program:
io_setup(0x3ff, &(0x7f0000000500))
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x138, 0x238, 0x98, 0x2d8, 0x138, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x3}}}, {{@ip={@multicast1, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x89}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @dev={0xac, 0x14, 0x14, 0xd}, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @dev={0xac, 0x14, 0x14, 0x44}, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1fb, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xed, 0x474, &(0x7f0000000b80)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x3810c0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
pwritev2(r1, &(0x7f0000000cc0)=[{&(0x7f0000000240)=';', 0xffffffbc}], 0x1, 0xfff, 0xc, 0x4)

[   84.691383][ T5291] Bluetooth: hci0: command tx timeout
[   84.838534][ T5326] loop0: detected capacity change from 0 to 512
[   84.959129][ T5326] EXT4-fs (loop0): invalid journal inode
[   84.977874][ T5326] EXT4-fs (loop0): can't get journal size
[   85.059309][ T5326] EXT4-fs (loop0): 1 truncate cleaned up
[   85.087295][ T5326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.132162][ T5326] =======================================================
[   85.132162][ T5326] WARNING: The mand mount option has been deprecated and
[   85.132162][ T5326]          and is ignored by this kernel. Remove the mand
[   85.132162][ T5326]          option from the mount to silence this warning.
[   85.132162][ T5326] =======================================================
[   85.175102][ T5326] loop0: detected capacity change from 512 to 64
[   85.232117][  T152] kworker/u4:5: attempt to access beyond end of device
[   85.232117][  T152] loop0: rw=1, sector=72, nr_sectors = 2 limit=64
[   85.242406][ T5326] syz.0.0: attempt to access beyond end of device
[   85.242406][ T5326] loop0: rw=2049, sector=80, nr_sectors = 16 limit=64
[   85.249012][  T152] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 36)
[   85.254881][ T5326] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 40)
[   85.264666][  T152] Buffer I/O error on device loop0, logical block 36
[   85.271469][  T152] kworker/u4:5: attempt to access beyond end of device
[   85.271469][  T152] loop0: rw=1, sector=78, nr_sectors = 2 limit=64
[   85.279918][ T5326] Buffer I/O error on device loop0, logical block 40
[   85.282871][ T5326] Buffer I/O error on device loop0, logical block 41
[   85.285805][ T5326] Buffer I/O error on device loop0, logical block 42
[   85.288623][ T5326] Buffer I/O error on device loop0, logical block 43
[   85.291612][  T152] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 15 starting block 39)
[   85.301881][  T152] Buffer I/O error on device loop0, logical block 39
[   85.306938][ T5326] Buffer I/O error on device loop0, logical block 44
[   85.309830][ T5326] Buffer I/O error on device loop0, logical block 45
[   85.312646][ T5326] Buffer I/O error on device loop0, logical block 46
[   85.315538][ T5326] Buffer I/O error on device loop0, logical block 47
[   85.320175][  T152] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #15: comm kworker/u4:5: corrupted inode contents
[   85.329568][  T152] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #15: comm kworker/u4:5: mark_inode_dirty error
[   85.338358][  T152] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #15: comm kworker/u4:5: corrupted inode contents
[   85.353096][  T152] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #15: comm kworker/u4:5: mark_inode_dirty error
[   85.376043][  T152] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #15: comm kworker/u4:5: corrupted inode contents
[   85.392582][  T152] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #15: comm kworker/u4:5: mark_inode_dirty error
[   85.402463][  T152] ------------[ cut here ]------------
[   85.405219][  T152] kernel BUG at fs/ext4/mballoc.c:4780!
