90
[ 1406.886052][T30771] ? __alloc_file+0x2e/0x150
[ 1406.890690][T30771] should_failslab+0x5/0x20
[ 1406.895181][T30771] kmem_cache_alloc+0x46/0x2f0
[ 1406.899940][T30771] ? _raw_spin_unlock+0x2d/0x50
[ 1406.904800][T30771] ? inode_doinit_with_dentry+0x339/0x770
[ 1406.910656][T30771] __alloc_file+0x2e/0x150
[ 1406.915131][T30771] alloc_empty_file+0xcd/0x1c0
[ 1406.919930][T30771] alloc_file+0x3a/0x2e0
[ 1406.924268][T30771] alloc_file_pseudo+0xf0/0x140
[ 1406.929110][T30771] __shmem_file_setup+0x13a/0x1c0
[ 1406.934128][T30771] shmem_file_setup+0x37/0x40
[ 1406.938859][T30771] __se_sys_memfd_create+0x1c1/0x330
[ 1406.944137][T30771] __x64_sys_memfd_create+0x2d/0x40
[ 1406.949455][T30771] do_syscall_64+0x2b/0x70
[ 1406.953863][T30771] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1406.959766][T30771] RIP: 0033:0x7fc7bd7740a9
[ 1406.964166][T30771] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1406.983838][T30771] RSP: 002b:00007fc7bcac5f38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1406.992308][T30771] RAX: ffffffffffffffda RBX: 00000000000004a6 RCX: 00007fc7bd7740a9
[ 1407.000275][T30771] RDX: 00007fc7bcac5fdc RSI: 0000000000000000 RDI: 00007fc7bd7cee81
[ 1407.008242][T30771] RBP: 00000000000004a6 R08: 00007fc7bcac5e20 R09: ffffffffffffffff
[ 1407.016215][T30771] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000200004c0
[ 1407.024178][T30771] R13: 00007fc7bcac5fdc R14: 00007fc7bcac5fe0 R15: 0000000020000580
[ 1407.032313][T30771]
[ 1407.035418][T30769] CPU: 0 PID: 30769 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1407.046363][T30769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1407.047444][T30758] EXT4-fs (loop4): 1 truncate cleaned up
[ 1407.056411][T30769] Call Trace:
[ 1407.056420][T30769]
[ 1407.056427][T30769] dump_stack_lvl+0xd6/0x130
[ 1407.056449][T30769] dump_stack+0x11/0x20
[ 1407.062090][T30758] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1407.065352][T30769] should_fail_ex+0x224/0x230
[ 1407.065374][T30769] __should_failslab+0x8c/0x90
[ 1407.065398][T30769] should_failslab+0x5/0x20
[ 1407.078447][T30763] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1407.089048][T30769] __kmem_cache_alloc_node+0x41/0x2f0
[ 1407.089080][T30769] ? mon_bin_open+0x121/0x3c0
[ 1407.124578][T30769] kmalloc_trace+0x26/0x90
[ 1407.129003][T30769] mon_bin_open+0x121/0x3c0
[ 1407.133568][T30769] chrdev_open+0x362/0x3d0
[ 1407.138068][T30769] ? cd_forget+0xe0/0xe0
[ 1407.142330][T30769] do_dentry_open+0x59a/0x910
[ 1407.147120][T30769] vfs_open+0x43/0x50
[ 1407.151109][T30769] path_openat+0x16b8/0x1b60
[ 1407.155706][T30769] ? _parse_integer_limit+0x16f/0x190
[ 1407.161081][T30769] do_filp_open+0x105/0x220
[ 1407.165668][T30769] do_sys_openat2+0xb5/0x2a0
[ 1407.170277][T30769] ? mutex_lock+0x9/0x30
[ 1407.174559][T30769] ? fput+0x2c/0x130
[ 1407.178460][T30769] __x64_sys_openat+0xef/0x110
[ 1407.183233][T30769] do_syscall_64+0x2b/0x70
[ 1407.187657][T30769] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1407.193559][T30769] RIP: 0033:0x7f53668d4234
[ 1407.198056][T30769] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1407.217705][T30769] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1407.226124][T30769] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1407.234105][T30769] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1407.242080][T30769] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1407.250068][T30769] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1407.258086][T30769] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1407.266068][T30769]
[ 1407.275333][T30775] FAULT_INJECTION: forcing a failure.
[ 1407.275333][T30775] name failslab, interval 1, probability 0, space 0, times 0
[ 1407.288360][T30775] CPU: 0 PID: 30775 Comm: syz-executor.5 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1407.299374][T30775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1407.309483][T30775] Call Trace:
[ 1407.312752][T30775]
[ 1407.315733][T30775] dump_stack_lvl+0xd6/0x130
[ 1407.320354][T30775] dump_stack+0x11/0x20
[ 1407.324503][T30775] should_fail_ex+0x224/0x230
[ 1407.329195][T30775] __should_failslab+0x8c/0x90
[ 1407.334033][T30775] ? security_file_alloc+0x2e/0xf0
[ 1407.339145][T30775] should_failslab+0x5/0x20
[ 1407.343641][T30775] kmem_cache_alloc+0x46/0x2f0
[ 1407.348446][T30775] security_file_alloc+0x2e/0xf0
[ 1407.353424][T30775] __alloc_file+0x81/0x150
[ 1407.357857][T30775] alloc_empty_file+0xcd/0x1c0
[ 1407.362612][T30775] alloc_file+0x3a/0x2e0
[ 1407.366889][T30775] alloc_file_pseudo+0xf0/0x140
[ 1407.371765][T30775] __shmem_file_setup+0x13a/0x1c0
[ 1407.376861][T30775] shmem_file_setup+0x37/0x40
[ 1407.381603][T30775] __se_sys_memfd_create+0x1c1/0x330
[ 1407.386881][T30775] __x64_sys_memfd_create+0x2d/0x40
[ 1407.392097][T30775] do_syscall_64+0x2b/0x70
[ 1407.396614][T30775] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1407.402527][T30775] RIP: 0033:0x7f503d1ae0a9
[ 1407.406955][T30775] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1407.426561][T30775] RSP: 002b:00007f503c4def38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1407.434962][T30775] RAX: ffffffffffffffda RBX: 00000000000004a6 RCX: 00007f503d1ae0a9
[ 1407.442933][T30775] RDX: 00007f503c4defdc RSI: 0000000000000000 RDI: 00007f503d208e81
[ 1407.450892][T30775] RBP: 00000000000004a6 R08: 00007f503c4dee20 R09: ffffffffffffffff
[ 1407.458857][T30775] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000200004c0
[ 1407.466846][T30775] R13: 00007f503c4defdc R14: 00007f503c4defe0 R15: 0000000020000580
[ 1407.474806][T30775]
[ 1407.497491][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1407.558565][T30763] EXT4-fs (loop1): Remounting filesystem read-only
[ 1407.610634][T30763] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1407.659784][T30763] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 215 vs 220 free clusters
07:33:12 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiQY0okfgLqKBBQIVECz2KFCE3BKpDe7drnx9n/DjnAvv5SJvM3M555ru7czc7sxdAaVWzf5KI/RHxS0QMNLMrC1Sb/91cnJ/4c3F+Iol6/fXfk0a5PxbnJ4qixfv25ZmhNCL9KIkj69Q7e+nyufFabepinh+ZO//OyOyly09Nnx8/O3V26sLYqVMnT4w++8zY0x2Jsz9r6+H3Z44eevnNa69OnL721g9fZe3dn+9vjaNTqlFdeSxbPNrpyrqsvyWd9HSxIWxJJSKy09Xb6P8DUYnlkzcQL33Y1cYBu6per9f3tN+9UAf+w5LodguA7ii+6LP732K7RUOP28KN57Mb1s8a8d/Mt+aenkjzMr2r7m87qRoRpxf++jzbYpfmIQAAWn2TjX+eXG/8l8Y9LeXuyNeGBiPizog4EBF3RcTBiLg7olH23oi4b4v1V1fl145/0uvbCmyTsvHfc/na1srxXzH6i8FKnutvxN+bnJmuTR3Pj8lQ9O7J8qMb1PHtiz9/0m5f6/gv27L6i7Fg3o7rPasm6CbH58Z3EnOrGx805gCvrI0/WVoJSCLiUEQc3sbfz47Z9ONfHm23/5/j30AH1pnqX0Q81jz/C7Eq/kKy8frkyP+iNnV8pLgq1vrxp6uvtat/R/F3QHb+9657/S/FP5i0rtfObr2Oq79+3PaeZrvXf1/yRiPdl7/23vjc3MXRiL7klbWvjy2/t8gX5bP4h46t3/8PxPKROBIR2UV8f0Q8EBEP5m1/KCIejohjG8T//QuPvL39+HdXFv/kls7/1hOVc9993a7+zZ3/k43UUP7KZj7/NtvAnRw7AAAA+LdIG8/AJ+nwUjpNh4ebz/AfjL1pbWZ27okzM+9emGw+Kz8YvWkx0zXQMh86ms8NF/mxVfkT+bzxp5X/N/LDEzO1yW4HDyW3r03/z/xW6XbrgF3n91pQXvo/lJf+D+Wl/0N56f9QXuv1/ytdaAdw6/n+h/LS/6G89H8oL/0fSmknv+uXKHMi0tuiGRK7lOj2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/B0AAP//AcXqfA==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:12 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 7)
[ 1407.707486][T30763] EXT4-fs (loop1): 1 truncate cleaned up
[ 1407.713281][T30763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:12 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 8)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:12 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 7)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:12 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiizgIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/ubvSaPcH4vzE0XR4n378sxQGpF+nMSRdeqdvXT53HitNnUxz4/MnX9vZPbS5Wemz4+fnTo7dWHs1KmTJ0aff27s2Y7E2Z+19fCHM0cPvfr29dcnTl9/54evsvbuz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6bra6P8DUYnlkzcQr3zU1cYBu6per9f3tN+9UAf+w5LodguA7ii+6LP732K7TUOPO8LNF5s3QFnct/Ktuacn0rxM76r7206qRsTphb8+z7bYpXkIAIBW32Tjn6fXG/+lcV9LubvytaHBiLg7Ig5ExD0RcTAi7o1olL0/Ih7YYv3VVfm145/0xrYC26Rs/PdCvra1cvxXjP5isJLn+hvx9yZnpmtTx/NjMhS9e7L86AZ1fPvyz5+229c6/su2rP5iLJi340bPqgm6yfG58Z3E3Orm1cYc4JW18SdLKwFJRByKiMPb+PvZMZt+8suj7fb/c/wb6MA6U/2LiCea538hVsVfSDZenxz5X9Smjo8UV8VaP/507Y129e8o/g7Izv/eda//pfgHk9b12tmt13Ht10/a3tNs9/rvS95qpPvy1z4Yn5u7OBrRl7y29vWx5fcW+aJ8Fv/QsfX7/4FYPhJHIiK7iB+MiIci4uG87Y9ExKMRcWyD+L9/6bF3tx//7srin9zS+d96onLuu6/b1b+583+ykRrKX9nM599mG7iTYwcAAAD/FmnjGfgkHV5Kp+nwcPMZ/oOxN63NzM49dWbm/QuTzWflB6M3LWa6BlrmQ0fzueEiP7YqfyKfN/6s8v9GfnhipjbZ7eCh5Pa16f+Z3yrdbh2w6/xeC8pL/4fy0v+hvPR/KC/9H8prvf5/pQvtAG4/3/9QXvo/lJf+D+Wl/0Mp7eR3/RJlTkR6RzRDYpcS3f5kAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iy/AwAA//8WpOpm")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1408.170984][T30788] loop4: detected capacity change from 0 to 512
[ 1408.178709][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1408.908083][T30787] FAULT_INJECTION: forcing a failure.
[ 1408.908083][T30787] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1408.921352][T30787] CPU: 0 PID: 30787 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1408.926689][T30790] FAULT_INJECTION: forcing a failure.
[ 1408.926689][T30790] name failslab, interval 1, probability 0, space 0, times 0
[ 1408.932357][T30787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1408.955085][T30787] Call Trace:
[ 1408.958355][T30787]
[ 1408.961276][T30787] dump_stack_lvl+0xd6/0x130
[ 1408.965861][T30787] dump_stack+0x11/0x20
[ 1408.970074][T30787] should_fail_ex+0x224/0x230
[ 1408.974808][T30787] __alloc_pages+0x10a/0x340
[ 1408.979425][T30787] alloc_pages+0x3f1/0x4f0
[ 1408.983829][T30787] get_zeroed_page+0x13/0x40
[ 1408.988415][T30787] mon_bin_open+0x1ba/0x3c0
[ 1408.992924][T30787] chrdev_open+0x362/0x3d0
[ 1408.997423][T30787] ? cd_forget+0xe0/0xe0
[ 1409.001660][T30787] do_dentry_open+0x59a/0x910
[ 1409.006508][T30787] vfs_open+0x43/0x50
[ 1409.010485][T30787] path_openat+0x16b8/0x1b60
[ 1409.015067][T30787] ? _parse_integer_limit+0x16f/0x190
[ 1409.020456][T30787] do_filp_open+0x105/0x220
[ 1409.025016][T30787] do_sys_openat2+0xb5/0x2a0
[ 1409.029673][T30787] ? mutex_lock+0x9/0x30
[ 1409.033975][T30787] ? fput+0x2c/0x130
[ 1409.038073][T30787] __x64_sys_openat+0xef/0x110
[ 1409.042830][T30787] do_syscall_64+0x2b/0x70
[ 1409.047235][T30787] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1409.053157][T30787] RIP: 0033:0x7f53668d4234
[ 1409.057560][T30787] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1409.077204][T30787] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1409.085604][T30787] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1409.093594][T30787] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1409.101603][T30787] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1409.109621][T30787] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1409.117581][T30787] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1409.125580][T30787]
[ 1409.128600][T30790] CPU: 1 PID: 30790 Comm: syz-executor.5 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1409.136090][T30786] FAULT_INJECTION: forcing a failure.
