[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.89' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 32.029209] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 32.041229] EXT4-fs (loop0): orphan cleanup on readonly fs [ 32.047329] ------------[ cut here ]------------ [ 32.052222] kernel BUG at fs/ext4/extents_status.c:199! [ 32.057919] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 32.063362] CPU: 0 PID: 8092 Comm: syz-executor136 Not tainted 4.19.211-syzkaller #0 [ 32.071214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 32.080555] RIP: 0010:__es_tree_search.isra.0+0x1c2/0x210 [ 32.086067] Code: 89 df 44 89 ee e8 4e 08 87 ff 44 39 eb 77 1d 45 31 e4 e8 51 07 87 ff 4c 89 e0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 3e 07 87 ff <0f> 0b e8 37 07 87 ff 4c 89 e7 e8 0f eb 13 06 49 89 c4 eb d4 e8 25 [ 32.104942] RSP: 0018:ffff8880b156eff8 EFLAGS: 00010293 [ 32.110296] RAX: ffff8880964dc540 RBX: 000000008cb44660 RCX: ffffffff81db7d42 [ 32.117556] RDX: 0000000000000000 RSI: ffffffff81db7e32 RDI: 0000000000000004 [ 32.124804] RBP: 000000002b754e16 R08: 0000000000000001 R09: 000000002b754e16 [ 32.132050] R10: 0000000000000004 R11: 0000000000000000 R12: ffff8880a1b0fb28 [ 32.139296] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000001 [ 32.146554] FS: 0000555556045300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 [ 32.154754] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 32.160618] CR2: 0000559d40ca08b8 CR3: 000000009795f000 CR4: 00000000003406f0 [ 32.167875] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 32.175124] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 32.182370] Call Trace: [ 32.184948] ext4_es_cache_extent+0x17f/0x4e0 [ 32.189420] ? ext4_es_insert_extent+0x5e0/0x5e0 [ 32.194153] ? unwind_next_frame+0xeee/0x1400 [ 32.198634] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 32.203983] ext4_cache_extents+0x13e/0x2d0 [ 32.208282] ext4_find_extent+0x8cf/0xc70 [ 32.212420] ext4_ext_map_blocks+0x1c0/0x7390 [ 32.216908] ? __lock_acquire+0x22f9/0x3ff0 [ 32.221233] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 32.226518] ? mark_held_locks+0xf0/0xf0 [ 32.230560] ? __save_stack_trace+0x72/0x190 [ 32.234946] ? ext4_es_lookup_extent+0x375/0xb60 [ 32.239679] ? lock_downgrade+0x720/0x720 [ 32.243810] ? lock_acquire+0x170/0x3c0 [ 32.247766] ? check_preemption_disabled+0x41/0x280 [ 32.252778] ? lock_acquire+0x170/0x3c0 [ 32.256736] ? ext4_map_blocks+0x33e/0x1a50 [ 32.261046] ext4_map_blocks+0xd88/0x1a50 [ 32.265230] ? kernel_text_address+0xbd/0xf0 [ 32.269617] ? __kernel_text_address+0x9/0x30 [ 32.274095] ? ext4_issue_zeroout+0x160/0x160 [ 32.278573] ? __save_stack_trace+0xaf/0x190 [ 32.282969] ext4_getblk+0x3f9/0x4f0 [ 32.286674] ? ext4_iomap_begin+0xe00/0xe00 [ 32.290977] ext4_bread+0x7c/0x210 [ 32.294494] ? ext4_getblk+0x4f0/0x4f0 [ 32.298364] ? lock_downgrade+0x720/0x720 [ 32.302508] ext4_quota_read+0x216/0x2e0 [ 32.306552] v2_read_header+0x73/0x100 [ 32.310420] v2_check_quota_file+0x73/0x180 [ 32.314722] ? v2_read_header+0x100/0x100 [ 32.318850] ? do_raw_spin_unlock+0x171/0x230 [ 32.323324] vfs_load_quota_inode+0x599/0x1000 [ 32.327885] dquot_enable+0x1c7/0x210 [ 32.331663] ext4_enable_quotas+0x4d8/0x780 [ 32.335961] ? ext4_clear_journal_err+0x2f0/0x2f0 [ 32.340778] ? ext4_decode_error+0x190/0x190 [ 32.345171] ? ata_dev_configure.cold+0x71c/0x1050 [ 32.350089] ? ext4_fill_super+0x7e3a/0xc850 [ 32.354480] ext4_fill_super+0x8f4b/0xc850 [ 32.358707] ? ext4_calculate_overhead+0x11c0/0x11c0 [ 32.363789] ? snprintf+0xbb/0xf0 [ 32.367229] ? vsprintf+0x30/0x30 [ 32.370662] ? wait_for_completion_io+0x10/0x10 [ 32.375352] ? set_blocksize+0x163/0x3f0 [ 32.379396] mount_bdev+0x2fc/0x3b0 [ 32.383007] ? ext4_calculate_overhead+0x11c0/0x11c0 [ 32.388086] mount_fs+0xa3/0x310 [ 32.391434] vfs_kern_mount.part.0+0x68/0x470 [ 32.395913] do_mount+0x115c/0x2f50 [ 32.399522] ? lock_acquire+0x170/0x3c0 [ 32.403496] ? check_preemption_disabled+0x41/0x280 [ 32.408499] ? copy_mount_string+0x40/0x40 [ 32.412716] ? copy_mount_options+0x59/0x380 [ 32.417104] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 32.422107] ? kmem_cache_alloc_trace+0x323/0x380 [ 32.426927] ? copy_mount_options+0x26f/0x380 [ 32.431401] ksys_mount+0xcf/0x130 [ 32.434920] __x64_sys_mount+0xba/0x150 [ 32.438877] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 32.443437] do_syscall_64+0xf9/0x620 [ 32.447239] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 32.452408] RIP: 0033:0x7fc1400005da [ 32.456098] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 32.474989] RSP: 002b:00007ffeba735e08 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 32.482689] RAX: ffffffffffffffda RBX: 00007ffeba735e60 RCX: 00007fc1400005da [ 32.489938] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007ffeba735e20 [ 32.497185] RBP: 00007ffeba735e20 R08: 00007ffeba735e60 R09: 0000000800000015 [ 32.504431] R10: 0000000000000081 R11: 0000000000000206 R12: 0000000000000004 [ 32.511706] R13: 0000000000000003 R14: 0000000000000003 R15: 000000000000041c [ 32.518956] Modules linked in: [ 32.522196] ---[ end trace c4b6600d9dab5871 ]--- [ 32.526948] RIP: 0010:__es_tree_search.isra.0+0x1c2/0x210 [ 32.532519] Code: 89 df 44 89 ee e8 4e 08 87 ff 44 39 eb 77 1d 45 31 e4 e8 51 07 87 ff 4c 89 e0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 3e 07 87 ff <0f> 0b e8 37 07 87 ff 4c 89 e7 e8 0f eb 13 06 49 89 c4 eb d4 e8 25 [ 32.551443] RSP: 0018:ffff8880b156eff8 EFLAGS: 00010293 [ 32.556805] RAX: ffff8880964dc540 RBX: 000000008cb44660 RCX: ffffffff81db7d42 [ 32.564083] RDX: 0000000000000000 RSI: ffffffff81db7e32 RDI: 0000000000000004 [ 32.571369] RBP: 000000002b754e16 R08: 0000000000000001 R09: 000000002b754e16 [ 32.578654] R10: 0000000000000004 R11: 0000000000000000 R12: ffff8880a1b0fb28 [ 32.585910] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000001 [ 32.593190] FS: 0000555556045300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 [ 32.601428] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 32.607293] CR2: 0000559d40ca08b8 CR3: 000000009795f000 CR4: 00000000003406f0 [ 32.614575] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 32.621868] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 32.629151] Kernel panic - not syncing: Fatal exception [ 32.634661] Kernel Offset: disabled [ 32.638267] Rebooting in 86400 seconds..