXT4-fs (loop0): bad geometry: first data block 54275 is beyond end of filesystem (1080) 16:26:45 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3004000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:45 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000ffffff8c000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xe8030000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:45 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000003e200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2666.071553] EXT4-fs (loop5): bad geometry: first data block 9240575 is beyond end of filesystem (1080) 16:26:45 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2666.172899] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2666.188022] EXT4-fs (loop0): bad geometry: first data block 57859 is beyond end of filesystem (1080) 16:26:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xeffdffff, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:46 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000bf8d000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2666.247682] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2666.261977] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2666.331404] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:46 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3104000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:46 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00ffffffe200000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xf4010000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2666.521247] EXT4-fs (loop5): bad geometry: first data block 9289472 is beyond end of filesystem (1080) [ 2666.683008] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2666.721264] EXT4-fs (loop0): bad geometry: first data block 58111 is beyond end of filesystem (1080) 16:26:46 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000392000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2666.724839] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2666.776590] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2666.816875] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xf8030000, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:46 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000025e700000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:46 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3204000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2666.942010] EXT4-fs (loop5): bad geometry: first data block 9569024 is beyond end of filesystem (1080) 16:26:46 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000296000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x4, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xfdffffff, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2667.198010] EXT4-fs (loop0): bad geometry: first data block 59173 is beyond end of filesystem (1080) [ 2667.311593] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2667.347989] EXT4-fs (loop5): bad geometry: first data block 9830912 is beyond end of filesystem (1080) [ 2667.372382] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x5, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:47 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000002e800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2667.413594] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:47 executing program 4: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0x0, 0x0, 0x4) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000040)={0x0, 0xb2}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000080)={0x0}) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_NUM(r3, 0x4008af10, &(0x7f0000000040)={0x0, 0xb2}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000080)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000100)={r4, 0x3ab, 0x4}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000100)={r4, 0x3ab, 0x4}) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000000)={r2, 0x2, 0x7f}) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000240)='./bus\x00', &(0x7f0000000280)='trusted.overlay.upper\x00', &(0x7f00000002c0)={0x0, 0xfb, 0xb6, 0x0, 0x4, "6af8b6dacf9145198b9e629f826a7985", "c9d26f33b1d75a1eb9c04428718895b33416149106b7171926c626d1b8832acfcc63388a4aa1c583b0a7bca9c52a8c4d3b92bde6f10012c946a6ba9a00622a2047fccbc4baf7e5faafbb3c2550d2137541c63cc01f20ede42f927d2a8eee4b7d4f6da55ca4ace807ea3abbfceba8c5ccb9c8b787e346ce8736a3226e875df986162f3f6c560bfbfab39d95e161dde987b0f4fe40ed697c39c85e0e1a43660c603d"}, 0xb6, 0x3) write$binfmt_elf64(r6, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$ASHMEM_GET_SIZE(r6, 0x7704, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000200)={'nr0\x00', 0x7f}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r5, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2667.463067] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:47 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000398000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:47 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3304000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xfeffffff, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x7, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2667.677909] EXT4-fs (loop0): bad geometry: first data block 59394 is beyond end of filesystem (1080) [ 2667.757923] EXT4-fs (loop5): bad geometry: first data block 9962240 is beyond end of filesystem (1080) 16:26:47 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000023c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000002680)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4100}, 0xc, &(0x7f0000002640)={&(0x7f00000026c0)={0x1d8, r2, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x114, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x93}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2e6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x40}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6b55e8b3}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffc01}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3ff}]}]}, @TIPC_NLA_BEARER={0x9c, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x101, @remote, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x0, @empty, 0xffffff7a}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3f}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8d1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}]}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x1}, 0x40014) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e23, 0x100, @mcast2, 0x9}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, [], 0x27}, 0x2}], 0x58) mount$9p_tcp(&(0x7f0000002400)='127.0.0.1\x00', &(0x7f0000002440)='./file0\x00', &(0x7f0000002480)='9p\x00', 0x400, &(0x7f00000024c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@cache_none='cache=none'}, {@aname={'aname', 0x3d, 'proc'}}, {@access_uid={'access', 0x3d, 0xee01}}, {@cache_none='cache=none'}], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}]}}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001300)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) recvfrom$ax25(r3, &(0x7f0000001340)=""/4096, 0x1000, 0x0, &(0x7f0000002340)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r4 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x1f, 0x40) r5 = socket(0x10, 0x3, 0x0) ioctl$UI_SET_SNDBIT(r3, 0x4004556a, 0x6) write(r5, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) sendto(r5, &(0x7f0000000300)="dd64b434029e1880e5f0d8d38555d2db60334087cb33410125289142a70ce1df9c7911cd3365d5eb5c6ca904c15f2cb9e15809bc2ae8a345b564e52b7d304fd89672e562c5d93d39c6b2742dc17d17ac4110ea07eeb1d400fdb3a96ed74788556ff44d88701f4c3f3cfdf088f5b4196c2736f7517d5a72719baff9b9884c38799ac10668c2b3ed385336f19eb5431222fdd4d966f14e9564fd08f1a673e5f132c07626a9b618e0bd8d74f98ebdcab0303c830c7be0e64540238b8c101e17738d030a0b32f803df331ed4befb55a6150fc0fbc5ea52ab6a1f191cca63dde8d10a76be7ebc8ad741dad5c435db470d35fc103ac7131d207f3744415f29c2705a75dab6fe80a79e24b0679928eb90839fd7514d2916bb2eb496328aacf507ab684a94e115650275f99cead7003bc30ded67ddace2f566433af1fcf32ad905631b3cd76ccb051e631d87a2774978b42ee36f64e0c979e19a219a166b5bf0b87b41b9c1d8b3b4428faf59b71667edf6aef8a13574009bc5056ddcd96d9a137b15ef854ce6dea6a889eadc0a8f75aca57cfdd9045163ca8a734480d7738cd26c34a545d8664966e85c502df9dd83e5b5e75b87e5b91d062206cba47fef72b2da19997ff212db4bf1213accee0a2606a9b5cfbfb4219c32763092ad30dc00436b7365c55b961fd740841d8296146a604a07c754abe0abc15909729e8b06b73ce1e7dce72545528be4028fdc233101899cb4a7610cf83b83c8aa9a666674eac878147e6f0bacf09f810b15fa3b40ab32bffee57e3880021191e9bb1d20ec526618f1886be414de2bbe3427f5d281edca501696127953060df8b4aec7ba96225d1a110ec1d41814cc17fa1a078bef3ee0458a56a1ed025f7fe88390d48148580ef9d88d951a474233009bf1c94982725c72a7ced1de55a2098e4cce9f40efbbf2ddf555934ce9b329a4c8ac0b324ca04d4f84e0e656c26d3817bc5d4ee1a34b5b2c3d3dca7b33428d266e4608a170776866f386c1b5e96358a56393d67ce8c4ae52e12f6981bb8a5fe56368e5e4227ab6867e95629a35fd1025d5e91a8a88bade453b3988cad18a62da3ac7ff12859475069218186a32c033722a43b268b04220a00f42ab6b172a3487a7ddb83b2570406e8e243f6bd196434aec2a2e1606a3881a91095c3db73c8ce9d2c391e156c799734dee99a6ac28fc4c3d6c6c3731aaaf3aab8b71c877d3adab1c641560e381b2e0bae9600efe2fcffacc904d9138e5468baed5eb82036762f5e11f7aab82841b1be73f6b42fd3da8763b8dedbc735c77bf8de3a63daa5bc16cabd3711789686f20