program: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x24004000}, 0x8804) syz_mount_image$ext4(&(0x7f00000009c0)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x800718, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48d, &(0x7f0000000a00)="$eJzs281rHOUfAPDvTLKb9teX5FfrS2vVaBGCYtKkVXvwolQQqSjooR5jsi2h20aaKLYWm4p4EqSgZ/Eo+hd4E0HUk+DVkycpFO2lrafITGaSTbp5odlk0+7nAzP7PDPP7Dzfnbdnn2c3gI7Vn82SiJ0R8UdE9M5lFxfon3u5ef3i2K3rF8eSmJ198+8kL3fj+sWxsmi53Y4iM5BGpJ8kxU4Wmzp/4fRovV47V+SHps+8OzR1/sIz758ZPVU7VTs7cvTokcPDzz838mxL4sziurH/o8kD+155+8prYyeuvPPLd1l9dxbrG+Nolf4s8H9mc0vXPdnqnbXZrnzek8+T7jZXhjXriojscFXy6783umLh4PXGyx+3tXLAhsqeTT3Lr56ZBe5hSay1ZKXhngHc/coHffb9t5w2odmxZVx7ce4LUBb3zWKaW9MdaVGmMv/9tvX6I+LEzL9fZVNsUD8EAECjz8a+PF6Nnvjw1revZm2P3vk1aTyQv/6Zz3cXYyh9EfH/iNgTEfdFxN6IuD8iL/tgRDy0zvrc3v5Jr67zLVeUtf9eKMa2Frf/ytZf9HUVuV15/JXk5ES9dqj4TAai0pPlh1fYxw/Hfv98uXWN7b9syvZftgWLelztXtJBNz46PRqV9US94NrliP3dzeJP5kcCkojYFxH757da0wDP7jIx8dQ3B5YrtHr8K2jBONPs11l4M1n8M7Ek/lLSOD45cdv45NC2qNcODZVnxe1+/e3TN5bb/7rib4FrtbnXhuO/tEhf0jheO9Xa/d/h+Z9Wk7fyceZqMeb4wej09LnhiGpyPM9Xi7L58pGFbct8WT47/wcONr/+9xTbZPE/HBHZSfxIRDwaEY8VdX88Ip6IiIMrxPjzS6vHH2mbjv/liPGm97/583/J8T9/4XR5a1xYsmKi6/RP3y+3/7Ud/yN5aqBYkt//VtGsOt1NqnynnxsAAADcTdL8N/BJOjifTtPBwbnf8O+N/6X1yanpp09Ovnd2fO638n1RScuert6iP7Q+Ua8NJzPFO1aSY1GvjRR9xWV/6eGi3/iLru15fnBssj7e5tih0+1Y5vrP/NXV7toBG2x706Uj1U2vCNAGS8fR08XZS6+HmwHcq/xfGzrXKtd/uln1ADaf5z90rmbX/6UleWMBcG/y/IfO5fqHDpX+2O4aAG3k+Q8dadU/77cnsa1xSXXlwtUtUueWJbbqQckTEWUi3RL1kdigRLvvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK3xXwAAAP//uIXZzg==") mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x200000000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x80000, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x600, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {}, {}, {0xe, 0x10}}, [@TCA_RATE={0x4}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0) [ 138.972526][ T4662] Bluetooth: hci0: command tx timeout [ 139.404782][ T5334] Zero length message leads to an empty skb [ 139.412931][ T5334] loop0: detected capacity change from 0 to 512 [ 139.468009][ T5334] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 139.474248][ T5334] ------------[ cut here ]------------ [ 139.476989][ T5334] EA inode 11 i_nlink=2 [ 139.477004][ T5334] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#0: syz.0.0/5334 [ 139.483869][ T5334] Modules linked in: [ 139.485772][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 139.489779][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.493965][ T5334] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0 [ 139.496989][ T5334] Code: 74 08 4c 89 ef e8 7f 97 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 bb 4a 13 09 44 89 [ 139.505795][ T5334] RSP: 0018:ffffc9000df6f240 EFLAGS: 00010246 [ 139.508535][ T5334] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000 [ 139.512200][ T5334] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff90181ef0 [ 139.515606][ T5334] RBP: ffffc9000df6f330 R08: ffff888047580e27 R09: 1ffff11008eb01c4 [ 139.518985][ T5334] R10: dffffc0000000000 R11: