Warning: Permanently added '10.128.1.210' (ED25519) to the list of known hosts. executing program [ 38.239707][ T6519] loop0: detected capacity change from 0 to 1024 [ 38.246303][ T6519] ======================================================= [ 38.246303][ T6519] WARNING: The mand mount option has been deprecated and [ 38.246303][ T6519] and is ignored by this kernel. Remove the mand [ 38.246303][ T6519] option from the mount to silence this warning. [ 38.246303][ T6519] ======================================================= [ 38.246443][ T6519] EXT4-fs: Ignoring removed nobh option [ 38.246468][ T6519] EXT4-fs: Ignoring removed bh option [ 38.262706][ T6519] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.286635][ T6519] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata executing program [ 38.295008][ T6519] EXT4-fs (loop0): pa 00000000cf766501: logic 288, phys. 417, len 6 [ 38.295098][ T6519] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 38.325800][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 88417089057072, count = 16 [ 38.330565][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 88417089053742, count = 3345 [ 38.333459][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 187677185942144, count = 16 [ 38.333916][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 187677185933322, count = 8828 [ 38.334150][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 992, count = 0 [ 38.334360][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 133539945293456, count = 16 [ 38.334578][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 133539945264753, count = 28719 [ 38.334795][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 133539945264752, count = 16 [ 38.347245][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.373759][ T6524] loop0: detected capacity change from 0 to 1024 [ 38.374837][ T6524] EXT4-fs: Ignoring removed nobh option [ 38.374872][ T6524] EXT4-fs: Ignoring removed bh option [ 38.386094][ T6524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.400388][ T6524] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 38.412174][ T6524] EXT4-fs (loop0): pa 0000000066634b35: logic 288, phys. 417, len 6 executing program [ 38.412260][ T6524] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 38.440152][ T6516] ================================================================== [ 38.440191][ T6516] BUG: KASAN: use-after-free in ext4_ext_remove_space+0x276c/0x37c8 [ 38.440218][ T6516] Read of size 4 at addr ffff0000df6bdc18 by task syz-executor309/6516 [ 38.440234][ T6516] [ 38.440245][ T6516] CPU: 1 UID: 0 PID: 6516 Comm: syz-executor309 Not tainted 6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT [ 38.440259][ T6516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 38.440266][ T6516] Call trace: [ 38.440270][ T6516] show_stack+0x2c/0x3c (C) [ 38.440288][ T6516] __dump_stack+0x30/0x40 [ 38.440302][ T6516] dump_stack_lvl+0xd8/0x12c [ 38.440315][ T6516] print_address_description+0xa8/0x254 [ 38.440329][ T6516] print_report+0x68/0x84 [ 38.440341][ T6516] kasan_report+0xb0/0x110 [ 38.440352][ T6516] __asan_report_load4_noabort+0x20/0x2c [ 38.440364][ T6516] ext4_ext_remove_space+0x276c/0x37c8 [ 38.440376][ T6516] ext4_ext_truncate+0x134/0x1d0 [ 38.440389][ T6516] ext4_truncate+0x9c4/0xfe0 [ 38.440400][ T6516] ext4_evict_inode+0x9b4/0x104c [ 38.440411][ T6516] evict+0x414/0x928 [ 38.440423][ T6516] iput+0x6e4/0x83c [ 38.440434][ T6516] do_unlinkat+0x338/0x4dc [ 38.440445][ T6516] __arm64_sys_unlinkat+0xdc/0xf8 [ 38.440455][ T6516] invoke_syscall+0x98/0x2b8 [ 38.440470][ T6516] el0_svc_common+0x130/0x23c [ 38.440483][ T6516] do_el0_svc+0x48/0x58 [ 38.440496][ T6516] el0_svc+0x58/0x17c [ 38.440509][ T6516] el0t_64_sync_handler+0x78/0x108 [ 38.440521][ T6516] el0t_64_sync+0x198/0x19c [ 38.440533][ T6516] [ 38.440648][ T6516] The buggy address belongs to the physical page: [ 38.440659][ T6516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xea pfn:0x11f6bd [ 38.440677][ T6516] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff) [ 38.440698][ T6516] raw: 05ffc00000000000 fffffdffc37daf88 fffffdffc37daf08 0000000000000000 [ 38.440714][ T6516] raw: 00000000000000ea 0000000000000000 00000000ffffffff 0000000000000000 [ 38.440726][ T6516] page dumped because: kasan: bad access detected [ 38.440737][ T6516] [ 38.440746][ T6516] Memory state around the buggy address: [ 38.440758][ T6516] ffff0000df6bdb00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.440772][ T6516] ffff0000df6bdb80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.440785][ T6516] >ffff0000df6bdc00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.440797][ T6516] ^ [ 38.440810][ T6516] ffff0000df6bdc80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.440823][ T6516] ffff0000df6bdd00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.440835][ T6516] ================================================================== [ 38.440873][ T6516] Disabling lock debugging due to kernel taint [ 38.440898][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 2244176752, count = 0 [ 38.441168][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 147072565182463, count = 27456 [ 38.441350][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 32928, count = 16 [ 38.441516][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 175, count = 32767 [ 38.441693][ T6516] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 145:freeing already freed block (bit 9); block bitmap corrupt. [ 38.441962][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 174 [ 38.442121][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 [ 38.442282][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 2244176584, count = 0 [ 38.489079][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.504303][ T6527] loop0: detected capacity change from 0 to 1024 [ 38.505415][ T6527] EXT4-fs: Ignoring removed nobh option [ 38.505445][ T6527] EXT4-fs: Ignoring