program: syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x1, 0x419}}}, 0x7) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1e5) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x54, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @mcast1}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x54}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file5\x00', 0x4006, &(0x7f0000000140)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@minixdf}]}, 0x2, 0x42e, &(0x7f0000000d80)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+tj7O+jg6ZHi9g09WKh2urrsO1KWTvi42hE0p1bpp9Ff7/0CUYvXkDcSrn3a1ccC2qlQqlQfaH16qAP9jSXS7BUB3FF/02fy32HZo6HFXuPFSbQKUxX0r32pH+iLNy/Q3zW87aTgiziz981W2xfbchwAAaPB9Nv55ttX4L436+0L35msogxFxX0QcjIhTEXEoIu6PqJZ9MCIe2mT9zYska8c/6fUtBbZB2fjvxXxtq3H8V4z+YrCU5w5U4+9Pzs6WZ47n78lI9O/O8uPr1PHDK7990e5Y/fgv27L6i7Fg3o7rfbsbXzM9uTB5JzHXu/FJxFBfq/iTlZWAJCIOR8TQFuuYffqbo+2O3T7+dXRgnanydcRTtfO/FE3xF5L11yfH7onyzPGx4qpY65dfr77Zrv47ir8DsvO/t+X1vxL/YFK/Xju/+Tqu/vF52znNVq//XcnbDfs+nFxYuDQesSt5vdbo+v0TTeUmVstn8Y8ca93/D8bqO3EkIrKL+OGIeCQiHs3b/lhEPB4Rx9aJ/6eXn3hv6/Fvryz+6U2d/9XErmje0zpROv/jdw2VDm4m/uz8n6ymRvI9G/n820i7tnY1AwAAwH9PGhH7I0lHV9JpOjpa+w3/odiblufmF545O/fBxenaMwKD0Z8Wd7oG6u6HjufT+iI/0ZQ/kd83/rK0p5ofnZorT3c7eOhx+9r0/8yfpW63Dth2nteC3qX/Q+/S/6F36f/Qu1r0/z3daAew81p9/3/chXYAO6+p/1v2gx5i/g+9S/+H3qX/Q0+a3xO3f0heQmJNItK7ohkS25To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//+i45rU=") openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x6042, 0x144) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) r8 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r8, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x7, 0x0, 0x0, 0xd, "22536af39b7c7cb7435b0a43852dbc3a9ada34cc97af10fd4fcca15748328c53096c2f359e9ba743d30b59c491a7b3e74d938981061383374a1d79471a2d2dfe", "0410b1617b6217917d72322c0c5aa9263626c0240010f9db74161ccff2c5cf5e", [0x3, 0x800]}) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r10 = socket$unix(0x1, 0x2, 0x0) r11 = dup2(r10, r9) close_range(r11, 0xffffffffffffffff, 0x0) r12 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_RESVSP(r12, 0x40305829, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8001}) [ 75.172488][ T5332] Bluetooth: hci0: command tx timeout [ 75.286487][ T5354] loop0: detected capacity change from 0 to 1024 [ 75.342523][ T5354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.402765][ T5354] 8021q: adding VLAN 0 to HW filter on device bond1 [ 75.418526][ T5354] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 75.500646][ T5354] loop0: detected capacity change from 1024 to 64 [ 75.505251][ T13] bond1: (slave ip6gretap1): link status up again after 0 ms [ 75.508520][ T13] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 75.528968][ T966] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 75.569096][ T5354] loop0: detected capacity change from 64 to 1023 [ 75.583176][ T5354] ================================================================== [ 75.586691][ T5354] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.590785][ T5354] Read of size 18446744073709551600 at addr ffff88804c5932b8 by task syz.0.0/5354 [ 75.595592][ T5354] [ 75.596959][ T5354] CPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.596975][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.596985][ T5354] Call Trace: [ 75.596993][ T5354] [ 75.596999][ T5354] dump_stack_lvl+0x189/0x250 [ 75.597021][ T5354] ? __virt_addr_valid+0x1c8/0x5c0 [ 75.597037][ T5354] ? rcu_is_watching+0x15/0xb0 [ 75.597051][ T5354] ? __kasan_check_byte+0x12/0x40 [ 75.597066][ T5354] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.597080][ T5354] ? rcu_is_watching+0x15/0xb0 [ 75.597091][ T5354] ? lock_release+0x4b/0x3e0 [ 75.597110][ T5354] ? __virt_addr_valid+0x1c8/0x5c0 [ 75.597125][ T5354] ? __virt_addr_valid+0x4a5/0x5c0 [ 75.597153][ T5354] print_report+0xca/0x240 [ 75.597167][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.597184][ T5354] kasan_report+0x118/0x150 [ 75.597199][ T5354] ? bdev_getblk+0x80/0x660 [ 75.597217][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.597235][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.597251][ T5354] kasan_check_range+0x2b0/0x2c0 [ 75.597268][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.597283][ T5354] __asan_memmove+0x29/0x70 [ 75.597295][ T5354] ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.597316][ T5354] ext4_xattr_ibody_set+0x254/0x6a0 [ 75.597335][ T5354] ext4_destroy_inline_data_nolock+0x214/0x5b0 [ 75.597351][ T5354] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10 [ 75.597367][ T5354] ? ext4_convert_inline_data_nolock+0xf3/0x970 [ 75.597381][ T5354] ? __asan_memcpy+0x40/0x70 [ 75.597392][ T5354] ? ext4_read_inline_data+0x103/0x2c0 [ 75.597404][ T5354] ext4_convert_inline_data_nolock+0x1f1/0x970 [ 75.597419][ T5354] ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10 [ 75.597431][ T5354] ? down_write+0x162/0x1f0 [ 75.597509][ T5354] ext4_convert_inline_data+0x4b3/0x5e0 [ 75.597524][ T5354] ? __pfx_ext4_convert_inline_data+0x10/0x10 [ 75.597536][ T5354] ? down_write+0x162/0x1f0 [ 75.597550][ T5354] ? rcu_read_lock_any_held+0xb3/0x120 [ 75.597564][ T5354] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 75.597578][ T5354] ext4_fallocate+0x1e2/0x3d0 [ 75.597599][ T5354] vfs_fallocate+0x666/0x7e0 [ 75.597615][ T5354] ? __pfx_vfs_fallocate+0x10/0x10 [ 75.597632][ T5354] file_ioctl+0x611/0x780 [ 75.597648][ T5354] ? __pfx_file_ioctl+0x10/0x10 [ 75.597664][ T5354] ? kasan_quarantine_put+0xdd/0x220 [ 75.597679][ T5354] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 75.597697][ T5354] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 75.597713][ T5354] do_vfs_ioctl+0xb33/0x1430 [ 75.597726][ T5354] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 75.597741][ T5354] ? __lock_acquire+0xab9/0xd20 [ 75.597764][ T5354] ? __fget_files+0x2a/0x420 [ 75.597780][ T5354] ? __fget_files+0x2a/0x420 [ 75.597795][ T5354] ? __fget_files+0x3a0/0x420 [ 75.597811][ T5354] ? __fget_files+0x2a/0x420 [ 75.597827][ T5354] ? bpf_lsm_file_ioctl+0x9/0x20 [ 75.597842][ T5354] __se_sys_ioctl+0x82/0x170 [ 75.597855][ T5354] do_syscall_64+0xfa/0x3b0 [ 75.597869][ T5354] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.597882][ T5354] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.597894][ T5354] ? clear_bhb_loop+0x60/0xb0 [ 75.597907][ T5354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.597917][ T5354] RIP: 0033:0x7ff515b8eec9 [ 75.597929][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.597938][ T5354] RSP: 002b:00007ff516a40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.597951][ T5354] RAX: ffffffffffffffda RBX: 00007ff515de5fa0 RCX: 00007ff515b8eec9 [ 75.597961][ T5354] RDX: 0000200000000000 RSI: 0000000040305829 RDI: 0000000000000000 [ 75.597969][ T5354] RBP: 00007ff515c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.597976][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.597983][ T5354] R13: 00007ff515de6038 R14: 00007ff515de5fa0 R15: 00007ffcea2fe078 [ 75.597995][ T5354] [ 75.598000][ T5354] [ 75.764759][ T5354] The buggy address belongs to the physical page: [ 75.767440][ T5354] page: refcount:3 mapcount:0 mapping:ffff88800042cd80 index:0x2 pfn:0x4c593 [ 75.771072][ T5354] memcg:ffff888030ad8d00 [ 75.772880][ T5354] aops:def_blk_aops ino:700000 dentry name(?):"" [ 75.775334][ T5354] flags: 0x4fff18000004204(referenced|workingset|private|node=1|zone=1|lastcpupid=0x7ff) [ 75.779454][ T5354] raw: 04fff18000004204 0000000000000000 dead000000000122 ffff88800042cd80 [ 75.783248][ T5354] raw: 0000000000000002 ffff8880436ce0e8 00000003ffffffff ffff888030ad8d00 [ 75.786811][ T5354] page dumped because: kasan: bad access detected [ 75.789518][ T5354] page_owner tracks the page as allocated [ 75.791788][ T5354] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5354, tgid 5353 (syz.0.0), ts 75581186819, free_ts 75537409488 [ 75.799859][ T5354] post_alloc_hook+0x240/0x2a0 [ 75.801927][ T5354] get_page_from_freelist+0x21e4/0x22c0 [ 75.804413][ T5354] __alloc_frozen_pages_noprof+0x181/0x370 [ 75.807151][ T5354] alloc_pages_mpol+0x232/0x4a0 [ 75.809241][ T5354] alloc_pages_noprof+0xa9/0x190 [ 75.811296][ T5354] folio_alloc_noprof+0x1e/0x30 [ 75.813294][ T5354] filemap_alloc_folio_noprof+0xdf/0x470 [ 75.815633][ T5354] __filemap_get_folio+0x3f2/0xaf0 [ 75.817924][ T5354] bdev_getblk+0x1ad/0x660 [ 75.819889][ T5354] __ext4_get_inode_loc+0x561/0x1040 [ 75.822151][ T5354] ext4_get_inode_loc+0x81/0xf0 [ 75.824236][ T5354] ext4_convert_inline_data+0x254/0x5e0 [ 75.826498][ T5354] ext4_fallocate+0x1e2/0x3d0 [ 75.828467][ T5354] vfs_fallocate+0x666/0x7e0 [ 75.830487][ T5354] file_ioctl+0x611/0x780 [ 75.832434][ T5354] do_vfs_ioctl+0xb33/0x1430 [ 75.834540][ T5354] page last free pid 5354 tgid 5353 stack trace: [ 75.837414][ T5354] free_unref_folios+0xdbd/0x1520 [ 75.839807][ T5354] folios_put_refs+0x559/0x640 [ 75.842157][ T5354] shmem_undo_range+0x49e/0x14b0 [ 75.844312][ T5354] shmem_evict_inode+0x272/0xa70 [ 75.846439][ T5354] evict+0x501/0x9c0 [ 75.848138][ T5354] __dentry_kill+0x209/0x660 [ 75.850118][ T5354] dput+0x19f/0x2b0 [ 75.851781][ T5354] __fput+0x68e/0xa70 [ 75.853556][ T5354] fput_close_sync+0x119/0x200 [ 75.855633][ T5354] __x64_sys_close+0x7f/0x110 [ 75.857563][ T5354] do_syscall_64+0xfa/0x3b0 [ 75.859290][ T5354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.861605][ T5354] [ 75.862413][ T5354] Memory state around the buggy address: [ 75.864619][ T5354] ffff88804c593180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 75.867998][ T5354] ffff88804c593200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 75.871430][ T5354] >ffff88804c593280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 75.875049][ T5354] ^ [ 75.877613][ T5354] ffff88804c593300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 75.880983][ T5354] ffff88804c593380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 75.884487][ T5354] ================================================================== [ 75.899122][ T966] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 75.903591][ T1043] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 75.931245][ T5361] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 75.941566][ T5354] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 75.945086][ T5354] CPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.948961][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.953364][ T5354] Call Trace: [ 75.954847][ T5354] [ 75.956138][ T5354] dump_stack_lvl+0x99/0x250 [ 75.958172][ T5354] ? __asan_memcpy+0x40/0x70 [ 75.960552][ T5354] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.963261][ T5354] ? __pfx__printk+0x10/0x10 [ 75.965839][ T5354] vpanic+0x281/0x750 [ 75.967735][ T5354] ? __pfx_print_hex_dump+0x10/0x10 [ 75.969989][ T5354] ? __pfx_vpanic+0x10/0x10 [ 75.971974][ T5354] ? preempt_schedule_common+0x83/0xd0 [ 75.974726][ T5354] ? preempt_schedule+0xae/0xc0 [ 75.976981][ T5354] panic+0xb9/0xc0 [ 75.978923][ T5354] ? __pfx_panic+0x10/0x10 [ 75.981009][ T5354] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.983789][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.986117][ T5354] check_panic_on_warn+0x89/0xb0 [ 75.988311][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.990592][ T5354] end_report+0x78/0x160 [ 75.992461][ T5354] kasan_report+0x129/0x150 [ 75.994406][ T5354] ? bdev_getblk+0x80/0x660 [ 75.996381][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 75.998740][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 76.000851][ T5354] kasan_check_range+0x2b0/0x2c0 [ 76.002788][ T5354] ? ext4_xattr_set_entry+0x9c1/0x1e20 [ 76.005026][ T5354] __asan_memmove+0x29/0x70 [ 76.006908][ T5354] ext4_xattr_set_entry+0x9c1/0x1e20 [ 76.009126][ T5354] ext4_xattr_ibody_set+0x254/0x6a0 [ 76.011425][ T5354] ext4_destroy_inline_data_nolock+0x214/0x5b0 [ 76.014151][ T5354] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10 [ 76.017063][ T5354] ? ext4_convert_inline_data_nolock+0xf3/0x970 [ 76.019906][ T5354] ? __asan_memcpy+0x40/0x70 [ 76.022027][ T5354] ? ext4_read_inline_data+0x103/0x2c0 [ 76.024488][ T5354] ext4_convert_inline_data_nolock+0x1f1/0x970 [ 76.027228][ T5354] ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10 [ 76.030026][ T5354] ? down_write+0x162/0x1f0 [ 76.031993][ T5354] ext4_convert_inline_data+0x4b3/0x5e0 [ 76.034406][ T5354] ? __pfx_ext4_convert_inline_data+0x10/0x10 [ 76.037027][ T5354] ? down_write+0x162/0x1f0 [ 76.039033][ T5354] ? rcu_read_lock_any_held+0xb3/0x120 [ 76.041358][ T5354] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 76.043951][ T5354] ext4_fallocate+0x1e2/0x3d0 [ 76.045990][ T5354] vfs_fallocate+0x666/0x7e0 [ 76.047936][ T5354] ? __pfx_vfs_fallocate+0x10/0x10 [ 76.050166][ T5354] file_ioctl+0x611/0x780 [ 76.052107][ T5354] ? __pfx_file_ioctl+0x10/0x10 [ 76.054405][ T5354] ? kasan_quarantine_put+0xdd/0x220 [ 76.056590][ T5354] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 76.059065][ T5354] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 76.061424][ T5354] do_vfs_ioctl+0xb33/0x1430 [ 76.063467][ T5354] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 76.065707][ T5354] ? __lock_acquire+0xab9/0xd20 [ 76.067785][ T5354] ? __fget_files+0x2a/0x420 [ 76.069690][ T5354] ? __fget_files+0x2a/0x420 [ 76.071715][ T5354] ? __fget_files+0x3a0/0x420 [ 76.073893][ T5354] ? __fget_files+0x2a/0x420 [ 76.076032][ T5354] ? bpf_lsm_file_ioctl+0x9/0x20 [ 76.078239][ T5354] __se_sys_ioctl+0x82/0x170 [ 76.080277][ T5354] do_syscall_64+0xfa/0x3b0 [ 76.082599][ T5354] ? lockdep_hardirqs_on+0x9c/0x150 [ 76.085185][ T5354] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.087770][ T5354] ? clear_bhb_loop+0x60/0xb0 [ 76.089719][ T5354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.092125][ T5354] RIP: 0033:0x7ff515b8eec9 [ 76.094106][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.102037][ T5354] RSP: 002b:00007ff516a40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 76.105769][ T5354] RAX: ffffffffffffffda RBX: 00007ff515de5fa0 RCX: 00007ff515b8eec9 [ 76.109189][ T5354] RDX: 0000200000000000 RSI: 0000000040305829 RDI: 0000000000000000 [ 76.112389][ T5354] RBP: 00007ff515c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 76.115966][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.119569][ T5354] R13: 00007ff515de6038 R14: 00007ff515de5fa0 R15: 00007ffcea2fe078 [ 76.122923][ T5354] [ 76.124598][ T5354] Kernel Offset: disabled [ 76.126445][ T5354] Rebooting in 86400 seconds..