EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.7856: invalid indirect mapped block 4294967295 (level 1) loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.7856: invalid indirect mapped block 4294967295 (level 1) loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 ================================================================== BUG: KCSAN: data-race in data_alloc / prb_reserve write to 0xffffffff86c6ae28 of 8 bytes by task 28226 on cpu 0: data_alloc+0x31c/0x390 kernel/printk/printk_ringbuffer.c:1130 prb_reserve+0x8d6/0xad0 kernel/printk/printk_ringbuffer.c:1727 vprintk_store+0x54a/0x910 kernel/printk/printk.c:2354 vprintk_emit+0x1a4/0x600 kernel/printk/printk.c:2455 vprintk_default+0x26/0x30 kernel/printk/printk.c:2494 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2504 fserror_report+0x427/0x500 fs/fserror.c:182 fserror_report_metadata include/linux/fserror.h:67 [inline] __ext4_std_error+0x15f/0x350 fs/ext4/super.c:978 ext4_reserve_inode_write+0x202/0x250 fs/ext4/inode.c:6383 __ext4_mark_inode_dirty+0x8c/0x3d0 fs/ext4/inode.c:6550 ext4_quota_off+0x248/0x290 fs/ext4/super.c:7318 ext4_quotas_off fs/ext4/super.c:1195 [inline] ext4_put_super+0xc5/0x7b0 fs/ext4/super.c:1306 generic_shutdown_super+0xee/0x220 fs/super.c:646 kill_block_super+0x2a/0x70 fs/super.c:1725 ext4_kill_sb+0x42/0x80 fs/ext4/super.c:7492 deactivate_locked_super+0x75/0x1c0 fs/super.c:476 deactivate_super+0x97/0xa0 fs/super.c:509 cleanup_mnt+0x2bb/0x330 fs/namespace.c:1312 __cleanup_mnt+0x19/0x20 fs/namespace.c:1319 task_work_run+0x130/0x1a0 kernel/task_work.c:233 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] __exit_to_user_mode_loop kernel/entry/common.c:67 [inline] exit_to_user_mode_loop+0x211/0x820 kernel/entry/common.c:98 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline] syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:230 [inline] syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline] do_syscall_64+0x232/0x3b0 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff86c6ae28 of 8 bytes by task 625 on cpu 1: desc_read kernel/printk/printk_ringbuffer.c:496 [inline] desc_push_tail kernel/printk/printk_ringbuffer.c:792 [inline] desc_reserve kernel/printk/printk_ringbuffer.c:938 [inline] prb_reserve+0x216/0xad0 kernel/printk/printk_ringbuffer.c:1677 vprintk_store+0x54a/0x910 kernel/printk/printk.c:2354 vprintk_emit+0x1a4/0x600 kernel/printk/printk.c:2455 vprintk_default+0x26/0x30 kernel/printk/printk.c:2494 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82 _printk+0x79/0xa0 kernel/printk/printk.c:2504 __ext4_msg+0x1aa/0x1c0 fs/ext4/super.c:1001 ext4_orphan_cleanup+0x926/0x9f0 fs/ext4/orphan.c:495 __ext4_fill_super fs/ext4/super.c:5701 [inline] ext4_fill_super+0x3408/0x37c0 fs/ext4/super.c:5824 get_tree_bdev_flags+0x291/0x300 fs/super.c:1694 get_tree_bdev+0x1f/0x30 fs/super.c:1717 ext4_get_tree+0x1c/0x30 fs/ext4/super.c:5856 vfs_get_tree+0x57/0x1d0 fs/super.c:1754 fc_mount fs/namespace.c:1193 [inline] do_new_mount_fc fs/namespace.c:3758 [inline] do_new_mount+0x288/0x8d0 fs/namespace.c:3834 path_mount+0x4d0/0xbc0 fs/namespace.c:4154 do_mount fs/namespace.c:4167 [inline] __do_sys_mount fs/namespace.c:4383 [inline] __se_sys_mount+0x28c/0x2e0 fs/namespace.c:4360 __x64_sys_mount+0x67/0x80 fs/namespace.c:4360 x64_sys_call+0x2d61/0x3020 arch/x86/include/generated/asm/syscalls_64.h:166 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x12c/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x0000000000081c68 -> 0x0000000000136c28 Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 625 Comm: syz.6.7856 Not tainted syzkaller #0 PREEMPT(lazy) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 ================================================================== EXT4-fs (loop6): 2 truncates cleaned up EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.