[   85.408088][  T152] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[   85.410607][  T152] CPU: 0 UID: 0 PID: 152 Comm: kworker/u4:5 Not tainted syzkaller #0 PREEMPT(full) 
[   85.414173][  T152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.418246][  T152] Workqueue: writeback wb_workfn (flush-7:0)
[   85.420839][  T152] RIP: 0010:ext4_mb_use_inode_pa+0x6c1/0x720
[   85.423316][  T152] Code: e8 24 90 a4 ff 48 ba 00 00 00 00 00 fc ff df e9 da fa ff ff e8 00 aa 37 ff 90 0f 0b e8 f8 a9 37 ff 90 0f 0b e8 f0 a9 37 ff 90 <0f> 0b e8 e8 a9 37 ff 90 0f 0b 48 8b 0c 24 80 e1 07 80 c1 03 38 c1
[   85.431085][  T152] RSP: 0018:ffffc900016be528 EFLAGS: 00010293
[   85.433633][  T152] RAX: ffffffff828e1d20 RBX: 00000000ffffffca RCX: ffff888032aea540
[   85.437033][  T152] RDX: 0000000000000000 RSI: 0000000000000054 RDI: 000000000000001e
[   85.440416][  T152] RBP: 1ffff11008d254b5 R08: ffff88804692eefb R09: 1ffff11008d25ddf
[   85.444528][  T152] R10: dffffc0000000000 R11: ffffed1008d25de0 R12: 0000000000000000
[   85.447873][  T152] R13: 0000000000000054 R14: 1ffff11008d25de2 R15: ffff88804692ef10
[   85.450916][  T152] FS:  0000000000000000(0000) GS:ffff88808c894000(0000) knlGS:0000000000000000
[   85.454587][  T152] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.457332][  T152] CR2: 00007f7bef1ee6b8 CR3: 000000003ee85000 CR4: 0000000000352ef0
[   85.460484][  T152] Call Trace:
[   85.461878][  T152]  <TASK>
[   85.463116][  T152]  ext4_mb_use_preallocated+0x660/0x13f0
[   85.465410][  T152]  ext4_mb_new_blocks+0x5e2/0x46c0
[   85.467706][  T152]  ? do_raw_spin_unlock+0x4d/0x210
[   85.470045][  T152]  ? __pfx_ext4_new_meta_blocks+0x10/0x10
[   85.472267][  T152]  ? __pfx_ext4_mb_new_blocks+0x10/0x10
[   85.474919][  T152]  ? ext4_block_to_path+0x297/0x6f0
[   85.477311][  T152]  ext4_ind_map_blocks+0xe96/0x2260
[   85.479610][  T152]  ? __lock_acquire+0x6b5/0x2cf0
[   85.481702][  T152]  ? __pfx_ext4_ind_map_blocks+0x10/0x10
[   85.484137][  T152]  ? stack_depot_save_flags+0x33/0x810
[   85.486813][  T152]  ? __kasan_slab_alloc+0x6c/0x80
[   85.488935][  T152]  ? ext4_inode_journal_mode+0x193/0x470
[   85.491238][  T152]  ? ext4_map_blocks+0x7b5/0x11d0
[   85.493660][  T152]  ext4_map_create_blocks+0xc1/0x540
[   85.495877][  T152]  ext4_map_blocks+0x7cd/0x11d0
[   85.497901][  T152]  ? __pfx_ext4_map_blocks+0x10/0x10
[   85.500093][  T152]  ? __ext4_journal_ensure_credits+0x30/0x450
[   85.502618][  T152]  ext4_do_writepages+0x18f3/0x4670
[   85.504783][  T152]  ? rcu_is_watching+0x15/0xb0
[   85.506779][  T152]  ? rcu_is_watching+0x15/0xb0
[   85.508761][  T152]  ? __pfx_ext4_do_writepages+0x10/0x10
[   85.511098][  T152]  ? __lock_acquire+0x6b5/0x2cf0
[   85.513246][  T152]  ? filemap_get_folios_tag+0x118/0x720
[   85.515585][  T152]  ? ext4_writepages+0x205/0x3b0
[   85.517783][  T152]  ? ext4_writepages+0x205/0x3b0
[   85.519932][  T152]  ext4_writepages+0x241/0x3b0
[   85.522093][  T152]  ? __pfx_ext4_writepages+0x10/0x10
[   85.524388][  T152]  ? irqentry_exit+0x218/0x8b0
[   85.526626][  T152]  ? __pfx_ext4_writepages+0x10/0x10
[   85.528883][  T152]  do_writepages+0x32e/0x550
[   85.530960][  T152]  ? reacquire_held_locks+0x104/0x190
