program: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000001600)={[{@stripe={'stripe', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@oldalloc}, {@noquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xb}}, {@mb_optimize_scan}, {@delalloc}, {@nojournal_checksum}, {@orlov}, {@user_xattr}, {@quota}, {@delalloc}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x10) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r3, @ANYBLOB="0800260090150000080057"], 0x2c}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x1c, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f088a847", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50) fcntl$getownex(r1, 0x10, &(0x7f0000000180)) socket$caif_stream(0x25, 0x1, 0x4) r5 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r5, &(0x7f0000000000)={0x1d, r6, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18) socket(0x2a, 0x2, 0x0) r7 = socket(0x10, 0x2, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}}}, 0x24}}, 0x40000) getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r8 = io_uring_setup(0xb, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0x2c}) io_uring_enter(r8, 0x2219, 0x7721, 0x16, 0x0, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x35) pwrite64(r9, &(0x7f0000000140)='2', 0xfdef, 0xfecc) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000500), &(0x7f0000001040)=ANY=[], 0x841, 0x0) r10 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) write$FUSE_WRITE(r10, &(0x7f00000000c0)={0x18}, 0xfffffdef) [ 85.298389][ T5337] Bluetooth: hci0: command tx timeout [ 85.394096][ T5363] loop0: detected capacity change from 0 to 1024 [ 85.426433][ T5363] ======================================================= [ 85.426433][ T5363] WARNING: The mand mount option has been deprecated and [ 85.426433][ T5363] and is ignored by this kernel. Remove the mand [ 85.426433][ T5363] option from the mount to silence this warning. [ 85.426433][ T5363] ======================================================= [ 85.486296][ T5363] EXT4-fs: Ignoring removed oldalloc option [ 85.489561][ T5363] EXT4-fs: Ignoring removed orlov option [ 85.509983][ T5363] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 85.545328][ T5363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.749560][ T5363] ================================================================== [ 85.753159][ T5363] BUG: KASAN: use-after-free in ext4_find_extent+0xae6/0xcc0 [ 85.757015][ T5363] Read of size 4 at addr ffff8880533f43a4 by task syz.0.0/5363 [ 85.760168][ T5363] [ 85.761185][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.761201][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.761210][ T5363] Call Trace: [ 85.761224][ T5363] [ 85.761234][ T5363] dump_stack_lvl+0x189/0x250 [ 85.761257][ T5363] ? __virt_addr_valid+0x1c8/0x5c0 [ 85.761279][ T5363] ? rcu_is_watching+0x15/0xb0 [ 85.761295][ T5363] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.761313][ T5363] ? rcu_is_watching+0x15/0xb0 [ 85.761326][ T5363] ? lock_release+0x4b/0x3e0 [ 85.761346][ T5363] ? _raw_spin_lock_irqsave+0xb3/0xf0 [ 85.761451][ T5363] ? __virt_addr_valid+0x1c8/0x5c0 [ 85.761470][ T5363] ? __virt_addr_valid+0x4a5/0x5c0 [ 85.761516][ T5363] print_report+0xca/0x240 [ 85.761532][ T5363] ? ext4_find_extent+0xae6/0xcc0 [ 85.761553][ T5363] kasan_report+0x118/0x150 [ 85.761571][ T5363] ? ext4_find_extent+0xae6/0xcc0 [ 85.761593][ T5363] ext4_find_extent+0xae6/0xcc0 [ 85.761618][ T5363] ext4_ext_map_blocks+0x288/0x6ac0 [ 85.761645][ T5363] ? __lock_acquire+0xab9/0xd20 [ 85.761667][ T5363] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 85.761688][ T5363] ? ext4_es_lookup_extent+0x622/0xa70 [ 85.761703][ T5363] ext4_map_blocks+0x860/0x1740 [ 85.761718][ T5363] ? __pfx_ext4_map_blocks+0x10/0x10 [ 85.761729][ T5363] ? __pfx_hlock_conflict+0x10/0x10 [ 85.761743][ T5363] ? __lock_acquire+0xab9/0xd20 [ 85.761761][ T5363] ? check_path+0x21/0x40 [ 85.761778][ T5363] _ext4_get_block+0x200/0x4c0 [ 85.761792][ T5363] ? __pfx__ext4_get_block+0x10/0x10 [ 85.761808][ T5363] ext4_get_block_unwritten+0x2e/0x100 [ 85.761824][ T5363] ext4_block_write_begin+0x993/0x1710 [ 85.761843][ T5363] ? __pfx_ext4_get_block_unwritten+0x10/0x10 [ 85.761857][ T5363] ? __pfx_ext4_block_write_begin+0x10/0x10 [ 85.761872][ T5363] ? folio_mapping+0x16f/0x240 [ 85.761884][ T5363] ? ext4_inode_journal_mode+0x18c/0x480 [ 85.761902][ T5363] ext4_write_begin+0xc04/0x19a0 [ 85.761928][ T5363] ? __pfx_ext4_write_begin+0x10/0x10 [ 85.761950][ T5363] ext4_da_write_begin+0x445/0xda0 [ 85.761964][ T5363] ? __pfx___might_resched+0x10/0x10 [ 85.761978][ T5363] ? __pfx_ext4_da_write_begin+0x10/0x10 [ 85.761992][ T5363] generic_perform_write+0x2c2/0x900 [ 85.762018][ T5363] ? __pfx_generic_perform_write+0x10/0x10 [ 85.762030][ T5363] ? file_modified_flags+0x4bb/0x560 [ 85.762047][ T5363] ? ext4_write_checks+0x24b/0x2c0 [ 85.762064][ T5363] ext4_buffered_write_iter+0xce/0x3a0 [ 85.762083][ T5363] ext4_file_write_iter+0x298/0x1bc0 [ 85.762107][ T5363] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 85.762126][ T5363] vfs_write+0x5c9/0xb30 [ 85.762144][ T5363] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 85.762157][ T5363] ? __pfx_vfs_write+0x10/0x10 [ 85.762172][ T5363] ? __fget_files+0x2a/0x420 [ 85.762190][ T5363] ksys_write+0x145/0x250 [ 85.762202][ T5363] ? __pfx_ksys_write+0x10/0x10 [ 85.762215][ T5363] ? rcu_is_watching+0x15/0xb0 [ 85.762227][ T5363] ? do_syscall_64+0xbe/0x3b0 [ 85.762239][ T5363] do_syscall_64+0xfa/0x3b0 [ 85.762250][ T5363] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.762260][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.762272][ T5363] ? clear_bhb_loop+0x60/0xb0 [ 85.762284][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.762300][ T5363] RIP: 0033:0x7f48e838ec29 [ 85.762315][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.762325][ T5363] RSP: 002b:00007f48e922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 85.762343][ T5363] RAX: ffffffffffffffda RBX: 00007f48e85d5fa0 RCX: 00007f48e838ec29 [ 85.762352][ T5363] RDX: 00000000fffffdef RSI: 00002000000000c0 RDI: 000000000000000c [ 85.762360][ T5363] RBP: 00007f48e8411e41 R08: 0000000000000000 R09: 0000000000000000 [ 85.762368][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.762374][ T5363] R13: 00007f48e85d6038 R14: 00007f48e85d5fa0 R15: 00007ffc00335e98 [ 85.762384][ T5363] [ 85.762388][ T5363] [ 85.943488][ T5363] The buggy address belongs to the physical page: [ 85.947193][ T5363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x533f4 [ 85.951281][ T5363] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 85.954212][ T5363] raw: 04fff00000000000 ffffea00014cfd48 ffffea00014cfcc8 0000000000000000 [ 85.957854][ T5363] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 85.961899][ T5363] page dumped because: kasan: bad access detected [ 85.964782][ T5363] page_owner info is not present (never set?) [ 85.967567][ T5363] [ 85.968744][ T5363] Memory state around the buggy address: [ 85.971590][ T5363] ffff8880533f4280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 85.975295][ T5363] ffff8880533f4300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 85.978818][ T5363] >ffff8880533f4380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 85.982378][ T5363] ^ [ 85.984726][ T5363] ffff8880533f4400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 85.989431][ T5363] ffff8880533f4480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 85.993035][ T5363] ================================================================== [ 86.005306][ T5363] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 86.008677][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.012391][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.016693][ T5363] Call Trace: [ 86.018131][ T5363] [ 86.019522][ T5363] dump_stack_lvl+0x99/0x250 [ 86.022016][ T5363] ? __asan_memcpy+0x40/0x70 [ 86.024742][ T5363] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.027484][ T5363] ? __pfx__printk+0x10/0x10 [ 86.029539][ T5363] vpanic+0x281/0x750 [ 86.031235][ T5363] ? preempt_schedule+0xae/0xc0 [ 86.033351][ T5363] ? __pfx_vpanic+0x10/0x10 [ 86.035315][ T5363] ? preempt_schedule_common+0x83/0xd0 [ 86.037582][ T5363] ? preempt_schedule+0xae/0xc0 [ 86.039633][ T5363] ? __pfx_preempt_schedule+0x10/0x10 [ 86.042058][ T5363] panic+0xb9/0xc0 [ 86.043974][ T5363] ? __pfx_panic+0x10/0x10 [ 86.046388][ T5363] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 86.049866][ T5363] ? is_module_address+0x17/0xf0 [ 86.052757][ T5363] ? ext4_find_extent+0xae6/0xcc0 [ 86.055288][ T5363] check_panic_on_warn+0x89/0xb0 [ 86.057787][ T5363] ? ext4_find_extent+0xae6/0xcc0 [ 86.060331][ T5363] end_report+0x78/0x160 [ 86.062494][ T5363] kasan_report+0x129/0x150 [ 86.065244][ T5363] ? ext4_find_extent+0xae6/0xcc0 [ 86.068042][ T5363] ext4_find_extent+0xae6/0xcc0 [ 86.070352][ T5363] ext4_ext_map_blocks+0x288/0x6ac0 [ 86.072716][ T5363] ? __lock_acquire+0xab9/0xd20 [ 86.074875][ T5363] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 86.077345][ T5363] ? ext4_es_lookup_extent+0x622/0xa70 [ 86.079902][ T5363] ext4_map_blocks+0x860/0x1740 [ 86.082226][ T5363] ? __pfx_ext4_map_blocks+0x10/0x10 [ 86.085212][ T5363] ? __pfx_hlock_conflict+0x10/0x10 [ 86.087868][ T5363] ? __lock_acquire+0xab9/0xd20 [ 86.090116][ T5363] ? check_path+0x21/0x40 [ 86.091929][ T5363] _ext4_get_block+0x200/0x4c0 [ 86.094027][ T5363] ? __pfx__ext4_get_block+0x10/0x10 [ 86.096316][ T5363] ext4_get_block_unwritten+0x2e/0x100 [ 86.098600][ T5363] ext4_block_write_begin+0x993/0x1710 [ 86.101059][ T5363] ? __pfx_ext4_get_block_unwritten+0x10/0x10 [ 86.104040][ T5363] ? __pfx_ext4_block_write_begin+0x10/0x10 [ 86.107050][ T5363] ? folio_mapping+0x16f/0x240 [ 86.109157][ T5363] ? ext4_inode_journal_mode+0x18c/0x480 [ 86.111616][ T5363] ext4_write_begin+0xc04/0x19a0 [ 86.113800][ T5363] ? __pfx_ext4_write_begin+0x10/0x10 [ 86.116240][ T5363] ext4_da_write_begin+0x445/0xda0 [ 86.118707][ T5363] ? __pfx___might_resched+0x10/0x10 [ 86.121521][ T5363] ? __pfx_ext4_da_write_begin+0x10/0x10 [ 86.124128][ T5363] generic_perform_write+0x2c2/0x900 [ 86.126426][ T5363] ? __pfx_generic_perform_write+0x10/0x10 [ 86.128977][ T5363] ? file_modified_flags+0x4bb/0x560 [ 86.131356][ T5363] ? ext4_write_checks+0x24b/0x2c0 [ 86.133837][ T5363] ext4_buffered_write_iter+0xce/0x3a0 [ 86.136818][ T5363] ext4_file_write_iter+0x298/0x1bc0 [ 86.139388][ T5363] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 86.141757][ T5363] vfs_write+0x5c9/0xb30 [ 86.143489][ T5363] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 86.145858][ T5363] ? __pfx_vfs_write+0x10/0x10 [ 86.147922][ T5363] ? __fget_files+0x2a/0x420 [ 86.150092][ T5363] ksys_write+0x145/0x250 [ 86.152227][ T5363] ? __pfx_ksys_write+0x10/0x10 [ 86.154488][ T5363] ? rcu_is_watching+0x15/0xb0 [ 86.156697][ T5363] ? do_syscall_64+0xbe/0x3b0 [ 86.158743][ T5363] do_syscall_64+0xfa/0x3b0 [ 86.160747][ T5363] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.162835][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.165403][ T5363] ? clear_bhb_loop+0x60/0xb0 [ 86.167426][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.169952][ T5363] RIP: 0033:0x7f48e838ec29 [ 86.171862][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.179855][ T5363] RSP: 002b:00007f48e922c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 86.183994][ T5363] RAX: ffffffffffffffda RBX: 00007f48e85d5fa0 RCX: 00007f48e838ec29 [ 86.188181][ T5363] RDX: 00000000fffffdef RSI: 00002000000000c0 RDI: 000000000000000c [ 86.191694][ T5363] RBP: 00007f48e8411e41 R08: 0000000000000000 R09: 0000000000000000 [ 86.195065][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.198492][ T5363] R13: 00007f48e85d6038 R14: 00007f48e85d5fa0 R15: 00007ffc00335e98 [ 86.202034][ T5363] [ 86.204252][ T5363] Kernel Offset: disabled [ 86.206887][ T5363] Rebooting in 86400 seconds..