program: futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000900)={[{@noblock_validity}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@resuid}, {@dioread_lock}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x180) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv(r1, &(0x7f0000000800)=[{&(0x7f0000000200)=""/22, 0x16}, {&(0x7f0000000240)=""/188, 0xbc}], 0x2) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x1a, 0x0, "ef359f413bb93852f7d6a4ae6dddfb01005d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6e246cd454b926ede000000001ce1a311ef54ec32d71e14ef3dc177e90000000000000000070100", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) (async) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000900)={[{@noblock_validity}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@resuid}, {@dioread_lock}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") (async) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x180) (async) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) (async) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) readv(r1, &(0x7f0000000800)=[{&(0x7f0000000200)=""/22, 0x16}, {&(0x7f0000000240)=""/188, 0xbc}], 0x2) (async) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x1a, 0x0, "ef359f413bb93852f7d6a4ae6dddfb01005d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6e246cd454b926ede000000001ce1a311ef54ec32d71e14ef3dc177e90000000000000000070100", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) (async) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) (async) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0) (async) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async) [ 86.660163][ T5313] Bluetooth: hci0: command tx timeout [ 86.718894][ T5340] loop0: detected capacity change from 0 to 1024 [ 86.773354][ T5340] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 86.828205][ T5340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.931347][ T5341] loop0: detected capacity change from 1024 to 64 [ 86.968826][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.973264][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.976813][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.980906][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.984386][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.987695][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.992792][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 86.998046][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 87.001979][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 87.005591][ T5338] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 87.121396][ T3020] ------------[ cut here ]------------ [ 87.123968][ T3020] kernel BUG at fs/ext4/inode.c:2810! [ 87.126303][ T3020] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 87.129089][ T3020] CPU: 0 UID: 0 PID: 3020 Comm: kworker/u4:16 Not tainted syzkaller #0 PREEMPT(full) [ 87.133030][ T3020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.137682][ T3020] Workqueue: writeback wb_workfn (flush-7:0) [ 87.140281][ T3020] RIP: 0010:ext4_do_writepages+0x44fe/0x4500 [ 87.142855][ T3020] Code: c6 40 2d 7f 8b e8 12 e5 ac fe 90 0f 0b e8 8a e3 45 ff 4c 89 f7 48 c7 c6 20 31 7f 8b e8 fb e4 ac fe 90 0f 0b e8 73 e3 45 ff 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 [ 87.151084][ T3020] RSP: 0018:ffffc900097eec60 EFLAGS: 00010293 [ 87.153734][ T3020] RAX: ffffffff827b21ad RBX: 0000004210000000 RCX: ffff888040f5a4c0 [ 87.157214][ T3020] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000 [ 87.160660][ T3020] RBP: ffffc900097ef070 R08: ffff8880469b9397 R09: 1ffff11008d37272 [ 87.164136][ T3020] R10: dffffc0000000000 R11: ffffed1008d37273 R12: dffffc0000000000 [ 87.167569][ T3020] R13: 0000000000000001 R14: 0000004000000000 R15: 1ffff1100885fcc7 [ 87.170998][ T3020] FS: 0000000000000000(0000) GS:ffff88808d416000(0000) knlGS:0000000000000000 [ 87.174897][ T3020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.177757][ T3020] CR2: 00007fff3ba2ae40 CR3: 000000003c8f0000 CR4: 0000000000352ef0 [ 87.181215][ T3020] Call Trace: [ 87.182731][ T3020] [ 87.184078][ T3020] ? __lock_acquire+0x6b6/0x2cf0 [ 87.186239][ T3020] ? __lock_acquire+0x6b6/0x2cf0 [ 87.188360][ T3020] ? __lock_acquire+0x6b6/0x2cf0 [ 87.190613][ T3020] ? look_up_lock_class+0x57/0x110 [ 87.192958][ T3020] ? register_lock_class+0x31/0x2e0 [ 87.195289][ T3020] ? __pfx_ext4_do_writepages+0x10/0x10 [ 87.197782][ T3020] ? __lock_acquire+0x6b6/0x2cf0 [ 87.199991][ T3020] ? filemap_get_folios_tag+0xed/0x630 [ 87.202386][ T3020] ? filemap_get_folios_tag+0x53b/0x630 [ 87.204854][ T3020] ? filemap_get_folios_tag+0xed/0x630 [ 87.207289][ T3020] ? ext4_writepages+0x1ca/0x350 [ 87.209442][ T3020] ? ext4_writepages+0x1ca/0x350 [ 87.211775][ T3020] ext4_writepages+0x203/0x350 [ 87.213985][ T3020] ? __pfx_ext4_writepages+0x10/0x10 [ 87.216312][ T3020] ? __pfx_ext4_writepages+0x10/0x10 [ 87.218544][ T3020] do_writepages+0x32e/0x550 [ 87.220606][ T3020] ? reacquire_held_locks+0x104/0x190 [ 87.222952][ T3020] ? writeback_sb_inodes+0x3bd/0x1870 [ 87.225430][ T3020] __writeback_single_inode+0x133/0x1240 [ 87.227877][ T3020] ? do_raw_spin_unlock+0x4d/0x240 [ 87.230238][ T3020] writeback_sb_inodes+0x93a/0x1870 [ 87.232615][ T3020] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 87.235094][ T3020] ? unwind_next_frame+0xa5/0x23d0 [ 87.237407][ T3020] ? __pfx_down_read_trylock+0x10/0x10 [ 87.239845][ T3020] ? __pfx___up_read+0x10/0x10 [ 87.241981][ T3020] __writeback_inodes_wb+0x111/0x240 [ 87.244313][ T3020] wb_writeback+0x43f/0xaa0 [ 87.246317][ T3020] ? queue_io+0x261/0x450 [ 87.248191][ T3020] ? __pfx_wb_writeback+0x10/0x10 [ 87.250416][ T3020] ? do_raw_spin_lock+0x121/0x290 [ 87.252628][ T3020] wb_workfn+0x8ee/0xed0 [ 87.254524][ T3020] ? __pfx_wb_workfn+0x10/0x10 [ 87.256686][ T3020] ? finish_task_switch+0x162/0x940 [ 87.258962][ T3020] ? do_raw_spin_lock+0x121/0x290 [ 87.261233][ T3020] ? lock_acquire+0x107/0x340 [ 87.263301][ T3020] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 87.265621][ T3020] ? process_scheduled_works+0x9ef/0x1770 [ 87.268009][ T3020] ? process_scheduled_works+0x9ef/0x1770 [ 87.270409][ T3020] ? process_scheduled_works+0x9ef/0x1770 [ 87.272948][ T3020] process_scheduled_works+0xad1/0x1770 [ 87.275426][ T3020] ? __pfx_process_scheduled_works+0x10/0x10 [ 87.278000][ T3020] ? do_raw_spin_lock+0x121/0x290 [ 87.280251][ T3020] worker_thread+0x8a0/0xda0 [ 87.282307][ T3020] kthread+0x711/0x8a0 [ 87.284171][ T3020] ? __pfx_worker_thread+0x10/0x10 [ 87.286463][ T3020] ? __pfx_kthread+0x10/0x10 [ 87.288528][ T3020] ? _raw_spin_unlock_irq+0x23/0x50 [ 87.290731][ T3020] ? __pfx_kthread+0x10/0x10 [ 87.292714][ T3020] ret_from_fork+0x510/0xa50 [ 87.294721][ T3020] ? __pfx_ret_from_fork+0x10/0x10 [ 87.297026][ T3020] ? __switch_to+0xc9e/0x1480 [ 87.299133][ T3020] ? __pfx_kthread+0x10/0x10 [ 87.301190][ T3020] ret_from_fork_asm+0x1a/0x30 [ 87.303434][ T3020] [ 87.304810][ T3020] Modules linked in: [ 87.307472][ T3020] ---[ end trace 0000000000000000 ]---