program: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000180), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = open(&(0x7f0000000200)='./file1\x00', 0x4a07e, 0xdc) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x5000) [ 88.036659][ T5331] loop0: detected capacity change from 0 to 2048 [ 88.054777][ T5293] Bluetooth: hci0: command tx timeout [ 88.232281][ T5331] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.295214][ T1135] ------------[ cut here ]------------ [ 88.298539][ T1135] kernel BUG at fs/ext4/inode.c:2826! [ 88.300966][ T1135] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 88.303843][ T1135] CPU: 0 UID: 0 PID: 1135 Comm: kworker/u4:9 Not tainted syzkaller #0 PREEMPT(full) [ 88.308060][ T1135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.312612][ T1135] Workqueue: writeback wb_workfn (flush-7:0) [ 88.315460][ T1135] RIP: 0010:ext4_do_writepages+0x465f/0x4670 [ 88.318139][ T1135] Code: c6 a0 63 e4 8b e8 b1 65 9f fe 90 0f 0b e8 c9 11 3d ff 4c 89 f7 48 c7 c6 80 68 e4 8b e8 9a 65 9f fe 90 0f 0b e8 b2 11 3d ff 90 <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 88.326665][ T1135] RSP: 0018:ffffc900017e6c80 EFLAGS: 00010293 [ 88.329366][ T1135] RAX: ffffffff8288a8ee RBX: 0000004210000000 RCX: ffff888036970000 [ 88.332185][ T1135] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000 [ 88.335212][ T1135] RBP: ffffc900017e7090 R08: ffff888046d8a5d7 R09: 1ffff11008db14ba [ 88.338123][ T1135] R10: dffffc0000000000 R11: ffffed1008db14bb R12: dffffc0000000000 [ 88.341364][ T1135] R13: 0000000000000001 R14: 0000004000000000 R15: 1ffff110084ac0c5 [ 88.344968][ T1135] FS: 0000000000000000(0000) GS:ffff88808c885000(0000) knlGS:0000000000000000 [ 88.348396][ T1135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.351035][ T1135] CR2: 0000563123832dfd CR3: 000000000e74a000 CR4: 0000000000352ef0 [ 88.354174][ T1135] Call Trace: [ 88.355627][ T1135] [ 88.356828][ T1135] ? blk_mq_submit_bio+0x1acf/0x28e0 [ 88.358998][ T1135] ? __lock_acquire+0x6b5/0x2cf0 [ 88.361027][ T1135] ? __lock_acquire+0x6b5/0x2cf0 [ 88.363107][ T1135] ? look_up_lock_class+0x57/0x110 [ 88.365377][ T1135] ? register_lock_class+0x31/0x2e0 [ 88.367757][ T1135] ? __pfx_ext4_do_writepages+0x10/0x10 [ 88.370285][ T1135] ? __lock_acquire+0x6b5/0x2cf0 [ 88.372573][ T1135] ? filemap_get_folios_tag+0x118/0x720 [ 88.375146][ T1135] ? filemap_get_folios_tag+0x61c/0x720 [ 88.377530][ T1135] ? filemap_get_folios_tag+0x118/0x720 [ 88.379911][ T1135] ? ext4_writepages+0x205/0x3b0 [ 88.381930][ T1135] ? ext4_writepages+0x205/0x3b0 [ 88.384087][ T1135] ext4_writepages+0x241/0x3b0 [ 88.386143][ T1135] ? __pfx_ext4_writepages+0x10/0x10 [ 88.388307][ T1135] ? do_raw_spin_unlock+0x4d/0x210 [ 88.390399][ T1135] ? __pfx_ext4_writepages+0x10/0x10 [ 88.392381][ T1135] do_writepages+0x32e/0x550 [ 88.394331][ T1135] ? reacquire_held_locks+0x104/0x190 [ 88.396652][ T1135] ? writeback_sb_inodes+0x463/0x19d0 [ 88.398998][ T1135] __writeback_single_inode+0x133/0x10e0 [ 88.401385][ T1135] ? do_raw_spin_unlock+0x4d/0x210 [ 88.403763][ T1135] writeback_sb_inodes+0x979/0x19d0 [ 88.405787][ T1135] ? __lock_acquire+0x6b5/0x2cf0 [ 88.407943][ T1135] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 88.410277][ T1135] ? __pfx_down_read_trylock+0x10/0x10 [ 88.412486][ T1135] ? __pfx___up_read+0x10/0x10 [ 88.414515][ T1135] __writeback_inodes_wb+0x111/0x240 [ 88.416675][ T1135] wb_writeback+0x459/0xb00 [ 88.418482][ T1135] ? queue_io+0x241/0x470 [ 88.420245][ T1135] ? __pfx_wb_writeback+0x10/0x10 [ 88.422313][ T1135] ? do_raw_spin_lock+0x12b/0x2f0 [ 88.424480][ T1135] wb_workfn+0x921/0xf10 [ 88.426387][ T1135] ? __lock_acquire+0x6b5/0x2cf0 [ 88.428606][ T1135] ? look_up_lock_class+0x57/0x110 [ 88.430929][ T1135] ? __pfx_wb_workfn+0x10/0x10 [ 88.433033][ T1135] ? do_raw_spin_lock+0x12b/0x2f0 [ 88.435155][ T1135] ? lock_acquire+0x106/0x350 [ 88.437186][ T1135] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 88.439438][ T1135] ? process_scheduled_works+0xa70/0x1860 [ 88.441764][ T1135] ? process_scheduled_works+0xa70/0x1860 [ 88.444198][ T1135] ? process_scheduled_works+0xa70/0x1860 [ 88.446639][ T1135] process_scheduled_works+0xb5d/0x1860 [ 88.448989][ T1135] ? __pfx_process_scheduled_works+0x10/0x10 [ 88.451683][ T1135] ? assign_work+0x3d5/0x5e0 [ 88.453677][ T1135] worker_thread+0xa53/0xfc0 [ 88.455750][ T1135] kthread+0x388/0x470 [ 88.457557][ T1135] ? __pfx_worker_thread+0x10/0x10 [ 88.459834][ T1135] ? __pfx_kthread+0x10/0x10 [ 88.461730][ T1135] ret_from_fork+0x514/0xb70 [ 88.463748][ T1135] ? __pfx_ret_from_fork+0x10/0x10 [ 88.465904][ T1135] ? __switch_to+0xc79/0x1410 [ 88.467951][ T1135] ? __pfx_kthread+0x10/0x10 [ 88.469968][ T1135] ret_from_fork_asm+0x1a/0x30 [ 88.472150][ T1135] [ 88.473502][ T1135] Modules linked in: [ 88.475806][ T1135] ---[ end trace 0000000000000000 ]--- [ 88.716055][ T1135] RIP: 0010:ext4_do_writepages+0x465f/0x4670 [ 88.720876][ T1135] Code: c6 a0 63 e4 8b e8 b1 65 9f fe 90 0f 0b e8 c9 11 3d ff 4c 89 f7 48 c7 c6 80 68 e4 8b e8 9a 65 9f fe 90 0f 0b e8 b2 11 3d ff 90 <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 88.737240][ T1135] RSP: 0018:ffffc900017e6c80 EFLAGS: 00010293 [ 88.743519][ T1135] RAX: ffffffff8288a8ee RBX: 0000004210000000 RCX: ffff888036970000 [ 88.751015][ T1135] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000 [ 88.760797][ T1135] RBP: ffffc900017e7090 R08: ffff888046d8a5d7 R09: 1ffff11008db14ba [ 88.767521][ T1135] R10: dffffc0000000000 R11: ffffed1008db14bb R12: dffffc0000000000 [ 88.774280][ T1135] R13: 0000000000000001 R14: 0000004000000000 R15: 1ffff110084ac0c5 [ 88.783517][ T1135] FS: 0000000000000000(0000) GS:ffff88808c885000(0000) knlGS:0000000000000000 [ 88.791517][ T1135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.798215][ T1135] CR2: 0000563136965118 CR3: 000000001254c000 CR4: 0000000000352ef0 [ 88.806108][ T1135] Kernel panic - not syncing: Fatal exception [ 88.809295][ T1135] Kernel Offset: disabled [ 88.811261][ T1135] Rebooting in 86400 seconds..