[ 1409.136090][T30786] name failslab, interval 1, probability 0, space 0, times 0
[ 1409.139535][T30790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1409.139548][T30790] Call Trace:
[ 1409.139554][T30790]
[ 1409.168426][T30790] dump_stack_lvl+0xd6/0x130
[ 1409.173084][T30790] dump_stack+0x11/0x20
[ 1409.177224][T30790] should_fail_ex+0x224/0x230
[ 1409.181889][T30790] __should_failslab+0x8c/0x90
[ 1409.186713][T30790] ? vm_area_alloc+0x28/0x90
[ 1409.191324][T30790] should_failslab+0x5/0x20
[ 1409.195889][T30790] kmem_cache_alloc+0x46/0x2f0
[ 1409.200644][T30790] vm_area_alloc+0x28/0x90
[ 1409.205084][T30790] mmap_region+0x845/0x13b0
[ 1409.209639][T30790] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1409.215870][T30790] ? security_mmap_addr+0x78/0x90
[ 1409.220901][T30790] ? get_unmapped_area+0x247/0x270
[ 1409.226005][T30790] do_mmap+0x66d/0xa40
[ 1409.230114][T30790] vm_mmap_pgoff+0x117/0x1f0
[ 1409.234694][T30790] ksys_mmap_pgoff+0xc2/0x320
[ 1409.239378][T30790] ? fpregs_assert_state_consistent+0x7e/0x90
[ 1409.245449][T30790] do_syscall_64+0x2b/0x70
[ 1409.249973][T30790] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1409.255869][T30790] RIP: 0033:0x7f503d1ae0f2
[ 1409.260330][T30790] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64
[ 1409.279953][T30790] RSP: 002b:00007f503c4fff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1409.288425][T30790] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00007f503d1ae0f2
[ 1409.296447][T30790] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[ 1409.304425][T30790] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1409.312383][T30790] R10: 0000000000000022 R11: 0000000000000246 R12: 00000000000004a4
[ 1409.320429][T30790] R13: 00007f503c4fffdc R14: 00007f503c4fffe0 R15: 0000000020000582
[ 1409.328390][T30790]
[ 1409.331436][T30786] CPU: 0 PID: 30786 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1409.342379][T30786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1409.343800][T30788] EXT4-fs: Ignoring removed nobh option
[ 1409.352423][T30786] Call Trace:
[ 1409.352432][T30786]
[ 1409.352438][T30786] dump_stack_lvl+0xd6/0x130
[ 1409.368869][T30786] dump_stack+0x11/0x20
[ 1409.373073][T30786] should_fail_ex+0x224/0x230
[ 1409.377761][T30786] __should_failslab+0x8c/0x90
[ 1409.382603][T30786] ? security_file_alloc+0x2e/0xf0
[ 1409.383776][T30791] loop0: detected capacity change from 0 to 512
[ 1409.387713][T30786] should_failslab+0x5/0x20
[ 1409.387737][T30786] kmem_cache_alloc+0x46/0x2f0
[ 1409.403232][T30786] security_file_alloc+0x2e/0xf0
07:33:13 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kckljmIjkcgiAaFQokj0iBKJv4AKGgRUSLTQo0gRckOgOrR3u/b5ccaPcy5kfz9pk5nbOc98uzt3szN7AZRWNfsnidgbEb9FxEAzu7xAtfnfzYX5ib8X5ieSqNff/jNplPtrYX6iKFq8b0+eGUoj0k+TOLRGvbMXL50Zr9WmLuT5kbmz50dmL156bvrs+Omp01Pnxk6cOH5s9MUXxp7vSJz9WVsPfjRz+MDr7157c+Lktfd++iZr7958f2scnVKN6vJj2eLJTlfWZf0t6aSniw1hUyoRkZ2u3kb/H4hKLJ28gXjtk642DthR9Xq9vqv97vN14A6WRLdbAHRH8UWf3f8W2y0aetwWbrzcvAHK4r6Zb809PZHmZXpX3N92UjUiTl7558tsix2ahwAAaPVdNv55dq3xXxoPtJS7J18bGoyIeyNiX0TcFxH7I+L+iEbZByPioU3WX12RXz3+Sa9vKbANysZ/L+VrW8vHf8XoLwYrea6/EX9vcmq6NnU0PyZD0bsry4+uU8f3r/76ebt9reO/bMvqL8aCeTuu96yYoJscnxvfTsytbnzcmAO8vDr+ZHElIImIAxFxcAt/Pztm009/fbjd/v+Ofx0dWGeqfxXxVPP8X4kV8ReS9dcnR+6K2tTRkeKqWO3nX66+1a7+bcXfAdn5373m9b8Y/2DSul47u/k6rv7+Wdt7mq1e/33JO410X/7ah+NzcxdGI/qSN1a/Prb03iJflM/iHzqydv/fF0tH4lBEZBfxwxHxSEQ8mrf9sYh4PCKOrBP/j6888f7W499ZWfyTmzr/m09Uzvzwbbv6N3b+jzdSQ/krG/n822gDt3PsAAAA4P8ibTwDn6TDi+k0HR5uPsO/P3antZnZuWdOzXxwbrL5rPxg9KbFTNdAy3zoaD43XOTHVuSP5fPGX1TubuSHJ2Zqk90OHkpuT5v+n/mj0u3WATvO77WgvPR/KC/9H8pL/4fy0v+hvNbq/5e70A7g1vP9D+Wl/0N56f9QXvo/lNJ2ftcvUeZEpLdFMyR2KNHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+DcAAP//m+Dp2g==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1409.408187][T30786] __alloc_file+0x81/0x150
[ 1409.412621][T30786] alloc_empty_file+0xcd/0x1c0
[ 1409.417450][T30786] alloc_file+0x3a/0x2e0
[ 1409.421764][T30786] alloc_file_pseudo+0xf0/0x140
[ 1409.426686][T30786] __shmem_file_setup+0x13a/0x1c0
[ 1409.431723][T30786] shmem_file_setup+0x37/0x40
[ 1409.436517][T30786] __se_sys_memfd_create+0x1c1/0x330
[ 1409.441822][T30786] __x64_sys_memfd_create+0x2d/0x40
[ 1409.447038][T30786] do_syscall_64+0x2b/0x70
[ 1409.451479][T30786] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1409.457367][T30786] RIP: 0033:0x7fc7bd7740a9
[ 1409.461769][T30786] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1409.481380][T30786] RSP: 002b:00007fc7bcac5f38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1409.489882][T30786] RAX: ffffffffffffffda RBX: 00000000000004a6 RCX: 00007fc7bd7740a9
[ 1409.497840][T30786] RDX: 00007fc7bcac5fdc RSI: 0000000000000000 RDI: 00007fc7bd7cee81
[ 1409.505827][T30786] RBP: 00000000000004a6 R08: 00007fc7bcac5e20 R09: ffffffffffffffff
[ 1409.513789][T30786] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000200004c0
[ 1409.521746][T30786] R13: 00007fc7bcac5fdc R14: 00007fc7bcac5fe0 R15: 0000000020000580
[ 1409.529713][T30786]
[ 1409.546606][T30791] EXT4-fs: Ignoring removed nobh option
07:33:13 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 9)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:13 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 8)
[ 1409.553149][T30791] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (6536!=33349)
[ 1409.562736][T30791] EXT4-fs (loop0): group descriptors corrupted!
[ 1409.569739][T30788] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1409.589549][T30788] EXT4-fs (loop4): Remounting filesystem read-only
[ 1409.603279][T30788] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1409.633477][T30788] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1410.274279][T30799] FAULT_INJECTION: forcing a failure.
[ 1410.274279][T30799] name failslab, interval 1, probability 0, space 0, times 0
[ 1410.286931][T30799] CPU: 1 PID: 30799 Comm: syz-executor.5 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1410.297885][T30799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1410.307947][T30799] Call Trace:
[ 1410.311234][T30799]
[ 1410.314171][T30799] dump_stack_lvl+0xd6/0x130
[ 1410.318839][T30799] dump_stack+0x11/0x20
[ 1410.321098][T30800] FAULT_INJECTION: forcing a failure.
[ 1410.321098][T30800] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1410.323008][T30799] should_fail_ex+0x224/0x230
[ 1410.340895][T30799] __should_failslab+0x8c/0x90
[ 1410.345805][T30799] ? mas_alloc_nodes+0x18d/0x410
[ 1410.350744][T30799] should_failslab+0x5/0x20
[ 1410.355236][T30799] kmem_cache_alloc+0x46/0x2f0
[ 1410.360050][T30799] mas_alloc_nodes+0x18d/0x410
[ 1410.364813][T30799] ? kmem_cache_alloc+0x23f/0x2f0
[ 1410.369923][T30799] mas_preallocate+0xbf/0x1f0
[ 1410.374601][T30799] mmap_region+0xc42/0x13b0
[ 1410.379186][T30799] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1410.385419][T30799] ? security_mmap_addr+0x78/0x90
[ 1410.390552][T30799] ? get_unmapped_area+0x247/0x270
[ 1410.395654][T30799] do_mmap+0x66d/0xa40
[ 1410.399790][T30799] vm_mmap_pgoff+0x117/0x1f0
[ 1410.404448][T30799] ksys_mmap_pgoff+0xc2/0x320
[ 1410.409198][T30799] do_syscall_64+0x2b/0x70
[ 1410.413603][T30799] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1410.419520][T30799] RIP: 0033:0x7f503d1ae0f2
[ 1410.424034][T30799] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64
[ 1410.443725][T30799] RSP: 002b:00007f503c4fff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1410.452131][T30799] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00007f503d1ae0f2
[ 1410.460100][T30799] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[ 1410.468073][T30799] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1410.476093][T30799] R10: 0000000000000022 R11: 0000000000000246 R12: 00000000000004a4
[ 1410.484053][T30799] R13: 00007f503c4fffdc R14: 00007f503c4fffe0 R15: 0000000020000582
[ 1410.492020][T30799]
[ 1410.495024][T30800] CPU: 0 PID: 30800 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1410.505975][T30800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1410.516090][T30800] Call Trace:
[ 1410.519377][T30800]
[ 1410.522386][T30800] dump_stack_lvl+0xd6/0x130
[ 1410.523602][T30788] EXT4-fs (loop4): 1 truncate cleaned up
[ 1410.527029][T30800] dump_stack+0x11/0x20
[ 1410.532672][T30788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1410.536778][T30800] should_fail_ex+0x224/0x230
[ 1410.536799][T30800] __alloc_pages+0x10a/0x340
[ 1410.558178][T30800] alloc_pages+0x3f1/0x4f0
[ 1410.562680][T30800] get_zeroed_page+0x13/0x40
[ 1410.567280][T30800] mon_bin_open+0x1ba/0x3c0
[ 1410.571827][T30800] chrdev_open+0x362/0x3d0
[ 1410.576244][T30800] ? cd_forget+0xe0/0xe0
[ 1410.580480][T30800] do_dentry_open+0x59a/0x910
[ 1410.585158][T30800] vfs_open+0x43/0x50
[ 1410.589137][T30800] path_openat+0x16b8/0x1b60
[ 1410.593724][T30800] ? _parse_integer_limit+0x16f/0x190
[ 1410.599086][T30800] do_filp_open+0x105/0x220
[ 1410.603585][T30800] do_sys_openat2+0xb5/0x2a0
[ 1410.608183][T30800] ? mutex_lock+0x9/0x30
[ 1410.612419][T30800] ? fput+0x2c/0x130
[ 1410.616340][T30800] __x64_sys_openat+0xef/0x110
[ 1410.621101][T30800] do_syscall_64+0x2b/0x70
[ 1410.625558][T30800] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1410.631444][T30800] RIP: 0033:0x7f53668d4234
[ 1410.635844][T30800] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1410.655482][T30800] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1410.663951][T30800] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1410.671910][T30800] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1410.679867][T30800] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1410.687825][T30800] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1410.695862][T30800] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1410.703850][T30800]
07:33:15 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 10)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:15 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 8)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiIVpEicRfQAUNAiokWuhRpAi5IVAd2rtd+/w448c5F9jPR9pk5nbOM9/dnbvZmb0ASqua/ZNE7I+IXyJioJldWaDa/O/m4vzEn4vzE0nU66//njTK/bE4P1EULd63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxRZ/d/xbbLRp63BZuPJ/dsH7WiP9mvjX39ESal+lddX/bSdWIOL3w1+fZFrs0DwEA0OqbbPzz5HrjvzTuaSl3R742NBgRd0bEgYi4KyIORsTdEY2y90bEfVusv7oqv3b8k17fVmCblI3/nsvXtlaO/4rRXwxW8lx/I/7e5Mx0bep4fkyGondPlh/doI5vX/z5k3b7Wsd/2ZbVX4wF83Zc71k1QTc5Pje+k5hb3figMQd4ZW38ydJKQBIRhyLi8Db+fnbMph//8mi7/f8c/wY6sM5U/yLiseb5X4hV8ReSjdcnR/4XtanjI8VVsdaPP119rV39O4q/A7Lzv3fd638p/sGkdb12dut1XP3147b3NNu9/vuSNxrpvvy198bn5i6ORvQlr6x9fWz5vUW+KJ/FP3Rs/f5/IJaPxJGIyC7i+yPigYh4MG/7QxHxcEQc2yD+71945O3tx7+7svgnt3T+t56onPvu63b1b+78n2ykhvJXNvP5t9kG7uTYAQAAwL9F2ngGPkmHl9JpOjzcfIb/YOxNazOzc0+cmXn3wmTzWfnB6E2Lma6BlvnQ0XxuuMiPrcqfyOeNP638v5EfnpipTXY7eCi5fW36f+a3SrdbB+w6v9eC8tL/obz0fygv/R/KS/+H8lqv/1/pQjuAW8/3P5SX/g/lpf9Deen/UEo7+V2/RJkTkd4WzZDYpUS3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//+zs6n0=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1410.722902][T30798] loop1: detected capacity change from 0 to 512
[ 1410.730007][T30798] EXT4-fs: Ignoring removed nobh option
[ 1410.749346][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:15 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEgqhQJHpEicRfQAUNAiokWuhRpAi5IVAd2rtd+/w448c5F9jPR9pk5nbOM9/dnbvZmb0ASqua/ZNE7I+IXyJioJldWaDa/O/m4vzEn4vzE0nU66//njTK/bE4P1EULd63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna5PGv1/ICqxfPIG4qUPu9o4YFfV6/X6nva7F+rAf1gS3W4B0B3FF312/1tst2jocVu48XzzBiiL+2a+Nff0RJqX6V11f9tJ1Yg4vfDX59kWuzQPAQDQ6pts/PPkeuO/NO5pKXdHvjY0GBF3RsSBiLgrIg5GxN0RjbL3RsR9W6y/uiq/dvyTXt9WYJuUjf+ey9e2Vo7/itFfDFbyXH8j/t7kzHRt6nh+TIaid0+WH92gjm9f/PnTdvtax3/ZltVfjAXzdlzvWTVBNzk+N76TmFvd+KAxB3hlbfzJ0kpAEhGHIuLwNv5+dsymH//yaLv9/xz/BjqwzlT/IuKx5vlfiFXxF5KN1ydH/he1qeMjxVWx1o8/XX2tXf07ir8DsvO/d93rfyn+waR1vXZ263Vc/fXjtvc0273++5I3Gum+/LX3xufmLo5G9CWvrH19bPm9Rb4on8U/dGz9/n8glo/EkYjILuL7I+KBiHgwb/tDEfFwRBzbIP7vX3jk7e3Hv7uy+Ce3dP63nqic++7rdvVv7vyfbKSG8lc28/m32Qbu5NgBAADAv0XaeAY+SYeX0mk6PNx8hv9g7E1rM7NzT5yZeffCZPNZ+cHoTYuZroGW+dDRfG64yI+typ/I540/q/y/kR+emKlNdjt4KLl9bfp/5rdKt1sH7Dq/14Ly0v+hvPR/KC/9H8pL/4fyWq//X+lCO4Bbz/c/lJf+D+Wl/0N56f9QSjv5Xb9EmROR3hbNkNilRLc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//2DXqbg==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1410.769011][T30798] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1411.407978][T30807] FAULT_INJECTION: forcing a failure.
