Extracting prog: 3m7.229846348s
Minimizing prog: 20m59.905596281s
Simplifying prog options: 0s
Extracting C: 30.695565644s
Simplifying C: 11m29.727143224s
extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8413, &(0x7f0000000080)={[{@minixdf}, {}, {@usrquota}, {@errors_continue}, {@lazytime}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}]}, 0x18, 0x56a, &(0x7f0000000780)="$eJzs3c9vHFcdAPDvjL3+kTixCxygEm2hRWkEWce12lgcSpEQnCqByj249tqysrYje93GVqU44g9AQqggcePSCxJ/ABJU6oVjhVQJroAACVWQwgEk6KBZz65dezbZuutdx/58pMm892bfft+b9czOvJ3MBHBuvVRMH2ZZdjUiJovytJi+mGd2I56KiA/uv7GQT0lk2St/TyIpylrvlTWNxsW9KvkbjMS3Il5Njsbd3N65NV+v1zaK/HRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXf8k3Vu6WCQuRcSL3/jrmz9465sv/uorr//p5t+GWq2+G4f68TENlxcf7HQlxvLZ+H7JxjGDnUatFdDs8Xh3de4VfyIAAPRXflz6qeI4/2pMxlCnw1kAAADgkZV9bSL+m7R+uztipEM5AAAA8AhJI2IikrRaXO87EWlarUbzGt7PxIW0vr7Z+PLS+tbaYr4sYioq6dJKvXa9uFZ4KipJnp9ppvfzzx3Kz0bEY2nEjybHm/nqwnp9cdCDHwAAAHBOXDx0/v+vyTQdHXSjAAAAgN6bGnQDAAAAgBPn/B8AAADOPuf/AAAAcKZ9++WX8ylrPf968bXtrVvrr11brG3eqq5uLVQX1jduV5fX15eb9+xbfeCbtR8duLZ1Z7pR22yMRcTN1fWttcbNlb1HYAMAAAD999iTb/8+iYjdr443p9zIgeX/KZ4TMLAGAiemPWQXSTEfOfqiP17em/+lT40C+mLoYObNwbUD6L/m9//4saoerxZwalQG3QBg4JL95GTZ8rFkuLziu8X8C91GctgAAACDcuVznX//Tx9Yc/fBi4FTz0YM59fQoBsADExzVL/kkr9SDhbgTKm0jwCSAbcEGJSHbf0db97xbrcRDvwfotFu6wAAAL000ZyStFoM701EmlarEZeajwWoJEsr9dr1iLgcEb+brIzm+ZlmzcSIAQAAAAAAAAAAAAAAAAAAAAAAAAB0KcuSyAAAAIAzLSIdTd7Zu5f/lclnJg6PD4wk/56M4hGhr//0lR/fmW80Nmby8n+0yxs/KcqfOzq+MNyXUQwAAAA4H7p9pHbrPL11Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTB/TcWWlM/477/9YiYKos/HGPN+VhUIuLCP5MYPlAviYihHsTfvRcRny2Ln+TNaocsiz9+8vFjqlgLZfEv9iA+nGdv5/ufl8q2vzSeas7Lt7/hiI/kj6vz/i/a+7+hDtv/pS5jPP7eL6Y/UvDW/p7z/XsRjw+X739a8ZMO8Z/uMv73vruzU75krJ0qi38w1nRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXZ9eWqnXin8j4saR3eIPP//LDzu1Le//hQ7xpx7S/2e67P//3rtz/9Pxap6slMV/9umS+L/5WXsdHY6fFt99XyrS+fIrrfTuXvqgJ37+2yce1P/FDv1/2Of/bJf9v/qd7/+5y5cCAH2wub1za75er208MolsKKJs0XCHWvlZep+bGnEaVtTRRFp86KelPQNP3N0v+fUf9tbNk3H8v8wsyz7h6k2yLLvbgw5OFJ9017WuXN57cdIuGdAOCQAAODH7pwEHfp24POBGAQAAAAAAAAAAAAAAAAAAwDmzuf3Oid9l7XDM3XYq6cUttAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL/AQAA//+6y9p4")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8413, &(0x7f0000000080)={[{@minixdf}, {}, {@usrquota}, {@errors_continue}, {@lazytime}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}]}, 0x18, 0x56a, &(0x7f0000000780)="$eJzs3c9vHFcdAPDvjL3+kTixCxygEm2hRWkEWce12lgcSpEQnCqByj249tqysrYje93GVqU44g9AQqggcePSCxJ/ABJU6oVjhVQJroAACVWQwgEk6KBZz65dezbZuutdx/58pMm892bfft+b9czOvJ3MBHBuvVRMH2ZZdjUiJovytJi+mGd2I56KiA/uv7GQT0lk2St/TyIpylrvlTWNxsW9KvkbjMS3Il5Njsbd3N65NV+v1zaK/HRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXf8k3Vu6WCQuRcSL3/jrmz9465sv/uorr//p5t+GWq2+G4f68TENlxcf7HQlxvLZ+H7JxjGDnUatFdDs8Xh3de4VfyIAAPRXflz6qeI4/2pMxlCnw1kAAADgkZV9bSL+m7R+uztipEM5AAAA8AhJI2IikrRaXO87EWlarUbzGt7PxIW0vr7Z+PLS+tbaYr4sYioq6dJKvXa9uFZ4KipJnp9ppvfzzx3Kz0bEY2nEjybHm/nqwnp9cdCDHwAAAHBOXDx0/v+vyTQdHXSjAAAAgN6bGnQDAAAAgBPn/B8AAADOPuf/AAAAcKZ9++WX8ylrPf968bXtrVvrr11brG3eqq5uLVQX1jduV5fX15eb9+xbfeCbtR8duLZ1Z7pR22yMRcTN1fWttcbNlb1HYAMAAAD999iTb/8+iYjdr443p9zIgeX/KZ4TMLAGAiemPWQXSTEfOfqiP17em/+lT40C+mLoYObNwbUD6L/m9//4saoerxZwalQG3QBg4JL95GTZ8rFkuLziu8X8C91GctgAAACDcuVznX//Tx9Yc/fBi4FTz0YM59fQoBsADExzVL/kkr9SDhbgTKm0jwCSAbcEGJSHbf0db97xbrcRDvwfotFu6wAAAL000ZyStFoM701EmlarEZeajwWoJEsr9dr1iLgcEb+brIzm+ZlmzcSIAQAAAAAAAAAAAAAAAAAAAAAAAAB0KcuSyAAAAIAzLSIdTd7Zu5f/lclnJg6PD4wk/56M4hGhr//0lR/fmW80Nmby8n+0yxs/KcqfOzq+MNyXUQwAAAA4H7p9pHbrPL11Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTB/TcWWlM/477/9YiYKos/HGPN+VhUIuLCP5MYPlAviYihHsTfvRcRny2Ln+TNaocsiz9+8vFjqlgLZfEv9iA+nGdv5/ufl8q2vzSeas7Lt7/hiI/kj6vz/i/a+7+hDtv/pS5jPP7eL6Y/UvDW/p7z/XsRjw+X739a8ZMO8Z/uMv73vruzU75krJ0qi38w1nRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXZ9eWqnXin8j4saR3eIPP//LDzu1Le//hQ7xpx7S/2e67P//3rtz/9Pxap6slMV/9umS+L/5WXsdHY6fFt99XyrS+fIrrfTuXvqgJ37+2yce1P/FDv1/2Of/bJf9v/qd7/+5y5cCAH2wub1za75er208MolsKKJs0XCHWvlZep+bGnEaVtTRRFp86KelPQNP3N0v+fUf9tbNk3H8v8wsyz7h6k2yLLvbgw5OFJ9017WuXN57cdIuGdAOCQAAODH7pwEHfp24POBGAQAAAAAAAAAAAAAAAAAAwDmzuf3Oid9l7XDM3XYq6cUttAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL/AQAA//+6y9p4")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-syz_mount_image$ext4
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8413, &(0x7f0000000080)={[{@minixdf}, {}, {@usrquota}, {@errors_continue}, {@lazytime}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}]}, 0x18, 0x56a, &(0x7f0000000780)="$eJzs3c9vHFcdAPDvjL3+kTixCxygEm2hRWkEWce12lgcSpEQnCqByj249tqysrYje93GVqU44g9AQqggcePSCxJ/ABJU6oVjhVQJroAACVWQwgEk6KBZz65dezbZuutdx/58pMm892bfft+b9czOvJ3MBHBuvVRMH2ZZdjUiJovytJi+mGd2I56KiA/uv7GQT0lk2St/TyIpylrvlTWNxsW9KvkbjMS3Il5Njsbd3N65NV+v1zaK/HRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXf8k3Vu6WCQuRcSL3/jrmz9465sv/uorr//p5t+GWq2+G4f68TENlxcf7HQlxvLZ+H7JxjGDnUatFdDs8Xh3de4VfyIAAPRXflz6qeI4/2pMxlCnw1kAAADgkZV9bSL+m7R+uztipEM5AAAA8AhJI2IikrRaXO87EWlarUbzGt7PxIW0vr7Z+PLS+tbaYr4sYioq6dJKvXa9uFZ4KipJnp9ppvfzzx3Kz0bEY2nEjybHm/nqwnp9cdCDHwAAAHBOXDx0/v+vyTQdHXSjAAAAgN6bGnQDAAAAgBPn/B8AAADOPuf/AAAAcKZ9++WX8ylrPf968bXtrVvrr11brG3eqq5uLVQX1jduV5fX15eb9+xbfeCbtR8duLZ1Z7pR22yMRcTN1fWttcbNlb1HYAMAAAD999iTb/8+iYjdr443p9zIgeX/KZ4TMLAGAiemPWQXSTEfOfqiP17em/+lT40C+mLoYObNwbUD6L/m9//4saoerxZwalQG3QBg4JL95GTZ8rFkuLziu8X8C91GctgAAACDcuVznX//Tx9Yc/fBi4FTz0YM59fQoBsADExzVL/kkr9SDhbgTKm0jwCSAbcEGJSHbf0db97xbrcRDvwfotFu6wAAAL000ZyStFoM701EmlarEZeajwWoJEsr9dr1iLgcEb+brIzm+ZlmzcSIAQAAAAAAAAAAAAAAAAAAAAAAAAB0KcuSyAAAAIAzLSIdTd7Zu5f/lclnJg6PD4wk/56M4hGhr//0lR/fmW80Nmby8n+0yxs/KcqfOzq+MNyXUQwAAAA4H7p9pHbrPL11Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTB/TcWWlM/477/9YiYKos/HGPN+VhUIuLCP5MYPlAviYihHsTfvRcRny2Ln+TNaocsiz9+8vFjqlgLZfEv9iA+nGdv5/ufl8q2vzSeas7Lt7/hiI/kj6vz/i/a+7+hDtv/pS5jPP7eL6Y/UvDW/p7z/XsRjw+X739a8ZMO8Z/uMv73