c164b973156395c3c563c3768d3c58c8913da1bf0977afc7c61614644890410925de723f7bce0792934b1f763c83f37d5679d2a7948f0ce18f3f9d66f194692b4fbb33bae58615d22ae3405870f5e7ea2cc46ec8e39be56c7603e2f70e6e6fc5a1c21e42e7d8ac69a5de47ef85386f8ea0110a2b457db255adf732bd8eb6ebd56fcff7cd084aa06419550e943b68dcb4d35480d68ba8d7c8686ec1438166ee8fe2e5b43ce97996965b704f979992a9814f3413def8380dffdc1a8f9d39ba4764e20c986904fb9c584583cb8a4babfac75f2af50dff9db0da10c6cc8e3d6aa444712d0d6b8514f84bb0fe4067fde99c0ca353247f2029fbdd9e305f6ea93eac8d569f5df944b853751a738e073ae783802f8238d287e17a8fdecdefb3b46e82e31f332aa41f895f33589a975dbd568a1997bbf9ba81afcea3845d95a2e898f59a4c2857284a9d1e58b02f808d22e4725f81e2081d6e0e2ade7f35168df9be446bcb131a30361cb3a2c9c4e48542699bad026b3d518474ff1bafad80b766ed9f621461c6f48e9e2316e884731a813d08cd05d851b257673004ccfe39300ff1ef5a4a35eeb6d39bcdadb182f94afd5fac29c86aaf86c74b53d05d5a83d52c0e993b9a689f469f2caa37438e823fe0595a57a78d77b09338824335febef0fa8c1a89eb9f96c6a342e79c053fddd232c585364dcd6ac5a711fdcb0f41e0962f975de9fa3df9d0a81d7639490a68911959795719c768d4cdf16370da2fd37189ecc83d6a9091360157dc47202c5f2798fbfa30b80bb62d0c817e4153d3451ae1d871725902fdf7f72a260a30711909fe5f58827ef26602830b09ca2c21470af5910533c43b561d8003d2ef4142aca4c95287d6a86dd324a8e6e379b8de292c168473c18c75abb91f8b079367ce23bc3a5a6bf6dbe6095a849b7fb35685ea65aeeb695889389236386d3a5ae80c57aa25f7dc1c1fb8fed251b90844b0947a08b86d254debe7ac975f73b4f8afa44a080d9b9c3a4ca493e5c45181572f754c11f6cc2fca269e5b7ffb349c9b994492fa59d640eddd6c76216e7b0a4f0bc6825e382054671b020a533e3da7583b5ed97929d818ad1e0e1cf208b51c5253d9a8a14b61be5c64b2316dd0694aa9f4a5b91f1d84b427685f9d90d4b232ec0decba9c923d3f6b5dc6763b4105cd2f40933a43047ee515c57e821e20f208c53a90e0c347abedae22dbecaabad781233dba2981f1781234b6fc0ddefffb92b1bd30f561124c35a609d311f2ad08193c14503be683a19d0b7c852f2d68ee2f8cf0fc710b5530f4b71f330f53f7a2f42fe2d6120d49214aea3b91560045624bb990fe9950686a62a72f39e834ee055bd2099519bc71541b27b92938300c5f8f63a62f5bb1f6acfdb09c13992283e7676adba38fcd4fff9934a27751b2e72b39699ad374a2ec49318a23cc224abc3c29bcd2051080bee5491dd1cb89d19e910e05b3bf330587c213b316bd55bb1fb2ed60e1d51988faa6b866eadb62c4a552ad7fa7b396b4ab370ea0c7fe2641d3bb4e372beabeec6117738c39c88b1e4d3ed0dc71202a69da6167e053bf4e2a3c972b51cfa221fa1dc10206768bb0b99c1e485c53112cb36eb9b67dc447330f36db42b3dd1c588e5c0d7dedb1c0001d742c496d0f5a6a1dbff513f70d797c26578ff85ffd09056f6badb373aa8536925f016d205129e0089e4e550e2591afd60418528dfb3ca363a2ef410b14035e911bd27e13b032c13040e515a79d64e358bc14f2f632c9ec960b61a3d997a56d1dbe039bbdefc6083eb8b857236d35ae891f21862276f17d9a99c8655042229e7403c580d9504c0dc9eee33235047e62e845538abda9fdc741a024fd6057a9a3190ca00a1cd52de70f542971df05455b5df942ee46c43aadf08aeb25ec0c3d1f95bdde0b5afeae49f70cb67e8f8e431bc95cf5960c3b4a9a5442f30e86ef6fb157e058e97e2b78446c5bdb1d67b8a7f88022e7c73c020d30493822e11edc62d807c168c8509f97b8eacb9b79dbb328fb4122415b8901499d6e9ca50ad87590989d195f5433efdecc4d1b585bd64f9630f16ae125aadb7babd181b1830b0b3370aed297c90fbdf19db6b0d7954bdf26f50b99340e9363ec1944d1def0912ccc914b46eba0e2f2a3d541c70019c20ca6f965c0b2327d9302d3525f02a292b4c336f4ec6bda16200f41e505fc70958a2b568d795e978a6e69097f1d090aeb5f3daf6f47d4b630ed05aebeee9dd59973f1cc2701740be6bf64fa360eee5e145756f8438832ab881a39dc9a39bb7548b82e87dcd1e69ade5f0e2e07dc56d4505b1714ba5b6bfa4acb6e4f211756a62444442ad10acdb8cb5444013e13134208421b6c9ed3cf666fef99c1db8046c2a91d02a3acc310a0f43b5d841a013f27b2a43f474880f21eccaa2bb378d003865d97c4bad43444b123d611d8e90f1e5ed2620050cd0fb23e78bb072f198b372e48533f42a68a144aa72c167ff9c32ec5470bdf436a37e2a21dedce0ad839e4d5fe0ba9f3e8db3f4b9decf81340ee7a73c348433959662dd384a7740b72a0b410c824639a3b0c3ff8d653c373e4d446088598e8bc725ff87247bc309a496433b1a85042956c833acae9fad99cb91f91776c3fe00e8a2a9c32faacc8a3b3ee6611cc4905e018640f54217a97d376639f0cb86a57a28aa152bfea2a6cd81ceb0e8cd8cfbe005a0de629a44793b0f04614b6fecee75e377114ea8ef93c54566884f2474d9e7965e0c2162aa99d894bc7a532cfe63c97608bcf6b9ea2845491d080cfb6f5bf09a43e17fe59164480f66bdf8a75cc491b9b2d1ec3dc9c1a7d33c52c8517795b8173b4d7ef4085ec50673b6d560baa2c47040e5264e93ee4004b943c097970062165ac936ca3678b3da67e44bd4b8ea3460c482f733b7cb8452e984a51c35a7834a33b8bd7ae0052468c2423c01cfb95126cd2d54fb6c8f17924bc6a91e7ab8ef356a66e8bd633d5756b2854c5dd74e18edc58231cbd8dcf1a63ba395384133846ce3d5c1ac5fd801a02b591f9c68f80f9cc833f267531bc7cd873d33596e3c1e41ce938dc2e5433ebf626f6faeb167e2d482ec41616aaf6519e8e1bad29ef9a0e5fab7cfaaaf2f4726345c798499d46e102988b4b30648637c3073deeeafe6e19694725adcaacd18c30e7a4d02ace0a7a650f3861cac86666974c1204cebaf71a2568e6ea18219d5991460735c733e6f954421b46dfd946c8d1adfe16730e4ed80a14af47a047c3ff028bbceeadb8b74fa258ca5f16cf1b030daa04a2550f49787b51f9534a4c54a2544cf71cb3c3ab464356790493b52f6bd1c4536c135b3e3b9c811c7c7bcc48ea3d5281b29cc7eef92b39498c78a43eaeae50fe52d08768ca691ca3c109b5a10f09de2dfd9bc74d92adfc10e1c13a08f3bbb7c6591d2a2abb050b7b167939a4a0511f7b58ce7ea03344145c80995fee7d5029d79e4a2dabebb082f9ae10f047b0702f0588ed0afe2538fbde77a77295a761c95693e24f7d5e4511edacc6c737fd9a6213f55942a1f9bbbc0710d83785ee773f737d9fe8ce64884b38dda95d7856acab0210d2b5182e8c3a5374e35475f4c216394f8366ac4cd9175946f07c63928f77dfcdfdb0a5af64da804de9249b54cf835a73e46dc25c8eb95723765b4f116fed34796f9f2ae4a59a15d6ef64ca876881d20e960e441efb1b45ba89800696a73f1a5e1740a2424aefe606bb60cd947f795bfb22a3e954a5bfa5ecf304e1e42cf30e49e174ce7512988fde3dc2fad0a85330f15714fbf1cd39d3bee114809417df77e355b23c978ddb5a32de6ab3c95dbcb163045d72f6dab39f32b46fd45aa5a5eeb5122cbc8843d49fb63ce00baa6aaa83899c2650cd629516a475288d985cf2c21d2363484ae1853763dd824410706e98aad91a27bde2f39935640b237b146d395f941e1617934d614f88a0ae16e4c8592b006dc477da0935fd67d7c7d83989ae82ecc947aee5646389aa77b42699cc65cacb6bca0ff689874afabbb1cc3c74538541efe8276bc71b21ebddc1e65e81f1023366ba504d8b842ef78dbe5bce70b699417c07996017622594d048d844a5568e6c6519ad57f936864d7f5fd01f3c6809b4daf38bad701ebcbb0f07ef8e319563582aec4ac60cecd92b92644f1d9f6fe3b4035b3f47463d6774118052586b4b8a3e93eed818aa58d6ff2655f11bdf6e4d2bf3569e2f233f18d7f21e83aba4f7be3c7bf625a5e795a86cddf0148998a71e50e9b8fec97377d8de7d1b484f234ce0474d1e4e555d9bb09d8223962fecc76628794e6cd13f733295538973a4ec0c848d4009c6998cfb723fcf501f46ea504735ff93fd73b881dc70fd7f28a2901d91d16a278dbfd3112951e2744f89adc2be0c6d6485ccfd9a5f827fa9290cb0f2f36e10547072a4a4c57f64346e926092c4b84c9547", 0x1000, 0x4020050, &(0x7f0000000140)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x80) ioctl$VT_GETSTATE(r4, 0x5603, &(0x7f00000000c0)={0x5, 0x9ef4, 0x9}) 16:26:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xa, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:47 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000003ec00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xfffffdef, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2667.929356] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2667.955678] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:47 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000099000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2667.982542] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2668.027825] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2668.061678] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xe, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:47 executing program 4: semctl$GETVAL(0xffffffffffffffff, 0x0, 0xc, &(0x7f0000001140)=""/172) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000040)={0x80000004, 0x2, 0x6, 0x8}) getsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000140)=""/4096, &(0x7f0000000000)=0x1000) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xffffff7f, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:47 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3400000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2668.192131] EXT4-fs (loop5): bad geometry: first data block 10027008 is beyond end of filesystem (1080) [ 2668.204352] EXT4-fs (loop0): bad geometry: first data block 60419 is beyond end of filesystem (1080) [ 2668.228045] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x10, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xfffffffd, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:48 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000299000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:48 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000003f000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:48 executing program 4: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/btrfs-control\x00', 0x200440, 0x0) r1 = open$dir(&(0x7f0000000280)='./file0\x00', 0x4401, 0x2) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u='version=9p2000.u'}, {@uname={'uname', 0x3d, '/dev/btrfs-control\x00'}}, {@access_any='access=any'}, {@access_client='access=client'}], [{@fsname={'fsname', 0x3d, 'wlan0:'}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@appraise='appraise'}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x200, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)={0x0, 0x4, 0x9, 0x0, 0x800, 0x0, 0x3, 0x81, 0x6, 0x1, 0x20, 0x3, 0x0, 0x1000, 0x0, 0x4, 0x1f, 0xb, 0x4}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x0, 0x20, 0x0, "3496be75f027b29e1f947f09c34b2e6f5fcb5b94a3ad224241676f780a1f663f4ae02702347ae5003aa281df795fb9344df1b6ddfe7d71163863bffe4522eec6013f7da678cf3aca3161f4ca598498b0"}, 