program: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000001ac0)={[{@data_err_ignore}, {@dioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@noquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x200002}}, {@grpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}, {@jqfmt_vfsold}]}, 0x1, 0x476, &(0x7f00000006c0)="$eJzs289vFFUcAPDvTH8AIhQRf4CoVWLSaGxpQeXgRaOJMRhN9IDH2i6kYaGGViNIpBjjycSQ6Jl4NPoXeDMmRj2ZcPXkyZAQ5QJ4qpnZGViGXaB2y5bu55NM+97Mm5337Zsfb97rBtCzhiNiISLujYg/ImIoIpJqgeHGr8sXT05duXhyKonFxbf/TvJyly6enCqLlvttLDIjaUT6WdLYuWLu+InDk/V67ViRH5s/8v7Y3PETz354ZPJQ7VDt6MS+fXv3jL/w/MRzHYkzi+vSjk9md25/7d0zb0wdOPPer98nRdxRiaNThrPA/1nMVbc91emDddmmpnTS38WKsCR9EZE110B+/Q9FX1xrvKF49dOuVg5YUdmzaV37zQuLwBqWRLdrAHRH+aDP3n/L5Q51PVaFCy81XoCyuC8XS2NLf6RFmYHK+20nDUfEgYV/z2ZLrNA4BABAsy+mvt4/GBEfX/nu9azvMRQR5XjQg/nPP/Ofm4s5lC0RcV9EbI2I+yNiW0Q8UJR9KCIeXmZ9buz/pOeX+ZE3lfX/Xizmtq7v/5W9v9jSV+Q25fEPJAdn6rXdsS7/m4zEwLosP36TY/z4yrkv221r7v9lS3b8si9Y1ON8f2WAbnpyfjLvlHbAhdMRO/pbxZ9cnQlIImJ7ROxY2kdvLhMzT3+7s12h1vFfOntbR+jAPNPiN1l4C1n8C1GJv5Q0z0/O3DA/ObY+6rXdY42zopXffv/8rXbHv3X7r6wLtcbvpvavFtmSNM/XznX2+P/z/E8Hk3fyeebBYt1Hk/Pzx8YjBpP9ef669RPX9i3zZfns/B/Z1fr631rsk8X/SERkJ/GjEfFYRDxe1P2JiHgyInbdJMZfXr51/JF2qf1PR0y3vP9dPf8r7b/0RN/hn39od/zba/+9eWqkWJPf/26hVXWy20W1gsv52wEAAMDdIs3/Bz5JR6+m03R0tPE//NvinrQ+Ozf/zMHZD45Ox7nNjfHPtBzpGirGQ+sz9dp4slB8YmN8dKIYKy7HS/cU48Zf9W3I86NTs/XpLscOvW5jm+s/81dft2sHrLANLddODN7xigBdUJ1HT6/Pnnoz3AxgrfJ9behd5fXf5n2/+XswwBrj+Q+9q9X1f6qSNxcAa5PnP/Qu1z/0qPSnZezsrQDudp7/0JOW873+FUysXx3V6E5itTZKnogoE+mqqI/ECiW6fWcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojP8CAAD//68e5+k=") r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000080)={0xc, 0x0}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x5, r1}) [ 97.824096][ T5286] Bluetooth: hci0: command tx timeout [ 97.835656][ T936] cfg80211: failed to load regulatory.db [ 97.896923][ T5329] loop0: detected capacity change from 0 to 512 [ 97.989812][ T5329] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.0: bg 0: block 127: padding at end of block bitmap is not set [ 97.999015][ T5329] loop0: lost filesystem error report for type 5 error -117 [ 98.003577][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 98.010843][ C0] EXT4-fs (loop0): initial error at time 1777757318: ext4_validate_block_bitmap:441 [ 98.014580][ C0] EXT4-fs (loop0): last error at time 1777757318: ext4_validate_block_bitmap:441 [ 98.025422][ T5329] ------------[ cut here ]------------ [ 98.027768][ T5329] EA inode 11 i_nlink=0 [ 98.027803][ T5329] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#0: syz.0.0/5329 [ 98.034486][ T5329] Modules linked in: [ 98.036944][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 98.040441][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 98.044178][ T5329] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0 [ 98.046651][ T5329] Code: 74 08 4c 89 ef e8 af 5c 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 5b fc 0d 09 44 89 [ 98.054265][ T5329] RSP: 0018:ffffc90003cef240 EFLAGS: 00010246 [ 98.056649][ T5329] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000 [ 98.059365][ T5329] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff90378b30 [ 98.062292][ T5329] RBP: ffffc90003cef330 R08: ffff8880386df4a7 R09: 1ffff110070dbe94 [ 98.065130][ T5329] R10: dffffc0000000000 R11: ffffed10070dbe95 R12: ffffffff90378b30 [ 98.067980][ T5329] R13: 000000000000000b R14: 1ffff110070dbe60 R15: ffff8880386df300 [ 98.071046][ T5329] FS: 00007f2616ebf6c0(0000) GS:ffff88808c885000(0000) knlGS:0000000000000000 [ 98.074521][ T5329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.077083][ T5329] CR2: 00007f4108741000 CR3: 0000000040169000 CR4: 0000000000352ef0 [ 98.080169][ T5329] Call Trace: [ 98.081725][ T5329] [ 98.082981][ T5329] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10 [ 98.085597][ T5329] ? __kmalloc_cache_noprof+0x31c/0x660 [ 98.087775][ T5329] ? ext4_xattr_inode_dec_ref_all+0x4d0/0xe40 [ 98.090262][ T5329] ? __ext4_journal_ensure_credits+0x30/0x450 [ 98.092879][ T5329] ext4_xattr_inode_dec_ref_all+0x8c9/0xe40 [ 98.095498][ T5329] ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10 [ 98.097958][ T5329] ? __ext4_journal_get_write_access+0x27f/0x590 [ 98.100280][ T5329] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 98.103005][ T5329] ext4_xattr_delete_inode+0xb45/0xd10 [ 98.105248][ T5329] ? __ext4_mark_inode_dirty+0x49e/0x710 [ 98.107631][ T5329] ? up_write+0x1ab/0x410 [ 98.109339][ T5329] ? __pfx_ext4_xattr_delete_inode+0x10/0x10 [ 98.111836][ T5329] ext4_evict_inode+0xc4e/0x10e0 [ 98.113868][ T5329] ? __pfx_ext4_evict_inode+0x10/0x10 [ 98.115990][ T5329] ? do_raw_spin_unlock+0x4d/0x210 [ 98.117900][ T5329] ? __pfx_ext4_evict_inode+0x10/0x10 [ 98.119908][ T5329] evict+0x61e/0xb10 [ 98.121521][ T5329] ? __pfx_evict+0x10/0x10 [ 98.123380][ T5329] ? _raw_spin_unlock+0x28/0x50 [ 98.125344][ T5329] ? iput+0xb25/0xe80 [ 98.127101][ T5329] ext4_orphan_cleanup+0xc38/0x1470 [ 98.129020][ T5329] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 98.131273][ T5329] ? ext4_register_li_request+0x640/0x720 [ 98.133556][ T5329] ? errseq_check_and_advance+0x66/0x120 [ 98.135941][ T5329] ext4_fill_super+0x5a19/0x6330 [ 98.137994][ T5329] ? __pfx_ext4_fill_super+0x10/0x10 [ 98.140068][ T5329] ? snprintf+0xe8/0x140 [ 98.141957][ T5329] ? __pfx_snprintf+0x10/0x10 [ 98.143745][ T5329] ? set_blocksize+0x1c9/0x440 [ 98.145713][ T5329] ? sb_set_blocksize+0x155/0x240 [ 98.147743][ T5329] ? setup_bdev_super+0x4c1/0x5b0 [ 98.149842][ T5329] get_tree_bdev_flags+0x431/0x4f0 [ 98.151654][ T5329] ? __pfx_ext4_fill_super+0x10/0x10 [ 98.153500][ T5329] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 98.155356][ T5329] vfs_get_tree+0x92/0x2a0 [ 98.156961][ T5329] do_new_mount+0x341/0xd30 [ 98.158637][ T5329] ? apparmor_capable+0x126/0x170 [ 98.160545][ T5329] ? __pfx_do_new_mount+0x10/0x10 [ 98.162846][ T5329] ? ns_capable+0x89/0xe0 [ 98.164495][ T5329] ? user_path_at+0xd4/0x160 [ 98.166386][ T5329] __se_sys_mount+0x31d/0x420 [ 98.168269][ T5329] ? __pfx___se_sys_mount+0x10/0x10 [ 98.170279][ T5329] ? __x64_sys_mount+0x20/0xc0 [ 98.172286][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.174865][ T5329] do_syscall_64+0x15f/0xf80 [ 98.176708][ T5329] ? trace_irq_disable+0x3b/0x140 [ 98.178656][ T5329] ? clear_bhb_loop+0x40/0x90 [ 98.180542][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.183082][ T5329] RIP: 0033:0x7f2615f9e04a [ 98.184761][ T5329] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 98.192346][ T5329] RSP: 002b:00007f2616ebee18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 98.195693][ T5329] RAX: ffffffffffffffda RBX: 00007f2616ebeea0 RCX: 00007f2615f9e04a [ 98.198815][ T5329] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007f2616ebee60 [ 98.202099][ T5329] RBP: 0000200000000180 R08: 00007f2616ebeea0 R09: 0000000000000000 [ 98.205016][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000 [ 98.208075][ T5329] R13: 00007f2616ebee60 R14: 0000000000000476 R15: 0000200000001ac0 [ 98.211258][ T5329] [ 98.212390][ T5329] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 98.215294][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 98.218771][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 98.222679][ T5329] Call Trace: [ 98.224035][ T5329] [ 98.225244][ T5329] vpanic+0x56c/0xa60 [ 98.226758][ T5329] ? __pfx__printk+0x10/0x10 [ 98.228590][ T5329] ? __pfx_vpanic+0x10/0x10 [ 98.230441][ T5329] ? is_bpf_text_address+0x292/0x2b0 [ 98.232481][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 98.234414][ T5329] panic+0xc5/0xd0 [ 98.235990][ T5329] ? __pfx_panic+0x10/0x10 [ 98.237670][ T5329] __warn+0x315/0x4c0 [ 98.239090][ T5329] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0 [ 98.241378][ T5329] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0 [ 98.243676][ T5329] __report_bug+0x29a/0x540 [ 98.245534][ T5329] ? ext4_get_group_desc+0x434/0x4e0 [ 98.247630][ T5329] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0 [ 98.249984][ T5329] ? __pfx___report_bug+0x10/0x10 [ 98.251997][ T5329] ? set_normalized_timespec64+0xf0/0x1a0 [ 98.254246][ T5329] report_bug_entry+0x19a/0x290 [ 98.256151][ T5329] ? ext4_xattr_inode_update_ref+0x511/0x5a0 [ 98.258448][ T5329] ? ext4_xattr_inode_update_ref+0x516/0x5a0 [ 98.260779][ T5329] handle_bug+0xce/0x200 [ 98.262503][ T5329] exc_invalid_op+0x1a/0x50 [ 98.264289][ T5329] asm_exc_invalid_op+0x1a/0x20 [ 98.266256][ T5329] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0 [ 98.268618][ T5329] Code: 74 08 4c 89 ef e8 af 5c 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 5b fc 0d 09 44 89 [ 98.275896][ T5329] RSP: 0018:ffffc90003cef240 EFLAGS: 00010246 [ 98.278245][ T5329] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000 [ 98.281107][ T5329] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff90378b30 [ 98.284012][ T5329] RBP: ffffc90003cef330 R08: ffff8880386df4a7 R09: 1ffff110070dbe94 [ 98.287001][ T5329] R10: dffffc0000000000 R11: ffffed10070dbe95 R12: ffffffff90378b30 [ 98.289932][ T5329] R13: 000000000000000b R14: 1ffff110070dbe60 R15: ffff8880386df300 [ 98.292991][ T5329] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10 [ 98.295365][ T5329] ? __kmalloc_cache_noprof+0x31c/0x660 [ 98.297456][ T5329] ? ext4_xattr_inode_dec_ref_all+0x4d0/0xe40 [ 98.299691][ T5329] ? __ext4_journal_ensure_credits+0x30/0x450 [ 98.302033][ T5329] ext4_xattr_inode_dec_ref_all+0x8c9/0xe40 [ 98.304175][ T5329] ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10 [ 98.306577][ T5329] ? __ext4_journal_get_write_access+0x27f/0x590 [ 98.308925][ T5329] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 98.311331][ T5329] ext4_xattr_delete_inode+0xb45/0xd10 [ 98.313467][ T5329] ? __ext4_mark_inode_dirty+0x49e/0x710 [ 98.315640][ T5329] ? up_write+0x1ab/0x410 [ 98.317401][ T5329] ? __pfx_ext4_xattr_delete_inode+0x10/0x10 [ 98.319526][ T5329] ext4_evict_inode+0xc4e/0x10e0 [ 98.321431][ T5329] ? __pfx_ext4_evict_inode+0x10/0x10 [ 98.323529][ T5329] ? do_raw_spin_unlock+0x4d/0x210 [ 98.325670][ T5329] ? __pfx_ext4_evict_inode+0x10/0x10 [ 98.327746][ T5329] evict+0x61e/0xb10 [ 98.329204][ T5329] ? __pfx_evict+0x10/0x10 [ 98.330813][ T5329] ? _raw_spin_unlock+0x28/0x50 [ 98.332631][ T5329] ? iput+0xb25/0xe80 [ 98.334100][ T5329] ext4_orphan_cleanup+0xc38/0x1470 [ 98.336152][ T5329] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 98.338324][ T5329] ? ext4_register_li_request+0x640/0x720 [ 98.340548][ T5329] ? errseq_check_and_advance+0x66/0x120 [ 98.342838][ T5329] ext4_fill_super+0x5a19/0x6330 [ 98.344759][ T5329] ? __pfx_ext4_fill_super+0x10/0x10 [ 98.346851][ T5329] ? snprintf+0xe8/0x140 [ 98.348469][ T5329] ? __pfx_snprintf+0x10/0x10 [ 98.350205][ T5329] ? set_blocksize+0x1c9/0x440 [ 98.351920][ T5329] ? sb_set_blocksize+0x155/0x240 [ 98.353911][ T5329] ? setup_bdev_super+0x4c1/0x5b0 [ 98.356032][ T5329] get_tree_bdev_flags+0x431/0x4f0 [ 98.358002][ T5329] ? __pfx_ext4_fill_super+0x10/0x10 [ 98.359962][ T5329] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 98.362072][ T5329] vfs_get_tree+0x92/0x2a0 [ 98.363874][ T5329] do_new_mount+0x341/0xd30 [ 98.365680][ T5329] ? apparmor_capable+0x126/0x170 [ 98.367546][ T5329] ? __pfx_do_new_mount+0x10/0x10 [ 98.369377][ T5329] ? ns_capable+0x89/0xe0 [ 98.370969][ T5329] ? user_path_at+0xd4/0x160 [ 98.372667][ T5329] __se_sys_mount+0x31d/0x420 [ 98.374443][ T5329] ? __pfx___se_sys_mount+0x10/0x10 [ 98.376382][ T5329] ? __x64_sys_mount+0x20/0xc0 [ 98.378180][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.380389][ T5329] do_syscall_64+0x15f/0xf80 [ 98.382239][ T5329] ? trace_irq_disable+0x3b/0x140 [ 98.384123][ T5329] ? clear_bhb_loop+0x40/0x90 [ 98.385920][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.387994][ T5329] RIP: 0033:0x7f2615f9e04a [ 98.389665][ T5329] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 98.396816][ T5329] RSP: 002b:00007f2616ebee18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 98.400019][ T5329] RAX: ffffffffffffffda RBX: 00007f2616ebeea0 RCX: 00007f2615f9e04a [ 98.403002][ T5329] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007f2616ebee60 [ 98.405925][ T5329] RBP: 0000200000000180 R08: 00007f2616ebeea0 R09: 0000000000000000 [ 98.408950][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000 [ 98.412054][ T5329] R13: 00007f2616ebee60 R14: 0000000000000476 R15: 0000200000001ac0 [ 98.415265][ T5329] [ 98.416949][ T5329] Kernel Offset: disabled [ 98.418636][ T5329] Rebooting in 86400 seconds..