vruzU75krJ0qi38w1nRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXZ9eWqnXin8j4saR3eIPP//LDzu1Le//hQ7xpx7S/2e67P//3rtz/9Pxap6slMV/9umS+L/5WXsdHY6fFt99XyrS+fIrrfTuXvqgJ37+2yce1P/FDv1/2Of/bJf9v/qd7/+5y5cCAH2wub1za75er208MolsKKJs0XCHWvlZep+bGnEaVtTRRFp86KelPQNP3N0v+fUf9tbNk3H8v8wsyz7h6k2yLLvbgw5OFJ9017WuXN57cdIuGdAOCQAAODH7pwEHfp24POBGAQAAAAAAAAAAAAAAAAAAwDmzuf3Oid9l7XDM3XYq6cUttAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL/AQAA//+6y9p4")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8413, &(0x7f0000000080)={[{@minixdf}, {}, {@usrquota}, {@errors_continue}, {@lazytime}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}]}, 0x18, 0x56a, &(0x7f0000000780)="$eJzs3c9vHFcdAPDvjL3+kTixCxygEm2hRWkEWce12lgcSpEQnCqByj249tqysrYje93GVqU44g9AQqggcePSCxJ/ABJU6oVjhVQJroAACVWQwgEk6KBZz65dezbZuutdx/58pMm892bfft+b9czOvJ3MBHBuvVRMH2ZZdjUiJovytJi+mGd2I56KiA/uv7GQT0lk2St/TyIpylrvlTWNxsW9KvkbjMS3Il5Njsbd3N65NV+v1zaK/HRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXf8k3Vu6WCQuRcSL3/jrmz9465sv/uorr//p5t+GWq2+G4f68TENlxcf7HQlxvLZ+H7JxjGDnUatFdDs8Xh3de4VfyIAAPRXflz6qeI4/2pMxlCnw1kAAADgkZV9bSL+m7R+uztipEM5AAAA8AhJI2IikrRaXO87EWlarUbzGt7PxIW0vr7Z+PLS+tbaYr4sYioq6dJKvXa9uFZ4KipJnp9ppvfzzx3Kz0bEY2nEjybHm/nqwnp9cdCDHwAAAHBOXDx0/v+vyTQdHXSjAAAAgN6bGnQDAAAAgBPn/B8AAADOPuf/AAAAcKZ9++WX8ylrPf968bXtrVvrr11brG3eqq5uLVQX1jduV5fX15eb9+xbfeCbtR8duLZ1Z7pR22yMRcTN1fWttcbNlb1HYAMAAAD999iTb/8+iYjdr443p9zIgeX/KZ4TMLAGAiemPWQXSTEfOfqiP17em/+lT40C+mLoYObNwbUD6L/m9//4saoerxZwalQG3QBg4JL95GTZ8rFkuLziu8X8C91GctgAAACDcuVznX//Tx9Yc/fBi4FTz0YM59fQoBsADExzVL/kkr9SDhbgTKm0jwCSAbcEGJSHbf0db97xbrcRDvwfotFu6wAAAL000ZyStFoM701EmlarEZeajwWoJEsr9dr1iLgcEb+brIzm+ZlmzcSIAQAAAAAAAAAAAAAAAAAAAAAAAAB0KcuSyAAAAIAzLSIdTd7Zu5f/lclnJg6PD4wk/56M4hGhr//0lR/fmW80Nmby8n+0yxs/KcqfOzq+MNyXUQwAAAA4H7p9pHbrPL11Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTB/TcWWlM/477/9YiYKos/HGPN+VhUIuLCP5MYPlAviYihHsTfvRcRny2Ln+TNaocsiz9+8vFjqlgLZfEv9iA+nGdv5/ufl8q2vzSeas7Lt7/hiI/kj6vz/i/a+7+hDtv/pS5jPP7eL6Y/UvDW/p7z/XsRjw+X739a8ZMO8Z/uMv73vruzU75krJ0qi38w1nRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXZ9eWqnXin8j4saR3eIPP//LDzu1Le//hQ7xpx7S/2e67P//3rtz/9Pxap6slMV/9umS+L/5WXsdHY6fFt99XyrS+fIrrfTuXvqgJ37+2yce1P/FDv1/2Of/bJf9v/qd7/+5y5cCAH2wub1za75er208MolsKKJs0XCHWvlZep+bGnEaVtTRRFp86KelPQNP3N0v+fUf9tbNk3H8v8wsyz7h6k2yLLvbgw5OFJ9017WuXN57cdIuGdAOCQAAODH7pwEHfp24POBGAQAAAAAAAAAAAAAAAAAAwDmzuf3Oid9l7XDM3XYq6cUttAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL/AQAA//+6y9p4")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(0x0, 0x0)
program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
simplifying C reproducer
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
validation run: crashed=true
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
validation run: crashed=true
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-creat