0xd8) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2668.535954] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2668.552333] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2668.590840] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x11, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xfffffffe, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2668.658296] EXT4-fs (loop5): bad geometry: first data block 10027520 is beyond end of filesystem (1080) [ 2668.733512] EXT4-fs (loop0): bad geometry: first data block 61443 is beyond end of filesystem (1080) [ 2668.733980] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:48 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x1e20517ddaa88fad, 0x0}) 16:26:48 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000019e000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:48 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3404000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x14, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:48 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00fffffff400000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2668.910228] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2668.976989] EXT4-fs (loop5): bad geometry: first data block 10354944 is beyond end of filesystem (1080) 16:26:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0xffffffff, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:48 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000008000a0000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x15, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:48 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x4, @mcast1}}, 0x5, 0xcbc2, 0x6, 0x6, 0x40}, &(0x7f0000000080)=0x98) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r1, 0x10f, 0x84, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8) r4 = socket(0x0, 0x0, 0x0) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000001b40)={r6}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={r6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000000c0)={r6, 0x80000000}, &(0x7f0000000300)=0x8) 16:26:49 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x53ac}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2669.262464] EXT4-fs (loop0): bad geometry: first data block 62719 is beyond end of filesystem (1080) [ 2669.291657] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2669.320249] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2669.341580] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:49 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00fffffff500000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2669.388264] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x34, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2669.448509] EXT4-fs (loop5): bad geometry: first data block 10485888 is beyond end of filesystem (1080) [ 2669.452118] net_ratelimit: 4 callbacks suppressed [ 2669.452126] protocol 88fb is buggy, dev hsr_slave_0 16:26:49 executing program 4: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0x0, 0x0, 0x4) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r1, 0x0, 0x0, 0x4) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0], 0x0, 0x40000000000001fc, 0x7}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) [ 2669.498891] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:49 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000002a0000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:49 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3504000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:49 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x6f90}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x42, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2669.706548] EXT4-fs (loop0): bad geometry: first data block 62975 is beyond end of filesystem (1080) 16:26:49 executing program 4: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000000)={'\x00', {0x2, 0x4e24, @remote}}) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40001, 0x0) ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000300)={"3e99bc28cc53d94e2afa844257b6ca26a2985c51fb6e3a372c486549e5a9bc9ee1dcf4f77d784dc46956b2031468997102469f9fd5b65ca84db7aea9db0a88c78011a52adc403e076d9103af9b1723da01502479a70fc503cd50ba675bfef7bd2cf9f08b3d583354f667e7189fbbf48899279cc65b9de451d605abc4e5b8369b04441d802bd15674809fa9bd667359fee3341a87cab247251128a82aafd9e625e9508ad11c3e3ae4314ce86f4dfd0eab031fadceaf8b909185718605834835963dcfdf218f8cbaa98947539969f6590dc38c786d175214d8e71ecdb27bd81d477dd73c841b8672c787ced7298cb1c26377ef5dd23e53aa93f3b70b82d233db63fb23995e5cc48dd3ee4461d7989b05ddc1c3a4fe9ccab1071e55359cc0acaf62bd95032137ccb8538c0989695ee29c033807c8976cb93810450e9f21294ff4a93272616ecb7684adae891702b08d6b0e3ebf2402c5907942f0c68445dd4edf07a74425d42e9d2426f2af0a376222820b35ccb7a4377ff5094614e7f7c7eea3eea77ac465735913b45727d0a3c7d76f90016cd34ac8c136bce1aff4a60be2d01f430daed06074c5ddbde4829da8d16067abc97a7a4ee17ca2ae790e6015767b617e3fca829d50e36eb3045607ea53a1d6682e304634efa29c7148e9cf3e189e07a7e75f00a81bbe1563adc8396f34318ba6e244863fab2f7265744953f9430ff42e8375eebf3146a407d2764fd2f721efa71c51476f7e942275a2d2d824a1f7df581d6817d97c77130bfeff1466ca415cf38301d38bbd34b8ee934a769fdc4641680e957a1a8edae7b02452b5169553d7001e024503e6c22e5de9c3e2cdf67caaa8fbe7f0559fdfa33d7508dbfca774819f0396214268d4516e58f9f0e11fc064e82ac3341d84445f60f917fb5f6060a5354719991bcf01616b05d0acae509ff0a2a697af8b06c8a34ee55e8fbd2ebcd26f678755e02577932d784bdd9ba08f8d609b55b7d38236730a9691ae1b09ff14881a05251f81a1b9735fc83bbf21efa61b86af5c178a64223c1a0550429716813bc26e29b3f041cf3d0bd87712565a1bdc31b360c5799060be4de3975107ef1213dc52247950c2cb158dd7fa98078e5ebe863de1d42a271e6ac93b3bcf7daeba6bd18b806aed545f32d9b07bed8411be3330071c5afe85bb87c5bdd728623fbe31c5e1d3cdc521ce9ebca724e8f1f94ffb997c5f0a91bab173bfc05b7dd2d43e6d4cfa83bb06a6fdf87211c988ab0a3216a224ceedfbbc615bf8c157d27d22f96bb0c130ee5595896eff1a404a540a921897b5e5109f7dafeb83078039195fddafc6a95c400449b96ad22b3bdd9c356416953cb5f2054c694338b0aeff1dacc45a17408c37c88b7c87f18d599cbff7a68e4d80797f3336f8e0440290132fb2f012eed1771d4e4746d130c0113213b75a"}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) syz_mount_image$ceph(&(0x7f0000000080)='ceph\x00', &(0x7f00000000c0)='./file0\x00', 0x44, 0x3, &(0x7f0000000780)=[{&(0x7f0000000140)="3fdacdadf80ecc696e52de5ef0745dbf76d06b95c24e39def68cefcc", 0x1c, 0x100000001}, {&(0x7f0000000180)="546d8456a1cad1349c2803b80cfb121faf1f10b8a177b747c88971ea2fd119b61a38566d41a6b3a104146928a0150b791c09e1a06c4de1ecde9fb32f534598e4fc74b12c5bd664d3003219b2fcf7877894c907feb61775b08b21b3aaf4a66e613319be8a07002bdcbec93d46adc0b431d69e2c0ab11addb9cbd2", 0x7a, 0x4}, {&(0x7f0000000700)="b6c307d996b6fefb20a8862e73ae27e3521dd568adb67f1dc756bac23c2891cdbf8194ef1d4c5d107b28eb769eececbafd652deda8e79b498095a2feb1f1b0e1b21f5497aa9e5d7de6f2952b30bf7e40efe526c2163e73f5150cfb76009c4421d9011ea13a0e7e8478b526d56b7bc9010de0f28857047e", 0x77, 0x2}], 0x2220000, &(0x7f0000000800)='/dev/mixer\x00') 16:26:49 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000f600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:49 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x85e0}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x1cb, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2669.893973] EXT4-fs (loop5): bad geometry: first data block 10486272 is beyond end of filesystem (1080) [ 2669.928397] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2669.993338] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2670.012132] protocol 88fb is buggy, dev hsr_slave_0 [ 2670.018394] protocol 88fb is buggy, dev hsr_slave_1 [ 2670.023582] protocol 88fb is buggy, dev hsr_slave_0 [ 2670.028668] protocol 88fb is buggy, dev hsr_slave_1 [ 2670.032010] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:49 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000001ac000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2670.078136] EXT4-fs (loop0): bad geometry: first data block 62976 is beyond end of filesystem (1080) [ 2670.080870] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:49 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6, 0x101000) r2 = gettid() perf_event_open(&(0x7f0000000540)={0x0, 0x70, 0x0, 0x0, 0x81, 0x11, 0x0, 0x40, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xe52c, 0x0, @perf_config_ext={0x3f, 0x401}, 0x100, 0x0, 0x7, 0x7, 0x2, 0x0, 0x9}, r2, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000140)={{0x4, 0x0, 0xffffffff, 0x0, 'syz0\x00'}, 0x2, 0x400, 0xfffffc01, r2, 0x7, 0x3, 'syz0\x00', &(0x7f0000000040)=['mime_type\x00', '7(proc^:nodev\x00', '/cgroup\x00', 'ppp1cgroupnodev\x00', 'vboxnet0\x00', '\x00', '&\x00'], 0x3c, [], [0x75f, 0x1, 0x2]}) [ 2670.124085] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:49 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0xd98c}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x1f4, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:49 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000001f600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:50 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3700000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:50 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) 16:26:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x240, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2670.417476] EXT4-fs (loop5): bad geometry: first data block 11272448 is beyond