[ 1411.407978][T30807] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.420691][T30807] CPU: 1 PID: 30807 Comm: syz-executor.5 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1411.431812][T30807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1411.441866][T30807] Call Trace:
[ 1411.445146][T30807]
[ 1411.448073][T30807] dump_stack_lvl+0xd6/0x130
[ 1411.452751][T30807] dump_stack+0x11/0x20
[ 1411.456948][T30807] should_fail_ex+0x224/0x230
[ 1411.461721][T30807] __should_failslab+0x8c/0x90
[ 1411.466540][T30807] should_failslab+0x5/0x20
[ 1411.471069][T30807] kmem_cache_alloc_bulk+0x3a/0x370
[ 1411.476271][T30807] ? mas_alloc_nodes+0x18d/0x410
[ 1411.481207][T30807] mas_alloc_nodes+0x2a0/0x410
[ 1411.485978][T30807] mas_preallocate+0xbf/0x1f0
[ 1411.490659][T30807] mmap_region+0xc42/0x13b0
[ 1411.495179][T30807] ? cap_mmap_addr+0x26/0x1a0
[ 1411.499859][T30807] ? security_mmap_addr+0x78/0x90
[ 1411.504943][T30807] ? get_unmapped_area+0x247/0x270
[ 1411.506852][T30808] FAULT_INJECTION: forcing a failure.
[ 1411.506852][T30808] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.510116][T30807] do_mmap+0x66d/0xa40
[ 1411.526784][T30807] vm_mmap_pgoff+0x117/0x1f0
[ 1411.531372][T30807] ksys_mmap_pgoff+0xc2/0x320
[ 1411.536061][T30807] do_syscall_64+0x2b/0x70
[ 1411.540517][T30807] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1411.546460][T30807] RIP: 0033:0x7f503d1ae0f2
[ 1411.550860][T30807] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64
[ 1411.570493][T30807] RSP: 002b:00007f503c4fff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1411.578893][T30807] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00007f503d1ae0f2
[ 1411.586933][T30807] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[ 1411.594892][T30807] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1411.602853][T30807] R10: 0000000000000022 R11: 0000000000000246 R12: 00000000000004a4
[ 1411.610851][T30807] R13: 00007f503c4fffdc R14: 00007f503c4fffe0 R15: 0000000020000582
[ 1411.618810][T30807]
[ 1411.621816][T30808] CPU: 0 PID: 30808 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1411.632778][T30808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1411.642841][T30808] Call Trace:
[ 1411.646187][T30808]
[ 1411.649121][T30808] dump_stack_lvl+0xd6/0x130
[ 1411.653770][T30808] dump_stack+0x11/0x20
[ 1411.657927][T30808] should_fail_ex+0x224/0x230
[ 1411.662069][T30810] loop4: detected capacity change from 0 to 512
[ 1411.662596][T30808] __should_failslab+0x8c/0x90
[ 1411.673642][T30808] ? vm_area_alloc+0x28/0x90
[ 1411.678320][T30808] should_failslab+0x5/0x20
[ 1411.682829][T30808] kmem_cache_alloc+0x46/0x2f0
[ 1411.687790][T30808] vm_area_alloc+0x28/0x90
[ 1411.692280][T30808] mmap_region+0x845/0x13b0
[ 1411.694272][T30810] EXT4-fs: Ignoring removed nobh option
[ 1411.696831][T30808] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1411.696859][T30808] ? security_mmap_addr+0x78/0x90
[ 1411.703894][T30798] EXT4-fs (loop1): Remounting filesystem read-only
[ 1411.708619][T30808] ? get_unmapped_area+0x247/0x270
[ 1411.708648][T30808] do_mmap+0x66d/0xa40
[ 1411.729426][T30808] vm_mmap_pgoff+0x117/0x1f0
[ 1411.734029][T30808] ksys_mmap_pgoff+0xc2/0x320
[ 1411.738717][T30808] ? fpregs_assert_state_consistent+0x7e/0x90
[ 1411.741080][T30810] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1411.744820][T30808] do_syscall_64+0x2b/0x70
[ 1411.758131][T30798] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1411.760694][T30808] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1411.780905][T30808] RIP: 0033:0x7fc7bd7740f2
[ 1411.785325][T30808] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64
[ 1411.789195][T30810] EXT4-fs (loop4): Remounting filesystem read-only
[ 1411.804985][T30808] RSP: 002b:00007fc7bcac5f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1411.805011][T30808] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00007fc7bd7740f2
[ 1411.805022][T30808] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[ 1411.805034][T30808] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1411.813186][T30798] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1098: group 0,
[ 1411.819931][T30808] R10: 0000000000000022 R11: 0000000000000246 R12: 00000000000004a4
07:33:16 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 11)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:16 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 9)
[ 1411.819944][T30808] R13: 00007fc7bcac5fdc R14: 00007fc7bcac5fe0 R15: 0000000020000582
[ 1411.820024][T30808]
[ 1411.838289][T30812] loop0: detected capacity change from 0 to 512
[ 1411.844127][T30798] block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1411.853076][T30812] EXT4-fs: Ignoring removed nobh option
[ 1411.894272][T30810] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:33:16 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrEjkcgiAaFQokj0iBKJv4AKGgRUSLTQo0gRckOgOrR3u/b5ccaPcy5kfz9pk5nbOc98uzt3szN7AZRWNfsnidgbEb9FxEAzu7xAtfnfzYX5ib8X5ieSqNff/jNplPtrYX6iKFq8b0+eGUoj0k+TOLRGvbMXL50Zr9Wmzuf5kbmzH4zMXrz03PTZ8dNTp6fOjZ04cfzY6IsvjD3fkTj7s7Ye/Gjm8IHX37325sTJa+/99E3W3r35/tY4OqUa1eXHssWTna6sy/pb0klPFxvCplQiIjtdvY3+PxCVWDp5A/HaJ11tHLCj6vV6fVf73RfqwB0siW63AOiO4os+u/8ttls09Lgt3Hi5eQOUxX0z35p7eiLNy/SuuL/tpGpEnLzyz5fZFjs0DwEA0Oq7bPzz7FrjvzQeaCl3T742NBgR90bEvoi4LyL2R8T9EY2yD0bEQ5usv7oiv3r8k17fUmAblI3/XsrXtpaP/4rRXwxW8lx/I/7e5NR0bepofkyGondXlh9dp47vX/3183b7Wsd/2ZbVX4wF83Zc71kxQTc5Pje+nZhb3fi4MQd4eXX8yeJKQBIRByLi4Bb+fnbMpp/++nC7/f8d/zo6sM5U/yriqeb5vxIr4i8k669PjtwVtamjI8VVsdrPv1x9q13924q/A7Lzv3vN638x/sGkdb12dvN1XP39s7b3NFu9/vuSdxrpvvy1D8fn5s6PRvQlb6x+fWzpvUW+KJ/FP3Rk7f6/L5aOxKGIyC7ihyPikYh4NG/7YxHxeEQcWSf+H1954v2tx7+zsvgnN3X+N5+onPnh23b1b+z8H2+khvJXNvL5t9EGbufYAQAAwP9F2ngGPkmHF9NpOjzcfIZ/f+xOazOzc8+cmrlwbrL5rPxg9KbFTNdAy3zoaD43XOTHVuSP5fPGX1TubuSHJ2Zqk90OHkpuT5v+n/mj0u3WATvO77WgvPR/KC/9H8pL/4fy0v+hvNbq/5e70A7g1vP9D+Wl/0N56f9QXvo/lNJ2ftcvUeZEpLdFMyR2KNHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+DcAAP//YHHp3w==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1411.895047][T30798] EXT4-fs (loop1): 1 truncate cleaned up
[ 1411.910508][T30812] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (48897!=33349)
[ 1411.914284][T30798] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1411.936105][T30812] EXT4-fs (loop0): group descriptors corrupted!
07:33:16 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 9)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1411.946776][T30810] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1412.581637][T30819] FAULT_INJECTION: forcing a failure.
[ 1412.581637][T30819] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1412.594882][T30819] CPU: 1 PID: 30819 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1412.605813][T30819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1412.615934][T30819] Call Trace:
[ 1412.619210][T30819]
[ 1412.622134][T30819] dump_stack_lvl+0xd6/0x130
[ 1412.626769][T30819] dump_stack+0x11/0x20
[ 1412.630942][T30819] should_fail_ex+0x224/0x230
[ 1412.635634][T30819] __alloc_pages+0x10a/0x340
[ 1412.640236][T30819] alloc_pages+0x3f1/0x4f0
[ 1412.644724][T30819] get_zeroed_page+0x13/0x40
[ 1412.649317][T30819] mon_bin_open+0x1ba/0x3c0
[ 1412.653859][T30819] chrdev_open+0x362/0x3d0
[ 1412.658288][T30819] ? cd_forget+0xe0/0xe0
[ 1412.662570][T30819] do_dentry_open+0x59a/0x910
[ 1412.667257][T30819] vfs_open+0x43/0x50
[ 1412.670132][T30818] FAULT_INJECTION: forcing a failure.
[ 1412.670132][T30818] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1412.671239][T30819] path_openat+0x16b8/0x1b60
[ 1412.689009][T30819] ? _parse_integer_limit+0x16f/0x190
[ 1412.694389][T30819] do_filp_open+0x105/0x220
[ 1412.698918][T30819] do_sys_openat2+0xb5/0x2a0
[ 1412.703508][T30819] ? mutex_lock+0x9/0x30
[ 1412.707826][T30819] ? fput+0x2c/0x130
[ 1412.711709][T30819] __x64_sys_openat+0xef/0x110
[ 1412.716472][T30819] do_syscall_64+0x2b/0x70
[ 1412.720877][T30819] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1412.726859][T30819] RIP: 0033:0x7f53668d4234
[ 1412.731281][T30819] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1412.750983][T30819] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1412.759393][T30819] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1412.767371][T30819] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1412.775336][T30819] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1412.783492][T30819] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1412.791576][T30819] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1412.799575][T30819]
[ 1412.802582][T30818] CPU: 0 PID: 30818 Comm: syz-executor.5 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1412.813520][T30818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1412.823583][T30818] Call Trace:
[ 1412.826851][T30818]
[ 1412.829779][T30818] dump_stack_lvl+0xd6/0x130
[ 1412.834359][T30818] dump_stack+0x11/0x20
[ 1412.838498][T30818] should_fail_ex+0x224/0x230
[ 1412.843183][T30818] __alloc_pages+0x10a/0x340
[ 1412.847808][T30818] alloc_pages+0x3f1/0x4f0
[ 1412.852223][T30818] ? mmap_region+0x1145/0x13b0
[ 1412.857050][T30818] pte_alloc_one+0x29/0xb0
[ 1412.861509][T30818] __pte_alloc+0x2f/0x1f0
[ 1412.865860][T30818] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1412.872170][T30818] do_anonymous_page+0x763/0x9c0
[ 1412.877124][T30818] handle_mm_fault+0x8dc/0xb20
[ 1412.881881][T30818] do_user_addr_fault+0x4a1/0x980
[ 1412.886916][T30818] exc_page_fault+0x60/0x160
[ 1412.891498][T30818] asm_exc_page_fault+0x22/0x30
[ 1412.896389][T30818] RIP: 0033:0x7f503d14b197
[ 1412.900846][T30818] Code: 78 48 63 d5 48 01 c2 49 3b 55 08 77 56 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c1 77 1c 49 8b 75 00 49 89 c1 49 29 c9 <46> 0f b6 0c 0e 45 84 c9 74 08 44 88 0c 06 49 8b 45 10 48 83 c0 01
[ 1412.920544][T30818] RSP: 002b:00007f503c4ff600 EFLAGS: 00010246
[ 1412.926629][T30818] RAX: 0000000000000001 RBX: 00007f503c4ff660 RCX: 0000000000000001
[ 1412.934682][T30818] RDX: 0000000000000101 RSI: 00007f50340e0000 RDI: 00007f503c4ff700
[ 1412.942678][T30818] RBP: 0000000000000102 R08: 0000000000000000 R09: 0000000000000000
[ 1412.950669][T30818] R10: 0000000000000000 R11: 00007f503c4ff670 R12: 00007f503c4ff670
[ 1412.958714][T30818] R13: 00007f503c4ff700 R14: 0000000000000001 R15: 0000000000000000
[ 1412.966676][T30818]
[ 1412.969707][T30818] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
07:33:17 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 10)
[ 1412.979770][T30818] loop5: detected capacity change from 0 to 512
[ 1412.990952][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1413.003595][T30810] EXT4-fs (loop4): 1 truncate cleaned up
[ 1413.009250][T30810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1413.035556][T30818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1413.046782][T30827] loop1: detected capacity change from 0 to 512
[ 1413.047863][T30818] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2961/file0 supports timestamps until 2038 (0x7fffffff)
[ 1413.054822][T30827] EXT4-fs: Ignoring removed nobh option
07:33:18 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiIVEiSiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWzRvw38625pyfSvEzvqvvbTqpGxOmFvz7PttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+hcRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//9gi6n4=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:18 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRUECPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfX9l1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT93Oj/A1GJ5ZM3EC992NXGAbuqXq/X97TfvVAH/sOS6HYLgO4ovuiz+99iu0VDj9vCjeebN0BZ3DfzrbmnJ9K8TO+q+9tOqkbE6YW/Psu22KV5CACAVl9n458n1xv/pXFPS7k78rWhwYi4MyIORMRdEXEwIu6OaJS9NyLu22L91VX5teOf9Pq2AtukbPz3XL62tXL8V4z+YrCS5/ob8fcmZ6ZrU8fzYzIUvXuy/OgGdXzz4k+ftNvXOv7Ltqz+YiyYt+N6z6oJusnxufGdxNzqxgeNOcAra+NPllYCkog4FBGHt/H3s2M2/fgXR9vt/+f4N9CBdab65xGPNc//QqyKv5BsvD458r+oTR0fKa6KtX748epr7erfUfwdkJ3/vete/0vxDyat67WzW6/j6q8ft72n2e7135e80Uj35a+9Nz43d3E0oi95Ze3rY8vvLfJF+Sz+oWPr9/8DsXwkjkREdhHfHxEPRMSDedsfioiHI+LYBvF/98Ijb28//t2VxT+5pfO/9UTl3Ldftat/c+f/ZCM1lL+ymc+/zTZwJ8cOAAAA/i3SxjPwSTq8lE7T4eHmM/wHY29am5mde+LMzLsXJpvPyg9Gb1rMdA20zIeO5nPDRX5sVf5EPm/8aeX/jfzwxExtstvBQ8nta9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcer7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZfwcAAP//cCPqvQ==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1414.147421][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1414.156830][T30827] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1414.169190][T30827] EXT4-fs (loop1): Remounting filesystem read-only
[ 1414.170264][T30832] loop0: detected capacity change from 0 to 512
[ 1414.177208][T30827] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1414.183282][T30832] EXT4-fs: Ignoring removed nobh option
[ 1414.759500][T30828] FAULT_INJECTION: forcing a failure.