removed bh option [ 38.517568][ T6527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.526868][ T6527] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 38.540866][ T6527] EXT4-fs (loop0): pa 00000000929a8b68: logic 288, phys. 417, len 6 [ 38.540917][ T6527] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 38.571723][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 [ 38.572004][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 4 executing program [ 38.572174][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 [ 38.572348][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 3036617056, count = 0 [ 38.572518][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 4294967295, count = 0 [ 38.572679][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 4294967280, count = 16 [ 38.572835][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 199007309732176, count = 16 [ 38.573010][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 199007309725695, count = 6492 [ 38.593038][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.616371][ T6530] loop0: detected capacity change from 0 to 1024 [ 38.617081][ T6530] EXT4-fs: Ignoring removed nobh option [ 38.617108][ T6530] EXT4-fs: Ignoring removed bh option [ 38.625517][ T6530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.634873][ T6530] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 38.645122][ T6530] EXT4-fs (loop0): pa 0000000055051c32: logic 288, phys. 417, len 6 [ 38.645177][ T6530] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 38.667996][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 111477107367824, count = 16 [ 38.672425][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 111477107342893, count = 24934 [ 38.673626][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 111477107342880, count = 16 [ 38.673792][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121450642510224, count = 16 [ 38.673955][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121450642499955, count = 10272 [ 38.674110][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121450642499952, count = 16 [ 38.674259][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35650244284304, count = 16 [ 38.674416][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35650244255805, count = 28515 executing program [ 38.920373][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.944526][ T6533] loop0: detected capacity change from 0 to 1024 [ 38.945259][ T6533] EXT4-fs: Ignoring removed nobh option [ 38.945287][ T6533] EXT4-fs: Ignoring removed bh option [ 38.955887][ T6533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. executing program [ 38.970766][ T6533] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 38.977169][ T6533] EXT4-fs (loop0): pa 0000000093d1582c: logic 288, phys. 417, len 6 [ 38.977229][ T6533] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 38.994633][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.006214][ T6536] loop0: detected capacity change from 0 to 1024 [ 39.008887][ T6536] EXT4-fs: Ignoring removed nobh option [ 39.008963][ T6536] EXT4-fs: Ignoring removed bh option [ 39.032755][ T6536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.049084][ T6536] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata executing program [ 39.056191][ T6536] EXT4-fs (loop0): pa 000000005e4c3b0a: logic 288, phys. 417, len 6 [ 39.056251][ T6536] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 39.073209][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.084837][ T6539] loop0: detected capacity change from 0 to 1024 [ 39.085527][ T6539] EXT4-fs: Ignoring removed nobh option [ 39.085591][ T6539] EXT4-fs: Ignoring removed bh option [ 39.096300][ T6539] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.105633][ T6539] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 39.115764][ T6539] EXT4-fs (loop0): pa 000000003a3d7be0: logic 288, phys. 417, len 6 [ 39.115817][ T6539] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 39.137416][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.154447][ T6542] loop0: detected capacity change from 0 to 1024 [ 39.155186][ T6542] EXT4-fs: Ignoring removed nobh option [ 39.159002][ T6542] EXT4-fs: Ignoring removed bh option [ 39.176818][ T6542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.182681][ T6542] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 39.188339][ T6542] EXT4-fs (loop0): pa 00000000e4a1e8c0: logic 288, phys. 417, len 6 [ 39.188398][ T6542] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 39.207102][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35528778226320, count = 16 [ 39.207369][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35528778203731, count = 22601 [ 39.207549][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35528778203728, count = 16 [ 39.207707][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 44118729738928, count = 16 [ 39.207865][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 44118729709645, count = 29285 [ 39.208075][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 44118729709632, count = 16 [ 39.208245][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35654476944544, count = 16 [ 39.208395][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 35654476918595, count = 25956 executing program [ 39.729486][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.742967][ T6545] loop0: detected capacity change from 0 to 1024 [ 39.743943][ T6545] EXT4-fs: Ignoring removed nobh option [ 39.743973][ T6545] EXT4-fs: Ignoring removed bh option [ 39.760194][ T6545] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.768879][ T6545] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 39.779464][ T6545] EXT4-fs (loop0): pa 000000008b82ae09: logic 288, phys. 417, len 6 [ 39.779531][ T6545] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 39.801824][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 109270199922864, count = 16 [ 39.804429][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 109270199919971, count = 2898 [ 39.804601][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 109270199919968, count = 16 [ 39.804754][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121380089654400, count = 16 [ 39.804914][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121380089626904, count = 27503 [ 39.805071][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121380089626896, count = 16 [ 39.805233][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 13238790227568, count = 16 [ 39.805390][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 13238790218593, count = 8978 executing program [ 40.081836][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.101883][ T6549] loop0: detected capacity change from 0 to 1024 [ 40.102714][ T6549] EXT4-fs: Ignoring removed nobh option [ 40.102743][ T6549] EXT4-fs: Ignoring removed bh option [ 40.115411][ T6549] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.128546][ T6549] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata executing program [ 40.138187][ T6549] EXT4-fs (loop0): pa 000000009209d960: logic 288, phys. 417, len 6 [ 40.138248][ T6549] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 40.153702][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.169604][ T6553] loop0: detected capacity change from 0 to 1024 [ 40.170318][ T6553] EXT4-fs: Ignoring removed nobh option [ 40.170346][ T6553] EXT4-fs: Ignoring removed bh option [ 40.198256][ T6553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.207229][ T6553] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 40.217403][ T6553] EXT4-fs (loop0): pa 00000000b2e41db1: logic 288, phys. 417, len 6 [ 40.217463][ T6553] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 40.241034][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 133540988372176, count = 16 [ 40.241321][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 133540988347760, count = 24421 [ 40.241463][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 133540988347760, count = 16 [ 40.241598][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121424907179424, count = 16 [ 40.241731][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121424907149882, count = 29546 [ 40.241864][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121424907149872, count = 16 [ 40.242033][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 48814256808672, count = 16 [ 40.242180][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 48814256779888, count = 28793 executing program [ 40.649607][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.664760][ T6556] loop0: detected capacity change from 0 to 1024 [ 40.665473][ T6556] EXT4-fs: Ignoring removed nobh option [ 40.665501][ T6556] EXT4-fs: Ignoring removed bh option [ 40.675406][ T6556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.681840][ T6556] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 40.688935][ T6556] EXT4-fs (loop0): pa 00000000e397d3c9: logic 288, phys. 417, len 6 [ 40.688998][ T6556] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 40.704398][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 23390391899024, count = 16 [ 40.709145][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 23390391898899, count = 131 [ 40.713848][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 23390391898896, count = 16 [ 40.718290][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 [ 40.722472][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 2 [ 40.727757][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.740225][ T6559] loop0: detected capacity change from 0 to 1024 [ 40.742067][ T6559] EXT4-fs: Ignoring removed nobh option [ 40.742098][ T6559] EXT4-fs: Ignoring removed bh option [ 40.762992][ T6559] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.770196][ T6559] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 40.776211][ T6559] EXT4-fs (loop0): pa 0000000039e838ea: logic 288, phys. 417, len 6 [ 40.776267][ T6559] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 40.793886][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52983525039200, count = 16 [ 40.798300][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52983525026871, count = 12332 [ 40.798560][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52966278390864, count = 16 [ 40.798715][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52966278377520, count = 13360 [ 40.798870][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52966278377520, count = 16 [ 40.799034][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 55182548283436, count = 12336 [ 40.799200][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52983524777056, count = 16 [ 40.799351][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 52983524765744, count = 11322 [ 40.805004][ T6516] ------------[ cut here ]------------ [ 40.805032][ T6516] WARNING: CPU: 1 PID: 6516 at fs/ext4/mballoc.c:1908 mb_free_blocks+0xe7c/0x1260 [ 40.834916][ T6516] Modules linked in: [ 40.836019][ T6516] CPU: 1 UID: 0 PID: 6516 Comm: syz-executor309 Tainted: G B 6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT [ 40.839769][ T6516] Tainted: [B]=BAD_PAGE [ 40.841078][ T6516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 40.843941][ T6516] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 40.846261][ T6516] pc : mb_free_blocks+0xe7c/0x1260 [ 40.847839][ T6516] lr : mb_free_blocks+0xe7c/0x1260 [ 40.849536][ T6516] sp : ffff8000a40e72a0 [ 40.850702][ T6516] x29: ffff8000a40e7320 x28: 0000000000000007 x27: 0000000000000000 [ 40.853039][ T6516] x26: ffff0000e3b7b268 x25: ffff0000e3b7b268 x24: dfff800000000000 [ 40.855314][ T6516] x23: ffff8000a40e7428 x22: dfff800000000000 x21: ffff0000dcfa26a4 [ 40.857526][ T6516] x20: 0000000000000000 x19: ffff0000dcfa0000 x18: 1fffe000337e1476 [ 40.859851][ T6516] x17: ffff80008f62e000 x16: ffff80008aecb65c x15: 0000000000000001 [ 40.862217][ T6516] x14: 1fffe0001b9f44d4 x13: 0000000000000000 x12: 0000000000000000 [ 40.864545][ T6516] x11: ffff60001b9f44d5 x10: 0000000000ff0100 x9 : 0000000000000000 [ 40.866876][ T6516] x8 : ffff0000c8175b80 x7 : ffff8000a40e7424 x6 : ffff8000810f91a0 [ 40.869201][ T6516] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 40.871584][ T6516] x2 : 0000000000000007 x1 : 0000000000000000 x0 : 0000000000000000 [ 40.873915][ T6516] Call trace: [ 40.874861][ T6516] mb_free_blocks+0xe7c/0x1260 (P) [ 40.876337][ T6516] ext4_free_blocks+0xf6c/0x18e4 [ 40.877754][ T6516] ext4_ext_remove_space+0x1610/0x37c8 [ 40.879343][ T6516] ext4_ext_truncate+0x134/0x1d0 [ 40.880783][ T6516] ext4_truncate+0x9c4/0xfe0 [ 40.882091][ T6516] ext4_evict_inode+0x9b4/0x104c [ 40.883549][ T6516] evict+0x414/0x928 [ 40.884622][ T6516] iput+0x6e4/0x83c [ 40.885765][ T6516] do_unlinkat+0x338/0x4dc [ 40.887029][ T6516] __arm64_sys_unlinkat+0xdc/0xf8 [ 40.888482][ T6516] invoke_syscall+0x98/0x2b8 [ 40.889793][ T6516] el0_svc_common+0x130/0x23c [ 40.891120][ T6516] do_el0_svc+0x48/0x58 [ 40.892309][ T6516] el0_svc+0x58/0x17c executing program [ 40.893467][ T6516] el0t_64_sync_handler+0x78/0x108 [ 40.894875][ T6516] el0t_64_sync+0x198/0x19c [ 40.896104][ T6516] irq event stamp: 23287 [ 40.897338][ T6516] hardirqs last enabled at (23287): [] exit_to_kernel_mode+0xc0/0xf0 [ 40.900059][ T6516] hardirqs last disabled at (23286): [] el1_interrupt+0x24/0x54 [ 40.902661][ T6516] softirqs last enabled at (21110): [] local_bh_enable+0x10/0x34 [ 40.905352][ T6516] softirqs last disabled at (21108): [] local_bh_disable+0x10/0x34 [ 40.907964][ T6516] ---[ end trace 0000000000000000 ]--- [ 40.916213][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.927663][ T6562] loop0: detected capacity change from 0 to 1024 [ 40.928378][ T6562] EXT4-fs: Ignoring removed nobh option [ 40.928406][ T6562] EXT4-fs: Ignoring removed bh option [ 40.936634][ T6562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.952780][ T6562] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 40.964486][ T6562] EXT4-fs (loop0): pa 00000000bcebc93c: logic 288, phys. 417, len 6 [ 40.964542][ T6562] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 40.977312][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 53955348821872, count = 16 [ 40.981678][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 53955348795914, count = 25973 [ 40.986356][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 53955348795904, count = 16 [ 40.990706][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 11349257057649, count = 808 [ 40.995167][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 11349257057648, count = 16 [ 40.995312][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 130152096189904, count = 16 executing program [ 40.995444][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 130152096164961, count = 24948 [ 40.995575][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 130152096164960, count = 16 [ 41.022826][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.040129][ T6565] loop0: detected capacity change from 0 to 1024 [ 41.044711][ T6565] EXT4-fs: Ignoring removed nobh option [ 41.044771][ T6565] EXT4-fs: Ignoring removed bh option [ 41.054991][ T6565] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.060720][ T6565] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 41.069001][ T6565] EXT4-fs (loop0): pa 000000001865ba87: logic 288, phys. 417, len 6 [ 41.069058][ T6565] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 41.097580][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 274057454951360, count = 16 [ 41.097890][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 274057454948322, count = 3041 executing program [ 41.098058][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 187048375239104, count = 16 [ 41.098202][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 187048375238123, count = 995 [ 41.098336][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 187048375238112, count = 16 [ 41.098469][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 273782572856256, count = 16 [ 41.098615][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 273782572850149, count = 6116 [ 41.098749][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 273782572850144, count = 16 [ 41.121263][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.145114][ T6568] loop0: detected capacity change from 0 to 1024 [ 41.145917][ T6568] EXT4-fs: Ignoring removed nobh option [ 41.145945][ T6568] EXT4-fs: Ignoring removed bh option [ 41.170557][ T6568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.179342][ T6568] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 41.189072][ T6568] EXT4-fs (loop0): pa 00000000c4de1365: logic 288, phys. 417, len 6 [ 41.189137][ T6568] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 41.212226][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121399102505152, count = 16 [ 41.212519][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 121399102502003, count = 3154 [ 41.212666][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 107125092697296, count = 16 [ 41.212809][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 107125092672877, count = 24421 [ 41.212959][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 107125092672864, count = 16 [ 41.213097][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 11147376753520, count = 16 [ 41.215433][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 11147376748813, count = 4709 [ 41.215738][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 11147376748800, count = 16 executing program [ 41.565442][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.581610][ T6571] loop0: detected capacity change from 0 to 1024 [ 41.587365][ T6571] EXT4-fs: Ignoring removed nobh option [ 41.588249][ T6571] EXT4-fs: Ignoring removed bh option [ 41.605432][ T6571] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.614851][ T6571] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata executing program [ 41.626077][ T6571] EXT4-fs (loop0): pa 00000000b08ed050: logic 288, phys. 417, len 6 [ 41.626140][ T6571] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 41.648707][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.660546][ T6574] loop0: detected capacity change from 0 to 1024 [ 41.665484][ T6574] EXT4-fs: Ignoring removed nobh option [ 41.665539][ T6574] EXT4-fs: Ignoring removed bh option [ 41.675017][ T6574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.688131][ T6574] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 41.698799][ T6574] EXT4-fs (loop0): pa 000000006dc9b341: logic 288, phys. 417, len 6 [ 41.698863][ T6574] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 41.724591][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 32768, count = 16 [ 41.724923][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 6, count = 32767 [ 41.725120][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 20 [ 41.725302][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 [ 41.725454][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 2240614592, count = 0 [ 41.725623][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 2240614592, count = 16 [ 41.725773][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 146840636948479, count = 8928 [ 41.725932][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 32768, count = 16 [ 41.730297][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.750094][ T6577] loop0: detected capacity change from 0 to 1024 [ 41.751410][ T6577] EXT4-fs: Ignoring removed nobh option [ 41.751439][ T6577] EXT4-fs: Ignoring removed bh option [ 41.756341][ T6577] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.774064][ T6577] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 41.783950][ T6577] EXT4-fs (loop0): pa 00000000af0468df: logic 288, phys. 417, len 6 [ 41.784001][ T6577] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 41.811268][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.832791][ T6580] loop0: detected capacity change from 0 to 1024 [ 41.833598][ T6580] EXT4-fs: Ignoring removed nobh option [ 41.833626][ T6580] EXT4-fs: Ignoring removed bh option [ 41.847129][ T6580] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.859353][ T6580] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 41.870108][ T6580] EXT4-fs (loop0): pa 00000000afa2714a: logic 288, phys. 417, len 6 executing program [ 41.870188][ T6580] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 41.894141][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.907179][ T6583] loop0: detected capacity change from 0 to 1024 [ 41.907892][ T6583] EXT4-fs: Ignoring removed nobh option [ 41.907929][ T6583] EXT4-fs: Ignoring removed bh option [ 41.926086][ T6583] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.935512][ T6583] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata executing program [ 41.941061][ T6583] EXT4-fs (loop0): pa 0000000060fc0f92: logic 288, phys. 417, len 6 [ 41.941129][ T6583] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 41.964269][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.984926][ T6586] loop0: detected capacity change from 0 to 1024 [ 41.985658][ T6586] EXT4-fs: Ignoring removed nobh option [ 41.985685][ T6586] EXT4-fs: Ignoring removed bh option [ 41.996752][ T6586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. executing program [ 42.005410][ T6586] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 42.012242][ T6586] EXT4-fs (loop0): pa 00000000d0c952fb: logic 288, phys. 417, len 6 [ 42.012301][ T6586] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 42.030135][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.045450][ T6589] loop0: detected capacity change from 0 to 1024 [ 42.046243][ T6589] EXT4-fs: Ignoring removed nobh option [ 42.046272][ T6589] EXT4-fs: Ignoring removed bh option [ 42.056689][ T6589] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.065136][ T6589] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 42.072032][ T6589] EXT4-fs (loop0): pa 000000006ec55cb8: logic 288, phys. 417, len 6 [ 42.072089][ T6589] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 42.086396][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 162744944121408, count = 16 [ 42.090950][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 162744944116483, count = 4930 [ 42.095693][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 162744944116480, count = 16 [ 42.100253][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 494727485440, count = 16 [ 42.104890][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 494727479552, count = 5892 [ 42.109450][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 494727479552, count = 16 executing program [ 42.113814][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 4294255808, count = 16 [ 42.115235][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 4294229272, count = 26540 [ 42.137228][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.151580][ T6592] loop0: detected capacity change from 0 to 1024 [ 42.154324][ T6592] EXT4-fs: Ignoring removed nobh option [ 42.154379][ T6592] EXT4-fs: Ignoring removed bh option [ 42.169018][ T6592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.178385][ T6592] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 42.188215][ T6592] EXT4-fs (loop0): pa 00000000f9a34aaa: logic 288, phys. 417, len 6 [ 42.188275][ T6592] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 42.207272][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 30355232, count = 0 [ 42.207584][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 139685640869072, count = 16 [ 42.207750][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 139685640864015, count = 5060 [ 42.212913][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.230109][ T6595] loop0: detected capacity change from 0 to 1024 [ 42.236004][ T6595] EXT4-fs: Ignoring removed nobh option [ 42.237624][ T6595] EXT4-fs: Ignoring removed bh option [ 42.246784][ T6595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.255351][ T6595] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 42.264917][ T6595] EXT4-fs (loop0): pa 0000000018c1d56e: logic 288, phys. 417, len 6 [ 42.264975][ T6595] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 42.285610][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281470681743360, count = 32768 [ 42.286004][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281474976743408, count = 16 [ 42.286167][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281474976710655, count = 32767 [ 42.286320][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 244838905695904, count = 16 [ 42.286467][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 244838905675775, count = 20141 [ 42.305981][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.323118][ T6598] loop0: detected capacity change from 0 to 1024 [ 42.323875][ T6598] EXT4-fs: Ignoring removed nobh option [ 42.323931][ T6598] EXT4-fs: Ignoring removed bh option [ 42.335892][ T6598] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.347301][ T6598] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 42.353314][ T6598] EXT4-fs (loop0): pa 000000005c1687bb: logic 288, phys. 417, len 6 [ 42.353373][ T6598] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 42.366060][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 305399552, count = 16 executing program [ 42.366362][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 305388640, count = 10923 [ 42.366537][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 20010252675755, count = 22496 [ 42.366690][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 10912, count = 16 [ 42.366838][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 10913 [ 42.366999][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 [ 42.367149][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 64 [ 42.367312][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 33424, count = 16 [ 42.382245][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.406795][ T6601] loop0: detected capacity change from 0 to 1024 [ 42.409566][ T6601] EXT4-fs: Ignoring removed nobh option [ 42.411268][ T6601] EXT4-fs: Ignoring removed bh option [ 42.436219][ T6601] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.454739][ T6601] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 42.460408][ T6601] EXT4-fs (loop0): pa 0000000035fa4488: logic 288, phys. 417, len 6 [ 42.460470][ T6601] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 42.483725][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 30317912, count = 0 [ 42.488319][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 188910748055552, count = 16 [ 42.492756][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 188910748043273, count = 12291 [ 42.493150][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 8, count = 0 [ 42.495363][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 51539611440, count = 16 [ 42.495515][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 51539607551, count = 3904 [ 42.495672][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 51539607536, count = 16 [ 42.495827][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 0, count = 16 executing program [ 44.622841][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.640195][ T6604] loop0: detected capacity change from 0 to 1024 [ 44.640830][ T6604] EXT4-fs: Ignoring removed nobh option [ 44.640856][ T6604] EXT4-fs: Ignoring removed bh option [ 44.645260][ T6604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.650989][ T6604] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 44.657499][ T6604] EXT4-fs (loop0): pa 00000000e9b3f031: logic 288, phys. 417, len 6 [ 44.657556][ T6604] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 44.672369][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 70429001517213, count = 16640 [ 44.672694][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 17179152208, count = 23584 [ 44.672852][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 71468255809232, count = 16 [ 44.673041][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 71468255805451, count = 3796 executing program [ 44.673201][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 71468255805440, count = 16 [ 44.673670][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 241750150690528, count = 16 [ 44.673837][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 241750150666716, count = 23818 [ 44.674025][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 241750150666704, count = 16 [ 44.723461][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.733941][ T6607] loop0: detected capacity change from 0 to 1024 [ 44.736672][ T6607] EXT4-fs: Ignoring removed nobh option [ 44.738537][ T6607] EXT4-fs: Ignoring removed bh option [ 44.760392][ T6607] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.771775][ T6607] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 44.782097][ T6607] EXT4-fs (loop0): pa 00000000881cd4df: logic 288, phys. 417, len 6 [ 44.782165][ T6607] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 44.798305][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 7308266, count = 0 [ 44.798574][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 7308256, count = 16 [ 44.798729][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 523986010112, count = 6112 [ 44.807183][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.821902][ T6610] loop0: detected capacity change from 0 to 1024 [ 44.825573][ T6610] EXT4-fs: Ignoring removed nobh option [ 44.825644][ T6610] EXT4-fs: Ignoring removed bh option [ 44.837020][ T6610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.842867][ T6610] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 