program: r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58) pwritev2(r1, &(0x7f00000002c0)=[{&(0x7f0000000100)="fe", 0x1}], 0x1, 0x5405, 0x0, 0x3) openat(r0, &(0x7f0000000000)='./file1\x00', 0x20, 0xa0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0) pwrite64(r2, &(0x7f0000000300)='_', 0x1, 0x10000000005) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x43) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x1, 0x20000000aea}, 0x110104, 0x32, 0x0, 0x6, 0x2f9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f0000000580), 0x12) ioctl$IOMMU_VFIO_GET_API_VERSION(r1, 0x3b64) [ 58.344300][ T5316] Bluetooth: hci0: command tx timeout [ 58.418594][ T5331] loop0: detected capacity change from 0 to 2048 [ 58.449401][ T5331] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.460253][ T5331] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 58.469008][ T5331] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28 [ 58.474211][ T5331] EXT4-fs (loop0): This should not happen!! Data will be lost [ 58.474211][ T5331] [ 58.477821][ T5331] EXT4-fs (loop0): Total free blocks count 0 [ 58.480466][ T5331] EXT4-fs (loop0): Free/Dirty block details [ 58.484706][ T5331] EXT4-fs (loop0): free_blocks=2415919504 [ 58.487078][ T5331] EXT4-fs (loop0): dirty_blocks=16 [ 58.489195][ T5331] EXT4-fs (loop0): Block reservation details [ 58.491797][ T5331] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 58.501993][ T5331] ------------[ cut here ]------------ [ 58.504516][ T5331] kernel BUG at fs/ext4/inline.c:240! [ 58.507930][ T5331] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 58.510465][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-10167-g93d52288679e #0 PREEMPT(full) [ 58.514808][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.519033][ T5331] RIP: 0010:ext4_write_inline_data+0x3fc/0x400 [ 58.521570][ T5331] Code: 89 f1 80 e1 07 fe c1 38 c1 0f 8c 1d ff ff ff 4c 89 f7 e8 87 9c ab ff e9 10 ff ff ff e8 7d 62 43 ff 90 0f 0b e8 75 62 43 ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f [ 58.529225][ T5331] RSP: 0018:ffffc9000d4c77d8 EFLAGS: 00010283 [ 58.531703][ T5331] RAX: ffffffff8280087b RBX: 000000000000003c RCX: 0000000000100000 [ 58.534771][ T5331] RDX: ffffc9000e9ca000 RSI: 000000000000030f RDI: 0000000000000310 [ 58.537883][ T5331] RBP: ffff88804439e184 R08: ffffffff82800606 R09: 1ffff1100a64d870 [ 58.540996][ T5331] R10: dffffc0000000000 R11: ffffed100a64d871 R12: 0000010000000006 [ 58.544041][ T5331] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000d4c78c0 [ 58.547099][ T5331] FS: 00007fa83db5b6c0(0000) GS:ffff88808c5b7000(0000) knlGS:0000000000000000 [ 58.550567][ T5331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.553167][ T5331] CR2: 00007fa830c3f000 CR3: 0000000042f70000 CR4: 0000000000352ef0 [ 58.556269][ T5331] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.559310][ T5331] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.562540][ T5331] Call Trace: [ 58.563896][ T5331] [ 58.565039][ T5331] ? __die_body+0x5f/0xb0 [ 58.566974][ T5331] ? die+0x99/0xc0 [ 58.568710][ T5331] ? do_trap+0x15a/0x3a0 [ 58.570580][ T5331] ? ext4_write_inline_data+0x3fc/0x400 [ 58.572734][ T5331] ? do_error_trap+0x1dd/0x2c0 [ 58.574595][ T5331] ? ext4_write_inline_data+0x3fc/0x400 [ 58.576720][ T5331] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 58.579102][ T5331] ? __pfx_do_error_trap+0x10/0x10 [ 58.581246][ T5331] ? handle_invalid_op+0x34/0x40 [ 58.583200][ T5331] ? ext4_write_inline_data+0x3fc/0x400 [ 58.585424][ T5331] ? exc_invalid_op+0x38/0x50 [ 58.587302][ T5331] ? asm_exc_invalid_op+0x1a/0x20 [ 58.589308][ T5331] ? ext4_write_inline_data+0x186/0x400 [ 58.591627][ T5331] ? ext4_write_inline_data+0x3fb/0x400 [ 58.593913][ T5331] ? ext4_write_inline_data+0x3fc/0x400 [ 58.596205][ T5331] ? ext4_write_inline_data+0x3fb/0x400 [ 58.598433][ T5331] ext4_write_inline_data_end+0x2f9/0xa90 [ 58.600759][ T5331] ? __pfx_ext4_write_inline_data_end+0x10/0x10 [ 58.603318][ T5331] ? ext4_da_write_end+0x261/0xcd0 [ 58.605457][ T5331] ? __pfx_ext4_da_write_end+0x10/0x10 [ 58.607540][ T5331] generic_perform_write+0x70b/0xa10 [ 58.609714][ T5331] ? do_raw_spin_unlock+0x58/0x8b0 [ 58.611789][ T5331] ? __pfx_generic_perform_write+0x10/0x10 [ 58.614109][ T5331] ? ext4_write_checks+0x255/0x2c0 [ 58.616271][ T5331] ext4_buffered_write_iter+0xc7/0x390 [ 58.618563][ T5331] ext4_file_write_iter+0x97f/0x1da0 [ 58.620827][ T5331] ? __lock_acquire+0xad5/0xd80 [ 58.622810][ T5331] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 58.625189][ T5331] vfs_write+0x70f/0xd10 [ 58.626981][ T5331] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 58.629273][ T5331] ? __pfx_vfs_write+0x10/0x10 [ 58.631286][ T5331] ? __fget_files+0x2a/0x420 [ 58.633250][ T5331] ? __fget_files+0x2a/0x420 [ 58.635122][ T5331] __x64_sys_pwrite64+0x1b5/0x250 [ 58.637274][ T5331] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 58.639520][ T5331] ? do_syscall_64+0xb6/0x230 [ 58.641472][ T5331] do_syscall_64+0xf3/0x230 [ 58.643342][ T5331] ? clear_bhb_loop+0x45/0xa0 [ 58.645266][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.647754][ T5331] RIP: 0033:0x7fa83cd8d169 [ 58.649695][ T5331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.657531][ T5331] RSP: 002b:00007fa83db5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 58.660696][ T5331] RAX: ffffffffffffffda RBX: 00007fa83cfa5fa0 RCX: 00007fa83cd8d169 [ 58.663778][ T5331] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000005 [ 58.667044][ T5331] RBP: 00007fa83ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 58.670245][ T5331] R10: 0000010000000005 R11: 0000000000000246 R12: 0000000000000000 [ 58.673500][ T5331] R13: 0000000000000000 R14: 00007fa83cfa5fa0 R15: 00007ffd0da0fbb8 [ 58.676753][ T5331] [ 58.678057][ T5331] Modules linked in: [ 58.680203][ T5331] ---[ end trace 0000000000000000 ]--- [ 58.688961][ T5332] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 58.694795][ T5331] RIP: 0010:ext4_write_inline_data+0x3fc/0x400 [ 58.697559][ T5331] Code: 89 f1 80 e1 07 fe c1 38 c1 0f 8c 1d ff ff ff 4c 89 f7 e8 87 9c ab ff e9 10 ff ff ff e8 7d 62 43 ff 90 0f 0b e8 75 62 43 ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f [ 58.708128][ T5331] RSP: 0018:ffffc9000d4c77d8 EFLAGS: 00010283 [ 58.711022][ T5331] RAX: ffffffff8280087b RBX: 000000000000003c RCX: 0000000000100000 [ 58.714681][ T5331] RDX: ffffc9000e9ca000 RSI: 000000000000030f RDI: 0000000000000310 [ 58.718097][ T5331] RBP: ffff88804439e184 R08: ffffffff82800606 R09: 1ffff1100a64d870 [ 58.721370][ T5331] R10: dffffc0000000000 R11: ffffed100a64d871 R12: 0000010000000006 [ 58.725268][ T5331] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000d4c78c0 [ 58.728523][ T5331] FS: 00007fa83db5b6c0(0000) GS:ffff88808c5b7000(0000) knlGS:0000000000000000 [ 58.732122][ T5331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.735231][ T5331] CR2: 00007fa83db39fd8 CR3: 0000000042f70000 CR4: 0000000000352ef0 [ 58.738646][ T5331] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.741996][ T5331] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.745810][ T5331] Kernel panic - not syncing: Fatal exception [ 58.748551][ T5331] Kernel Offset: disabled [ 58.750264][ T5331] Rebooting in 86400 seconds..