[ 1414.759500][T30828] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1414.772767][T30828] CPU: 1 PID: 30828 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1414.783725][T30828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1414.793780][T30828] Call Trace:
[ 1414.797123][T30828]
[ 1414.800080][T30828] dump_stack_lvl+0xd6/0x130
[ 1414.804088][T30829] FAULT_INJECTION: forcing a failure.
[ 1414.804088][T30829] name failslab, interval 1, probability 0, space 0, times 0
[ 1414.804673][T30828] dump_stack+0x11/0x20
[ 1414.821406][T30828] should_fail_ex+0x224/0x230
[ 1414.826086][T30828] __alloc_pages+0x10a/0x340
[ 1414.830677][T30828] alloc_pages+0x3f1/0x4f0
[ 1414.835198][T30828] get_zeroed_page+0x13/0x40
[ 1414.839883][T30828] mon_bin_open+0x1ba/0x3c0
[ 1414.844394][T30828] chrdev_open+0x362/0x3d0
[ 1414.848805][T30828] ? cd_forget+0xe0/0xe0
[ 1414.853110][T30828] do_dentry_open+0x59a/0x910
[ 1414.857835][T30828] vfs_open+0x43/0x50
[ 1414.861913][T30828] path_openat+0x16b8/0x1b60
[ 1414.866532][T30828] ? _parse_integer_limit+0x16f/0x190
[ 1414.871975][T30828] do_filp_open+0x105/0x220
[ 1414.876479][T30828] do_sys_openat2+0xb5/0x2a0
[ 1414.881089][T30828] ? mutex_lock+0x9/0x30
[ 1414.885321][T30828] ? fput+0x2c/0x130
[ 1414.889260][T30828] __x64_sys_openat+0xef/0x110
[ 1414.894019][T30828] do_syscall_64+0x2b/0x70
[ 1414.898422][T30828] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1414.904309][T30828] RIP: 0033:0x7f53668d4234
[ 1414.908731][T30828] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1414.928328][T30828] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1414.936785][T30828] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1414.944778][T30828] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1414.952739][T30828] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1414.960698][T30828] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1414.968656][T30828] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1414.976619][T30828]
[ 1414.979655][T30829] CPU: 0 PID: 30829 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1414.990663][T30829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1415.000706][T30829] Call Trace:
[ 1415.003976][T30829]
[ 1415.006896][T30829] dump_stack_lvl+0xd6/0x130
[ 1415.011506][T30829] dump_stack+0x11/0x20
[ 1415.015647][T30829] should_fail_ex+0x224/0x230
[ 1415.020318][T30829] __should_failslab+0x8c/0x90
[ 1415.025075][T30829] ? mas_alloc_nodes+0x18d/0x410
[ 1415.030064][T30829] should_failslab+0x5/0x20
[ 1415.034615][T30829] kmem_cache_alloc+0x46/0x2f0
[ 1415.039378][T30829] mas_alloc_nodes+0x18d/0x410
[ 1415.044133][T30829] ? kmem_cache_alloc+0x23f/0x2f0
[ 1415.049160][T30829] mas_preallocate+0xbf/0x1f0
[ 1415.053849][T30829] mmap_region+0xc42/0x13b0
[ 1415.058351][T30829] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1415.064596][T30829] ? security_mmap_addr+0x78/0x90
[ 1415.069666][T30829] ? get_unmapped_area+0x247/0x270
[ 1415.074929][T30829] do_mmap+0x66d/0xa40
[ 1415.078995][T30829] vm_mmap_pgoff+0x117/0x1f0
[ 1415.083619][T30829] ksys_mmap_pgoff+0xc2/0x320
[ 1415.088496][T30829] ? fpregs_assert_state_consistent+0x7e/0x90
[ 1415.094560][T30829] do_syscall_64+0x2b/0x70
[ 1415.099010][T30829] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1415.104898][T30829] RIP: 0033:0x7fc7bd7740f2
[ 1415.109369][T30829] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64
[ 1415.128988][T30829] RSP: 002b:00007fc7bcac5f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1415.137389][T30829] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00007fc7bd7740f2
[ 1415.145345][T30829] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[ 1415.153305][T30829] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
07:33:19 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 11)
[ 1415.161288][T30829] R10: 0000000000000022 R11: 0000000000000246 R12: 00000000000004a4
[ 1415.169247][T30829] R13: 00007fc7bcac5fdc R14: 00007fc7bcac5fe0 R15: 0000000020000582
[ 1415.177212][T30829]
[ 1415.184600][T30827] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[ 1415.196180][T30832] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (19076!=33349)
[ 1415.206732][T30827] EXT4-fs (loop1): 1 truncate cleaned up
[ 1415.208654][T30832] EXT4-fs (loop0): group descriptors corrupted!
[ 1415.214287][T30827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1415.235749][T30835] loop4: detected capacity change from 0 to 512
[ 1415.242879][T30835] EXT4-fs: Ignoring removed nobh option
07:33:19 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrFBJLJIQCiUKBI9okTiL6CCBgEVEi30KFKE3BCoDu3drn1+nPHjnAvZ30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZGxG8RMdDMLi9Qbf53Y2F+4u+F+Ykk6vU3/0wa5f5amJ8oihbv25NnhtKI9NMkDq1R7+yFi2fGa7Wp83l+ZO7seyOzFy4+M312/PTU6alzYydOHD82+vxzY892JM7+rK0HP5o5fODVt6++PnHy6js/fZO1d2++vzWOTqlGdfmxbPF4pyvrsv6WdNLTxYawKZWIyE5Xb6P/D0Qllk7eQLzySVcbB+yoer1e39V+9wd14DaWRLdbAHRH8UWf3f8W200aetwSrr/YvAHK4r6Rb809PZHmZXpX3N92UjUiTl7+58tsix2ahwAAaPVdNv55eq3xXxr3tZS7K18bGoyIuyNiX0TcExH7I+LeiEbZ+yPigU3WX12RXz3+Sa9tKbANysZ/L+RrW8vHf8XoLwYrea6/EX9vcmq6NnU0PyZD0bsry4+uU8f3L//6ebt9reO/bMvqL8aCeTuu9ayYoJscnxvfTsytrn/cmAO8tDr+ZHElIImIAxFxcAt/Pztm009+fbjd/v+Ofx0dWGeqfxXxRPP8X44V8ReS9dcnR+6I2tTRkeKqWO3nX6680a7+bcXfAdn5373m9b8Y/2DSul47u/k6rvz+Wdt7mq1e/33JW410X/7ah+Nzc+dHI/qS11a/Prb03iJflM/iHzqydv/fF0tH4lBEZBfxgxHxUEQ8nLf9kYh4NCKOrBP/jy899u7W499ZWfyTmzr/m09Uzvzwbbv6N3b+jzdSQ/krG/n822gDt3PsAAAA4P8ibTwDn6TDi+k0HR5uPsO/P3antZnZuadOzbx/brL5rPxg9KbFTNdAy3zoaD43XOTHVuSP5fPGX1TubOSHJ2Zqk90OHkpuT5v+n/mj0u3WATvO77WgvPR/KC/9H8pL/4fy0v+hvNbq/5e60A7g5vP9D+Wl/0N56f9QXvo/lNJ2ftcvUeZEpLdEMyR2KNHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+DcAAP//VI7p4A==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:19 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCFRIUGPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfX9l1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT93Oj/A1GJ5ZM3EC992NXGAbuqXq/X97TfvVAH/sOS6HYLgO4ovuiz+99iu0VDj9vCjeebN0BZ3DfzrbmnJ9K8TO+q+9tOqkbE6YW/Psu22KV5CACAVl9n458n1xv/pXFPS7k78rWhwYi4MyIORMRdEXEwIu6OaJS9NyLu22L91VX5teOf9Pq2AtukbPz3XL62tXL8V4z+YrCS5/ob8fcmZ6ZrU8fzYzIUvXuy/OgGdXzz4k+ftNvXOv7Ltqz+YiyYt+N6z6oJusnxufGdxNzqxgeNOcAra+NPllYCkog4FBGHt/H3s2M2/fgXR9vt/+f4N9CBdab65xGPNc//QqyKv5BsvD458r+oTR0fKa6KtX748epr7erfUfwdkJ3/vete/0vxDyat67WzW6/j6q8ft72n2e7135e80Uj35a+9Nz43d3E0oi95Ze3rY8vvLfJF+Sz+oWPr9/8DsXwkjkREdhHfHxEPRMSDedsfioiHI+LYBvF/98Ijb28//t2VxT+5pfO/9UTl3Ldftat/c+f/ZCM1lL+ymc+/zTZwJ8cOAAAA/i3SxjPwSTq8lE7T4eHmM/wHY29am5mde+LMzLsXJpvPyg9Gb1rMdA20zIeO5nPDRX5sVf5EPm/8aeX/jfzwxExtstvBQ8nta9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcer7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZfwcAAP//aFfqvg==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1415.257615][T30835] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1415.269929][T30835] EXT4-fs (loop4): Remounting filesystem read-only
[ 1415.278613][T30835] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1415.295665][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1415.313156][T30840] loop0: detected capacity change from 0 to 512
[ 1415.341333][T30835] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1415.356503][T30842] FAULT_INJECTION: forcing a failure.
[ 1415.356503][T30842] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1415.369821][T30842] CPU: 0 PID: 30842 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1415.380780][T30842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1415.390824][T30842] Call Trace:
[ 1415.394128][T30842]
[ 1415.397048][T30842] dump_stack_lvl+0xd6/0x130
[ 1415.401628][T30842] dump_stack+0x11/0x20
[ 1415.405831][T30842] should_fail_ex+0x224/0x230
[ 1415.410497][T30842] __alloc_pages+0x10a/0x340
[ 1415.415135][T30842] alloc_pages+0x3f1/0x4f0
[ 1415.419584][T30842] get_zeroed_page+0x13/0x40
[ 1415.424226][T30842] mon_bin_open+0x1ba/0x3c0
[ 1415.428726][T30842] chrdev_open+0x362/0x3d0
[ 1415.433137][T30842] ? cd_forget+0xe0/0xe0
[ 1415.437376][T30842] do_dentry_open+0x59a/0x910
[ 1415.442134][T30842] vfs_open+0x43/0x50
[ 1415.446229][T30842] path_openat+0x16b8/0x1b60
[ 1415.450858][T30842] ? _parse_integer_limit+0x16f/0x190
[ 1415.456227][T30842] do_filp_open+0x105/0x220
[ 1415.460727][T30842] do_sys_openat2+0xb5/0x2a0
[ 1415.465313][T30842] ? mutex_lock+0x9/0x30
[ 1415.469547][T30842] ? fput+0x2c/0x130
[ 1415.473531][T30842] __x64_sys_openat+0xef/0x110
[ 1415.478294][T30842] do_syscall_64+0x2b/0x70
[ 1415.482698][T30842] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1415.488647][T30842] RIP: 0033:0x7f53668d4234
[ 1415.493048][T30842] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1415.512709][T30842] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1415.521130][T30842] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1415.529105][T30842] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1415.537127][T30842] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1415.545154][T30842] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1415.553155][T30842] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1415.561171][T30842]
07:33:19 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 12)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:19 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiUdAhSiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWzRvw38625pyfSvEzvqvvbTqpGxOmFvz7PttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+hcRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//8NY6n8=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1415.572912][T30840] EXT4-fs: Ignoring removed nobh option
[ 1415.578985][T30840] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (34388!=33349)
[ 1415.588593][T30840] EXT4-fs (loop0): group descriptors corrupted!
[ 1415.595917][T30835] EXT4-fs (loop4): 1 truncate cleaned up
[ 1415.601589][T30835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:20 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 10)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1415.829372][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1415.841235][T30844] loop1: detected capacity change from 0 to 512
[ 1415.842313][T11133] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1415.848050][T30844] EXT4-fs: Ignoring removed nobh option
07:33:20 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRIehRpAi5IVAd2rtd+/w448c5F9jPR9pk5nbOM9/dnbvZmb0ASqua/ZNE7I+IXyJioJldWaDa/O/m4vzEn4vzE0nU66//njTK/bE4P1EULd63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t77/Mmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna6fG/1/ICqxfPIG4qUPu9o4YFfV6/X6nva7F+rAf1gS3W4B0B3FF312/1tst2jocVu48XzzBiiL+2a+Nff0RJqX6V11f9tJ1Yg4vfDXZ9kWuzQPAQDQ6uts/PPkeuO/NO5pKXdHvjY0GBF3RsSBiLgrIg5GxN0RjbL3RsR9W6y/uiq/dvyTXt9WYJuUjf+ey9e2Vo7/itFfDFbyXH8j/t7kzHRt6nh+TIaid0+WH92gjm9e/OmTdvtax3/ZltVfjAXzdlzvWTVBNzk+N76TmFvd+KAxB3hlbfzJ0kpAEhGHIuLwNv5+dsymH//iaLv9/xz/BjqwzlT/POKx5vlfiFXxF5KN1ydH/he1qeMjxVWx1g8/Xn2tXf07ir8DsvO/d93rfyn+waR1vXZ263Vc/fXjtvc0273++5I3Gum+/LX3xufmLo5G9CWvrH19bPm9Rb4on8U/dGz9/n8glo/EkYjILuL7I+KBiHgwb/tDEfFwRBzbIP7vXnjk7e3Hv7uy+Ce3dP63nqic+/ardvVv7vyfbKSG8lc28/m32Qbu5NgBAADAv0XaeAY+SYeX0mk6PNx8hv9g7E1rM7NzT5yZeffCZPNZ+cHoTYuZroGW+dDRfG64yI+typ/I540/rfy/kR+emKlNdjt4KLl9bfp/5rdKt1sH7Dq/14Ly0v+hvPR/KC/9H8pL/4fyWq//X+lCO4Bbz/c/lJf+D+Wl/0N56f9QSjv5Xb9EmROR3hbNkNilRLc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//YIvqvw==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1415.870449][T30844] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1415.876384][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1415.910508][T30844] EXT4-fs (loop1): Remounting filesystem read-only
[ 1415.922168][T30853] loop4: detected capacity change from 0 to 512
[ 1415.926667][T11133] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1415.929360][T30853] EXT4-fs: Ignoring removed nobh option
[ 1415.940082][T30852] loop0: detected capacity change from 0 to 512
[ 1417.145493][T30852] EXT4-fs: Ignoring removed nobh option
[ 1417.146236][T30844] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[ 1417.151502][T30852] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (37671!=33349)
[ 1417.168240][T30844] EXT4-fs (loop1): 1 truncate cleaned up
[ 1417.175140][T30852] EXT4-fs (loop0): group descriptors corrupted!
