EXT4-fs (loop2): pa 00000000fda08130: logic 128, phys. 385, len 8
EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4890: group 0, free 0, pa_free 1
------------[ cut here ]------------
kernel BUG at fs/ext4/extents.c:3190!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 7270 Comm: syz.2.591 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : ext4_split_extent_at+0xc38/0xc7c fs/ext4/extents.c:3190
lr : ext4_split_extent_at+0xc38/0xc7c fs/ext4/extents.c:3190
sp : ffff800021ac6b40
x29: ffff800021ac6c40 x28: 000000000000001b x27: 0000000000000002
x26: 000000000000001d x25: ffff0000ffc7f442 x24: ffff0000f6fd82b0
x23: ffff700004358d7c x22: ffff0000ffc7f440 x21: 0000000000000031
x20: ffff0000ffc7f43c x19: 0000000000008002 x18: 0000000000000000
x17: ffff80018a3ff000 x16: ffff8000082d7ca0 x15: 0000000000000002
x14: 0000000000000002 x13: 1fffe0001cd70fc8 x12: 0000000000080000
x11: 000000000007ffff x10: ffff800025c19000 x9 : ffff800008d32a30
x8 : 0000000000080000 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 000000004000043b x4 : 0000000000000017 x3 : 0000000000000031
x2 : ffff800021ac6e80 x1 : 000000000000001d x0 : 0000000000000031
Call trace:
 ext4_split_extent_at+0xc38/0xc7c fs/ext4/extents.c:3190
 ext4_split_extent+0x300/0x430 fs/ext4/extents.c:3391
 ext4_split_convert_extents fs/ext4/extents.c:3721 [inline]
 ext4_ext_handle_unwritten_extents fs/ext4/extents.c:3882 [inline]
 ext4_ext_map_blocks+0x10b4/0x56f4 fs/ext4/extents.c:4237
 ext4_map_blocks+0x860/0x1778 fs/ext4/inode.c:679
 mpage_map_one_extent fs/ext4/inode.c:2434 [inline]
 mpage_map_and_submit_extent fs/ext4/inode.c:2487 [inline]
 ext4_writepages+0xdbc/0x28b4 fs/ext4/inode.c:2855
 do_writepages+0x2b0/0x504 mm/page-writeback.c:2491
 filemap_fdatawrite_wbc+0x124/0x174 mm/filemap.c:388
 __filemap_fdatawrite_range mm/filemap.c:421 [inline]
 file_write_and_wait_range+0x11c/0x1f4 mm/filemap.c:774
 ext4_sync_file+0x210/0xc70 fs/ext4/fsync.c:151
 vfs_fsync_range+0x168/0x188 fs/sync.c:188
 generic_write_sync include/linux/fs.h:2962 [inline]
 ext4_buffered_write_iter+0x47c/0x528 fs/ext4/file.c:292
 ext4_file_write_iter+0x18c/0x1574 fs/ext4/file.c:-1
 call_write_iter include/linux/fs.h:2265 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x3ec/0x7f0 fs/read_write.c:584
 ksys_pwrite64 fs/read_write.c:699 [inline]
 __do_sys_pwrite64 fs/read_write.c:709 [inline]
 __se_sys_pwrite64 fs/read_write.c:706 [inline]
 __arm64_sys_pwrite64+0x174/0x20c fs/read_write.c:706
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b4 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x130 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x128 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: aa1503e0 97eecb6b 17ffff05 97dde223 (d4210000) 
---[ end trace 0000000000000000 ]---