end of filesystem (1080) 16:26:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x12d38}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:50 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) recvmsg$can_raw(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000140)=""/4096, 0x1000}, 0x2001) getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000001140)=""/89, &(0x7f00000011c0)=0x59) [ 2670.513871] EXT4-fs (loop0): bad geometry: first data block 62977 is beyond end of filesystem (1080) 16:26:50 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000000be000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x300, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:50 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000002f600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2670.645661] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2670.669777] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2670.712040] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2670.758281] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x18000}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:50 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3704000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:50 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4, 0x240000) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000040)=[0x370, 0x10000]) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r2 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r2, 0x0, 0x0, 0x4) unlink(&(0x7f0000000080)='./bus\x00') ioctl$SG_SCSI_RESET(r2, 0x2284, 0x0) [ 2670.860653] EXT4-fs (loop5): bad geometry: first data block 12451840 is beyond end of filesystem (1080) 16:26:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3b0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x180e4}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2671.017525] EXT4-fs (loop0): bad geometry: first data block 62978 is beyond end of filesystem (1080) 16:26:50 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000000edc0000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:50 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[], 0xfffffe8b) ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r1, 0xc010641d, &(0x7f0000000080)={r3, &(0x7f0000000040)=""/16}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:50 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00fffffff600000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2671.174537] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2671.208702] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3e4, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2671.258728] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2671.284651] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:51 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3804000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x1d490}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2671.383180] EXT4-fs (loop5): bad geometry: first data block 12643584 is beyond end of filesystem (1080) 16:26:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3e8, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:51 executing program 4: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r0, 0x0, 0x0, 0x4) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x101102, 0x0) ioctl$PPPIOCCONNECT(r2, 0x4004743a, &(0x7f0000000040)=0x2) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x400000, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x80641, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r4, 0x80045500, &(0x7f00000002c0)) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@remote, @in=@empty}}, {{@in=@loopback}, 0x0, @in=@broadcast}}, &(0x7f00000000c0)=0xe8) [ 2671.516479] EXT4-fs (loop0): bad geometry: first data block 63231 is beyond end of filesystem (1080) 16:26:51 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000000c6000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x20000}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:51 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00fffffffb00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x500, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2671.718547] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2671.772664] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2671.812847] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:51 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000000)=0x88565fcae2357587, 0x2) [ 2671.865975] EXT4-fs (loop5): bad geometry: first data block 12976128 is beyond end of filesystem (1080) [ 2671.880706] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x2283c}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x700, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:51 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3f00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2671.978008] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2671.989270] EXT4-fs (loop0): bad geometry: first data block 64511 is beyond end of filesystem (1080) 16:26:51 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000021ce000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x27be8}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:51 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0xfffffffffffffed1, 0x0}) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000000)={'veth0\x00', {0x2, 0x4e24, @multicast2}}) 16:26:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xa00, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:51 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000001fc00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2672.322183] EXT4-fs (loop5): bad geometry: first data block 13508864 is beyond end of filesystem (1080) [ 2672.376243] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock 16:26:52 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000001d2000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2672.439674] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:52 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x28000}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:52 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) fadvise64(r1, 0x0, 0x0, 0x4) ioctl$VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000540)={0xb, 0x1, 0x0, 0xa036b2732500bb19}) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) r5 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r5, r3, r4) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in=@multicast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xe8) fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(0xffffffffffffffff, 0x0, r7) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe8) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000200)='./file0\x00', 0x13901632, 0x2, &(0x7f0000000280)=[{&(0x7f0000000240)="810c6d1d84d1ab3de1a9", 0xa, 0x80000001}, {&(0x7f0000000300)="91cbb42c5c8950a551d9de2ebc09a3e4fb64b794ca3d7b221a69855e5fe90d0f80019ae6fac078e9c96cb6be7ae0b31189dec060a16bf81ac3a1abc6eff5978cea0ba45cfc88c56f4c2f05acf2c4b1c17c30f110779003abfd4d1392e418918246264069f4ea71004e6a614e07666006205ed5073ec18c2aa0449b1588195bda4554acf3bc9f478628b18ffa4e002741c7b8e3a4e1525bafc6f64c722714f9", 0x9f, 0x80}], 0x8000, &(0x7f0000000680)={[{@noquota='noquota'}, {@gid={'gid', 0x3d, r7}}, {@discard='discard'}, {@integrity='integrity'}, {@usrquota='usrquota'}, {@umask={'umask', 0x3d, 0x5c49}}, {@nodiscard='nodiscard'}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@errors_remount='errors=remount-ro'}, {@nodiscard='nodiscard'}], [{@hash='hash'}, {@smackfsdef={'smackfsdef', 0x3d, '.GPL'}}, {@fowner_gt={'fowner>', r8}}, {@euid_gt={'euid>'}}, {@subj_role={'subj_role', 0x3d, ',,'}}, {@euid_lt={'euid<'}}, {@euid_eq={'euid'}}, {@fsname={'fsname', 0x3d, 'selinuxtrustedposix_acl_access'}}, {@subj_user={'subj_user', 0x3d, 'Lsystemvboxnet1wlan0+systemwlan0user-keyringprocselinux (\',(keyring'}}, {@pcr={'pcr', 0x3d, 0x2e}}]}) keyctl$chown(0x4, r5, r6, r7) r9 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r9, 0x8918, &(0x7f0000000140)={'ip_vti0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1a}}}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r10 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000040)='security.SMACK64EXEC\x00', &(0x7f0000000080)='vboxnet0Y]+nodev\x82\xbf]eth0trusted', 0x1e, 0x1) r11 = socket(0x10, 0x3, 0x0) write(r11, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r13 = getegid() fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(0xffffffffffffffff, 0x0, r14) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000500)=0xe8) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000200)='./file0\x00', 0x13901632, 0x2, &(0x7f0000000280)=[{&(0x7f0000000240)="810c6d1d84d1ab3de1a9", 0xa, 0x80000001}, {&(0x7f0000000300)="91cbb42c5c8950a551d9de2ebc09a3e4fb64b794ca3d7b221a69855e5fe90d0f80019ae6fac078e9c96cb6be7ae0b31189dec060a16bf81ac3a1abc6eff5978cea0ba45cfc88c56f4c2f05acf2c4b1c17c30f110779003abfd4d1392e418918246264069f4ea71004e6a614e07666006205ed5073ec18c2aa0449b1588195bda4554acf3bc9f478628b18ffa4e002741c7b8e3a4e1525bafc6f64c722714f9", 0x9f, 0x80}], 0x8000, &(0x7f0000000680)={[{@noquota='noquota'}, {@gid={'gid', 0x3d, r14}}, {@discard='discard'}, {@integrity='integrity'}, {@usrquota='usrquota'}, {@umask={'umask', 0x3d, 