[ 1417.185344][T30853] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1417.187074][T30844] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1417.559730][T30854] FAULT_INJECTION: forcing a failure.
[ 1417.559730][T30854] name failslab, interval 1, probability 0, space 0, times 0
[ 1417.572380][T30854] CPU: 1 PID: 30854 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1417.583312][T30854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1417.593470][T30854] Call Trace:
[ 1417.596745][T30854]
[ 1417.599672][T30854] dump_stack_lvl+0xd6/0x130
[ 1417.604336][T30854] dump_stack+0x11/0x20
[ 1417.608494][T30854] should_fail_ex+0x224/0x230
[ 1417.613173][T30854] __should_failslab+0x8c/0x90
[ 1417.617971][T30854] should_failslab+0x5/0x20
[ 1417.622526][T30854] kmem_cache_alloc_bulk+0x3a/0x370
[ 1417.627782][T30854] ? mas_alloc_nodes+0x18d/0x410
[ 1417.632736][T30854] mas_alloc_nodes+0x2a0/0x410
[ 1417.637526][T30854] mas_preallocate+0xbf/0x1f0
[ 1417.642210][T30854] mmap_region+0xc42/0x13b0
[ 1417.646720][T30854] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1417.652973][T30854] ? security_mmap_addr+0x78/0x90
[ 1417.658058][T30854] ? get_unmapped_area+0x247/0x270
[ 1417.663181][T30854] do_mmap+0x66d/0xa40
[ 1417.667330][T30854] vm_mmap_pgoff+0x117/0x1f0
[ 1417.671928][T30854] ksys_mmap_pgoff+0xc2/0x320
[ 1417.676643][T30854] ? fpregs_assert_state_consistent+0x7e/0x90
[ 1417.682730][T30854] do_syscall_64+0x2b/0x70
[ 1417.687234][T30854] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1417.693194][T30854] RIP: 0033:0x7fc7bd7740f2
[ 1417.697613][T30854] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64
[ 1417.704126][T30855] FAULT_INJECTION: forcing a failure.
[ 1417.704126][T30855] name failslab, interval 1, probability 0, space 0, times 0
[ 1417.717224][T30854] RSP: 002b:00007fc7bcac5f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1417.717248][T30854] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00007fc7bd7740f2
[ 1417.746182][T30854] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[ 1417.754212][T30854] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1417.762169][T30854] R10: 0000000000000022 R11: 0000000000000246 R12: 00000000000004a4
[ 1417.770150][T30854] R13: 00007fc7bcac5fdc R14: 00007fc7bcac5fe0 R15: 0000000020000582
[ 1417.778128][T30854]
[ 1417.781135][T30855] CPU: 0 PID: 30855 Comm: syz-executor.5 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1417.792101][T30855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1417.802160][T30855] Call Trace:
[ 1417.805436][T30855]
07:33:22 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 12)
[ 1417.808396][T30855] dump_stack_lvl+0xd6/0x130
[ 1417.813014][T30855] dump_stack+0x11/0x20
[ 1417.817176][T30855] should_fail_ex+0x224/0x230
[ 1417.822017][T30855] __should_failslab+0x8c/0x90
[ 1417.826798][T30855] ? __anon_vma_prepare+0x44/0x2c0
[ 1417.831919][T30855] should_failslab+0x5/0x20
[ 1417.834240][T30853] EXT4-fs (loop4): Remounting filesystem read-only
[ 1417.836415][T30855] kmem_cache_alloc+0x46/0x2f0
[ 1417.836443][T30855] __anon_vma_prepare+0x44/0x2c0
[ 1417.836461][T30855] wp_page_copy+0xb65/0x1710
[ 1417.836480][T30855] ? __mod_lruvec_page_state+0x107/0x1c0
[ 1417.845420][T30853] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0,
[ 1417.847726][T30855] ? pte_alloc_one+0x8c/0xb0
[ 1417.852663][T30853] inode 13:
[ 1417.857211][T30855] ? preempt_count_add+0x5e/0xa0
[ 1417.857241][T30855] ? preempt_count_add+0x5e/0xa0
[ 1417.862855][T30853] block 100:
[ 1417.870366][T30855] do_wp_page+0x22a/0x640
[ 1417.870387][T30855] handle_mm_fault+0x644/0xb20
[ 1417.870407][T30855] do_user_addr_fault+0x4a1/0x980
[ 1417.874979][T30853] freeing already freed block (bit 99); block bitmap corrupt.
[ 1417.913158][T30855] exc_page_fault+0x60/0x160
[ 1417.917798][T30855] asm_exc_page_fault+0x22/0x30
[ 1417.922739][T30855] RIP: 0033:0x7f503d14b0c0
[ 1417.927156][T30855] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1417.946919][T30855] RSP: 002b:00007f503c4ff600 EFLAGS: 00010202
[ 1417.952983][T30855] RAX: 0000000000000400 RBX: 00007f503c4ff660 RCX: 0000000000000008
[ 1417.960985][T30855] RDX: 00007f50340e0000 RSI: 0000000000000001 RDI: 00007f503c4ff700
[ 1417.969564][T30855] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c6
[ 1417.977534][T30855] R10: 0000000000000010 R11: 00007f503c4ff660 R12: 00007f503c4ff670
[ 1417.985504][T30855] R13: 00007f503c4ff700 R14: 0000000000000001 R15: 0000000000000020
[ 1417.993564][T30855]
[ 1417.996625][T30855] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1418.006724][T30855] loop5: detected capacity change from 0 to 512
[ 1418.017181][T30861] FAULT_INJECTION: forcing a failure.
[ 1418.017181][T30861] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1418.030419][T30861] CPU: 0 PID: 30861 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1418.041362][T30861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1418.051446][T30861] Call Trace:
[ 1418.054739][T30861]
[ 1418.057687][T30861] dump_stack_lvl+0xd6/0x130
[ 1418.062270][T30861] dump_stack+0x11/0x20
[ 1418.066506][T30861] should_fail_ex+0x224/0x230
[ 1418.071189][T30861] __alloc_pages+0x10a/0x340
[ 1418.075872][T30861] alloc_pages+0x3f1/0x4f0
[ 1418.080307][T30861] get_zeroed_page+0x13/0x40
[ 1418.084948][T30861] mon_bin_open+0x1ba/0x3c0
[ 1418.089452][T30861] chrdev_open+0x362/0x3d0
[ 1418.093873][T30861] ? cd_forget+0xe0/0xe0
[ 1418.098228][T30861] do_dentry_open+0x59a/0x910
[ 1418.102901][T30861] vfs_open+0x43/0x50
[ 1418.106899][T30861] path_openat+0x16b8/0x1b60
[ 1418.111574][T30861] ? _parse_integer_limit+0x16f/0x190
[ 1418.117024][T30861] do_filp_open+0x105/0x220
[ 1418.121522][T30861] do_sys_openat2+0xb5/0x2a0
[ 1418.126209][T30861] ? mutex_lock+0x9/0x30
[ 1418.130440][T30861] ? fput+0x2c/0x130
[ 1418.134359][T30861] __x64_sys_openat+0xef/0x110
[ 1418.139237][T30861] do_syscall_64+0x2b/0x70
[ 1418.143726][T30861] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1418.149612][T30861] RIP: 0033:0x7f53668d4234
[ 1418.154013][T30861] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1418.173612][T30861] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1418.182099][T30861] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1418.190056][T30861] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1418.198109][T30861] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
07:33:22 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 11)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1418.206148][T30861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1418.214125][T30861] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1418.222164][T30861]
[ 1418.266631][T30853] EXT4-fs (loop4): 1 truncate cleaned up
[ 1418.272429][T30853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1418.716315][T30866] FAULT_INJECTION: forcing a failure.
[ 1418.716315][T30866] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1418.729617][T30866] CPU: 1 PID: 30866 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1418.740600][T30866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1418.750642][T30866] Call Trace:
[ 1418.753907][T30866]
[ 1418.756825][T30866] dump_stack_lvl+0xd6/0x130
[ 1418.761448][T30866] dump_stack+0x11/0x20
[ 1418.765610][T30866] should_fail_ex+0x224/0x230
[ 1418.770285][T30866] __alloc_pages+0x10a/0x340
[ 1418.774911][T30866] alloc_pages+0x3f1/0x4f0
[ 1418.779315][T30866] ? mmap_region+0x1145/0x13b0
[ 1418.784070][T30866] pte_alloc_one+0x29/0xb0
[ 1418.788539][T30866] __pte_alloc+0x2f/0x1f0
[ 1418.792922][T30866] ? arch_get_unmapped_area_topdown+0x20c/0x260
[ 1418.799327][T30866] do_anonymous_page+0x763/0x9c0
[ 1418.804327][T30866] handle_mm_fault+0x8dc/0xb20
[ 1418.809123][T30866] do_user_addr_fault+0x4a1/0x980
[ 1418.814139][T30866] ? switch_fpu_return+0x83/0x190
[ 1418.819227][T30866] exc_page_fault+0x60/0x160
[ 1418.823887][T30866] asm_exc_page_fault+0x22/0x30
[ 1418.828818][T30866] RIP: 0033:0x7fc7bd711197
[ 1418.833225][T30866] Code: 78 48 63 d5 48 01 c2 49 3b 55 08 77 56 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c1 77 1c 49 8b 75 00 49 89 c1 49 29 c9 <46> 0f b6 0c 0e 45 84 c9 74 08 44 88 0c 06 49 8b 45 10 48 83 c0 01
[ 1418.852890][T30866] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010246
[ 1418.858956][T30866] RAX: 0000000000000001 RBX: 00007fc7bcaa4660 RCX: 0000000000000001
[ 1418.866989][T30866] RDX: 0000000000000101 RSI: 00007fc7b4685000 RDI: 00007fc7bcaa4700
[ 1418.874998][T30866] RBP: 0000000000000102 R08: 0000000000000000 R09: 0000000000000000
[ 1418.882962][T30866] R10: 0000000000000000 R11: 00007fc7bcaa4670 R12: 00007fc7bcaa4670
[ 1418.890921][T30866] R13: 00007fc7bcaa4700 R14: 0000000000000001 R15: 0000000000000000
[ 1418.898971][T30866]
[ 1418.902016][T30866] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
07:33:23 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 13)
07:33:23 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1418.918384][T30866] loop2: detected capacity change from 0 to 512
[ 1418.941944][T30855] EXT4-fs warning (device loop5): ext4_multi_mount_protect:380: Unable to create kmmpd thread for loop5.
07:33:23 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrERJLJIQCiUKBI9okTiL6CCBgEVEi30KFKE3BCoDu3drn1+nPHjnAvZ30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZGxG8RMdDMLi9Qbf53Y2F+4u+F+Ykk6vU3/0wa5f5amJ8oihbv25NnhtKI9NMkDq1R7+yFi2fGa7Wp83l+ZO7seyOzFy4+M312/PTU6alzYydOHD82+vxzY892JM7+rK0HP5o5fODVt6++PnHy6js/fZO1d2++vzWOTqlGdfmxbPF4pyvrsv6WdNLTxYawKZWIyE5Xb6P/D0Qllk7eQLzySVcbB+yoer1e39V+9wd14DaWRLdbAHRH8UWf3f8W200aetwSrr/YvAHK4r6Rb809PZHmZXpX3N92UjUiTl7+58tsix2ahwAAaPVdNv55eq3xXxr3tZS7K18bGoyIuyNiX0TcExH7I+LeiEbZ+yPigU3WX12RXz3+Sa9tKbANysZ/L+RrW8vHf8XoLwYrea6/EX9vcmq6NnU0PyZD0bsry4+uU8f3L//6ebt9reO/bMvqL8aCeTuu9ayYoJscnxvfTsytrn/cmAO8tDr+ZHElIImIAxFxcAt/Pztm009+fbjd/v+Ofx0dWGeqfxXxRPP8X44V8ReS9dcnR+6I2tTRkeKqWO3nX6680a7+bcXfAdn5373m9b8Y/2DSul47u/k6rvz+Wdt7mq1e/33JW410X/7ah+Nzc+dHI/qS11a/Prb03iJflM/iHzqydv/fF0tH4lBEZBfxgxHxUEQ8nLf9kYh4NCKOrBP/jy899u7W499ZWfyTmzr/m09Uzvzwbbv6N3b+jzdSQ/krG/n822gDt3PsAAAA4P8ibTwDn6TDi+k0HR5uPsO/P3antZnZuadOzbx/brL5rPxg9KbFTNdAy3zoaD43XOTHVuSP5fPGX1TubOSHJ2Zqk90OHkpuT5v+n/mj0u3WATvO77WgvPR/KC/9H8pL/4fy0v+hvNbq/5e60A7g5vP9D+Wl/0N56f9QXvo/lNJ2ftcvUeZEpLdEMyR2KNHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+DcAAP//SKvp4Q==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:23 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIaJyuJOv/A1GJ5ZM3EK983M22AburXq/X97TfvVAH/seS6HYLgO4ovuiz+99iu0VDj9vCjRebN0BZ3DfzrbmnJ9K8TO+q+9tOqkbE6YW/v8i22KV5CACAVt9m45+n1xv/pXFfS7m78rWhwYi4OyIORMQ9EXEwIu6NaJS9PyIe2GL91VX5teOf9Pq2AtukbPz3Qr62tXL8V4z+YrCS5/ob8fcmZ6ZrU8fzYzIUvXuy/OgGdXz38i+ftdvXOv7Ltqz+YiyYt+N6z6oJusnxufGdxNzqxkeNOcAra+NPllYCkog4FBGHt/H3s2M2/eRXR9vt//f4N9CBdab6lxFPNM//QqyKv5BsvD45ckfUpo6PFFfFWj/9fPWNdvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9bdP297TbPf670veaqT78tc+GJ+buzga0Ze8tvb1seX3FvmifBb/0LH1+/+BWD4SRyIiu4gfjIiHIuLhvO2PRMSjEXFsg/h/eOmxd7cf/+7K4p/c0vnfeqJy7vtv2tW/ufN/spEayl/ZzOffZhu4k2MHAAAA/xVp4xn4JB1eSqfp8HDzGf6DsTetzczOPXVm5v0Lk81n5QejNy1mugZa5kNH87nhIj+2Kn8inzf+vHJnIz88MVOb7HbwUHL72vT/zO+VbrcO2HV+rwXlpf9Deen/UF76P5SX/g/ltV7/v9KFdgC3nu9/KC/9H8pL/4fy0v+hlHbyu36JMicivS2aIbFLiW5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTGPwEAAP///NDp5g==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1418.981902][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1419.074736][T30866] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1419.087390][T30866] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2986/file0 supports timestamps until 2038 (0x7fffffff)
[ 1419.125243][T30872] loop0: detected capacity change from 0 to 512
[ 1419.133409][T30872] EXT4-fs: Ignoring removed nobh option
[ 1419.139677][T30872] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 256)!
