program: r0 = syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000140)={[{@discard}, {@grpquota}]}, 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc140, 0x1ff) mkdirat(r0, &(0x7f0000000cc0)='./file1\x00', 0x1e0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x400, &(0x7f0000000c80)={[{@workdir={'workdir', 0x3d, './bus'}}, {@volatile}, {@verity_require}, {@redirect_dir_nofollow}]}) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200c00, &(0x7f0000000c80)=ANY=[], 0x6, 0xa8f, &(0x7f0000002180)="$eJzs3U1sXEcBAOB5a68TNynZlISaJLQJP235qd04JvxE0FTNhaipuFWquERpWiLSgEglaFWpSU6coFUVrlDEqRwqQEjtBUU9calEI3GpOBQOHIiCVIkDFJJFXs+s3453eWvH8e56v08aj+fN7M6857fPb997MxOAsVVr/VxYmClCuPzWq8f+ft/fpheXPNwu0Wj9nCyl6iGEIqYns/d7f2IpvvHBi6e6xUWYb/1M6fD49fZrt4UQLoT94UpohD2Xr77yzvxjJy4ev3Tg3dePXLs9aw8AAOPlm1eOLOz+yx/37vzwjXuOhi3t5en8vBHT2+N5/9F44p/O/2uhM12UQtlUVm4yhlpWbqJLuXI99azcZI/6p7L3rbfz93aU21JR/0RpWbf1hlGW9uNGKGqzHelabXZ26Tt5aH2vnypmz505+/T5ATUUWHf/vDeEsF9YbWg2my+1NuAQtEUQ1hqaOwZ9BAJYkt8vXOFCfmXh1rTfbbK/+q8/Uuv+elgHG73/V9X/4z8Ptv4Vxrz+X150xGH9bNa9Ka1X+hxtj+n8PkL+/NJqP//p/fL7EfU+29nrPsKo3F/o1c6JDW7HWvVqf75fbFZfi3HaDl/P8sufn/xvOip/Y6C7f23U9f/Xpgd+rXMx7B+CNmzqUB+CNgh9h+agD0DA0Fp+bm5JM0r5refsJnrnb6l4/daK/OmK/Dsq8rdV5MM4++1zPwkvF8vf8/Pv9Ku9Hpaus90Z44+ssj359cjV1p8/97tat1p//jwxDLM3Tz5x+stPPXl16fn/or3/34z7+/6YbsTP1pVYIF0vzK+rt5/9b3TWU+tR7q6sPXeuKN9cqnFXZ7li1/L7hNJxZkU7Zjpft6NXuX2d5RpZuekYtmbtzc9P7shel84/0nE1ba/JbH3r2XpMZe1Ix5WdMc7bAWuR9sdez/+n/XMm1Iunz5w9/VBMp/30DxP1LYvLD5bf9FdZJf3eDAM2VL/9f2ZCZ/+f7e3l9VrpuNA+/U7Hi4Pt9+tcPr+UrOflD8V0+j/37Ynp1vLZU989+9R6rzyMufPPv/Cdk2fPnv6+X9Iv0zaLX8bvl6nQuaTqyLFZnxyE8TH33LPfmzv//AsPnnn25DOnnzl97tDhw4fm5w9/5dDCXOu8fq78rR/YTJZPAwbdEgAAAAAAAAAAAKBfPzh+7Oqf3v7Se0v9/5f7/6X+/+nJ39T//0dZ//+8n3zqFZD62e/skt+ad+/NznZMZeXqMXw0a++urJ7d2es+FuP2PH6x/3/qb5+P65rac3e2PO+ynMplwwmsGC9lKhuDpD1fYOyw/8mYvhTjXwQYoGK6++IYV41vPVUu/NLtaiS3WxpPJO0NaRyT1P+717hO6fi/cwPayPrbiA6Gg15HoLt/DOP8n7VyunQmPuh2/f/QbA6+Dbcehn87C+sYmk2zeADDYdDzf6brnik+9/tvbF0Mqdj1RzqPl/n4pXArhn3+SfVvrvk/2/Pf9XX86zK6esc4z/3PrvDvn117r1Rt2NPv8Tdf/zQO9K7qOss+jPWn9b8/9Fd/87Ws/vyGUJ/+k9V/R5/1r1j/fWur/7+x/rTZHvhUv/UvtbiodbZjOl4rTuuR7v/l142TG9n6p7E9V73+a5yo8WasH8ZZ73lmR3vQ7lGZ/7eX/DmML8Z0OhCm5xzy/8j9tL98xzc9X5H+D+wuQrhQyi8q/r+NyjzFvYz7/L9fjXHV5yHN/5v2x0aXdK2UrnfZtqO+r8Bm8/4w3v8b5XBhCNogDGkYjjmwy6HZbA50IG+jiA/WoLf/oO8+D7r+QW//Kvn8v/k5/FSen32ByOf/zV+fz/+b5+fz6+X5+fy/+fbM5//N8+/O3je/gj1Tkf/xivw9Ffl7l/Onu+Xvq3j9JyryD1Tk31ORf29F/l0V+RMV+Z+uyP9MRf59FfkPVOR/tiJ/s2v1Ryl9qMZt/WGc5f3zfP5hfKT7P70+/7sq8oHR9dM3Dj765G++1Vjq/z/V/r6W7uMdjel6/O78w5jO73uHUnox7+2Y/muWP+zXO2Cc5ONn5P/f76/IB0ZXeo7M5xvGULG1++IYp+NCr3Grep3nM1o+F+PPx/gLMX4wxrMxnovxwRjPb1D7uD0e/fXvjrxcLH/f35Hl9/s8fN4fKB8n6lCf7cmvD6z2efx8HL/VutX619gdDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBqrZ8LCzNFCJffevXYEyfOzC0uebhdotH6OVlK1duvC+GhGE/E+OfxlxsfvHiqHN+McRHmQxGK9vLw+PV2TdtCCBfC/nAlNMKey1dfeWf+sRMXj1868O7rR67dvi0AAAAAm9//AgAA//8CXxxk") r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r1, 0x2007ffc) creat(&(0x7f0000000040)='./file1\x00', 0x4) r2 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000640)={0x0, {}, 0x0, {}, 0x7, 0x0, 0x0, 0x0, "22536af39b7c7cb7435b0a43852dbc3a9ada34cc97af10fd4fcca15748328c53096c2f359e9ba743d30b59c491a7b3e74d938981061383374a1d79471a2d2dfe", "0410b1617b6228917d76322c2e9e13be3626f4e25310f5db74161ccef2c5cf5e", [0x3, 