0x5c49}}, {@nodiscard='nodiscard'}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@errors_remount='errors=remount-ro'}, {@nodiscard='nodiscard'}], [{@hash='hash'}, {@smackfsdef={'smackfsdef', 0x3d, '.GPL'}}, {@fowner_gt={'fowner>', r15}}, {@euid_gt={'euid>'}}, {@subj_role={'subj_role', 0x3d, ',,'}}, {@euid_lt={'euid<'}}, {@euid_eq={'euid'}}, {@fsname={'fsname', 0x3d, 'selinuxtrustedposix_acl_access'}}, {@subj_user={'subj_user', 0x3d, 'Lsystemvboxnet1wlan0+systemwlan0user-keyringprocselinux (\',(keyring'}}, {@pcr={'pcr', 0x3d, 0x2e}}]}) setresgid(r12, r13, r14) setsockopt$inet_msfilter(r11, 0x0, 0x29, &(0x7f00000000c0)={@multicast2, @rand_addr=0x1, 0x0, 0x3, [@rand_addr=0x2, @dev={0xac, 0x14, 0x14, 0xc}, @rand_addr=0x401]}, 0x1c) ioctl$VIDIOC_G_AUDIO(r10, 0x80345621, &(0x7f0000000180)) [ 2672.491479] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2672.539465] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2672.573862] EXT4-fs (loop0): bad geometry: first data block 64513 is beyond end of filesystem (1080) 16:26:52 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xe00, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:52 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00000407fc00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2672.771574] EXT4-fs (loop5): bad geometry: first data block 13762816 is beyond end of filesystem (1080) 16:26:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x1100, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:52 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000003d4000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2672.925075] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2672.978887] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x1400, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2673.026459] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2673.064934] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:52 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4126000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2673.100736] EXT4-fs (loop0): bad geometry: first data block 64519 is beyond end of filesystem (1080) [ 2673.211882] protocol 88fb is buggy, dev hsr_slave_0 [ 2673.212098] protocol 88fb is buggy, dev hsr_slave_0 [ 2673.217076] protocol 88fb is buggy, dev hsr_slave_1 [ 2673.222088] protocol 88fb is buggy, dev hsr_slave_1 [ 2673.227178] protocol 88fb is buggy, dev hsr_slave_0 16:26:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x1500, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:53 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00fffffffe00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2673.279987] EXT4-fs (loop5): bad geometry: first data block 13894400 is beyond end of filesystem (1080) 16:26:53 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000003e2000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2673.482835] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2673.496834] EXT4-fs (loop0): bad geometry: first data block 65279 is beyond end of filesystem (1080) [ 2673.541971] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2673.579838] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2673.614543] EXT4-fs (loop5): bad geometry: first data block 14811904 is beyond end of filesystem (1080) [ 2673.640498] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:53 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x2cf94}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2673.780332] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:53 executing program 4: syz_init_net_socket$ax25(0x3, 0x3, 0xf0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x7, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x38, 0x57}}, &(0x7f0000000240)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x1, 0x348, &(0x7f0000000480)=""/195, 0x0, 0x0, [0x42]}, 0x48) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000000)={0xffffffffffffff40, 0x0}) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000040)) 16:26:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x1d4c, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:53 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4602000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:53 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000ffffffe2000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:53 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000fff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3075, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:53 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r2, 0x10f, 0x7f, &(0x7f0000000180)=0x1, 0x4) ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, &(0x7f0000000000)={0x0, 0x5, "5ef693094cb269da969faa9410ffce17b97c2e16ae4b64e1dc4765a0ae1aad2f", 0x100000001, 0x80000000006, 0x1ff, 0x82, 0x8, 0xfd, 0x8, 0x0, [0x8, 0x8, 0x2289, 0x1]}) r3 = syz_open_dev$swradio(&(0x7f0000000200)='/dev/swradio#\x00', 0x0, 0x2) ioctl$CAPI_GET_ERRCODE(r3, 0x80024321, &(0x7f0000000240)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2674.085951] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2674.101895] EXT4-fs (loop5): bad geometry: first data block 14876671 is beyond end of filesystem (1080) [ 2674.102742] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2674.147558] EXT4-fs (loop0): bad geometry: first data block 65295 is beyond end of filesystem (1080) 16:26:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3400, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2674.263642] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:54 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000025e7000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:54 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000003ffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2674.364868] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:54 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x80000, 0x0) ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000080)={0x4, 0x1, 0x1}) r3 = socket(0x8, 0x0, 0x81) getsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, &(0x7f0000000140), &(0x7f0000000180)=0xc) r4 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000680)='/proc/capi/capi20ncci\x00', 0x20482, 0x0) r5 = fcntl$dupfd(r4, 0x25c58b7d1bc33b2f, r1) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket(0x10, 0x3, 0x0) write(r6, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$RDS_FREE_MR(r6, 0x114, 0x3, &(0x7f0000000000)={{0x3333c56d, 0x7ffc}, 0x20}, 0x1f7) r7 = socket(0x10, 0x3, 0x0) write(r7, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$TIOCGPTPEER(r9, 0x5441, 0x6) getpeername$ax25(r7, &(0x7f00000005c0)={{0x3, @rose}, [@remote, @rose, @default, @bcast, @bcast, @rose, @rose, @null]}, &(0x7f0000000640)=0x48) pipe(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r10, 0x400454cd, 0x30a) r11 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x10000, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r11, 0x800448d2, &(0x7f00000001c0)={0x4, &(0x7f0000000300)=[{}, {}, {}, {}]}) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2674.519838] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2674.542161] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:54 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x30000}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x3a98, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:54 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4800000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2674.591333] EXT4-fs (loop5): bad geometry: first data block 15148288 is beyond end of filesystem (1080) [ 2674.623121] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) 16:26:54 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000002e8000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x4000, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2674.847579] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2674.891374] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2674.924835] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:54 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00001fffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2674.946129] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x4002, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:54 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4c00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2675.098051] EXT4-fs (loop5): bad geometry: first data block 15204864 is beyond end of filesystem (1080) 16:26:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x4059, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2675.203945] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) 16:26:54 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000003ec000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2675.291892] net_ratelimit: 11 callbacks suppressed [ 2675.291900] protocol 88fb is buggy, dev hsr_slave_0 [ 2675.291927] protocol 88fb is buggy, dev hsr_slave_1 [ 2675.297006] protocol 88fb is buggy, dev hsr_slave_1 [ 2675.302070] protocol 88fb is buggy, dev hsr_slave_0 [ 2675.307014] protocol 88fb is buggy, dev hsr_slave_0 [ 2675.312025] protocol 88fb is buggy, dev hsr_slave_1 [ 2675.317029] protocol 88fb is buggy, dev hsr_slave_1 16:26:55 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c007fffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x4200, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:55 