[ 1419.149897][T30872] EXT4-fs (loop0): group descriptors corrupted!
[ 1419.157600][T30874] FAULT_INJECTION: forcing a failure.
[ 1419.157600][T30874] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1419.170993][T30874] CPU: 0 PID: 30874 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1419.181946][T30874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1419.192025][T30874] Call Trace:
[ 1419.195292][T30874]
[ 1419.198281][T30874] dump_stack_lvl+0xd6/0x130
[ 1419.202876][T30874] dump_stack+0x11/0x20
[ 1419.207096][T30874] should_fail_ex+0x224/0x230
[ 1419.211797][T30874] __alloc_pages+0x10a/0x340
[ 1419.216390][T30874] alloc_pages+0x3f1/0x4f0
[ 1419.220806][T30874] get_zeroed_page+0x13/0x40
[ 1419.225430][T30874] mon_bin_open+0x1ba/0x3c0
[ 1419.229941][T30874] chrdev_open+0x362/0x3d0
[ 1419.234351][T30874] ? cd_forget+0xe0/0xe0
[ 1419.238705][T30874] do_dentry_open+0x59a/0x910
[ 1419.243469][T30874] vfs_open+0x43/0x50
[ 1419.247528][T30874] path_openat+0x16b8/0x1b60
[ 1419.252114][T30874] ? _parse_integer_limit+0x16f/0x190
[ 1419.257482][T30874] do_filp_open+0x105/0x220
[ 1419.262026][T30874] do_sys_openat2+0xb5/0x2a0
[ 1419.266685][T30874] ? mutex_lock+0x9/0x30
[ 1419.271180][T30874] ? fput+0x2c/0x130
[ 1419.275151][T30874] __x64_sys_openat+0xef/0x110
[ 1419.279961][T30874] do_syscall_64+0x2b/0x70
[ 1419.284387][T30874] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1419.295331][T30874] RIP: 0033:0x7f53668d4234
[ 1419.299873][T30874] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1419.319993][T30874] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1419.328440][T30874] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1419.336400][T30874] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1419.344363][T30874] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1419.352338][T30874] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1419.360319][T30874] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1419.368287][T30874]
07:33:23 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 12)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1419.410972][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:23 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiQsnxBGJv4ATXBBwQuIKd1SpQrlQOBmtvZs4D4c8nLqwn4+0zox3nJnv7o49nlkHUFrV7CGJ2B8Rv0TEQDO7skC1+efm4vzEn4vzE0nU66//njTK/bE4P1EULV63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxQZ99/y22WzT0uC3ceD57/KwR/818a+7piTQv07vq+20nVSPi9MJfn2db7NI8BABAq2+y8c+T643/0rinpdwd+drQYETcGREHIuKuiDgYEXdHNMreGxH3bbH+6qr82vFPen1bgW1SNv57Ll/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr598edP2u1rHf9lW1Z/MRbM23G9Z9UE3eT43PhOYm5144PGHOCVtfEnSysBSUQciojD2/j/2TGbfvzLo+32/3P8G+jAOlP9i4jHmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPW1dvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9deP236n2e7135e80Uj35c+9Nz43d3E0oi95Ze3zY8uvLfJF+Sz+oWPr9/8DsXwkjkREdhHfHxEPRMSDedsfioiHI+LYBvF//8Ijb28//t2VxT+5pfO/9UTl3Hdft6t/c+f/ZCM1lD+zmfe/zTZwJ8cOAAAA/i3Sxj3wSTq8lE7T4eHmPfwHY29am5mde+LMzLsXJpv3yg9Gb1rMdA20zIeO5nPDRX5sVf5EPm/8aeX/jfzwxExtstvBQ8nta9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcej7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZfwcAAP//w1fqfw==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1419.474585][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:23 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIaJyuwaz/D0Qllk/eQLzycTfbBuyuer1e39N+90Id+B9LotstALqj+KLP7n+L7RYNPW4LN15s3gBlcd/Mt+aenkjzMr2r7m87qRoRpxf+/iLbYpfmIQAAWn2bjX+eXm/8l8Z9LeXuyteGBiPi7og4EBH3RMTBiLg3olH2/oh4YIv1V1fl145/0uvbCmyTsvHfC/na1srxXzH6i8FKnutvxN+bnJmuTR3Pj8lQ9O7J8qMb1PHdy7981m5f6/gv27L6i7Fg3o7rPasm6CbH58Z3EnOrGx815gCvrI0/WVoJSCLiUEQc3sbfz47Z9JNfHW23/9/j30AH1pnqX0Y80Tz/C7Eq/kKy8frkyB1Rmzo+UlwVa/3089U32tW/o/g7IDv/e9e9/pfiH0xa12tnt17H1d8+bXtPs93rvy95q5Huy1/7YHxu7uJoRF/y2trXx5bfW+SL8ln8Q8fW7/8HYvlIHImI7CJ+MCIeioiH87Y/EhGPRsSxDeL/4aXH3t1+/Lsri39yS+d/64nKue+/aVf/5s7/yUZqKH9lM59/m23gTo4dAAAA/FekjWfgk3R4KZ2mw8PNZ/gPxt60NjM799SZmfcvTDaflR+M3rSY6RpomQ8dzeeGi/zYqvyJfN7488qdjfzwxExtstvBQ8nta9P/M79Xut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcer7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZ/wQAAP//h83p9Q==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1419.640676][T30876] loop1: detected capacity change from 0 to 512
[ 1419.644360][ T9929] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1419.647731][T30876] EXT4-fs: Ignoring removed nobh option
[ 1419.665068][T11133] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1419.691546][T30876] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1419.692516][T30883] loop0: detected capacity change from 0 to 512
[ 1419.709606][T30876] EXT4-fs (loop1): Remounting filesystem read-only
[ 1419.712882][T30883] EXT4-fs: Ignoring removed nobh option
[ 1419.720208][T30876] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 215 vs 220 free clusters
[ 1419.726626][T30883] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 4096)!
[ 1419.748976][T30883] EXT4-fs (loop0): group descriptors corrupted!
[ 1421.152735][T30876] EXT4-fs (loop1): 1 truncate cleaned up
[ 1421.158483][T30876] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1421.159568][T30888] loop4: detected capacity change from 0 to 512
[ 1421.177605][T30888] EXT4-fs: Ignoring removed nobh option
[ 1421.185635][T30888] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1421.272079][T30885] FAULT_INJECTION: forcing a failure.
[ 1421.272079][T30885] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.284723][T30885] CPU: 1 PID: 30885 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1421.295658][T30885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1421.305722][T30885] Call Trace:
[ 1421.309008][T30885]
[ 1421.312020][T30885] dump_stack_lvl+0xd6/0x130
[ 1421.316623][T30885] dump_stack+0x11/0x20
[ 1421.320827][T30885] should_fail_ex+0x224/0x230
[ 1421.325546][T30885] __should_failslab+0x8c/0x90
[ 1421.330340][T30885] ? __anon_vma_prepare+0x44/0x2c0
[ 1421.335451][T30885] should_failslab+0x5/0x20
[ 1421.340043][T30885] kmem_cache_alloc+0x46/0x2f0
[ 1421.344817][T30885] __anon_vma_prepare+0x44/0x2c0
[ 1421.349751][T30885] wp_page_copy+0xb65/0x1710
[ 1421.354342][T30885] ? __mod_lruvec_page_state+0x107/0x1c0
[ 1421.359980][T30885] ? pte_alloc_one+0x8c/0xb0
[ 1421.364582][T30885] ? preempt_count_add+0x5e/0xa0
[ 1421.369578][T30885] ? preempt_count_add+0x5e/0xa0
[ 1421.374529][T30885] do_wp_page+0x22a/0x640
[ 1421.378911][T30885] handle_mm_fault+0x644/0xb20
[ 1421.383677][T30885] do_user_addr_fault+0x4a1/0x980
[ 1421.388793][T30885] exc_page_fault+0x60/0x160
[ 1421.393440][T30885] asm_exc_page_fault+0x22/0x30
[ 1421.398416][T30885] RIP: 0033:0x7fc7bd7110c0
[ 1421.402829][T30885] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1421.422506][T30885] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010202
[ 1421.428570][T30885] RAX: 0000000000000400 RBX: 00007fc7bcac5660 RCX: 0000000000000008
[ 1421.436537][T30885] RDX: 00007fc7b46a6000 RSI: 0000000000000001 RDI: 00007fc7bcac5700
[ 1421.444542][T30885] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c6
[ 1421.450635][T30886] loop5: detected capacity change from 0 to 512
[ 1421.452511][T30885] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
07:33:25 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 14)
[ 1421.466791][T30885] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 0000000000000020
[ 1421.474794][T30885]
[ 1421.477832][T30885] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1421.485843][T30888] EXT4-fs (loop4): Remounting filesystem read-only
[ 1421.487642][T30885] loop2: detected capacity change from 0 to 512
[ 1421.493873][T30888] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:33:25 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MLi9Qbf53a2Fu/K+FufEk6vU3/0ga5f5cmBsvihbv259nBtOI9JMkjq5R78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+/Pn7m+js/fp2190C+vzWOTqlGdfmxbPF4pyvrsr6WdLKniw1hUyoRkZ2unkb/749KLJ28/njl4642DthR9Xq9vrf97vk68D+WRLdbAOy+1i/67P632HZh2HHbuPli8wYoi/tWvjX37Ik0L9Oz4v62k6oRcWb+7y+yLXZoHgIAoNW32fjn6bXGf2nc11LurnxtaCAi7o6IgxFxT0Qcioh7Ixpl74+IBzZZf3VFfvX4J72xpcA2KBv/vZCvbS0f/xWjvxio5Lm+Rvw9ydmp2uSJ/JgMRs/eLD+yTh3fvfzLZ+32tY7/si2rvxgL5u24sWfFBN3E2OzYdmJudfOjxhzg1dXxJ4srAUlEHI6II1v4+9kxm3ryq2Pt9v97/OvowDpT/cuIJ5rnfz5WxF9I1l+fHL4japMnhourYrWffr72Rrv6txV/B2Tnf9+a1/9i/ANJ63rtzObruPbbp23vabZ6/fcmbzXSvflrH4zNzl4aiehNXlv9+ujSe4t8UT6Lf/D42v3/YCwdiaMRkV3ED0bEQxHxcN72RyLi0Yg4vk78P7z02Ltbj39nZfFPbOr8bz5ROf/9N+3q39j5P9VIDeavbOTzb6MN3M6xAwAAgP+KtPEMfJIOLabTdGio+Qz/odiX1qZnZp86O/3+xYnms/ID0ZMWM139LfOhI/nccJEfXZE/mc8bf165s5EfGp+uTXQ7eCi5/W36f+b3SrdbB+w4v9eC8tL/obz0fygv/R/KS/+H8lqr/1/tQjuA3ef7H8pL/4fy0v+hvPR/KKXt/K5fosyJSG+LZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8U8AAAD//5k85e4=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:25 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpv092sbEkp59AEYCiLikTRpgSJxAYHEASQkOJRjSNIq1G1QEyRaRSQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TtjHecme/ujj07sw6gtKrZP0nEgYj4JSL6m9mVBarN/24uzo3/uTg3nkS9/sbvSaPcH4tz40XR4n3788xgGpF+nMTRdeqduXzl/FitNnkpzw/PXnh3eObylaemLoydmzw3eXH09OlTJ0eefWb06Y7E2Ze19cgH08cOv/LWtdfGz1x7+4evsvYeyPe3xtEp1aiuPJYtHu10ZV3W15JO9nSxIWxJJSKy0/XcfNb/+6MSyyevP17+qKuNA3ZVvV6v722/e6EO/Icl0e0WAN1RfNFn97/FdouGHreFGy80b4CyuG/mW3PPnkjzMj2r7m87qRoRZxb++jzbYpfmIQAAWn2TjX+eXG/8l8Y9LeXuyNeGBiLizog4GBF3RcShiLg7olH23oi4b4v1V1fl145/0uvbCmyTsvHf8/na1srxXzH6i4FKnutrxN+TnJ2qTZ7Ij8lg9OzN8iMb1PHtSz9/2m5f6/gv27L6i7Fg3o7re1ZN0E2MzY7tJOZWNz5szAHOr40/WVoJSCLicEQc2cbfz47Z1ONfHmu3/5/j30AH1pnqX0Q81jz/C7Eq/kKy8frk8P+iNnliuLgq1vrxp6uvt6t/R/F3QHb+9617/S/FP5C0rtfObL2Oq79+0vaeZrvXf2/yZiPdm7/2/tjs7KWRiN7k1bWvjy6/t8gX5bP4B4+v3/8PxvKROBoR2UV8f0Q8EBEP5m1/KCIejojjG8T//YuPvLP9+HdXFv/Els7/1hOV89993a7+zZ3/U43UYP7KZj7/NtvAnRw7AAAA+LdIG8/AJ+nQUjpNh4aaz/Afin1pbXpm9omz0+9dnGg+Kz8QPWkx09XfMh86ks8NF/nRVfmT+bzxZ5X/N/JD49O1iW4HDyW3v03/z/xW6XbrgF3n91pQXvo/lJf+D+Wl/0N56f9QXuv1//kutAO49Xz/Q3np/1Be+j+Ul/4PpbST3/VLlDkR6W3RDIldSnT7kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//aTPqnQ==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1421.515375][T30888] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1421.537819][T30888] EXT4-fs (loop4): 1 truncate cleaned up
[ 1421.543537][T30888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1421.558970][T30886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:25 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0VAhSiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWzRvw38625pyfSvEzvqvvbTqpGxOmFvz7PttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+hcRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//66O6oA=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1421.564535][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1421.571140][T30886] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2963/file0 supports timestamps until 2038 (0x7fffffff)
[ 1421.590099][T30897] loop0: detected capacity change from 0 to 512
[ 1421.628918][T30897] EXT4-fs: Ignoring removed nobh option
[ 1421.642742][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1421.653881][T30885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1421.666061][T30885] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2987/file0 supports timestamps until 2038 (0x7fffffff)
[ 1421.681275][T30901] FAULT_INJECTION: forcing a failure.