0x80000800]}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000c00)='./file1\x00', 0x2, 0x0) write(r3, &(0x7f0000000240)="01", 0x2001) [ 74.397820][ T5316] Bluetooth: hci0: command tx timeout [ 74.444010][ T5337] loop0: detected capacity change from 0 to 512 [ 74.505980][ T5337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.542216][ T25] audit: type=1800 audit(1751880194.547:2): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 74.556024][ T5337] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 74.578547][ T5337] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 74.583704][ T5337] overlayfs: missing 'lowerdir' [ 74.618232][ T25] audit: type=1804 audit(1751880194.617:3): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.0" name="/newroot/0/file0/file1" dev="loop0" ino=15 res=1 errno=0 [ 74.638990][ T25] audit: type=1800 audit(1751880194.637:4): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 74.678640][ T5337] loop0: detected capacity change from 512 to 511 [ 74.698922][ T5337] ------------[ cut here ]------------ [ 74.701525][ T5337] kernel BUG at fs/ext4/inline.c:357! [ 74.714002][ T5337] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 74.717420][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 74.722354][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.727047][ T5337] RIP: 0010:ext4_update_inline_data+0x4e8/0x4f0 [ 74.729739][ T5337] Code: ff ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 32 ff ff ff 48 8b 7c 24 18 e8 63 59 b1 ff e9 23 ff ff ff e8 19 d6 4d ff 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 74.739260][ T5337] RSP: 0018:ffffc9000dd67360 EFLAGS: 00010287 [ 74.742039][ T5337] RAX: ffffffff82724fe7 RBX: ffff888053090c28 RCX: 0000000000100000 [ 74.745988][ T5337] RDX: ffffc9000e189000 RSI: 0000000000000221 RDI: 0000000000000222 [ 74.750107][ T5337] RBP: ffffc9000dd674b0 R08: ffff88803ea6c880 R09: 0000000000000002 [ 74.754054][ T5337] R10: 00000000ffffffc3 R11: 0000000000000002 R12: 00000000ffffffc3 [ 74.758779][ T5337] R13: 0000000000001000 R14: ffffc9000dd673c0 R15: ffffc9000dd673e8 [ 74.762734][ T5337] FS: 00007f0dc221f6c0(0000) GS:ffff88808d21d000(0000) knlGS:0000000000000000 [ 74.766782][ T5337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.769690][ T5337] CR2: 00007f38f6f99000 CR3: 000000003f8e6000 CR4: 0000000000352ef0 [ 74.773238][ T5337] Call Trace: [ 74.774779][ T5337] [ 74.776136][ T5337] ? ext4_prepare_inline_data+0xb6/0x1d0 [ 74.779509][ T5337] ? __pfx_ext4_update_inline_data+0x10/0x10 [ 74.783555][ T5337] ? down_write+0x162/0x1f0 [ 74.785524][ T5337] ? ext4_journal_check_start+0x1cf/0x2b0 [ 74.787963][ T5337] ext4_prepare_inline_data+0x141/0x1d0 [ 74.790429][ T5337] ext4_generic_write_inline_data+0x207/0xc90 [ 74.793226][ T5337] ? __pfx_ext4_generic_write_inline_data+0x10/0x10 [ 74.795975][ T5337] ? ext4_get_max_inline_size+0x172/0x1e0 [ 74.798484][ T5337] ? ext4_inode_journal_mode+0x18c/0x480 [ 74.801427][ T5337] ext4_try_to_write_inline_data+0x80/0xa0 [ 74.804918][ T5337] ext4_write_begin+0x2d8/0x1680 [ 74.807697][ T5337] ? lockdep_hardirqs_on+0x9c/0x150 [ 74.810213][ T5337] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 74.812835][ T5337] ? __folio_mark_dirty+0x9ca/0xec0 [ 74.815149][ T5337] ? rcu_is_watching+0x15/0xb0 [ 74.817341][ T5337] ? __mark_inode_dirty+0x3ab/0xdf0 [ 74.819652][ T5337] ? __pfx_ext4_write_begin+0x10/0x10 [ 74.822092][ T5337] ext4_da_write_begin+0x449/0xd20 [ 74.824483][ T5337] ? __pfx_ext4_da_write_begin+0x10/0x10 [ 74.827698][ T5337] generic_perform_write+0x2c7/0x910 [ 74.831215][ T5337] ? __pfx_generic_perform_write+0x10/0x10 [ 74.834311][ T5337] ? file_modified_flags+0x4bb/0x560 [ 74.836796][ T5337] ? ext4_write_checks+0x24b/0x2c0 [ 74.839066][ T5337] ext4_buffered_write_iter+0xce/0x3a0 [ 74.841437][ T5337] ext4_file_write_iter+0x298/0x1bc0 [ 74.843644][ T5337] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 74.846209][ T5337] vfs_write+0x548/0xa90 [ 74.848144][ T5337] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 74.850651][ T5337] ? __pfx_vfs_write+0x10/0x10 [ 74.852868][ T5337] ? __fget_files+0x2a/0x420 [ 74.855221][ T5337] ksys_write+0x145/0x250 [ 74.857439][ T5337] ? __pfx_ksys_write+0x10/0x10 [ 74.860084][ T5337] ? rcu_is_watching+0x15/0xb0 [ 74.862671][ T5337] ? do_syscall_64+0xbe/0x3b0 [ 74.864850][ T5337] do_syscall_64+0xfa/0x3b0 [ 74.866843][ T5337] ? lockdep_hardirqs_on+0x9c/0x150 [ 74.868893][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.871340][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 74.873381][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.876491][ T5337] RIP: 0033:0x7f0dc138e929 [ 74.879580][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.888356][ T5337] RSP: 002b:00007f0dc221f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 74.891639][ T5337] RAX: ffffffffffffffda RBX: 00007f0dc15b5fa0 RCX: 00007f0dc138e929 [ 74.895363][ T5337] RDX: 0000000000002001 RSI: 0000200000000240 RDI: 0000000000000008 [ 74.899716][ T5337] RBP: 00007f0dc1410b39 R08: 0000000000000000 R09: 0000000000000000 [ 74.903286][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.907055][ T5337] R13: 0000000000000000 R14: 00007f0dc15b5fa0 R15: 00007ffd2e756668 [ 74.910878][ T5337] [ 74.912508][ T5337] Modules linked in: [ 74.915350][ T5337] ---[ end trace 0000000000000000 ]--- [ 74.923573][ T5337] RIP: 0010:ext4_update_inline_data+0x4e8/0x4f0 [ 74.926555][ T5337] Code: ff ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 32 ff ff ff 48 8b 7c 24 18 e8 63 59 b1 ff e9 23 ff ff ff e8 19 d6 4d ff 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 74.938293][ T5337] RSP: 0018:ffffc9000dd67360 EFLAGS: 00010287 [ 74.941094][ T5337] RAX: ffffffff82724fe7 RBX: ffff888053090c28 RCX: 0000000000100000 [ 74.944544][ T5337] RDX: ffffc9000e189000 RSI: 0000000000000221 RDI: 0000000000000222 [ 74.948507][ T5337] RBP: ffffc9000dd674b0 R08: ffff88803ea6c880 R09: 0000000000000002 [ 74.951464][ T5337] R10: 00000000ffffffc3 R11: 0000000000000002 R12: 00000000ffffffc3 [ 74.954467][ T5337] R13: 0000000000001000 R14: ffffc9000dd673c0 R15: ffffc9000dd673e8 [ 74.959060][ T5337] FS: 00007f0dc221f6c0(0000) GS:ffff88808d21d000(0000) knlGS:0000000000000000 [ 74.962553][ T5337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.965287][ T5337] CR2: 00007f38f6f99000 CR3: 000000003f8e6000 CR4: 0000000000352ef0 [ 74.969049][ T5337] Kernel panic - not syncing: Fatal exception [ 74.971929][ T5337] Kernel Offset: disabled [ 74.973579][ T5337] Rebooting in 86400 seconds..