program: unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000040)={[{@nobarrier}, {@resuid}, {@barrier_val={'barrier', 0x3d, 0x9}}]}, 0x1, 0x4b0, &(0x7f0000000b80)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9cmlzduFIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLOzKT5mjhompGc3w9Oc97zTs/zvhmel3Pec05OAJl1NvknFzEYEZ9GxNFGcfMHzjZ+rN2/OZUsuajXL3+TSz+XlFsfbf2/IxGxGhF9EfH04xEv5LbHrS6vzE6Wy6XFZrlYm1soVpdXLlybm5wpzZTmR8YvTkyMD4+NTuxZX2+/9tLtSx882fv+D6/eu/v6Rx8mzRps1m3sx15qdL0njm/YdigiHn0Ywbqg0OxPf7cbwm+SfH9/iYhzaf4fjUL6bQJZUK/X6z/XD7erXq0DB1Y+PQbO5YciorGezw8NNY7h/xoD+XKlWvvv1crS/HTjWPlY9OSvXiuXhpvnCseiJ5eUR9L1B+XRLeWxiPQY+I1Cf1oemqqUp/d3qAO2ONLM//5m/n9faOQ/kBE7n/K3PSkADhBTfpBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yHzLpqUuXkqXeev59+vry0mzl+oXpUnV2aG5pamiqsrgwNFOpzKTP7Mz92v7KlcrCyP9i6UaxVqrWitXllStzlaX52pX0uf4rpZ596RXQieNn7nyei4jV//enS6K3WSdX4WCr13PR7WeQge4odHsAArrG1B9kl3N8YIc/0btJX7uKhb1vC7A/8t1uANA150+5/gdZZf4fssv8P2SXY3zA/D9kj/l/yK7BNu//+tOGd3cNR8SfI+KzQs/h1ru+gIMg/1UuIp8c/58/+s/BrbW9uR/TSwS9EfHyO5ffujFZqy2OJNu/Xd9ee7u5fbQb7Qc61crTVh4DANm1dv/mVGvZz7hfP9a4CWF7/EPNucm+9BrlwFpu070KuT26d2H1VkSc3Cl+rvm+88aVj4G1wrb4J5o/c41dpO09lL43fX/in9oQ/x8b4p/+3b8VyIY7yfgzvFP+5dOcjvX82zz+DO7RvRPtx7/8+vhXaDP+nekwxovvvvJl2/i3Ik7vGL8Vry+NtTV+0rbznYXP3Xvumb+1q6y/19jPTvHXdxARxdrcQrG6vHIh/TtyM6X5kfGLExPjw2OjE8V0jrrYmqne7pGTn9zdrf8DbeLv1v9k278763/89PePnz27S/x/ndv5+z+xS/z+iPhPh/G/G/3i+XZ1SfzpNv3P7xI/2TbWYfzqm094lzgA/IFUl1dmJ8vl0qIVK1asrK90e2QCHrYHSd/tlgAAAAAAAAAAAACd2o/bibvdRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAg+CXAAAA///8zdZA") r2 = open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x4) r3 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0) open(0x0, 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x5, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) ftruncate(r3, 0x2008002) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r2, 0x1000000) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) io_submit(r6, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r5, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x3) syz_usb_connect(0x5, 0x36, &(0x7f0000000080)=ANY=[@ANYRES64=r6], 0x0) syz_open_dev$usbfs(&(0x7f0000000480), 0x73, 0x141641) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000000)=[0x0], 0x1, 0x80000}) syz_open_dev$vcsa(&(0x7f00000001c0), 0xf20a, 0x600482) [ 77.121441][ T46] Bluetooth: hci0: command tx timeout [ 77.195379][ T5332] loop0: detected capacity change from 0 to 512 [ 77.372866][ T5332] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.394867][ T5332] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.448265][ T5332] loop0: detected capacity change from 512 to 64 [ 77.465302][ T5332] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Out of memory [ 77.471750][ T5332] EXT4-fs error (device loop0): ext4_setattr:5984: inode #18: comm syz.0.0: mark_inode_dirty error [ 77.476766][ T5332] EXT4-fs error (device loop0) in ext4_setattr:6035: Out of memory [ 77.501045][ T5331] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Out of memory [ 77.506283][ T5331] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.0: mark_inode_dirty error [ 77.546051][ T5332] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Out of memory [ 77.559936][ T5332] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.0: mark_inode_dirty error [ 77.564670][ T5332] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.0: bg 0: block 8184: padding at end of block bitmap is not set [ 77.585702][ T5332] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Out of memory [ 77.591335][ T5332] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.0: mark_inode_dirty error [ 77.610552][ T3319] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 16384 with max blocks 96 with error 28 [ 77.617469][ T3319] EXT4-fs (loop0): This should not happen!! Data will be lost [ 77.617469][ T3319] [ 77.621892][ T3319] EXT4-fs (loop0): Total free blocks count 0 [ 77.624562][ T3319] EXT4-fs (loop0): Free/Dirty block details [ 77.628177][ T3319] EXT4-fs (loop0): free_blocks=0 [ 77.631196][ T3319] EXT4-fs (loop0): dirty_blocks=96 [ 77.633824][ T3319] EXT4-fs (loop0): Block reservation details [ 77.636679][ T3319] EXT4-fs (loop0): i_reserved_data_blocks=96 [ 77.641548][ T5332] ------------[ cut here ]------------ [ 77.644118][ T5332] WARNING: fs/ext4/inode.c:3965 at ext4_dirty_folio+0x167/0x1b0, CPU#0: syz.0.0/5332 [ 77.648223][ T5332] Modules linked in: [ 77.650679][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 77.654723][ T5332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.660595][ T5332] RIP: 0010:ext4_dirty_folio+0x167/0x1b0 [ 77.663180][ T5332] Code: af ba ab ff 49 83 3f 00 74 1a e8 04 10 44 ff 4c 89 e7 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 1f ef cf ff e8 ea 0f 44 ff 90 <0f> 0b 90 eb e0 e8 df 0f 44 ff 90 0f 0b 90 eb a7 e8 d4 0f 44 ff 48 [ 77.671968][ T5332] RSP: 0018:ffffc9000e41f538 EFLAGS: 00010287 [ 77.674701][ T5332] RAX: ffffffff827cf776 RBX: ffffea0000493f40 RCX: 0000000000100000 [ 77.678303][ T5332] RDX: ffffc900204a1000 RSI: 000000000000a4e6 RDI: 000000000000a4e7 [ 77.681796][ T5332] RBP: 1ffffd40000927e8 R08: ffffea0000493f47 R09: 1ffffd40000927e8 [ 77.685395][ T5332] R10: dffffc0000000000 R11: fffff940000927e9 R12: ffff88801fd917f8 [ 77.689119][ T5332] R13: 1ffffd40000927e9 R14: 0000000000000001 R15: ffffea0000493f68 [ 77.692772][ T5332] FS: 00007f1c4b3096c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000 [ 77.696937][ T5332] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.700624][ T5332] CR2: 00007f1c4a597f70 CR3: 000000004079e000 CR4: 0000000000352ef0 [ 77.704696][ T5332] Call Trace: [ 77.706188][ T5332] [ 77.707757][ T5332] bio_set_pages_dirty+0xf3/0x170 [ 77.710163][ T5332] __blkdev_direct_IO+0x846/0xf80 [ 77.712458][ T5332] ? __pfx_aio_complete_rw+0x10/0x10 [ 77.714963][ T5332] ? __pfx___blkdev_direct_IO+0x10/0x10 [ 77.718171][ T5332] ? __lock_acquire+0x6b6/0x2cf0 [ 77.720526][ T5332] blkdev_direct_IO+0x127e/0x1800 [ 77.723456][ T5332] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 77.725821][ T5332] ? reacquire_held_locks+0x104/0x190 [ 77.728342][ T5332] ? __mark_inode_dirty+0x6a8/0x1330 [ 77.730799][ T5332] ? blkdev_read_iter+0x210/0x440 [ 77.733023][ T5332] ? touch_atime+0x384/0x6d0 [ 77.735100][ T5332] ? blkdev_read_iter+0x210/0x440 [ 77.737576][ T5332] blkdev_read_iter+0x23d/0x440 [ 77.739772][ T5332] aio_read+0x311/0x470 [ 77.741754][ T5332] ? __pfx_aio_read+0x10/0x10 [ 77.743980][ T5332] ? __might_fault+0xb0/0x130 [ 77.746292][ T5332] io_submit_one+0x755/0x1430 [ 77.748870][ T5332] ? irqentry_exit+0x5e8/0x670 [ 77.751420][ T5332] ? __pfx_io_submit_one+0x10/0x10 [ 77.754392][ T5332] ? __might_fault+0xb0/0x130 [ 77.757186][ T5332] ? __might_fault+0xb0/0x130 [ 77.759615][ T5332] __se_sys_io_submit+0x185/0x320 [ 77.761803][ T5332] ? __pfx___se_sys_io_submit+0x10/0x10 [ 77.764325][ T5332] do_syscall_64+0xec/0xf80 [ 77.766450][ T5332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.769078][ T5332] ? trace_irq_disable+0x37/0x100 [ 77.771317][ T5332] ? clear_bhb_loop+0x60/0xb0 [ 77.773441][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.776306][ T5332] RIP: 0033:0x7f1c4a38f7c9 [ 77.778422][ T5332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.786394][ T5332] RSP: 002b:00007f1c4b309038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 77.789929][ T5332] RAX: ffffffffffffffda RBX: 00007f1c4a5e5fa0 RCX: 00007f1c4a38f7c9 [ 77.793197][ T5332] RDX: 00002000000000c0 RSI: 00000000000000ca RDI: 00007f1c4b2c7000 [ 77.796643][ T5332] RBP: 00007f1c4a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 77.800226][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.803602][ T5332] R13: 00007f1c4a5e6038 R14: 00007f1c4a5e5fa0 R15: 00007ffd60fa4eb8 [ 77.806865][ T5332] [ 77.808380][ T5332] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 77.811754][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 77.815896][ T5332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.820978][ T5332] Call Trace: [ 77.822575][ T5332] [ 77.823984][ T5332] vpanic+0x1e0/0x670 [ 77.825872][ T5332] panic+0xb9/0xc0 [ 77.827467][ T5332] ? __pfx_panic+0x10/0x10 [ 77.829416][ T5332] __warn+0x317/0x4b0 [ 77.831223][ T5332] ? ext4_dirty_folio+0x167/0x1b0 [ 77.833501][ T5332] ? ext4_dirty_folio+0x167/0x1b0 [ 77.835798][ T5332] __report_bug+0x288/0x500 [ 77.837904][ T5332] ? schedule+0x91/0x360 [ 77.839837][ T5332] ? ext4_dirty_folio+0x167/0x1b0 [ 77.842045][ T5332] ? __pfx___report_bug+0x10/0x10 [ 77.844271][ T5332] ? folio_wait_bit_common+0x9df/0xb80 [ 77.846758][ T5332] ? ext4_dirty_folio+0x167/0x1b0 [ 77.849026][ T5332] report_bug+0x16a/0x220 [ 77.850784][ T5332] ? ext4_dirty_folio+0x167/0x1b0 [ 77.853064][ T5332] ? ext4_dirty_folio+0x169/0x1b0 [ 77.855364][ T5332] handle_bug+0x98/0x200 [ 77.857078][ T5332] exc_invalid_op+0x1a/0x50 [ 77.858780][ T5332] asm_exc_invalid_op+0x1a/0x20 [ 77.860669][ T5332] RIP: 0010:ext4_dirty_folio+0x167/0x1b0 [ 77.862678][ T5332] Code: af ba ab ff 49 83 