[ 1421.681275][T30901] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1421.694681][T30901] CPU: 1 PID: 30901 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1421.705642][T30901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1421.715754][T30901] Call Trace:
[ 1421.719023][T30901]
[ 1421.722005][T30901] dump_stack_lvl+0xd6/0x130
[ 1421.726659][T30901] dump_stack+0x11/0x20
[ 1421.730800][T30901] should_fail_ex+0x224/0x230
[ 1421.735526][T30901] __alloc_pages+0x10a/0x340
[ 1421.740151][T30901] alloc_pages+0x3f1/0x4f0
[ 1421.744562][T30901] get_zeroed_page+0x13/0x40
[ 1421.749145][T30901] mon_bin_open+0x1ba/0x3c0
[ 1421.753717][T30901] chrdev_open+0x362/0x3d0
[ 1421.758165][T30901] ? cd_forget+0xe0/0xe0
[ 1421.762481][T30901] do_dentry_open+0x59a/0x910
[ 1421.767251][T30901] vfs_open+0x43/0x50
[ 1421.771257][T30901] path_openat+0x16b8/0x1b60
[ 1421.775883][T30901] ? _parse_integer_limit+0x16f/0x190
[ 1421.781370][T30901] do_filp_open+0x105/0x220
[ 1421.785870][T30901] do_sys_openat2+0xb5/0x2a0
[ 1421.790568][T30901] ? mutex_lock+0x9/0x30
[ 1421.794866][T30901] ? fput+0x2c/0x130
[ 1421.798823][T30901] __x64_sys_openat+0xef/0x110
[ 1421.803583][T30901] do_syscall_64+0x2b/0x70
[ 1421.807989][T30901] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1421.813873][T30901] RIP: 0033:0x7f53668d4234
[ 1421.818409][T30901] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1421.838092][T30901] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1421.846534][T30901] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1421.854506][T30901] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1421.862498][T30901] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1421.870455][T30901] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1421.878438][T30901] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1421.886477][T30901]
07:33:26 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1421.939855][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1421.975745][T30897] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 32569)!
[ 1421.986181][T30897] EXT4-fs (loop0): group descriptors corrupted!
07:33:26 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 13)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1422.048440][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:26 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpv092sbEkp59AEYCiLikTRpgQpxAYHEASQkOJRjSNIq1G1QEyRaRSQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TtjHecme/ujj07sw6gtKrZP0nEgYj4JSL6m9mVBarN/24uzo3/uTg3nkS9/sbvSaPcH4tz40XR4n3788xgGpF+nMTRdeqduXzl/FitNnkpzw/PXnh3eObylaemLoydmzw3eXH09OlTJ0eefWb06Y7E2Ze19cgH08cOv/LWtdfGz1x7+4evsvYeyPe3xtEp1aiuPJYtHu10ZV3W15JO9nSxIWxJJSKy0/XcfNb/+6MSyyevP17+qKuNA3ZVvV6v722/e6EO/Icl0e0WAN1RfNFn97/FdouGHreFGy80b4CyuG/mW3PPnkjzMj2r7m87qRoRZxb++jzbYpfmIQAAWn2TjX+eXG/8l8Y9LeXuyNeGBiLizog4GBF3RcShiLg7olH23oi4b4v1V1fl145/0uvbCmyTsvHf8/na1srxXzH6i4FKnutrxN+TnJ2qTZ7Ij8lg9OzN8iMb1PHtSz9/2m5f6/gv27L6i7Fg3o7re1ZN0E2MzY7tJOZWNz5szAHOr40/WVoJSCLicEQc2cbfz47Z1ONfHmu3/5/j30AH1pnqX0Q81jz/C7Eq/kKy8frk8P+iNnliuLgq1vrxp6uvt6t/R/F3QHb+9617/S/FP5C0rtfObL2Oq79+0vaeZrvXf2/yZiPdm7/2/tjs7KWRiN7k1bWvjy6/t8gX5bP4B4+v3/8PxvKROBoR2UV8f0Q8EBEP5m1/KCIejojjG8T//YuPvLP9+HdXFv/Els7/1hOV89993a7+zZ3/U43UYP7KZj7/NtvAnRw7AAAA+LdIG8/AJ+nQUjpNh4aaz/Afin1pbXpm9omz0+9dnGg+Kz8QPWkx09XfMh86ks8NF/nRVfmT+bzxZ5X/N/JD49O1iW4HDyW3v03/z/xW6XbrgF3n91pQXvo/lJf+D+Wl/0N56f9QXuv1//kutAO49Xz/Q3np/1Be+j+Ul/4PpbST3/VLlDkR6W3RDIldSnT7kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//YWfqng==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1422.180987][T30905] loop4: detected capacity change from 0 to 512
[ 1422.185667][T30911] loop0: detected capacity change from 0 to 512
[ 1422.190696][T30904] loop1: detected capacity change from 0 to 512
[ 1422.194247][T30905] EXT4-fs: Ignoring removed nobh option
[ 1422.208461][T30911] EXT4-fs: Ignoring removed nobh option
[ 1422.214777][T30911] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 32570)!
[ 1422.220401][T30904] EXT4-fs: Ignoring removed nobh option
[ 1422.225142][T30911] EXT4-fs (loop0): group descriptors corrupted!
[ 1422.227902][T30905] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1423.183275][T30905] EXT4-fs (loop4): Remounting filesystem read-only
[ 1423.813240][T30913] FAULT_INJECTION: forcing a failure.
[ 1423.813240][T30913] name failslab, interval 1, probability 0, space 0, times 0
[ 1423.825968][T30913] CPU: 1 PID: 30913 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1423.836940][T30913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1423.847070][T30913] Call Trace:
[ 1423.850348][T30913]
[ 1423.853280][T30913] dump_stack_lvl+0xd6/0x130
[ 1423.857956][T30913] dump_stack+0x11/0x20
[ 1423.862117][T30913] should_fail_ex+0x224/0x230
[ 1423.863190][T30914] loop5: detected capacity change from 0 to 512
[ 1423.866791][T30913] __should_failslab+0x8c/0x90
[ 1423.866819][T30913] ? __anon_vma_prepare+0x95/0x2c0
[ 1423.882961][T30913] should_failslab+0x5/0x20
[ 1423.887492][T30913] kmem_cache_alloc+0x46/0x2f0
[ 1423.892260][T30913] __anon_vma_prepare+0x95/0x2c0
[ 1423.897682][T30913] wp_page_copy+0xb65/0x1710
[ 1423.902271][T30913] ? __mod_lruvec_page_state+0x107/0x1c0
[ 1423.908035][T30913] ? sysvec_apic_timer_interrupt+0x4a/0xb0
[ 1423.913871][T30913] do_wp_page+0x22a/0x640
[ 1423.918202][T30913] handle_mm_fault+0x644/0xb20
[ 1423.923018][T30913] do_user_addr_fault+0x4a1/0x980
[ 1423.928035][T30913] exc_page_fault+0x60/0x160
[ 1423.932615][T30913] asm_exc_page_fault+0x22/0x30
[ 1423.937512][T30913] RIP: 0033:0x7fc7bd7110c0
[ 1423.941914][T30913] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1423.961549][T30913] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010202
[ 1423.967599][T30913] RAX: 0000000000000400 RBX: 00007fc7bcac5660 RCX: 0000000000000008
[ 1423.975579][T30913] RDX: 00007fc7b46a6000 RSI: 0000000000000001 RDI: 00007fc7bcac5700
[ 1423.983537][T30913] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c6
[ 1423.991504][T30913] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
[ 1423.999465][T30913] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 0000000000000020
[ 1424.007481][T30913]
07:33:28 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 15)
07:33:28 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7sXO75fE2ITwyAM4CAiLhx07AVJAAQKJAiQkKEJpbCcyucQoNhKJLGwQCiWKRI8okfgLqKBBQIVECz2KFCE3BKpDe7drnx9n/DjnAvv5SJvM3M555ru7czc7sxdAaVWzf5KIAxHxS0T0N7MrC1Sb/91cnBv/c3FuPIl6/Y3fk0a5Pxbnxouixfv255nBNCL9OImj69Q7c/nK+bFabfJSnh+evfDu8MzlK09NXRg7N3lu8uLo6dOnTo48+8zo0x2Jsy9r65EPpo8dfuWta6+Nn7n29g9fZe09kO9vjaNTqlFdeSxbPNrpyrqsryWd7OliQ9iSSkRkp+v5+az/90cllk9ef7z8UVcbB+yqer1e39t+90Id+A9LotstALqj+KLP7n+L7RYNPW4LN15o3gBlcd/Mt+aePZHmZXpW3d92UjUiziz89Xm2xS7NQwAAtPomG/88ud74L417Wsrdka8NDUTEnRFxMCLuiohDEXF3RKPsvRFx3xbrr67Krx3/pNe3FdgmZeO/5/K1rZXjv2L0FwOVPNfXiL8nOTtVmzyRH5PB6Nmb5Uc2qOPbl37+tN2+1vFftmX1F2PBvB3X96yaoJsYmx3bScytbnzYmAOcXxt/srQSkETE4Yg4so2/nx2zqce/PNZu/z/Hv4EOrDPVv4h4rHn+F2JV/IVk4/XJ4f9FbfLEcHFVrPXjT1dfb1f/juLvgOz871v3+l+KfyBpXa+d2XodV3/9pO09zXav/97kzUa6N3/t/bHZ2UsjEb3Jq2tfH11+b5EvymfxDx5fv/8fjOUjcTQisov4/oh4ICIezNv+UEQ8HBHHN4j/+xcfeWf78e+uLP6JLZ3/rScq57/7ul39mzv/pxqpwfyVzXz+bbaBOzl2AAAA8G+RNp6BT9KhpXSaDg01n+E/FPvS2vTM7BNnp9+7ONF8Vn4getJipqu/ZT50JJ8bLvKjq/In83njzyr/b+SHxqdrE90OHkpuf5v+n/mt0u3WAbvO77WgvPR/KC/9H8pL/4fy0v+hvNbr//NdaAdw6/n+h/LS/6G89H8oL/0fSmknv+uXKHMi0tuiGRK7lOj2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/B0AAP//SgPqoQ==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1424.010579][T30913] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1424.020601][T30913] loop2: detected capacity change from 0 to 512
[ 1424.035601][T30904] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1424.044072][T30905] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1424.047934][T30904] EXT4-fs (loop1): Remounting filesystem read-only
[ 1424.067823][T30922] loop0: detected capacity change from 0 to 512
[ 1424.069131][T30904] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1424.075786][T30914] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1424.100781][T30914] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2964/file0 supports timestamps until 2038 (0x7fffffff)
[ 1424.122640][T30904] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1424.139687][T30925] FAULT_INJECTION: forcing a failure.
[ 1424.139687][T30925] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1424.153002][T30925] CPU: 1 PID: 30925 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1424.163937][T30925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1424.173980][T30925] Call Trace:
[ 1424.177334][T30925]
[ 1424.180265][T30925] dump_stack_lvl+0xd6/0x130
[ 1424.184857][T30925] dump_stack+0x11/0x20
[ 1424.188998][T30925] should_fail_ex+0x224/0x230
[ 1424.193666][T30925] __alloc_pages+0x10a/0x340
[ 1424.198278][T30925] alloc_pages+0x3f1/0x4f0
[ 1424.202682][T30925] get_zeroed_page+0x13/0x40
[ 1424.207274][T30925] mon_bin_open+0x1ba/0x3c0
[ 1424.211823][T30925] chrdev_open+0x362/0x3d0
[ 1424.216281][T30925] ? cd_forget+0xe0/0xe0
[ 1424.220620][T30925] do_dentry_open+0x59a/0x910
[ 1424.225304][T30925] vfs_open+0x43/0x50
[ 1424.229283][T30925] path_openat+0x16b8/0x1b60
[ 1424.233985][T30925] ? plist_check_list+0x14c/0x170
[ 1424.239004][T30925] do_filp_open+0x105/0x220
[ 1424.243543][T30925] do_sys_openat2+0xb5/0x2a0
[ 1424.248129][T30925] ? __schedule+0x546/0x6f0
[ 1424.252627][T30925] __x64_sys_openat+0xef/0x110
[ 1424.257485][T30925] do_syscall_64+0x2b/0x70
[ 1424.261899][T30925] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1424.267804][T30925] RIP: 0033:0x7f53668d4234
[ 1424.272205][T30925] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1424.292053][T30925] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1424.300481][T30925] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1424.308464][T30925] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1424.316436][T30925] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1424.324406][T30925] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1424.332422][T30925] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1424.340464][T30925]
07:33:28 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1424.373372][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1424.398188][T30904] EXT4-fs (loop1): 1 truncate cleaned up
[ 1424.403979][T30904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1424.419934][T30922] EXT4-fs: Ignoring removed nobh option
[ 1424.426589][T30922] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 32573)!
[ 1424.437113][T30922] EXT4-fs (loop0): group descriptors corrupted!