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x32340}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:55 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket(0x10, 0x3, 0x0) r2 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f0000000040)=0x8, 0x4) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r3 = socket(0x10, 0x3, 0x0) write(r3, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) dup2(r1, r2) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2675.432235] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2675.455452] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2675.470862] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2675.560073] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2675.613076] EXT4-fs (loop5): bad geometry: first data block 15467264 is beyond end of filesystem (1080) 16:26:55 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4e03000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x4c1d, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:55 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000003f0000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2675.692121] protocol 88fb is buggy, dev hsr_slave_0 [ 2675.697336] protocol 88fb is buggy, dev hsr_slave_1 [ 2675.702526] protocol 88fb is buggy, dev hsr_slave_0 [ 2675.778078] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) 16:26:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x5580, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:55 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c008cffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2675.945891] EXT4-fs (loop5): bad geometry: first data block 15729408 is beyond end of filesystem (1080) [ 2675.997630] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2676.037415] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:55 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000025f0000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2676.063379] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2676.099858] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x5940, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:55 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x5600000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2676.210867] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) [ 2676.237123] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:56 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x100, 0xfffffffb, 0x1f, 0x8, 0x1, 0xfffff800, [], 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x3c) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040)=0x7, 0x80) r2 = socket(0x10, 0x3, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x80045700, &(0x7f0000000080)) write(r2, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x400443c9, &(0x7f0000000100)={0xfffffda2, 0x0}) 16:26:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x7530, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2676.349357] EXT4-fs (loop5): bad geometry: first data block 15738112 is beyond end of filesystem (1080) [ 2676.506967] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2676.539933] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2676.562817] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2676.597752] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x376ec}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:56 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00e2ffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:56 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000025f4000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x8055, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:56 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x5726000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:56 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe8b) write$UHID_DESTROY(r1, &(0x7f0000000000), 0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000080)={0x2a1, 0x0}) [ 2676.689599] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 16:26:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x983a, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2676.907248] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) [ 2676.938482] EXT4-fs (loop5): bad geometry: first data block 16000256 is beyond end of filesystem (1080) [ 2676.966587] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2677.006150] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2677.054990] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:56 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00f4ffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:56 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000fffffff4000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:56 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000040)={0x2, 0x7f}, 0x2) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x400443c9, &(0x7f0000000100)={0xfffffffffffffeb4, 0x0}) [ 2677.118288] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xb003, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:56 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x5800000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2677.367548] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) [ 2677.435095] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2677.473615] EXT4-fs (loop5): bad geometry: first data block 16056319 is beyond end of filesystem (1080) 16:26:57 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x38000}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xcb01, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:57 executing program 4: ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) [ 2677.519814] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2677.542178] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:57 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00f5ffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:57 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000fffffff5000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2677.644688] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xcbff, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2677.723856] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:57 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x5c00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:57 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000400)='/dev/snd/pcmC#D#c\x00', 0xffffffff7fffffff, 0x288040) sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000b80)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="050c27bd7000ffdbdf2503000000e7401191a1d7da378753f18bb8db0c21d74b8c1994cb573ff0c5320e3fe397bd8a7c25799573fdffffffffffffff16ed2d05dfcd8089ed7cfcc53c2c4c19daee0a2449ee45439a1b54"], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x8040) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r1, 0x588a7cf7cd32340a, 0x70bd27, 0x25dfdbfc, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x101}]}, 0x20}, 0x1, 0x0, 0x0, 0x810}, 0x80) 16:26:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xcffe, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2677.952265] EXT4-fs (loop5): bad geometry: first data block 16121855 is beyond end of filesystem (1080) [ 2677.967752] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) 16:26:57 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000000f6000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:57 executing program 4: r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000040)) socket$l2tp(0x18, 0x1, 0x1) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) 16:26:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xe403, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2678.196033] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2678.231296] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2678.274207] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2678.323613] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2678.445954] EXT4-fs (loop5): bad geometry: first data block 16121856 is beyond end of filesystem (1080) 16:26:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x3ca98}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:58 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00f6ffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xe803, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:58 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x6000000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:58 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000100)={0x0, 0x0}) r1 = socket(0x10, 0x3, 0x0) write(r1, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1010005}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[]}, 0x1, 0x0, 0x0, 0x20008005}, 0x8000) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x9040}, 0xc1, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r3, 0x200, 0x70bd2c, 0x25dfdbfd, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x33d5ddf0f0ffb53e}, 0x0) 16:26:58 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000001f6000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2678.828841] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2678.829325] EXT4-fs (loop5): bad geometry: first data block 16122112 is beyond end of filesystem (1080) [ 2678.855613] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock 16:26:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xf401, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2678.879829] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2678.889489] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) [ 2678.915599] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:58 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x6602000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:58 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00fbffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:58 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000fffffff6000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xfecf, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0xffcb, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2679.263134] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) [ 2679.292487] EXT4-fs (loop5): bad geometry: first data block 16187391 is beyond end of filesystem (1080) [ 2679.325264] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2679.345461] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2679.370122] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2679.385900] device bridge_slave_1 left promiscuous mode [ 2679.397465] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2679.416913] bridge0: port 2(bridge_slave_1) entered disabled state 16:26:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x1cb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$packet(0x11, 0x3, 0x300) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x40000}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:59 executing program 4: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4f5566f91cf060201ded815b2ccd243fa95ed94e0ad00000000ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb000000000000270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x400443c9, &(0x7f0000000040)={0x33b, 0x0}) [ 2679.467918] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2679.503455] device bridge_slave_0 left promiscuous mode 16:26:59 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000000025f7000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2679.514488] bridge0: port 1(bridge_slave_0) entered disabled state 16:26:59 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c00feffffff00000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:59 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x6800000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x20000, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2679.768281] EXT4-fs (loop5): bad geometry: first data block 16196864 is beyond end of filesystem (1080) [ 2679.807094] EXT4-fs (loop0): bad geometry: first data block 65535 is beyond end of filesystem (1080) 16:26:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x39bab, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2679.832524] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2679.863043] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2679.929868] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock 16:26:59 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000400000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:26:59 executing program 5: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000200)="fc0000001c000725ab0925000900070007ab08000800000081000093210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b46180000000a00070000000201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4b463ae4", 0x89) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c0000fffffffb000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) [ 2679.979520] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue 16:26:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x142800, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 16:26:59 executing program 3: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001280)=ANY=[@ANYBLOB="e6ff03005400005531fe0500fac9067f076748b4f245", @ANYBLOB="740081008ca31d3f003b54c91df8a31be46a014d43e66871c22ee20ce70f39885b2007369348b27eceb52aec5737ca70af71bee3b7a6117929e7b1d46d38b6a6b6c3285bb01e4d5d627b0f0911da0beb35118732bb0cbf909651c8c600fbde031f3161edefb1ba0706eb9644ce21b8e89e5300004c001f00ff6a4518c96e417975eb8dbfcd05c1"], 0x9d}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x6c00000000000000, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60199026c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 16:27:00 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x281400, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0x3b0}], 0x1, 0x0, 0x0, 0x5580}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 2680.254584] EXT4-fs (loop0): bad block size 16384 [ 2680.259652] EXT4-fs (loop5): bad geometry: first data block 16515071 is beyond end of filesystem (1080) [ 2680.402006] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2680.411939] net_ratelimit: 31 callbacks suppressed [ 2680.411948] protocol 88fb is buggy, dev hsr_slave_0 [ 2680.422310] ================================================================== [ 2680.430349] BUG: KASAN: use-after-free in dev_queue_xmit_nit+0x896/0xa10 [ 2680.437215] Read of size 8 at addr ffff8880526eeb70 by task udevd/6314 [ 2680.443893] [ 2680.444668] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2680.445533] CPU: 0 PID: 6314 Comm: udevd Not tainted 4.19.83 #0 [ 2680.445550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2680.445554] Call Trace: [ 2680.445561] [ 2680.445586] dump_stack+0x172/0x1f0 [ 2680.463170] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2680.470489] ? dev_queue_xmit_nit+0x896/0xa10 [ 2680.470507] print_address_description.cold+0x7c/0x20d [ 2680.470521] ? dev_queue_xmit_nit+0x896/0xa10 [ 2680.470532] kasan_report.cold+0x8c/0x2ba [ 2680.470551] __asan_report_load8_noabort+0x14/0x20 [ 2680.511158] dev_queue_xmit_nit+0x896/0xa10 [ 2680.515589] dev_hard_start_xmit+0xa7/0x980 [ 2680.519929] ? check_preemption_disabled+0x48/0x290 [ 2680.524969] __dev_queue_xmit+0x2704/0x2fe0 [ 2680.529303] ? __lock_is_held+0xb6/0x140 [ 2680.533373] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2680.538923] ? should_fail+0x14d/0x85c [ 2680.542842] ? netdev_pick_tx+0x300/0x300 [ 2680.547009] ? __copy_skb_header+0x33d/0x560 [ 2680.551434] ? skb_checksum+0xc0/0xc0 [ 2680.555259] ? rcu_read_lock_sched_held+0x110/0x130 [ 2680.560292] ? kasan_check_write+0x14/0x20 [ 2680.564545] ? __skb_clone+0x613/0x870 [ 2680.568440] ? kasan_check_write+0x14/0x20 [ 2680.572690] dev_queue_xmit+0x18/0x20 [ 2680.576496] ? dev_queue_xmit+0x18/0x20 [ 2680.580484] hsr_forward_skb+0xd2e/0x1c10 [ 2680.584665] send_hsr_supervision_frame+0x8c8/0xf30 [ 2680.589692] ? lock_acquire+0x16f/0x3f0 [ 2680.593687] hsr_announce+0x12f/0x3b0 [ 2680.597499] call_timer_fn+0x18d/0x720 [ 2680.601396] ? send_hsr_supervision_frame+0xf30/0xf30 [ 2680.606596] ? process_timeout+0x40/0x40 [ 2680.610657] ? run_timer_softirq+0x644/0x16a0 [ 2680.615166] ? trace_hardirqs_on+0x67/0x220 [ 2680.619519] ? kasan_check_read+0x11/0x20 [ 2680.623684] ? send_hsr_supervision_frame+0xf30/0xf30 [ 2680.628889] run_timer_softirq+0x64f/0x16a0 [ 2680.633502] ? add_timer+0xbe0/0xbe0 [ 2680.637319] ? __lock_is_held+0xb6/0x140 [ 2680.641406] __do_softirq+0x25c/0x921 [ 2680.645211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2680.650851] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2680.656418] irq_exit+0x180/0x1d0 [ 2680.659889] smp_apic_timer_interrupt+0x13b/0x550 [ 2680.664749] apic_timer_interrupt+0xf/0x20 [ 2680.668983] [ 2680.671234] RIP: 0010:_raw_spin_unlock_irqrestore+0x95/0xe0 [ 2680.676976] Code: 48 c7 c0 88 47 72 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 39 48 83 3d da 96 80 01 00 74 24 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 0c d9 56 fa 65 8b 05 05 3d 10 79 [ 2680.695890] RSP: 0018:ffff88804f12f9d8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 2680.703614] RAX: 1ffffffff10e48f1 RBX: 0000000000000282 RCX: 0000000000000000 [ 2680.710886] RDX: dffffc0000000000 RSI: ffff8880a1828ec0 RDI: 0000000000000282 [ 2680.710895] RBP: ffff88804f12f9e8 R08: ffff8880a1828640 R09: 0000000000000000 [ 2680.710904] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff887a0f18 [ 2680.710912] R13: 0000000000000282 R14: ffffffff887a0f60 R15: ffffffff8879fc00 [ 2680.710947] swake_up_one+0x4d/0x60 [ 2680.726665] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 2680.732733] rcu_gp_kthread_wake+0x8d/0xd0 [ 2680.732749] rcu_report_qs_rsp+0x100/0x160 [ 2680.732765] rcu_read_unlock_special+0xa55/0xea0 [ 2680.732778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2680.732792] ? check_preemption_disabled+0x48/0x290 [ 2680.732808] __rcu_read_unlock+0x161/0x170 [ 2680.732824] sock_def_readable+0x1ba/0x4f0 [ 2680.732841] unix_dgram_sendmsg+0xc7c/0x11f0 [ 2680.732867] ? unix_stream_connect+0x10d0/0x10d0 [ 2680.732882] ? do_raw_spin_lock+0xc8/0x240 [ 2680.775639] ? selinux_socket_sendmsg+0x36/0x40 [ 2680.775654] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2680.775668] ? security_socket_sendmsg+0x8d/0xc0 [ 2680.775681] ? unix_stream_connect+0x10d0/0x10d0 [ 2680.775695] sock_sendmsg+0xd7/0x130 [ 2680.775709] __sys_sendto+0x262/0x380 [ 2680.775723] ? __ia32_sys_getpeername+0xb0/0xb0 [ 2680.775737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2680.775758] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2680.788625] ? __sys_sendmsg+0x131/0x1d0 [ 2680.788640] ? __ia32_sys_shutdown+0x80/0x80 [ 