3f 00 74 1a e8 04 10 44 ff 4c 89 e7 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 1f ef cf ff e8 ea 0f 44 ff 90 <0f> 0b 90 eb e0 e8 df 0f 44 ff 90 0f 0b 90 eb a7 e8 d4 0f 44 ff 48 [ 77.870291][ T5332] RSP: 0018:ffffc9000e41f538 EFLAGS: 00010287 [ 77.872987][ T5332] RAX: ffffffff827cf776 RBX: ffffea0000493f40 RCX: 0000000000100000 [ 77.876415][ T5332] RDX: ffffc900204a1000 RSI: 000000000000a4e6 RDI: 000000000000a4e7 [ 77.879788][ T5332] RBP: 1ffffd40000927e8 R08: ffffea0000493f47 R09: 1ffffd40000927e8 [ 77.883370][ T5332] R10: dffffc0000000000 R11: fffff940000927e9 R12: ffff88801fd917f8 [ 77.886578][ T5332] R13: 1ffffd40000927e9 R14: 0000000000000001 R15: ffffea0000493f68 [ 77.890001][ T5332] ? ext4_dirty_folio+0x166/0x1b0 [ 77.892281][ T5332] ? ext4_dirty_folio+0x166/0x1b0 [ 77.894546][ T5332] bio_set_pages_dirty+0xf3/0x170 [ 77.896829][ T5332] __blkdev_direct_IO+0x846/0xf80 [ 77.899003][ T5332] ? __pfx_aio_complete_rw+0x10/0x10 [ 77.901431][ T5332] ? __pfx___blkdev_direct_IO+0x10/0x10 [ 77.903572][ T5332] ? __lock_acquire+0x6b6/0x2cf0 [ 77.905553][ T5332] blkdev_direct_IO+0x127e/0x1800 [ 77.907615][ T5332] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 77.909595][ T5332] ? reacquire_held_locks+0x104/0x190 [ 77.912228][ T5332] ? __mark_inode_dirty+0x6a8/0x1330 [ 77.914734][ T5332] ? blkdev_read_iter+0x210/0x440 [ 77.916774][ T5332] ? touch_atime+0x384/0x6d0 [ 77.918618][ T5332] ? blkdev_read_iter+0x210/0x440 [ 77.920680][ T5332] blkdev_read_iter+0x23d/0x440 [ 77.922762][ T5332] aio_read+0x311/0x470 [ 77.924558][ T5332] ? __pfx_aio_read+0x10/0x10 [ 77.926725][ T5332] ? __might_fault+0xb0/0x130 [ 77.929334][ T5332] io_submit_one+0x755/0x1430 [ 77.931877][ T5332] ? irqentry_exit+0x5e8/0x670 [ 77.934286][ T5332] ? __pfx_io_submit_one+0x10/0x10 [ 77.936480][ T5332] ? __might_fault+0xb0/0x130 [ 77.938308][ T5332] ? __might_fault+0xb0/0x130 [ 77.940314][ T5332] __se_sys_io_submit+0x185/0x320 [ 77.942365][ T5332] ? __pfx___se_sys_io_submit+0x10/0x10 [ 77.944822][ T5332] do_syscall_64+0xec/0xf80 [ 77.946819][ T5332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.949404][ T5332] ? trace_irq_disable+0x37/0x100 [ 77.951423][ T5332] ? clear_bhb_loop+0x60/0xb0 [ 77.953551][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.956202][ T5332] RIP: 0033:0x7f1c4a38f7c9 [ 77.958207][ T5332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.966676][ T5332] RSP: 002b:00007f1c4b309038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 77.970314][ T5332] RAX: ffffffffffffffda RBX: 00007f1c4a5e5fa0 RCX: 00007f1c4a38f7c9 [ 77.973669][ T5332] RDX: 00002000000000c0 RSI: 00000000000000ca RDI: 00007f1c4b2c7000 [ 77.976938][ T5332] RBP: 00007f1c4a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 77.980300][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.983797][ T5332] R13: 00007f1c4a5e6038 R14: 00007f1c4a5e5fa0 R15: 00007ffd60fa4eb8 [ 77.987164][ T5332] [ 77.988888][ T5332] Kernel Offset: disabled [ 77.990940][ T5332] Rebooting in 86400 seconds..