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000001780)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@nodiscard}, {@auto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
creat(&(0x7f0000000e00)='./file0\x00', 0x0)
program crashed: BUG: unable to handle kernel paging request in ext4_ext_map_blocks
validation run: crashed=true
reproducing took 41m51.418091516s
repro crashed as (corrupted=false):
ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.17: corrupted inode contents
EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.17: mark_inode_dirty error
EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.17: corrupted inode contents
EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.17: mark_inode_dirty error
BUG: unable to handle page fault for address: ffffffffffffff93
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD cf35067 P4D cf35067 PUD cf37067 PMD 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5918 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:ext4_ext_drop_refs fs/ext4/extents.c:119 [inline]
RIP: 0010:ext4_free_ext_path fs/ext4/extents.c:128 [inline]
RIP: 0010:ext4_ext_map_blocks+0x2d00/0x6800 fs/ext4/extents.c:4494
Code: 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 78 dc 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 <41> 0f b7 47 08 c1 e0 04 48 8d 04 40 48 89 44 24 10 4d 89 fc 49 8d
RSP: 0018:ffffc900032e70a0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88802c268000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff93
RBP: ffffc900032e7350 R08: ffff8880782bed13 R09: 1ffff1100f057da2
R10: dffffc0000000000 R11: ffffed100f057da3 R12: 0000000000000000
R13: 1ffff9200065ce40 R14: dffffc0000000000 R15: ffffffffffffff8b
FS: 0000555576a93500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffff93 CR3: 000000002d986000 CR4: 00000000003506f0
Call Trace:
ext4_map_blocks+0x9e2/0x1b80 fs/ext4/inode.c:652
ext4_getblk+0x1d0/0x6f0 fs/ext4/inode.c:862
ext4_bread+0x2a/0x170 fs/ext4/inode.c:918
ext4_append+0x2c2/0x560 fs/ext4/namei.c:83
ext4_add_entry+0x9eb/0xd90 fs/ext4/namei.c:2511
ext4_add_nondir+0x93/0x270 fs/ext4/namei.c:2845
ext4_create+0x2ea/0x470 fs/ext4/namei.c:2891
lookup_open fs/namei.c:3496 [inline]
open_last_lookups fs/namei.c:3564 [inline]
path_openat+0x12a0/0x3230 fs/namei.c:3794
do_filp_open+0x1f5/0x430 fs/namei.c:3824
do_sys_openat2+0x134/0x1d0 fs/open.c:1421
do_sys_open fs/open.c:1436 [inline]
__do_sys_creat fs/open.c:1514 [inline]
__se_sys_creat fs/open.c:1508 [inline]
__x64_sys_creat+0x90/0xb0 fs/open.c:1508
do_syscall_x64 arch/x86/entry/common.c:46 [inline]
do_syscall_64+0x55/0xa0 arch/x86/entry/common.c:76
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fe4d2b9c819
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd80732eb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
RAX: ffffffffffffffda RBX: 00007fe4d2e15fa0 RCX: 00007fe4d2b9c819
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000e00