2680.788657] ? up_read+0x1a/0x110 [ 2680.788682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2680.824832] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2680.824847] ? do_syscall_64+0x26/0x620 [ 2680.824861] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2680.824879] __x64_sys_sendto+0xe1/0x1a0 [ 2680.824896] do_syscall_64+0xfd/0x620 [ 2680.835180] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2680.835191] RIP: 0033:0x7fb9c1faa282 [ 2680.835206] Code: 48 83 c8 ff eb ea 90 90 53 48 83 ec 20 8b 05 81 d3 2a 00 85 c0 75 21 45 31 c9 45 31 c0 4c 63 d1 48 63 ff b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 61 48 83 c4 20 5b c3 48 89 54 24 08 89 0c 24 [ 2680.853844] EXT4-fs (loop5): bad geometry: first data block 16515071 is beyond end of filesystem (1080) [ 2680.857365] RSP: 002b:00007fffd8e0f7e0 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2680.857404] RAX: ffffffffffffffda RBX: 0000000001186a10 RCX: 00007fb9c1faa282 [ 2680.857417] RDX: 0000000000000008 RSI: 00007fffd8e0f830 RDI: 0000000000000009 [ 2680.939962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2680.947238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2680.954533] R13: 00000000011b46f0 R14: 000000000117c030 R15: 000000000000000b [ 2680.961813] [ 2680.963440] Allocated by task 17907: [ 2680.967164] save_stack+0x45/0xd0 [ 2680.970618] kasan_kmalloc+0xce/0xf0 [ 2680.974335] __kmalloc+0x15d/0x750 [ 2680.977885] sk_prot_alloc+0x19c/0x2e0 [ 2680.981789] sk_alloc+0x39/0xf70 [ 2680.985163] packet_create+0x11e/0x860 [ 2680.989142] __sock_create+0x3d8/0x730 [ 2680.993121] __sys_socket+0x103/0x220 [ 2680.996922] __x64_sys_socket+0x73/0xb0 [ 2681.000907] do_syscall_64+0xfd/0x620 [ 2681.004736] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2681.009915] [ 2681.011566] Freed by task 17843: [ 2681.014935] save_stack+0x45/0xd0 [ 2681.023424] __kasan_slab_free+0x102/0x150 [ 2681.027656] kasan_slab_free+0xe/0x10 [ 2681.031454] kfree+0xcf/0x220 [ 2681.034564] __sk_destruct+0x4a2/0x680 [ 2681.038451] sk_destruct+0xc8/0x100 [ 2681.042088] __sk_free+0xce/0x300 [ 2681.045542] sk_free+0x42/0x50 [ 2681.048732] packet_release+0x927/0xc60 [ 2681.052708] __sock_release+0xce/0x2a0 [ 2681.056613] sock_close+0x1b/0x30 [ 2681.060081] __fput+0x2dd/0x8b0 [ 2681.063359] ____fput+0x16/0x20 [ 2681.066641] task_work_run+0x145/0x1c0 [ 2681.070534] exit_to_usermode_loop+0x273/0x2c0 [ 2681.075119] do_syscall_64+0x53d/0x620 [ 2681.079006] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2681.084189] [ 2681.085819] The buggy address belongs to the object at ffff8880526ee380 [ 2681.085819] which belongs to the cache kmalloc-2048 of size 2048 [ 2681.098657] The buggy address is located 2032 bytes inside of [ 2681.098657] 2048-byte region [ffff8880526ee380, ffff8880526eeb80) [ 2681.110703] The buggy address belongs to the page: [ 2681.115725] page:ffffea000149bb80 count:1 mapcount:0 mapping:ffff88812c3f0c40 index:0xffff8880526ef480 compound_mapcount: 0 [ 2681.127008] flags: 0x1fffc0000008100(slab|head) [ 2681.131686] raw: 01fffc0000008100 ffffea0001680d08 ffffea00025eb108 ffff88812c3f0c40 [ 2681.139845] raw: ffff8880526ef480 ffff8880526ee380 0000000100000001 0000000000000000 [ 2681.147730] page dumped because: kasan: bad access detected [ 2681.153438] [ 2681.155072] Memory state around the buggy address: [ 2681.160002] ffff8880526eea00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 2681.167363] ffff8880526eea80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 2681.174727] >ffff8880526eeb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 2681.182081] ^ [ 2681.189098] ffff8880526eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 2681.196461] ffff8880526eec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 2681.203822] ================================================================== [ 2681.211180] Disabling lock debugging due to kernel taint [ 2681.216683] Kernel panic - not syncing: panic_on_warn set ... [ 2681.216683] [ 2681.224146] CPU: 0 PID: 6314 Comm: udevd Tainted: G B 4.19.83 #0 [ 2681.231591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2681.240941] Call Trace: [ 2681.244830] [ 2681.246994] dump_stack+0x172/0x1f0 [ 2681.250626] ? dev_queue_xmit_nit+0x896/0xa10 [ 2681.255139] panic+0x26a/0x50e [ 2681.258347] ? __warn_printk+0xf3/0xf3 [ 2681.262268] ? dev_queue_xmit_nit+0x896/0xa10 [ 2681.266768] ? trace_hardirqs_on+0x5e/0x220 [ 2681.271104] ? trace_hardirqs_on+0x5e/0x220 [ 2681.275439] ? dev_queue_xmit_nit+0x896/0xa10 [ 2681.280033] kasan_end_report+0x47/0x4f [ 2681.284016] kasan_report.cold+0xa9/0x2ba [ 2681.288177] __asan_report_load8_noabort+0x14/0x20 [ 2681.293122] dev_queue_xmit_nit+0x896/0xa10 [ 2681.297461] dev_hard_start_xmit+0xa7/0x980 [ 2681.301793] ? check_preemption_disabled+0x48/0x290 [ 2681.306846] __dev_queue_xmit+0x2704/0x2fe0 [ 2681.311171] ? __lock_is_held+0xb6/0x140 [ 2681.315237] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2681.320773] ? should_fail+0x14d/0x85c [ 2681.324673] ? netdev_pick_tx+0x300/0x300 [ 2681.328825] ? __copy_skb_header+0x33d/0x560 [ 2681.333234] ? skb_checksum+0xc0/0xc0 [ 2681.337053] ? rcu_read_lock_sched_held+0x110/0x130 [ 2681.342068] ? kasan_check_write+0x14/0x20 [ 2681.346304] ? __skb_clone+0x613/0x870 [ 2681.350193] ? kasan_check_write+0x14/0x20 [ 2681.354435] dev_queue_xmit+0x18/0x20 [ 2681.358240] ? dev_queue_xmit+0x18/0x20 [ 2681.362216] hsr_forward_skb+0xd2e/0x1c10 [ 2681.366370] send_hsr_supervision_frame+0x8c8/0xf30 [ 2681.371391] ? lock_acquire+0x16f/0x3f0 [ 2681.375384] hsr_announce+0x12f/0x3b0 [ 2681.379184] call_timer_fn+0x18d/0x720 [ 2681.383161] ? send_hsr_supervision_frame+0xf30/0xf30 [ 2681.391822] ? process_timeout+0x40/0x40 [ 2681.395885] ? run_timer_softirq+0x644/0x16a0 [ 2681.400409] ? trace_hardirqs_on+0x67/0x220 [ 2681.404736] ? kasan_check_read+0x11/0x20 [ 2681.408887] ? send_hsr_supervision_frame+0xf30/0xf30 [ 2681.414085] run_timer_softirq+0x64f/0x16a0 [ 2681.418415] ? add_timer+0xbe0/0xbe0 [ 2681.422169] ? __lock_is_held+0xb6/0x140 [ 2681.426243] __do_softirq+0x25c/0x921 [ 2681.430046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2681.435582] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2681.441126] irq_exit+0x180/0x1d0 [ 2681.444586] smp_apic_timer_interrupt+0x13b/0x550 [ 2681.449436] apic_timer_interrupt+0xf/0x20 [ 2681.453657] [ 2681.455895] RIP: 0010:_raw_spin_unlock_irqrestore+0x95/0xe0 [ 2681.461698] Code: 48 c7 c0 88 47 72 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 39 48 83 3d da 96 80 01 00 74 24 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 0c d9 56 fa 65 8b 05 05 3d 10 79 [ 2681.480767] RSP: 0018:ffff88804f12f9d8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 2681.488479] RAX: 1ffffffff10e48f1 RBX: 0000000000000282 RCX: 0000000000000000 [ 2681.495754] RDX: dffffc0000000000 RSI: ffff8880a1828ec0 RDI: 0000000000000282 [ 2681.503013] RBP: ffff88804f12f9e8 R08: ffff8880a1828640 R09: 0000000000000000 [ 2681.510270] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff887a0f18 [ 2681.517589] R13: 0000000000000282 R14: ffffffff887a0f60 R15: ffffffff8879fc00 [ 2681.525246] swake_up_one+0x4d/0x60 [ 2681.528878] rcu_gp_kthread_wake+0x8d/0xd0 [ 2681.533126] rcu_report_qs_rsp+0x100/0x160 [ 2681.537363] rcu_read_unlock_special+0xa55/0xea0 [ 2681.542112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2681.547652] ? check_preemption_disabled+0x48/0x290 [ 2681.552668] __rcu_read_unlock+0x161/0x170 [ 2681.556898] sock_def_readable+0x1ba/0x4f0 [ 2681.561135] unix_dgram_sendmsg+0xc7c/0x11f0 [ 2681.565547] ? unix_stream_connect+0x10d0/0x10d0 [ 2681.570313] ? do_raw_spin_lock+0xc8/0x240 [ 2681.574541] ? selinux_socket_sendmsg+0x36/0x40 [ 2681.579196] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2681.584738] ? security_socket_sendmsg+0x8d/0xc0 [ 2681.589482] ? unix_stream_connect+0x10d0/0x10d0 [ 2681.594225] sock_sendmsg+0xd7/0x130 [ 2681.597939] __sys_sendto+0x262/0x380 [ 2681.601810] ? __ia32_sys_getpeername+0xb0/0xb0 [ 2681.606481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2681.612019] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2681.617580] ? __sys_sendmsg+0x131/0x1d0 [ 2681.621642] ? __ia32_sys_shutdown+0x80/0x80 [ 2681.626084] ? up_read+0x1a/0x110 [ 2681.629549] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2681.634299] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2681.639044] ? do_syscall_64+0x26/0x620 [ 2681.643010] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2681.648387] __x64_sys_sendto+0xe1/0x1a0 [ 2681.652457] do_syscall_64+0xfd/0x620 [ 2681.656789] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2681.661973] RIP: 0033:0x7fb9c1faa282 [ 2681.665689] Code: 48 83 c8 ff eb ea 90 90 53 48 83 ec 20 8b 05 81 d3 2a 00 85 c0 75 21 45 31 c9 45 31 c0 4c 63 d1 48 63 ff b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 61 48 83 c4 20 5b c3 48 89 54 24 08 89 0c 24 [ 2681.684587] RSP: 002b:00007fffd8e0f7e0 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2681.692302] RAX: ffffffffffffffda RBX: 0000000001186a10 RCX: 00007fb9c1faa282 [ 2681.699571] RDX: 0000000000000008 RSI: 00007fffd8e0f830 RDI: 0000000000000009 [ 2681.706830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2681.714087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2681.721464] R13: 00000000011b46f0 R14: 000000000117c030 R15: 000000000000000b [ 2681.730270] Kernel Offset: disabled [ 2681.733903] Rebooting in 86400 seconds..