program: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x55d, &(0x7f0000001180)="$eJzs3d9rU1ccAPDvTRt/1c0KItseRsGHOZypbffDwR7c49hkwvbuQnst0tRIk4rthOnDfNnLkMEYE2R/wN73KPsH9lcImyBDyvawl46b3tTYNP0ZbTSfD1w9596bnHNy7vf03JyEBNC3RrJ/ChGvR8T3ScSRlmODkR8cWTlv6fGNyWxLYnn5i7+TSPJ9zfOT/P+hPPNaRPz+bcSpQnu5tYXFmXKlks7l+dH67NXR2sLi6cuz5el0Or0yPjFx9r2J8Q8/eL9rbX37wr8/fX7/k7PfnVj68deHR+8kcS4O58da27ELN1szIzGSvybFOLfmxLEuFNZLkr2uADsykMd5MbIx4EgM5FEPvPy+iYhloE8l4h/6VHMe0Ly379J98Avj0ccrN0Dt7R9ceW8kDjTujQ4tJU/dGWX3u8NdKD8r47e/7t7Jtuje+xAAm7p5KyLODA62j39JPv7t3JktnLO2jG2Of8vbrBLQ4n42/3lnvflPYXX+E+vMf4bWid2d2Dz+Cw+7UExH2fzvo3Xnv6uLVsMDee6VxpyvmFy6XEmzse3ViDgZxf1ZfqP1nLNLDzqOU63zv2zLym/OBfN6PBzc//Rjpsr18m7a3OrRrYg31p3/Jqv9n7T1f7HxelzYYhnH07tvdjq2efufreVfIt5at/+frGglG69Pjjauh9HmVdHun9vH/+hU/l63P+v/Qxu3fzhpXa+tbb+Mewf+Szsd2+n1vy/5spHel++7Xq7X58Yi9iWfte8ff/LYZr55ftb+kyc2Hv/ar/+IgxHx1Rbbf/vY7Y6n9kL/T22r/7efePDp1z93Kn9r/f9uI3Uy37OV8W+rFdzNawcAAAAAAAC9phARhyMplFbThUKptPL5jmNxqFCp1uqnLlXnr0xF47uyw1EsNFe6h1o+DzGWfx62mR9fk5+IiKMR8cPAwUa+NFmtTO114wEAAAAAAAAAAAAAAAAAAKBHDHX4/n/mz4G9rh3wzPnJb+hfm8Z/N37pCehJ/v5D/xL/0L/EP/Qv8Q/9S/xD/xL/0L/EP/SvTvF/7znXAwAAAAAAAAAAAAAAAAAAAAAAAAAAAF4SF86fz7blpcc3JrP81LWF+ZnqtdNTaW2mNDs/WZqszl0tTVer05W0NFmd3ez5KtXq1bHxmL8+Wk9r9dHawuLF2er8lfrFy7Pl6fRiWnwurQIAAAAAAAAAAAAAAAAAAIAXS21hcaZcqaRzEhI7Sgz2RjUkVhLNwN71E+7tuAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArf4PAAD//98qNtY=") (async) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000880)={&(0x7f0000000600)=[0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0], &(0x7f0000000840)=[0x0], 0x1, 0x4, 0x2, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000280)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, r1, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000300)={r2, 0xb, 0x0, 0xfffffc02, 0x2, [], [0x7784d0e1, 0x4, 0xa, 0x9c], [0x7, 0x80000000, 0x4, 0x9], [0xe422, 0x7, 0xffffffffffffff65, 0x100000000]}) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x800) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000e80)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, {{&(0x7f0000000640)=@file={0x1, './file0/../file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4004000}}], 0x2, 0x0) r5 = socket$phonet(0x23, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', 0x0}) r7 = socket$packet(0x11, 0x3, 0x300) (async) r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0) preadv(r8, &(0x7f00000005c0)=[{&(0x7f0000000400)=""/142, 0x8e}, {&(0x7f00000004c0)=""/232, 0xe8}, {&(0x7f00000006c0)=""/152, 0x98}], 0x3, 0x3415, 0x16) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0], 0x2, 0x800, 0x0, 0xffffffffffffffff}) getsockopt$MISDN_TIME_STAMP(r9, 0x0, 0x1, &(0x7f0000000100), &(0x7f0000000140)=0x4) (async) ioctl$F2FS_IOC_GET_FEATURES(r7, 0x8004f50c, &(0x7f0000000040)) setsockopt$packet_add_memb(r7, 0x107, 0x18, &(0x7f0000000800)={r6, 0x1, 0x6, @broadcast}, 0x10) (async) sendto$packet(r7, 0x0, 0xffffffffffffffbd, 0xc000040, &(0x7f0000000000)={0x11, 0x3, r6, 0x1, 0x0, 0x6, @remote}, 0x14) (async, rerun: 32) syz_emit_ethernet(0x7a, &(0x7f0000000200)=ANY=[@ANYBLOB="05000000000200000000000086dd63269fe000443afffe80e984cd147724d1cb860000000000000000008d08a7612d31cf15287287f26400000000aafe8000000000000000000000000000aa02009078000400056428544600080000fe8800000000000033740bf60000000000000001000000110004"], 