RBP: 00007fe4d2c32c91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe4d2e15fac R14: 00007fe4d2e15fa0 R15: 00007fe4d2e15fa0
Modules linked in:
CR2: ffffffffffffff93
---[ end trace 0000000000000000 ]---
RIP: 0010:ext4_ext_drop_refs fs/ext4/extents.c:119 [inline]
RIP: 0010:ext4_free_ext_path fs/ext4/extents.c:128 [inline]
RIP: 0010:ext4_ext_map_blocks+0x2d00/0x6800 fs/ext4/extents.c:4494
Code: 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 78 dc 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 <41> 0f b7 47 08 c1 e0 04 48 8d 04 40 48 89 44 24 10 4d 89 fc 49 8d
RSP: 0018:ffffc900032e70a0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88802c268000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff93
RBP: ffffc900032e7350 R08: ffff8880782bed13 R09: 1ffff1100f057da2
R10: dffffc0000000000 R11: ffffed100f057da3 R12: 0000000000000000
R13: 1ffff9200065ce40 R14: dffffc0000000000 R15: ffffffffffffff8b
FS: 0000555576a93500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffff93 CR3: 000000002d986000 CR4: 00000000003506f0
----------------
Code disassembly (best guess):
0: 8b 7c 24 10 mov 0x10(%rsp),%edi
4: 4d 85 ff test %r15,%r15
7: 0f 84 bd 00 00 00 je 0xca
d: e8 78 dc 58 ff call 0xff58dc8a
12: 49 8d 7f 08 lea 0x8(%r15),%rdi
16: 48 89 f8 mov %rdi,%rax
19: 48 c1 e8 03 shr $0x3,%rax
1d: 42 0f b6 04 30 movzbl (%rax,%r14,1),%eax
22: 84 c0 test %al,%al
24: 0f 85 3d 1e 00 00 jne 0x1e67
* 2a: 41 0f b7 47 08 movzwl 0x8(%r15),%eax <-- trapping instruction
2f: c1 e0 04 shl $0x4,%eax
32: 48 8d 04 40 lea (%rax,%rax,2),%rax
36: 48 89 44 24 10 mov %rax,0x10(%rsp)
3b: 4d 89 fc mov %r15,%r12
3e: 49 rex.WB
3f: 8d .byte 0x8d
final repro crashed as (corrupted=false):
ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.17: corrupted inode contents
EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.17: mark_inode_dirty error
EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.17: corrupted inode contents
EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.17: mark_inode_dirty error
BUG: unable to handle page fault for address: ffffffffffffff93
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD cf35067 P4D cf35067 PUD cf37067 PMD 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5918 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:ext4_ext_drop_refs fs/ext4/extents.c:119 [inline]
RIP: 0010:ext4_free_ext_path fs/ext4/extents.c:128 [inline]
RIP: 0010:ext4_ext_map_blocks+0x2d00/0x6800 fs/ext4/extents.c:4494
Code: 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 78 dc 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 <41> 0f b7 47 08 c1 e0 04 48 8d 04 40 48 89 44 24 10 4d 89 fc 49 8d
RSP: 0018:ffffc900032e70a0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88802c268000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff93
RBP: ffffc900032e7350 R08: ffff8880782bed13 R09: 1ffff1100f057da2
R10: dffffc0000000000 R11: ffffed100f057da3 R12: 0000000000000000
