loop0: detected capacity change from 512 to 64
syz.0.0: attempt to access beyond end of device
loop0: rw=2049, sector=258, nr_sectors = 24 limit=64
EXT4-fs warning (device loop0): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 129)
Buffer I/O error on device loop0, logical block 129
Buffer I/O error on device loop0, logical block 130
Buffer I/O error on device loop0, logical block 131
Buffer I/O error on device loop0, logical block 132
Buffer I/O error on device loop0, logical block 133
Buffer I/O error on device loop0, logical block 134
Buffer I/O error on device loop0, logical block 135
Buffer I/O error on device loop0, logical block 136
Buffer I/O error on device loop0, logical block 137
Buffer I/O error on device loop0, logical block 138
EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #18: comm syz.0.0: corrupted inode contents
EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #18: comm syz.0.0: mark_inode_dirty error
EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #18: comm syz.0.0: corrupted inode contents
EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #18: comm syz.0.0: mark_inode_dirty error
EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #18: comm syz.0.0: corrupted inode contents
EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #18: comm syz.0.0: mark_inode_dirty error
------------[ cut here ]------------
kernel BUG at fs/ext4/mballoc.c:4687!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:ext4_mb_use_inode_pa+0x690/0x700 fs/ext4/mballoc.c:4687
Code: 20 9f af 8e 4c 89 e6 48 89 ea e8 cb 9a a1 02 e9 be fc ff ff e8 a1 e8 3f ff 90 0f 0b e8 99 e8 3f ff 90 0f 0b e8 91 e8 3f ff 90 <0f> 0b e8 89 e8 3f ff 90 0f 0b 48 8b 0c 24 80 e1 07 80 c1 03 38 c1
RSP: 0018:ffffc9000d34e648 EFLAGS: 00010293
RAX: ffffffff827f758f RBX: 00000000ffffffdc RCX: ffff88801f3b4880
RDX: 0000000000000000 RSI: 000000000000002c RDI: 0000000000000008
RBP: 0000000000000000 R08: ffffffff827f728f R09: 1ffff1100875ceda
R10: dffffc0000000000 R11: ffffed100875cedb R12: ffff888043ae76e8
R13: 1ffff1100875cc8e R14: 000000000000002c R15: 1ffff1100875cedd
FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000040000000f000 CR3: 0000000042d8a000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 ext4_mb_use_preallocated+0x680/0x1420 fs/ext4/mballoc.c:4904
 ext4_mb_new_blocks+0x6ef/0x4e00 fs/ext4/mballoc.c:6208
 ext4_alloc_branch fs/ext4/indirect.c:340 [inline]
 ext4_ind_map_blocks+0x108c/0x29e0 fs/ext4/indirect.c:635
 ext4_map_create_blocks fs/ext4/inode.c:518 [inline]
 ext4_map_blocks+0x85d/0x1990 fs/ext4/inode.c:702
 mpage_map_one_extent fs/ext4/inode.c:2219 [inline]
 mpage_map_and_submit_extent fs/ext4/inode.c:2272 [inline]
 ext4_do_writepages+0x15ac/0x3df0 fs/ext4/inode.c:2735
 ext4_writepages+0x213/0x3c0 fs/ext4/inode.c:2824
 do_writepages+0x35f/0x880 mm/page-writeback.c:2687
 __writeback_single_inode+0x14f/0x10d0 fs/fs-writeback.c:1680
 writeback_single_inode+0x1f3/0x660 fs/fs-writeback.c:1801
 write_inode_now+0x1dd/0x260 fs/fs-writeback.c:2851
 iput_final fs/inode.c:1933 [inline]
 iput+0x60d/0xa50 fs/inode.c:1972
 __dentry_kill+0x20d/0x630 fs/dcache.c:643
 dput+0x19f/0x2b0 fs/dcache.c:885
 __fput+0x60b/0x9f0 fs/file_table.c:472
 task_work_run+0x24f/0x310 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0xa2a/0x28e0 kernel/exit.c:938
 do_group_exit+0x207/0x2c0 kernel/exit.c:1087
 get_signal+0x16b2/0x1750 kernel/signal.c:3036
 arch_do_signal_or_restart+0x96/0x860 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xce/0x340 kernel/entry/common.c:218
 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f05d6f8cde9
Code: Unable to access opcode bytes at 0x7f05d6f8cdbf.
RSP: 002b:00007f05d7d9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: 0000000000000000 RBX: 00007f05d71a6080 RCX: 00007f05d6f8cde9
RDX: 00004000000007c0 RSI: 0000000000004c04 RDI: 0000000000000007
RBP: 00007f05d700e2a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f05d71a6080 R15: 00007ffc71486158
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:ext4_mb_use_inode_pa+0x690/0x700 fs/ext4/mballoc.c:4687
Code: 20 9f af 8e 4c 89 e6 48 89 ea e8 cb 9a a1 02 e9 be fc ff ff e8 a1 e8 3f ff 90 0f 0b e8 99 e8 3f ff 90 0f 0b e8 91 e8 3f ff 90 <0f> 0b e8 89 e8 3f ff 90 0f 0b 48 8b 0c 24 80 e1 07 80 c1 03 38 c1
RSP: 0018:ffffc9000d34e648 EFLAGS: 00010293
RAX: ffffffff827f758f RBX: 00000000ffffffdc RCX: ffff88801f3b4880
RDX: 0000000000000000 RSI: 000000000000002c RDI: 0000000000000008
RBP: 0000000000000000 R08: ffffffff827f728f R09: 1ffff1100875ceda
R10: dffffc0000000000 R11: ffffed100875cedb R12: ffff888043ae76e8
R13: 1ffff1100875cc8e R14: 000000000000002c R15: 1ffff1100875cedd
FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000040000000f000 CR3: 0000000042d8a000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400