ffffed1008eb01c5 R12: ffffffff90181ef0 [ 139.522619][ T5334] R13: 000000000000000b R14: 1ffff11008eb018f R15: ffff888047580c78 [ 139.525802][ T5334] FS: 00007fd6ab6006c0(0000) GS:ffff88808ca62000(0000) knlGS:0000000000000000 [ 139.529555][ T5334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.532344][ T5334] CR2: 000055b1cc3e3d00 CR3: 00000000422be000 CR4: 0000000000352ef0 [ 139.535601][ T5334] Call Trace: [ 139.537179][ T5334] [ 139.538535][ T5334] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10 [ 139.541386][ T5334] ? __kmalloc_cache_noprof+0x31c/0x660 [ 139.544848][ T5334] ? ext4_xattr_inode_dec_ref_all+0x4d2/0xe40 [ 139.548283][ T5334] ? __ext4_journal_ensure_credits+0x30/0x450 [ 139.551716][ T5334] ext4_xattr_inode_dec_ref_all+0x8cb/0xe40 [ 139.554475][ T5334] ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10 [ 139.557896][ T5334] ? __ext4_journal_get_write_access+0x27f/0x590 [ 139.560705][ T5334] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 139.563880][ T5334] ext4_xattr_delete_inode+0xb45/0xd10 [ 139.566507][ T5334] ? up_write+0x1ab/0x410 [ 139.569034][ T5334] ? __pfx_ext4_xattr_delete_inode+0x10/0x10 [ 139.571886][ T5334] ext4_evict_inode+0xa63/0xeb0 [ 139.574180][ T5334] ? __pfx_ext4_evict_inode+0x10/0x10 [ 139.576541][ T5334] ? do_raw_spin_unlock+0x4d/0x210 [ 139.578821][ T5334] ? __pfx_ext4_evict_inode+0x10/0x10 [ 139.581215][ T5334] evict+0x61e/0xb10 [ 139.583070][ T5334] ? __pfx_evict+0x10/0x10 [ 139.585122][ T5334] ? _raw_spin_unlock+0x28/0x50 [ 139.587367][ T5334] ? iput+0xb25/0xe80 [ 139.589289][ T5334] ext4_orphan_cleanup+0xc38/0x1470 [ 139.591669][ T5334] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 139.594210][ T5334] ? ext4_register_li_request+0x640/0x720 [ 139.596661][ T5334] ? errseq_check_and_advance+0x66/0x120 [ 139.599307][ T5334] ext4_fill_super+0x59ff/0x6320 [ 139.601688][ T5334] ? __pfx_ext4_fill_super+0x10/0x10 [ 139.604087][ T5334] ? snprintf+0xe8/0x140 [ 139.606043][ T5334] ? __pfx_snprintf+0x10/0x10 [ 139.608312][ T5334] ? set_blocksize+0x1c9/0x440 [ 139.610441][ T5334] ? sb_set_blocksize+0x155/0x240 [ 139.612900][ T5334] ? setup_bdev_super+0x4c1/0x5b0 [ 139.615049][ T5334] get_tree_bdev_flags+0x431/0x4f0 [ 139.617190][ T5334] ? __pfx_ext4_fill_super+0x10/0x10 [ 139.619565][ T5334] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 139.622297][ T5334] vfs_get_tree+0x92/0x2a0 [ 139.624360][ T5334] do_new_mount+0x341/0xd30 [ 139.626301][ T5334] ? apparmor_capable+0x137/0x1a0 [ 139.628549][ T5334] ? __pfx_do_new_mount+0x10/0x10 [ 139.630737][ T5334] ? ns_capable+0x89/0xe0 [ 139.632735][ T5334] ? user_path_at+0xd4/0x160 [ 139.634951][ T5334] __se_sys_mount+0x31d/0x420 [ 139.637163][ T5334] ? __pfx___se_sys_mount+0x10/0x10 [ 139.639383][ T5334] ? __x64_sys_mount+0x20/0xc0 [ 139.641584][ T5334] do_syscall_64+0x14d/0xf80 [ 139.643943][ T5334] ? trace_irq_disable+0x3b/0x150 [ 139.646521][ T5334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.649277][ T5334] ? clear_bhb_loop+0x40/0x90 [ 139.651377][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.654240][ T5334] RIP: 