program: syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000010, &(0x7f0000000280)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) pwrite64(r0, &(0x7f0000000140)='3', 0x1, 0xfeca) rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00') [ 84.639784][ T5285] Bluetooth: hci0: command tx timeout [ 84.907234][ T5321] loop0: detected capacity change from 0 to 2048 [ 84.941830][ T5321] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.001302][ T161] ------------[ cut here ]------------ [ 85.004302][ T161] kernel BUG at fs/ext4/inode.c:2826! [ 85.020619][ T161] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 85.023423][ T161] CPU: 0 UID: 0 PID: 161 Comm: kworker/u4:6 Not tainted syzkaller #0 PREEMPT(full) [ 85.027320][ T161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 85.031686][ T161] Workqueue: writeback wb_workfn (flush-7:0) [ 85.034385][ T161] RIP: 0010:ext4_do_writepages+0x465f/0x4670 [ 85.036855][ T161] Code: c6 60 64 e4 8b e8 51 4a 9f fe 90 0f 0b e8 09 0d 3d ff 4c 89 f7 48 c7 c6 40 69 e4 8b e8 3a 4a 9f fe 90 0f 0b e8 f2 0c 3d ff 90 <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 85.044589][ T161] RSP: 0018:ffffc9000174ec80 EFLAGS: 00010293 [ 85.047388][ T161] RAX: ffffffff8288c44e RBX: 0000004210000000 RCX: ffff888032b60000 [ 85.050804][ T161] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000 [ 85.054475][ T161] RBP: ffffc9000174f090 R08: ffff88804629f0d7 R09: 1ffff11008c53e1a [ 85.058717][ T161] R10: dffffc0000000000 R11: ffffed1008c53e1b R12: dffffc0000000000 [ 85.062740][ T161] R13: 0000000000000001 R14: 0000004000000000 R15: 1ffff1100246d8c5 [ 85.066185][ T161] FS: 0000000000000000(0000) GS:ffff88808c881000(0000) knlGS:0000000000000000 [ 85.070078][ T161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.072861][ T161] CR2: 00007f5ace3fb000 CR3: 0000000012589000 CR4: 0000000000352ef0 [ 85.076396][ T161] Call Trace: [ 85.077919][ T161] [ 85.079272][ T161] ? blk_mq_submit_bio+0x1acf/0x28e0 [ 85.081633][ T161] ? __lock_acquire+0x6b5/0x2cf0 [ 85.083834][ T161] ? __lock_acquire+0x6b5/0x2cf0 [ 85.086383][ T161] ? look_up_lock_class+0x57/0x110 [ 85.088796][ T161] ? register_lock_class+0x31/0x2e0 [ 85.091112][ T161] ? __pfx_ext4_do_writepages+0x10/0x10 [ 85.093613][ T161] ? __lock_acquire+0x6b5/0x2cf0 [ 85.095832][ T161] ? filemap_get_folios_tag+0x118/0x720 [ 85.098323][ T161] ? filemap_get_folios_tag+0x61c/0x720 [ 85.100844][ T161] ? filemap_get_folios_tag+0x118/0x720 [ 85.103333][ T161] ? ext4_writepages+0x205/0x3b0 [ 85.105560][ T161] ? ext4_writepages+0x205/0x3b0 [ 85.107788][ T161] ext4_writepages+0x241/0x3b0 [ 85.109870][ T161] ? __pfx_ext4_writepages+0x10/0x10 [ 85.112263][ T161] ? do_raw_spin_unlock+0x4d/0x210 [ 85.114611][ T161] ? __pfx_ext4_writepages+0x10/0x10 [ 85.117080][ T161] do_writepages+0x32e/0x550 [ 85.119155][ T161] ? reacquire_held_locks+0x104/0x190 [ 85.121478][ T161] ? writeback_sb_inodes+0x463/0x19d0 [ 85.123800][ T161] __writeback_single_inode+0x133/0x10e0 [ 85.126209][ T161] ? do_raw_spin_unlock+0x4d/0x210 [ 85.128496][ T161] writeback_sb_inodes+0x979/0x19d0 [ 85.130781][ T161] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 85.133146][ T161] ? __pfx_down_read_trylock+0x10/0x10 [ 85.135486][ T161] ? __pfx___up_read+0x10/0x10 [ 85.137602][ T161] __writeback_inodes_wb+0x111/0x240 [ 85.139901][ T161] wb_writeback+0x459/0xb00 [ 85.141810][ T161] ? queue_io+0x1e1/0x470 [ 85.143552][ T161] ? __pfx_wb_writeback+0x10/0x10 [ 85.145483][ T161] ? do_raw_spin_lock+0x12b/0x2f0 [ 85.147913][ T161] wb_workfn+0x921/0xf10 [ 85.149658][ T161] ? __lock_acquire+0x6b5/0x2cf0 [ 85.151789][ T161] ? look_up_lock_class+0x57/0x110 [ 85.154012][ T161] ? __pfx_wb_workfn+0x10/0x10 [ 85.156141][ T161] ? do_raw_spin_unlock+0x4d/0x210 [ 85.158346][ T161] ? process_scheduled_works+0xa70/0x1860 [ 85.160782][ T161] ? process_scheduled_works+0xa70/0x1860 [ 85.163175][ T161] ? process_scheduled_works+0xa70/0x1860 [ 85.165635][ T161] process_scheduled_works+0xb5d/0x1860 [ 85.168085][ T161] ? __pfx_process_scheduled_works+0x10/0x10 [ 85.170655][ T161] ? assign_work+0x3d5/0x5e0 [ 85.172725][ T161] worker_thread+0xa53/0xfc0 [ 85.174721][ T161] kthread+0x388/0x470 [ 85.176491][ T161] ? __pfx_worker_thread+0x10/0x10 [ 85.178631][ T161] ? __pfx_kthread+0x10/0x10 [ 85.180635][ T161] ret_from_fork+0x514/0xb70 [ 85.182618][ T161] ? __pfx_ret_from_fork+0x10/0x10 [ 85.184832][ T161] ? __switch_to+0xc79/0x1410 [ 85.186857][ T161] ? __pfx_kthread+0x10/0x10 [ 85.188790][ T161] ret_from_fork_asm+0x1a/0x30 [ 85.190807][ T161] [ 85.192186][ T161] Modules linked in: [ 85.194363][ T161] ---[ end trace 0000000000000000 ]--- [ 85.206341][ T5322] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 85.232219][ T5321] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28 [ 85.254331][ T5322] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 85.264629][ T5321] EXT4-fs (loop0): This should not happen!! Data will be lost [ 85.264629][ T5321] [ 85.274881][ T5322] EXT4-fs (loop0): This should not happen!! Data will be lost [ 85.274881][ T5322] [ 85.281380][ T5321] EXT4-fs (loop0): Total free blocks count 0 [ 85.285077][ T5322] EXT4-fs (loop0): Total free blocks count 0 [ 85.287830][ T5321] EXT4-fs (loop0): Free/Dirty block details [ 85.292269][ T5322] EXT4-fs (loop0): Free/Dirty block details [ 85.295652][ T5321] EXT4-fs (loop0): free_blocks=2415919104