44.848609][ T6610] EXT4-fs (loop0): pa 0000000026a0891b: logic 288, phys. 417, len 6 [ 44.848674][ T6610] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 44.870087][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281470681743360, count = 32768 [ 44.870379][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281474976743408, count = 16 [ 44.870535][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281474976710655, count = 32767 [ 44.870692][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 244838905695904, count = 16 [ 44.870847][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 244838905675775, count = 20141 [ 44.876089][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. executing program [ 44.971229][ T6614] loop0: detected capacity change from 0 to 1024 [ 44.971885][ T6614] EXT4-fs: Ignoring removed nobh option [ 44.971928][ T6614] EXT4-fs: Ignoring removed bh option [ 44.994757][ T6614] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.001821][ T6614] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata executing program [ 45.007683][ T6614] EXT4-fs (loop0): pa 0000000093ce6b15: logic 288, phys. 417, len 6 [ 45.007741][ T6614] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 45.027312][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.040862][ T6617] loop0: detected capacity change from 0 to 1024 [ 45.041527][ T6617] EXT4-fs: Ignoring removed nobh option [ 45.041555][ T6617] EXT4-fs: Ignoring removed bh option [ 45.047311][ T6617] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.056769][ T6617] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 45.066541][ T6617] EXT4-fs (loop0): pa 00000000cd0d0500: logic 288, phys. 417, len 6 [ 45.066598][ T6617] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 45.090338][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 105524727857488, count = 16 [ 45.090642][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 105524727841024, count = 16475 [ 45.090790][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 105524727841024, count = 16 [ 45.090944][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 217230362534192, count = 16 [ 45.091081][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 217230362532889, count = 1315 [ 45.091218][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 247360067207408, count = 16 [ 45.091359][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 247360067207229, count = 191 [ 45.091519][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 247360067207216, count = 16 executing program [ 45.150698][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.169566][ T6620] loop0: detected capacity change from 0 to 1024 [ 45.172816][ T6620] EXT4-fs: Ignoring removed nobh option [ 45.174935][ T6620] EXT4-fs: Ignoring removed bh option executing program [ 45.190830][ T6620] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 45.199078][ T6620] EXT4-fs (loop0): pa 00000000e1a0d429: logic 288, phys. 417, len 6 [ 45.199144][ T6620] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 45.228185][ T6623] loop0: detected capacity change from 0 to 1024 [ 45.228818][ T6623] EXT4-fs: Ignoring removed nobh option [ 45.228845][ T6623] EXT4-fs: Ignoring removed bh option [ 45.252563][ T6623] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 45.263731][ T6623] EXT4-fs (loop0): pa 0000000067455024: logic 288, phys. 417, len 6 [ 45.263790][ T6623] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 executing program [ 45.288608][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281473147498488, count = 32768 [ 45.288885][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281474976743408, count = 16 [ 45.289068][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281474976710655, count = 32767 [ 45.289221][ T6516] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz-executor309: Freeing blocks not in datazone - block = 281470681743375, count = 0 [ 45.310347][ T6626] loop0: detected capacity change from 0 to 1024 [ 45.312952][ T6626] EXT4-fs: Ignoring removed nobh option [ 45.314720][ T6626] EXT4-fs: Ignoring removed bh option executing program [ 45.350019][ T6626] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 45.356644][ T6626] EXT4-fs (loop0): pa 00000000837bf18d: logic 288, phys. 417, len 6 [ 45.356701][ T6626] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 45.386923][ T6629] loop0: detected capacity change from 0 to 1024 [ 45.387553][ T6629] EXT4-fs: Ignoring removed nobh option [ 45.387580][ T6629] EXT4-fs: Ignoring removed bh option [ 45.394323][ T6518] ------------[ cut here ]------------ [ 45.394361][ T6518] virt_to_phys used for non-linear address: 000000008e989af1 (0xe306dd20) [ 45.398501][ T6518] WARNING: CPU: 1 PID: 6518 at arch/arm64/mm/physaddr.c:15 __virt_to_phys+0xc4/0x138 [ 45.401092][ T6518] Modules linked in: [ 45.402132][ T6518] CPU: 1 UID: 0 PID: 6518 Comm: udevd Tainted: G B W 6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT [ 45.405507][ T6518] Tainted: [B]=BAD_PAGE, [W]=WARN [ 45.406864][ T6518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 45.409611][ T6518] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.411221][ T6629] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz-executor309: Allocating blocks 497-513 which overlap fs metadata [ 45.415608][ T6518] pc : __virt_to_phys+0xc4/0x138 [ 45.416984][ T6518] lr : __virt_to_phys+0xc4/0x138 [ 45.417247][ T6629] EXT4-fs (loop0): pa 00000000e42a80f2: logic 288, phys. 417, len 6 [ 45.417297][ T6629] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 45.423346][ T6518] sp : ffff8000a3b671f0 [ 45.424477][ T6518] x29: ffff8000a3b671f0 x28: ffff0000c7e70000 x27: ffff80008f62e000 [ 45.426728][ T6518] x26: 0000000000000000 x25: 0000000000001000 x24: ffffff1000040000 [ 45.429060][ T6518] x23: ffffc1ffc0000000 x22: 000f600000000000 x21: 000000000000002d [ 45.431314][ T6518] x20: 00100000e306dd20 x19: 00000000e306dd20 x18: 1fffe000337e1476 [ 45.433611][ T6518] x17: ffff80008f62e000 x16: ffff80008aecb65c x15: 0000000000000001 [ 45.436052][ T6518] x14: 1fffe0001909db40 x13: 0000000000000000 x12: 0000000000000000 [ 45.438282][ T6518] x11: ffff60001909db41 x10: 0000000000000003 x9 : 5f8ebb031dcd9100 [ 45.440526][ T6518] x8 : 5f8ebb031dcd9100 x7 : 0000000000000004 x6 : ffff800080487a94 [ 45.442811][ T6518] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800080479d90 [ 45.445151][ T6518] x2 : 0000000000000001 x1 : ffff80008b5087a0 x0 : 0000000000000001 [ 45.447411][ T6518] Call trace: [ 45.448291][ T6518] __virt_to_phys+0xc4/0x138 (P) [ 45.449649][ T6518] qlist_free_all+0x64/0xb8 [ 45.450876][ T6518] kasan_quarantine_reduce+0x118/0x124 [ 45.452429][ T6518] __kasan_slab_alloc+0x2c/0x88 [ 45.453850][ T6518] __kmalloc_noprof+0x2ac/0x4c8 [ 45.455276][ T6518] tomoyo_realpath_from_path+0xc4/0x4d4 [ 45.456893][ T6518] tomoyo_check_open_permission+0x178/0x31c [ 45.458635][ T6518] tomoyo_file_open+0x154/0x1ec [ 45.459995][ T6518] security_file_open+0xc8/0x298 [ 45.461457][ T6518] do_dentry_open+0x2b8/0x1544 [ 45.462766][ T6518] vfs_open+0x44/0x2d4 [ 45.463935][ T6518] path_openat+0x2424/0x2c40 [ 45.465349][ T6518] do_filp_open+0x18c/0x36c [ 45.466636][ T6518] do_sys_openat2+0x11c/0x1b4 [ 45.467953][ T6518] __arm64_sys_openat+0x120/0x158 [ 45.469499][ T6518] invoke_syscall+0x98/0x2b8 [ 45.470840][ T6518] el0_svc_common+0x130/0x23c [ 45.472284][ T6518] do_el0_svc+0x48/0x58 [ 45.473498][ T6518] el0_svc+0x58/0x17c [ 45.474656][ T6518] el0t_64_sync_handler+0x78/0x108 [ 45.476203][ T6518] el0t_64_sync+0x198/0x19c [ 45.477484][ T6518] irq event stamp: 23854 [ 45.478714][ T6518] hardirqs last enabled at (23853): [] _raw_write_unlock_irq+0x30/0x80 [ 45.481560][ T6518] hardirqs last disabled at (23854): [] __schedule+0x320/0x2a28 [ 45.484231][ T6518] softirqs last enabled at (23842): [] local_bh_enable+0x10/0x34 [ 45.486878][ T6518] softirqs last disabled at (23840): [] local_bh_disable+0x10/0x34 [ 45.489540][ T6518] ---[ end trace 0000000000000000 ]--- [ 45.492153][ T ** replaying previous printk message ** [ 45.492153][ T6518] Unable to handle kernel paging request at virtual address ffffffffc86c9b48 [ 45.492193][ T6518] KASAN: maybe wild-memory-access in range [0x0003fffe4364da40-0x0003fffe4364da47] [ 45.492218][ T6518] Mem abort info: [ 45.492473][ T6518] ESR = 0x0000000096000006 [ 45.492489][ T6518] EC = 0x25: DABT (current EL), IL = 32 bits [ 45.492507][ T6518] SET = 0, FnV = 0 [ 45.492522][ T6518] EA = 0, S1PTW = 0 [ 45.492537][ T6518] FSC = 0x06: level 2 translation fault [ 45.492553][ T6518] Data abort info: [ 45.492566][ T6518] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000 [ 45.492582][ T6518] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 45.492600][ T6518] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 45.492618][ T6518] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000000020730f000 [ 45.492636][ T6518] [ffffffffc86c9b48] pgd=0000000000000000, p4d=000000020b077403, pud=000000020b078403, pmd=0000000000000000 [ 45.492700][ T6518] Internal error: Oops: 0000000096000006 [#1] SMP [ 45.520086][ T6518] Modules linked in: [ 45.521229][ T6518] CPU: 1 UID: 0 PID: 6518 Comm: udevd Tainted: G B W 6.16.0-rc2-syzkaller-g9aa9b43d689e #0 PREEMPT [ 45.524649][ T6518] Tainted: [B]=BAD_PAGE, [W]=WARN [ 45.526075][ T6518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 45.528934][ T6518] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.531189][ T6518] pc : qlist_free_all+0x74/0xb8 [ 45.532720][ T6518] lr : qlist_free_all+0x64/0xb8 [ 45.534148][ T6518] sp : ffff8000a3b67220 [ 45.535330][ T6518] x29: ffff8000a3b67220 x28: ffff0000c7e70000 x27: ffff80008f62e000 [ 45.537684][ T6518] x26: 0000000000000000 x25: 0000000000001000 x24: ffffff1000040000 [ 45.540117][ T6518] x23: ffffc1ffc0000000 x22: ffff80008ef31000 x21: 00000000e306dd20 [ 45.542561][ T6518] x20: 0000000000000000 x19: ffff8000a3b67260 x18: 1fffe000337e1476 [ 45.544936][ T6518] x17: ffff80008f62e000 x16: ffff80008aecb65c x15: 0000000000000001 [ 45.547244][ T6518] x14: 1fffe0001909db40 x13: 0000000000000000 x12: 0000000000000000 [ 45.549648][ T6518] x11: ffff60001909db41 x10: 0000000000ff0100 x9 : 0000000000000000 [ 45.552038][ T6518] x8 : ffffffffc86c9b40 x7 : 0000000000000004 x6 : ffff800080487a94 [ 45.554413][ T6518] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800080479d90 [ 45.556757][ T6518] x2 : 0000000000000001 x1 : ffff80008b5087a0 x0 : 000080025b26dd20 [ 45.559093][ T6518] Call trace: [ 45.560035][ T6518] qlist_free_all+0x74/0xb8 (P) [ 45.561483][ T6518] kasan_quarantine_reduce+0x118/0x124 [ 45.563067][ T6518] __kasan_slab_alloc+0x2c/0x88 [ 45.564529][ T6518] __kmalloc_noprof+0x2ac/0x4c8 [ 45.566007][ T6518] tomoyo_realpath_from_path+0xc4/0x4d4 [ 45.567678][ T6518] tomoyo_check_open_permission+0x178/0x31c [ 45.569496][ T6518] tomoyo_file_open+0x154/0x1ec [ 45.570887][ T6518] security_file_open+0xc8/0x298 [ 45.572350][ T6518] do_dentry_open+0x2b8/0x1544 [ 45.573701][ T6518] vfs_open+0x44/0x2d4 [ 45.574902][ T6518] path_openat+0x2424/0x2c40 [ 45.576284][ T6518] do_filp_open+0x18c/0x36c [ 45.577662][ T6518] do_sys_openat2+0x11c/0x1b4 [ 45.579001][ T6518] __arm64_sys_openat+0x120/0x158 [ 45.580415][ T6518] invoke_syscall+0x98/0x2b8 [ 45.581706][ T6518] el0_svc_common+0x130/0x23c [ 45.583093][ T6518] do_el0_svc+0x48/0x58 [ 45.584345][ T6518] el0_svc+0x58/0x17c [ 45.585552][ T6518] el0t_64_sync_handler+0x78/0x108 [ 45.587079][ T6518] el0t_64_sync+0x198/0x19c [ 45.588380][ T6518] Code: d346fc08 927acd08 cb181908 8b170108 (f9400509) [ 45.590448][ T6518] ---[ end trace 0000000000000000 ]--- [ 45.989246][ T6518] Kernel panic - not syncing: Oops: Fatal exception [ 45.991141][ T6518] SMP: stopping secondary CPUs [ 45.992467][ T6518] Kernel Offset: disabled [ 45.993641][ T6518] CPU features: 0x2000,000081c0,020004a1,04017203 [ 45.995395][ T6518] Memory Limit: none [ 46.383998][ T6518] Rebooting in 86400 seconds..