[   85.533252][  T152]  ? writeback_sb_inodes+0x463/0x19d0
[   85.535552][  T152]  __writeback_single_inode+0x133/0x10e0
[   85.537984][  T152]  ? do_raw_spin_unlock+0x4d/0x210
[   85.540179][  T152]  writeback_sb_inodes+0x979/0x19d0
[   85.542506][  T152]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   85.544942][  T152]  ? __pfx_down_read_trylock+0x10/0x10
[   85.547330][  T152]  ? __pfx___up_read+0x10/0x10
[   85.549438][  T152]  __writeback_inodes_wb+0x111/0x240
[   85.551763][  T152]  wb_writeback+0x459/0xb00
[   85.553823][  T152]  ? queue_io+0x2a1/0x470
[   85.555667][  T152]  ? __pfx_wb_writeback+0x10/0x10
[   85.557820][  T152]  ? do_raw_spin_lock+0x12b/0x2f0
[   85.559970][  T152]  wb_workfn+0x921/0xf10
[   85.561834][  T152]  ? __lock_acquire+0x6b5/0x2cf0
[   85.563990][  T152]  ? look_up_lock_class+0x57/0x110
[   85.566194][  T152]  ? __pfx_wb_workfn+0x10/0x10
[   85.568232][  T152]  ? do_raw_spin_lock+0x12b/0x2f0
[   85.570495][  T152]  ? lock_acquire+0x106/0x350
[   85.572303][  T152]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   85.574692][  T152]  ? process_scheduled_works+0xa70/0x1860
[   85.577149][  T152]  ? process_scheduled_works+0xa70/0x1860
[   85.579632][  T152]  ? process_scheduled_works+0xa70/0x1860
[   85.582255][  T152]  process_scheduled_works+0xb5d/0x1860
[   85.584739][  T152]  ? __pfx_process_scheduled_works+0x10/0x10
[   85.587398][  T152]  ? assign_work+0x3d5/0x5e0
[   85.589409][  T152]  worker_thread+0xa53/0xfc0
[   85.591488][  T152]  kthread+0x389/0x470
[   85.593237][  T152]  ? __pfx_worker_thread+0x10/0x10
[   85.595460][  T152]  ? __pfx_kthread+0x10/0x10
[   85.597351][  T152]  ret_from_fork+0x514/0xb70
[   85.599341][  T152]  ? __pfx_ret_from_fork+0x10/0x10
[   85.601486][  T152]  ? __switch_to+0xc79/0x1410
[   85.603737][  T152]  ? __pfx_kthread+0x10/0x10
[   85.605851][  T152]  ret_from_fork_asm+0x1a/0x30
[   85.607844][  T152]  </TASK>
[   85.609234][  T152] Modules linked in:
[   85.611552][  T152] ---[ end trace 0000000000000000 ]---
[   85.614256][  T152] RIP: 0010:ext4_mb_use_inode_pa+0x6c1/0x720
[   85.617310][  T152] Code: e8 24 90 a4 ff 48 ba 00 00 00 00 00 fc ff df e9 da fa ff ff e8 00 aa 37 ff 90 0f 0b e8 f8 a9 37 ff 90 0f 0b e8 f0 a9 37 ff 90 <0f> 0b e8 e8 a9 37 ff 90 0f 0b 48 8b 0c 24 80 e1 07 80 c1 03 38 c1
[   85.625457][  T152] RSP: 0018:ffffc900016be528 EFLAGS: 00010293
[   85.628025][  T152] RAX: ffffffff828e1d20 RBX: 00000000ffffffca RCX: ffff888032aea540
[   85.631345][  T152] RDX: 0000000000000000 RSI: 0000000000000054 RDI: 000000000000001e
[   85.634435][  T152] RBP: 1ffff11008d254b5 R08: ffff88804692eefb R09: 1ffff11008d25ddf
[   85.637565][  T152] R10: dffffc0000000000 R11: ffffed1008d25de0 R12: 0000000000000000
[   85.642256][  T152] R13: 0000000000000054 R14: 1ffff11008d25de2 R15: ffff88804692ef10
[   85.645888][  T152] FS:  0000000000000000(0000) GS:ffff88808c894000(0000) knlGS:0000000000000000
[   85.649537][  T152] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.652425][  T152] CR2: 00007f7bef1ee6b8 CR3: 000000003ee85000 CR4: 0000000000352ef0
[   85.656091][  T152] Kernel panic - not syncing: Fatal exception
[   85.659055][  T152] Kernel Offset: disabled
[   85.660898][  T152] Rebooting in 86400 seconds..