R13: 1ffff9200065ce40 R14: dffffc0000000000 R15: ffffffffffffff8b
FS: 0000555576a93500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffff93 CR3: 000000002d986000 CR4: 00000000003506f0
Call Trace:
ext4_map_blocks+0x9e2/0x1b80 fs/ext4/inode.c:652
ext4_getblk+0x1d0/0x6f0 fs/ext4/inode.c:862
ext4_bread+0x2a/0x170 fs/ext4/inode.c:918
ext4_append+0x2c2/0x560 fs/ext4/namei.c:83
ext4_add_entry+0x9eb/0xd90 fs/ext4/namei.c:2511
ext4_add_nondir+0x93/0x270 fs/ext4/namei.c:2845
ext4_create+0x2ea/0x470 fs/ext4/namei.c:2891
lookup_open fs/namei.c:3496 [inline]
open_last_lookups fs/namei.c:3564 [inline]
path_openat+0x12a0/0x3230 fs/namei.c:3794
do_filp_open+0x1f5/0x430 fs/namei.c:3824
do_sys_openat2+0x134/0x1d0 fs/open.c:1421
do_sys_open fs/open.c:1436 [inline]
__do_sys_creat fs/open.c:1514 [inline]
__se_sys_creat fs/open.c:1508 [inline]
__x64_sys_creat+0x90/0xb0 fs/open.c:1508
do_syscall_x64 arch/x86/entry/common.c:46 [inline]
do_syscall_64+0x55/0xa0 arch/x86/entry/common.c:76
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fe4d2b9c819
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd80732eb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
RAX: ffffffffffffffda RBX: 00007fe4d2e15fa0 RCX: 00007fe4d2b9c819
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000e00
RBP: 00007fe4d2c32c91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe4d2e15fac R14: 00007fe4d2e15fa0 R15: 00007fe4d2e15fa0
Modules linked in:
CR2: ffffffffffffff93
---[ end trace 0000000000000000 ]---
RIP: 0010:ext4_ext_drop_refs fs/ext4/extents.c:119 [inline]
RIP: 0010:ext4_free_ext_path fs/ext4/extents.c:128 [inline]
RIP: 0010:ext4_ext_map_blocks+0x2d00/0x6800 fs/ext4/extents.c:4494
Code: 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 78 dc 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 <41> 0f b7 47 08 c1 e0 04 48 8d 04 40 48 89 44 24 10 4d 89 fc 49 8d
RSP: 0018:ffffc900032e70a0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88802c268000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff93
RBP: ffffc900032e7350 R08: ffff8880782bed13 R09: 1ffff1100f057da2
R10: dffffc0000000000 R11: ffffed100f057da3 R12: 0000000000000000
R13: 1ffff9200065ce40 R14: dffffc0000000000 R15: ffffffffffffff8b
FS: 0000555576a93500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffff93 CR3: 000000002d986000 CR4: 00000000003506f0
----------------
Code disassembly (best guess):
0: 8b 7c 24 10 mov 0x10(%rsp),%edi
4: 4d 85 ff test %r15,%r15
7: 0f 84 bd 00 00 00 je 0xca
d: e8 78 dc 58 ff call 0xff58dc8a
12: 49 8d 7f 08 lea 0x8(%r15),%rdi
16: 48 89 f8 mov %rdi,%rax
19: 48 c1 e8 03 shr $0x3,%rax
1d: 42 0f b6 04 30 movzbl (%rax,%r14,1),%eax
22: 84 c0 test %al,%al
24: 0f 85 3d 1e 00 00 jne 0x1e67
* 2a: 41 0f b7 47 08 movzwl 0x8(%r15),%eax <-- trapping instruction
2f: c1 e0 04 shl $0x4,%eax
32: 48 8d 04 40 lea (%rax,%rax,2),%rax
36: 48 89 44 24 10 mov %rax,0x10(%rsp)
3b: 4d 89 fc mov %r15,%r12
3e: 49 rex.WB
3f: 8d .byte 0x8d