0x0) (rerun: 32) r10 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_SEND_PRIO(r10, 0x6b, 0x3, 0x0, 0x0) (async, rerun: 64) sendfile(r4, r5, &(0x7f0000000380)=0x8, 0xe) (rerun: 64) [ 69.090893][ T5091] Bluetooth: hci0: command tx timeout [ 69.098724][ T5106] loop0: detected capacity change from 0 to 1024 [ 69.231549][ T5106] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 69.232091][ T5106] EXT4-fs: failed to create workqueue [ 69.239530][ T5106] EXT4-fs (loop0): mount failed [ 69.260598][ T5108] Buffer I/O error on dev loop0, logical block 64, lost sync page write [ 69.263869][ T5108] EXT4-fs error (device loop0): kmmpd:186: comm kmmpd-loop0: Error writing to MMP block [ 69.286119][ T5108] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 69.289176][ T5108] EXT4-fs (loop0): I/O error while writing superblock [ 69.294096][ T5108] Buffer I/O error on dev loop0, logical block 64, lost sync page write [ 69.303963][ T5106] ------------[ cut here ]------------ [ 69.306130][ T5106] ODEBUG: free active (active state 0) object: ffff888040aca6d8 object type: timer_list hint: print_daily_error_info+0x0/0x490 [ 69.311247][ T5106] WARNING: CPU: 0 PID: 5106 at lib/debugobjects.c:517 debug_print_object+0x17a/0x1f0 [ 69.315064][ T5106] Modules linked in: [ 69.316624][ T5106] CPU: 0 UID: 0 PID: 5106 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 69.320362][ T5106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.324316][ T5106] RIP: 0010:debug_print_object+0x17a/0x1f0 [ 69.326483][ T5106] Code: e8 ab ab 3e fd 4c 8b 0b 48 c7 c7 c0 e6 60 8c 48 8b 74 24 08 48 89 ea 44 89 e1 4d 89 f8 ff 34 24 e8 cb 20 98 fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 04 f0 5e 0b 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 [ 69.333839][ T5106] RSP: 0000:ffffc900030ef7b8 EFLAGS: 00010286 [ 69.336217][ T5106] RAX: aec2a9b3829ab300 RBX: ffffffff8c0ce580 RCX: ffff88801eec2440 [ 69.339189][ T5106] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 69.342153][ T5106] RBP: ffffffff8c60e840 R08: ffffffff8155c052 R09: fffffbfff1cfa138 [ 69.344822][ T5106] R10: dffffc0000000000 R11: fffffbfff1cfa138 R12: 0000000000000000 [ 69.347667][ T5106] R13: ffffffff8c60e758 R14: dffffc0000000000 R15: ffff888040aca6d8 [ 69.350630][ T5106] FS: 00007f5aecc0b6c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 69.353989][ T5106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.356573][ T5106] CR2: 00007eff48b99390 CR3: 00000000361be000 CR4: 0000000000350ef0 [ 69.359661][ T5106] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.362765][ T5106] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.365959][ T5106] Call Trace: [ 69.367269][ T5106] [ 69.368480][ T5106] ? __warn+0x168/0x4e0 [ 69.370150][ T5106] ? debug_print_object+0x17a/0x1f0 [ 69.372230][ T5106] ? report_bug+0x2b3/0x500 [ 69.374074][ T5106] ? debug_print_object+0x17a/0x1f0 [ 69.376269][ T5106] ? handle_bug+0x60/0x90 [ 69.377994][ T5106] ? exc_invalid_op+0x1a/0x50 [ 69.379944][ T5106] ? asm_exc_invalid_op+0x1a/0x20 [ 69.381904][ T5106] ? __warn_printk+0x292/0x360 [ 69.383771][ T5106] ? debug_print_object+0x17a/0x1f0 [ 69.385917][ T5106] ? __pfx_print_daily_error_info+0x10/0x10 [ 69.388385][ T5106] ? __pfx_print_daily_error_info+0x10/0x10 [ 69.390663][ T5106] debug_check_no_obj_freed+0x45b/0x580 [ 69.392554][ T5106] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 69.394565][ T5106] ? kasan_quarantine_put+0xdc/0x230 [ 69.396093][ T5106] ? lockdep_hardirqs_on+0x99/0x150 [ 69.397681][ T5106] ? ext4_fill_super+0x2b34/0x6df0 [ 69.399688][ T5106] ? ext4_fill_super+0x2b34/0x6df0 [ 69.401622][ T5106] kfree+0x120/0x440 [ 69.402800][ T5106] ? ext4_fill_super+0x2afa/0x6df0 [ 69.404376][ T5106] ext4_fill_super+0x2b34/0x6df0 [ 69.406164][ T5106] ? __pfx_ext4_fill_super+0x10/0x10 [ 69.407897][ T5106] ? do_raw_spin_lock+0x14f/0x370 [ 69.409558][ T5106] ? __pfx_snprintf+0x10/0x10 [ 69.411173][ T5106] ? set_blocksize+0x1f9/0x360 [ 69.412716][ T5106] ? sb_set_blocksize+0x98/0xf0 [ 69.414355][ T5106] ? setup_bdev_super+0x4e6/0x5d0 [ 69.416117][ T5106] get_tree_bdev+0x3f7/0x570 [ 69.417835][ T5106] ? __pfx_ext4_fill_super+0x10/0x10 [ 69.419780][ T5106] ? __pfx_get_tree_bdev+0x10/0x10 [ 69.421666][ T5106] ? apparmor_capable+0x13b/0x1b0 [ 69.423479][ T5106] vfs_get_tree+0x90/0x2b0 [ 69.425223][ T5106] do_new_mount+0x2be/0xb40 [ 69.426898][ T5106] ? __pfx_do_new_mount+0x10/0x10 [ 69.428732][ T5106] __se_sys_mount+0x2d6/0x3c0 [ 69.430490][ T5106] ? __pfx___se_sys_mount+0x10/0x10 [ 69.432353][ T5106] ? exc_page_fault+0x590/0x8c0 [ 69.434321][ T5106] ? __x64_sys_mount+0x20/0xc0 [ 69.436180][ T5106] do_syscall_64+0xf3/0x230 [ 69.437973][ T5106] ? clear_bhb_loop+0x35/0x90 [ 69.439750][ T5106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.442059][ T5106] RIP: 0033:0x7f5aebd7f69a [ 69.443778][ T5106] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.450903][ T5106] RSP: 002b:00007f5aecc0ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.453820][ T5106] RAX: ffffffffffffffda RBX: 00007f5aecc0aef0 RCX: 00007f5aebd7f69a [ 69.456486][ T5106] RDX: 0000000020000040 RSI: 0000000020000200 RDI: 00007f5aecc0aeb0 [ 69.459520][ T5106] RBP: 0000000020000040 R08: 00007f5aecc0aef0 R09: 0000000000000000 [ 69.462567][ T5106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000200 [ 69.465511][ T5106] R13: 00007f5aecc0aeb0 R14: 000000000000055d R15: 0000000020000b80 [ 69.468321][ T5106] [ 69.469490][ T5106] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 69.472166][ T5106] CPU: 0 UID: 0 PID: 5106 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0 [ 69.475808][ T5106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.479513][ T5106] Call Trace: [ 69.480781][ T5106] [ 69.481926][ T5106] dump_stack_lvl+0x241/0x360 [ 69.483602][ T5106] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.485544][ T5106] ? __pfx__printk+0x10/0x10 [ 69.487368][ T5106] ? _printk+0xd5/0x120 [ 69.488918][ T5106] ? __init_begin+0x41000/0x41000 [ 69.490832][ T5106] ? vscnprintf+0x5d/0x90 [ 69.492497][ T5106] panic+0x349/0x880 [ 69.493901][ T5106] ? __warn+0x177/0x4e0 [ 69.495384][ T5106] ? __pfx_panic+0x10/0x10 [ 69.496957][ T5106] ? show_trace_log_lvl+0x3b2/0x410 [ 69.498825][ T5106] __warn+0x34b/0x4e0 [ 69.500355][ T5106] ? debug_print_object+0x17a/0x1f0 [ 69.502213][ T5106] report_bug+0x2b3/0x500 [ 69.503762][ T5106] ? debug_print_object+0x17a/0x1f0 [ 69.505713][ T5106] handle_bug+0x60/0x90 [ 69.507248][ T5106] exc_invalid_op+0x1a/0x50 [ 69.508957][ T5106] asm_exc_invalid_op+0x1a/0x20 [ 69.510790][ T5106] RIP: 0010:debug_print_object+0x17a/0x1f0 [ 69.512929][ T5106] Code: e8 ab ab 3e fd 4c 8b 0b 48 c7 c7 c0 e6 60 8c 48 8b 74 24 08 48 89 ea 44 89 e1 4d 89 f8 ff 34 24 e8 cb 20 98 fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 04 f0 5e 0b 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 [ 69.520225][ T5106] RSP: 0000:ffffc900030ef7b8 EFLAGS: 00010286 [ 69.522333][ T5106] RAX: aec2a9b3829ab300 RBX: ffffffff8c0ce580 RCX: ffff88801eec2440 [ 69.525198][ T5106] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 69.528037][ T5106] RBP: ffffffff8c60e840 R08: ffffffff8155c052 R09: fffffbfff1cfa138 [ 69.531046][ T5106] R10: dffffc0000000000 R11: fffffbfff1cfa138 R12: 0000000000000000 [ 69.534050][ T5106] R13: ffffffff8c60e758 R14: dffffc0000000000 R15: ffff888040aca6d8 [ 69.536990][ T5106] ? __warn_printk+0x292/0x360 [ 69.538757][ T5106] ? __pfx_print_daily_error_info+0x10/0x10 [ 69.540873][ T5106] ? __pfx_print_daily_error_info+0x10/0x10 [ 69.543169][ T5106] debug_check_no_obj_freed+0x45b/0x580 [ 69.545198][ T5106] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 69.547350][ T5106] ? kasan_quarantine_put+0xdc/0x230 [ 69.549351][ T5106] ? lockdep_hardirqs_on+0x99/0x150 [ 69.551271][ T5106] ? ext4_fill_super+0x2b34/0x6df0 [ 69.553005][ T5106] ? ext4_fill_super+0x2b34/0x6df0 [ 69.554613][ T5106] kfree+0x120/0x440 [ 69.556063][ T5106] ? ext4_fill_super+0x2afa/0x6df0 [ 69.557940][ T5106] ext4_fill_super+0x2b34/0x6df0 [ 69.559817][ T5106] ? __pfx_ext4_fill_super+0x10/0x10 [ 69.561757][ T5106] ? do_raw_spin_lock+0x14f/0x370 [ 69.563428][ T5106] ? __pfx_snprintf+0x10/0x10 [ 69.565109][ T5106] ? set_blocksize+0x1f9/0x360 [ 69.566846][ T5106] ? sb_set_blocksize+0x98/0xf0 [ 69.568641][ T5106] ? setup_bdev_super+0x4e6/0x5d0 [ 69.570412][ T5106] get_tree_bdev+0x3f7/0x570 [ 69.572169][ T5106] ? __pfx_ext4_fill_super+0x10/0x10 [ 69.574041][ T5106] ? __pfx_get_tree_bdev+0x10/0x10 [ 69.575949][ T5106] ? apparmor_capable+0x13b/0x1b0 [ 69.577874][ T5106] vfs_get_tree+0x90/0x2b0 [ 69.579536][ T5106] do_new_mount+0x2be/0xb40 [ 69.581282][ T5106] ? __pfx_do_new_mount+0x10/0x10 [ 69.583108][ T5106] __se_sys_mount+0x2d6/0x3c0 [ 69.584895][ T5106] ? __pfx___se_sys_mount+0x10/0x10 [ 69.586683][ T5106] ? exc_page_fault+0x590/0x8c0 [ 69.588450][ T5106] ? __x64_sys_mount+0x20/0xc0 [ 69.590290][ T5106] do_syscall_64+0xf3/0x230 [ 69.592009][ T5106] ? clear_bhb_loop+0x35/0x90 [ 69.593688][ T5106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.595750][ T5106] RIP: 0033:0x7f5aebd7f69a [ 69.597381][ T5106] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.604309][ T5106] RSP: 002b:00007f5aecc0ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.607360][ T5106] RAX: ffffffffffffffda RBX: 00007f5aecc0aef0 RCX: 00007f5aebd7f69a [ 69.610087][ T5106] RDX: 0000000020000040 RSI: 0000000020000200 RDI: 00007f5aecc0aeb0 [ 69.613155][ T5106] RBP: 0000000020000040 R08: 00007f5aecc0aef0 R09: 0000000000000000 [ 69.616177][ T5106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000200 [ 69.619069][ T5106] R13: 00007f5aecc0aeb0 R14: 000000000000055d R15: 0000000020000b80 [ 69.621987][ T5106] [ 69.623332][ T5106] Kernel Offset: disabled [ 69.624756][ T5106] Rebooting in 86400 seconds..