0033:0x7fd6aa79d20a [ 139.656274][ T5334] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.665586][ T5334] RSP: 002b:00007fd6ab5ffe58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 139.669108][ T5334] RAX: ffffffffffffffda RBX: 00007fd6ab5ffee0 RCX: 00007fd6aa79d20a [ 139.672576][ T5334] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007fd6ab5ffea0 [ 139.676132][ T5334] RBP: 00002000000009c0 R08: 00007fd6ab5ffee0 R09: 0000000000800718 [ 139.679391][ T5334] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540 [ 139.683622][ T5334] R13: 00007fd6ab5ffea0 R14: 000000000000048d R15: 0000200000000200 [ 139.686563][ T5334] [ 139.687761][ T5334] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 139.690534][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 139.694726][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.698748][ T5334] Call Trace: [ 139.700223][ T5334] [ 139.701551][ T5334] vpanic+0x56c/0xa60 [ 139.703325][ T5334] ? __pfx__printk+0x10/0x10 [ 139.705186][ T5334] ? __pfx_vpanic+0x10/0x10 [ 139.707074][ T5334] ? is_bpf_text_address+0x292/0x2b0 [ 139.709166][ T5334] ? is_bpf_text_address+0x26/0x2b0 [ 139.711137][ T5334] panic+0xc5/0xd0 [ 139.712504][ T5334] ? __pfx_panic+0x10/0x10 [ 139.714716][ T5334] __warn+0x315/0x4f0 [ 139.716467][ T5334] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0 [ 139.719156][ T5334] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0 [ 139.721823][ T5334] __report_bug+0x29a/0x540 [ 139.723917][ T5334] ? ext4_get_group_desc+0x434/0x4e0 [ 139.726251][ T5334] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0 [ 139.728838][ T5334] ? __pfx___report_bug+0x10/0x10 [ 139.730984][ T5334] ? set_normalized_timespec64+0xf0/0x1a0 [ 139.733523][ T5334] ? __ext4_journal_get_write_access+0x84/0x590 [ 139.736292][ T5334] report_bug_entry+0x19a/0x290 [ 139.738392][ T5334] ? ext4_xattr_inode_update_ref+0x511/0x5a0 [ 139.741042][ T5334] ? ext4_xattr_inode_update_ref+0x516/0x5a0 [ 139.743711][ T5334] handle_bug+0xca/0x200 [ 139.745556][ T5334] exc_invalid_op+0x1a/0x50 [ 139.747694][ T5334] asm_exc_invalid_op+0x1a/0x20 [ 139.750456][ T5334] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0 [ 139.753590][ T5334] Code: 74 08 4c 89 ef e8 7f 97 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 bb 4a 13 09 44 89 [ 139.762306][ T5334] RSP: 0018:ffffc9000df6f240 EFLAGS: 00010246 [ 139.765017][ T5334] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000 [ 139.768552][ T5334] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff90181ef0 [ 139.771852][ T5334] RBP: ffffc9000df6f330 R08: ffff888047580e27 R09: 1ffff11008eb01c4 [ 139.775239][ T5334] R10: dffffc0000000000 R11: ffffed1008eb01c5 R12: ffffffff90181ef0 [ 139.778489][ T5334] R13: 000000000000000b R14: 1ffff11008eb018f R15: ffff888047580c78 [ 139.781632][ T5334] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10 [ 139.784001][ T5334] ? __kmalloc_cache_noprof+0x31c/0x660 [ 139.786341][ T5334] ? ext4_xattr_inode_dec_ref_all+0x4d2/0xe40 [ 139.788951][ T5334] ? __ext4_journal_ensure_credits+0x30/0x450 [ 139.791591][ T5334] ext4_xattr_inode_dec_ref_all+0x8cb/0xe40 [ 139.794100][ T5334] ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10 [ 139.796664][ T5334] ? __ext4_journal_get_write_access+0x27f/0x590 [ 139.799383][ T5334] ? __pfx___ext4_journal_get_write_access+0x10/0x10 [ 139.802358][ T5334] ext4_xattr_delete_inode+0xb45/0xd10 [ 139.804910][ T5334] ? up_write+0x1ab/0x410 [ 139.806932][ T5334] ? __pfx_ext4_xattr_delete_inode+0x10/0x10 [ 139.809637][ T5334] ext4_evict_inode+0xa63/0xeb0 [ 139.811850][ T5334] ? __pfx_ext4_evict_inode+0x10/0x10 [ 139.814048][ T5334] ? do_raw_spin_unlock+0x4d/0x210 [ 139.816125][ T5334] ? __pfx_ext4_evict_inode+0x10/0x10 [ 139.818440][ T5334] evict+0x61e/0xb10 [ 139.820309][ T5334] ? __pfx_evict+0x10/0x10 [ 139.822189][ T5334] ? _raw_spin_unlock+0x28/0x50 [ 139.824217][ T5334] ? iput+0xb25/0xe80 [ 139.825610][ T5334] ext4_orphan_cleanup+0xc38/0x1470 [ 139.827616][ T5334] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 139.829705][ T5334] ? ext4_register_li_request+0x640/0x720 [ 139.832050][ T5334] ? errseq_check_and_advance+0x66/0x120 [ 139.834423][ T5334] ext4_fill_super+0x59ff/0x6320 [ 139.836790][ T5334] ? __pfx_ext4_fill_super+0x10/0x10 [ 139.839607][ T5334] ? snprintf+0xe8/0x140 [ 139.841690][ T5334] ? __pfx_snprintf+0x10/0x10 [ 139.844003][ T5334] ? set_blocksize+0x1c9/0x440 [ 139.846316][ T5334] ? sb_set_blocksize+0x155/0x240 [ 139.848581][ T5334] ? setup_bdev_super+0x4c1/0x5b0 [ 139.850843][ T5334] get_tree_bdev_flags+0x431/0x4f0 [ 139.853117][ T5334] ? __pfx_ext4_fill_super+0x10/0x10 [ 139.856175][ T5334] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 139.859358][ T5334] vfs_get_tree+0x92/0x2a0 [ 139.861718][ T5334] do_new_mount+0x341/0xd30 [ 139.863585][ T5334] ? apparmor_capable+0x137/0x1a0 [ 139.865934][ T5334] ? __pfx_do_new_mount+0x10/0x10 [ 139.868244][ T5334] ? ns_capable+0x89/0xe0 [ 139.870277][ T5334] ? user_path_at+0xd4/0x160 [ 139.872432][ T5334] __se_sys_mount+0x31d/0x420 [ 139.874686][ T5334] ? __pfx___se_sys_mount+0x10/0x10 [ 139.877015][ T5334] ? __x64_sys_mount+0x20/0xc0 [ 139.879159][ T5334] do_syscall_64+0x14d/0xf80 [ 139.881280][ T5334] ? trace_irq_disable+0x3b/0x150 [ 139.883522][ T5334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.886165][ T5334] ? clear_bhb_loop+0x40/0x90 [ 139.888147][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.890730][ T5334] RIP: 0033:0x7fd6aa79d20a [ 139.892576][ T5334] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.900308][ T5334] RSP: 002b:00007fd6ab5ffe58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 139.904142][ T5334] RAX: ffffffffffffffda RBX: 00007fd6ab5ffee0 RCX: 00007fd6aa79d20a [ 139.907549][ T5334] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007fd6ab5ffea0 [ 139.910802][ T5334] RBP: 00002000000009c0 R08: 00007fd6ab5ffee0 R09: 0000000000800718 [ 139.914283][ T5334] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540 [ 139.917661][ T5334] R13: 00007fd6ab5ffea0 R14: 000000000000048d R15: 0000200000000200 [ 139.921143][ T5334] [ 139.922836][ T5334] Kernel Offset: disabled [ 139.925044][ T5334] Rebooting in 86400 seconds..