[ 1424.446504][T30905] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1424.466907][T30913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1424.479118][T30913] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2988/file0 supports timestamps until 2038 (0x7fffffff)
[ 1424.511234][T30905] EXT4-fs (loop4): 1 truncate cleaned up
[ 1424.517057][T30905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:28 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 14)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:28 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiRMXxBGJv4ATXBBwQuIKd1SpQrlQOBmtvZs4D4c8nLqwn4+0zox3nJnv7o49nlkHUFrV7CGJ2B8Rv0TEQDO7skC1+efm4vzEn4vzE0nU66//njTK/bE4P1EULV63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxQZ99/y22WzT0uC3ceD57/KwR/818a+7piTQv07vq+20nVSPi9MJfn2db7NI8BABAq2+y8c+T643/0rinpdwd+drQYETcGREHIuKuiDgYEXdHNMreGxH3bbH+6qr82vFPen1bgW1SNv57Ll/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr598edP2u1rHf9lW1Z/MRbM23G9Z9UE3eT43PhOYm5144PGHOCVtfEnSysBSUQciojD2/j/2TGbfvzLo+32/3P8G+jAOlP9i4jHmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPW1dvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9deP236n2e7135e80Uj35c+9Nz43d3E0oi95Ze3zY8uvLfJF+Sz+oWPr9/8DsXwkjkREdhHfHxEPRMSDedsfioiHI+LYBvF//8Ijb28//t2VxT+5pfO/9UTl3Hdft6t/c+f/ZCM1lD+zmfe/zTZwJ8cOAAAA/i3Sxj3wSTq8lE7T4eHmPfwHY29am5mde+LMzLsXJpv3yg9Gb1rMdA20zIeO5nPDRX5sVf5EPm/8aeX/jfzwxExtstvBQ8nta9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcej7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZfwcAAP//ro3qgA==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:28 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY309ae+Z2zjPf7s55dmYvgNKqZj+SiAMR8WtE9DezywtUm79uLcyN/7UwN55Evf7mH0mj3J8Lc+NF0eJ9+/PMYBqRfpLE0TXqnbl85fxYrTZ5Kc8Pz154b3jm8pVnpi6MnZs8N3lx9PTpUydHnn9u9NmOxNmXtfXIh9PHDr/69vXXx89cf+fHr7P2Hsj3t8bRKdWoLj+WLR7vdGVd1teSTvZ0sSFsSiUistPV0+j//VGJpZPXH6983NXGATuqXq/X97bfPV8H/seS6HYLgN3Xem+a3f8W226MO24XN19s3gBlcd/Kt+aePZHmZXpW3N92UjUizsz//UW2xQ7NQwAAtPo2G/88vdb4L437Wsrdla8NDUTE3RFxMCLuiYhDEXFvRKPs/RHxwCbrr67Irx7/pDe2FNgGZeO/F/K1reXjv2L0FwOVPNfXiL8nOTtVmzyRH5PB6Nmb5UfWqeO7l3/5rN2+1vFftmX1F2PBvB039qyYoJsYmx3bTsytbn7UmAO8ujr+ZHElILtPOBwRR7bw97NjNvXkV8fa7f/3+NfRgXWm+pcRTzTP/3ysiL+QrL8+OXxH1CZPDBdXxWo//XztjXb1byv+DsjO/741r//F+AeS1vXamc3Xce23T9ve02z1+u9N3mqke/PXPhibnb00EtGbvLb69dGl9xb5onwW/+Dxtfv/wVg6EkcjIruIH4yIhyLi4bztj0TEoxFxfJ34f3jpsXe3Hv/OyuKf2NT533yicv77b9rVv7Hzf6qRGsxf2cjn30YbuJ1jBwAAAP8VaeMZ+CQdWkyn6dBQ8xn+Q7EvrU3PzD51dvr9ixPNZ+UHoictZrr6W+ZDR/K54SI/uiJ/Mp83/rxyZyM/ND5dm+h28FBy+9v0/8zvlW63Dthxvq8F5aX/Q3np/1Be+j+Ul/4P5bVW/7/ahXYAu8//fygv/R/KS/+H8tL/oZS2871+iTInIr0tmiGxQ4lufzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xj8BAAD//4V85e8=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:28 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7sXO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiCxuEkhJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nEgYj4JSL6m9mVBarN/24tzo3/uTg3nkS9/ubvSaPcH4tz40XR4n3788xgGpF+ksTRdeqduXzl/FitNnkpzw/PXnhveObylWemLoydmzw3eXH09OlTJ0eef2702Y7E2Ze19ciH08cOv/r29dfHz1x/54evsvYeyPe3xtEp1aiuPJYtHu90ZV3W15JO9nSxIWxJJSKy03VtPuv//VGJ5ZPXH6983NXGAbuqXq/X97bfvVAH/sOS6HYLgO4ovuiz+99iu01DjzvCzRebN0BZ3LfyrblnT6R5mZ5V97edVI2IMwt/fZ5tsUvzEAAArb7Jxj9Przf+S+O+lnJ35WtDAxFxd0QcjIh7IuJQRNwb0Sh7f0Q8sMX6q6vya8c/6Y1tBbZJ2fjvhXxta+X4rxj9xUAlz/U14u9Jzk7VJk/kx2QwevZm+ZEN6vj25Z8/bbevdfyXbVn9xVgwb8eNPasm6CbGZsd2EnOrmx815gDn18afLK0EJBFxOCKObOPvZ8ds6skvj7Xb/8/xb6AD60z1LyKeaJ7/hVgVfyHZeH1y+H9RmzwxXFwVa/3409U32tW/o/g7IDv/+9a9/pfiH0ha12tntl7H1V+vtb2n2e7135u81Uj35q99MDY7e2kkojd5be3ro8vvLfJF+Sz+wePr9/+DsXwkjkZEdhE/GBEPRcTDedsfiYhHI+L4BvF//9Jj724//t2VxT+xpfO/9UTl/Hdft6t/c+f/VCM1mL+ymc+/zTZwJ8cOAAAA/i3SxjPwSTq0lE7ToaHmM/yHYl9am56Zfers9PsXJ5rPyg9ET1rMdPW3zIeO5HPDRX50Vf5kPm/8WeX/jfzQ+HRtotvBQ8ntb9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9f74L7QBuP9//UF76P5SX/g/lpf9DKe3kd/0SZU5Eekc0Q2KXEt3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//CO3q6w==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1424.608582][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1424.621759][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1424.638657][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1424.688718][T30934] loop4: detected capacity change from 0 to 512
[ 1424.698062][T30934] EXT4-fs: Ignoring removed nobh option
[ 1425.238452][T30931] loop5: detected capacity change from 0 to 512
[ 1425.257497][T30937] FAULT_INJECTION: forcing a failure.
[ 1425.257497][T30937] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1425.270744][T30937] CPU: 1 PID: 30937 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1425.281783][T30937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1425.291836][T30937] Call Trace:
[ 1425.295102][T30937]
[ 1425.298028][T30937] dump_stack_lvl+0xd6/0x130
[ 1425.302739][T30937] dump_stack+0x11/0x20
[ 1425.306883][T30937] should_fail_ex+0x224/0x230
[ 1425.311550][T30937] __alloc_pages+0x10a/0x340
[ 1425.316139][T30937] vma_alloc_folio+0x6a0/0x8e0
[ 1425.320892][T30937] ? __anon_vma_prepare+0x227/0x2c0
[ 1425.326080][T30937] wp_page_copy+0x13e/0x1710
[ 1425.330660][T30937] ? __mod_lruvec_page_state+0x107/0x1c0
[ 1425.336333][T30937] ? pte_alloc_one+0x8c/0xb0
[ 1425.340919][T30937] ? debug_smp_processor_id+0x13/0x20
[ 1425.346352][T30937] do_wp_page+0x22a/0x640
[ 1425.350670][T30937] handle_mm_fault+0x644/0xb20
[ 1425.355549][T30937] do_user_addr_fault+0x4a1/0x980
[ 1425.360646][T30937] exc_page_fault+0x60/0x160
[ 1425.365226][T30937] asm_exc_page_fault+0x22/0x30
[ 1425.370071][T30937] RIP: 0033:0x7fc7bd7110c0
[ 1425.374513][T30937] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1425.394110][T30937] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010202
[ 1425.400161][T30937] RAX: 0000000000000400 RBX: 00007fc7bcaa4660 RCX: 0000000000000008
[ 1425.408120][T30937] RDX: 00007fc7b4685000 RSI: 0000000000000001 RDI: 00007fc7bcaa4700
[ 1425.416077][T30937] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c6
[ 1425.424089][T30937] R10: 0000000000000010 R11: 00007fc7bcaa4660 R12: 00007fc7bcaa4670
[ 1425.432073][T30937] R13: 00007fc7bcaa4700 R14: 0000000000000001 R15: 0000000000000020
[ 1425.440037][T30937]
[ 1425.443134][T30937] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1425.453366][T30937] loop2: detected capacity change from 0 to 512
07:33:29 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 16)
[ 1425.508617][T30935] loop0: detected capacity change from 0 to 512
[ 1425.550605][T30944] loop1: detected capacity change from 0 to 512
[ 1425.558203][T30931] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1425.588268][T30934] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1425.602826][T30944] EXT4-fs: Ignoring removed nobh option
[ 1425.644750][T30948] FAULT_INJECTION: forcing a failure.
[ 1425.644750][T30948] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1425.658041][T30948] CPU: 1 PID: 30948 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1425.669035][T30948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1425.679216][T30948] Call Trace:
[ 1425.682482][T30948]
[ 1425.685403][T30948] dump_stack_lvl+0xd6/0x130
[ 1425.690052][T30948] dump_stack+0x11/0x20
[ 1425.694217][T30948] should_fail_ex+0x224/0x230
[ 1425.698883][T30948] __alloc_pages+0x10a/0x340
[ 1425.703471][T30948] alloc_pages+0x3f1/0x4f0
[ 1425.707902][T30948] get_zeroed_page+0x13/0x40
[ 1425.712485][T30948] mon_bin_open+0x1ba/0x3c0
[ 1425.716986][T30948] chrdev_open+0x362/0x3d0
[ 1425.721394][T30948] ? cd_forget+0xe0/0xe0
[ 1425.725633][T30948] do_dentry_open+0x59a/0x910
[ 1425.730320][T30948] vfs_open+0x43/0x50
[ 1425.734306][T30948] path_openat+0x16b8/0x1b60
[ 1425.738962][T30948] ? _parse_integer_limit+0x16f/0x190
[ 1425.744367][T30948] do_filp_open+0x105/0x220
[ 1425.748953][T30948] do_sys_openat2+0xb5/0x2a0
[ 1425.753540][T30948] ? mutex_lock+0x9/0x30
[ 1425.757836][T30948] ? fput+0x2c/0x130
[ 1425.761720][T30948] __x64_sys_openat+0xef/0x110
[ 1425.766553][T30948] do_syscall_64+0x2b/0x70
[ 1425.770955][T30948] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1425.776927][T30948] RIP: 0033:0x7f53668d4234
[ 1425.781360][T30948] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1425.801132][T30948] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1425.809611][T30948] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1425.817683][T30948] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1425.825700][T30948] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1425.833666][T30948] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1425.841681][T30948] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1425.849665][T30948]
[ 1425.880115][T30935] EXT4-fs: Ignoring removed nobh option
07:33:30 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1425.888770][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1425.965300][T30934] EXT4-fs (loop4): Remounting filesystem read-only
[ 1425.972496][T30937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1425.984658][T30937] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2989/file0 supports timestamps until 2038 (0x7fffffff)
[ 1426.010594][T30935] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 32647)!
[ 1426.021009][T30935] EXT4-fs (loop0): group descriptors corrupted!
[ 1426.043031][T30934] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1426.060978][T30944] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1426.074669][T30944] EXT4-fs (loop1): Remounting filesystem read-only
[ 1426.081771][T30934] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1426.098488][T30944] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
07:33:30 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 15)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1426.100816][T30934] EXT4-fs (loop4): 1 truncate cleaned up
[ 1426.118508][T30934] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1426.141514][T30944] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
07:33:30 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiUdEgSiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWzRvw38625pyfSvEzvqvvbTqpGxOmFvz7PttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+hcRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//5nE6oE=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:30 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRhh5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oi4HhEDzezKAtXmf7cW5yf+XJyfSKJef/P3pFHuj8X5iaJo8b59eWYojUg/SeLIOvXOXrp8brxWm7qY50fmzr83Mnvp8jPT58fPTp2dujB26tTJE6PPPzf2bEfi7M/aevjDmaOHXn372usTp6+98+PXWXv35/tb4+iUalRXHssWj3e6si7rb0knPV1sCFtSiYjsdNXr9SvXYyAqsXzyBuKVj7vaOGBX1ev1+p72uxfqwH9YEt1uAdAdxRd9dv9bbLdp6HFHuPli8wYoi/tWvjX39ESal+lddX/bSdWIOL3w1xfZFrs0DwEA0OrbbPzz9HrjvzTuayl3V742NBgRd0fEgYi4JyIORsS9EY2y90fEA1usv7oqv3b8k97YVmCblI3/XsjXtlaO/4rRXwxW8lx/I/7e5Mx0bep4fkyGondPlh/doI7vXv7ls3b7Wsd/2ZbVX4wF83bc6Fk1QTc5Pje+k5hb3fyoOfe/Nv5kaSUgiYhDEXF4G38/O2bTT351tN3+f45/Ax1YZ6p/GfFE8/wvxKr4C8nG65Mj/4va1PGR4qpY66efr77Rrv4dxd8B2fnfu+71vxT/YNK6Xju79Tqu/vpp23ua7V7/fclbjXRf/toH43NzF0cj+pLX1r4+tvzeIl+Uz+IfOrZ+/z8Qy0fiSERkF/GDEfFQRDyct/2RiHg0Io5tEP8PLz327vbj311Z/JNbOv9bT1TOff9Nu/o3d/5PNlJD+Sub+fzbbAN3cuwAAADg3yJtPAOfpMNL6TQdHm4+w38w9qa1mdm5p87MvH9hsvms/GD0psVM10DLfOhoPjdc5MdW5U/k88afV/7fyA9PzNQmux08lNy+Nv0/81ul260Ddp3fa0F56f9QXvo/lJf+D+Wl/0N5rdf/r3ShHcDt5/sfykv/h/LS/6G89H8opZ38rl+izIlI74hmSOxSotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//077tYQ==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1426.158076][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1426.170716][T30944] EXT4-fs (loop1): 1 truncate cleaned up
[ 1426.176459][T30944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1426.178932][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:30 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zzPfzs7d7MxeAKVVzf5JIg5ExK8R0d/MLj+g2vzv1sLc+F8Lc+NJ1Otv/pE0jvtzYW68OLR43/48M5hGpJ8kcXSNcmcuXzk/VqtNXsrzw7MX3hueuXzlmakLY+cmz01eHD19+tTJkeefG322I3H2ZXU98uH0scOvvn399fEz19/58eusvgfy/a1xdEo1qsvPZYvHO11Yl/W1pJM9XawIm1KJiKy5ehr9vz8qsdR4/fHKx12tHLCj6vV6fW/73fN14H8siW7XANh9acsXfXb/W2y7Me64Xdx8sXkDlMV9K9+ae/ZEcX56VtzfdlI1Is7M//1FtsUOzUMAALT6Nhv/PL3W+C+N+1qOuytfGxqIiLsj4mBE3BMRhyLi3ojGsfdHxAObLL+6Ir96/JPe2FJgG5SN/17I17aWj/8WR8cDlTzX14i/Jzk7VZs8kZ+TwejZm+VH1inju5d/+azdvtbxX7Zl5RdjwbweN/asmKCbGJsd207MrW5+1JgDvLo6/mRxJSCJiMMRcWQLfz87Z1NPfnWs3f5/j38dHVhnqn8Z8USz/edjRfyFZP31yeE7ojZ5Yri4Klb76edrb7Qrf1vxd0DW/vvWvP4X4x9IWtdrZzZfxrXfPm17T7PV6783eauR7s1f+2BsdvbSSERv8trq10eX3lvki+Oz+AePr93/D8bSmTgaEdlF/GBEPBQRD+d1fyQiHo2I4+vE/8NLj7279fh3Vhb/xKbaf/OJyvnvv2lX/sba/1QjNZi/spHPv41WcDvnDgAAAP4r0sYz8Ek6tJhO06Gh5jP8h2JfWpuemX3q7PT7Fyeaz8oPRE9azHT1t8yHjuRzw0V+dEX+ZD5v/HnlzkZ+aHy6NtHt4KHk9rfp/5nfK92uHbDj/F4Lykv/h/LS/6G89H8oL/0fymut/n+1C/UAdp/vfygv/R/KS/+H8tL/oZS287t+iTInIr0tqiGxQ4lufzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xj8BAAD//3G85fA=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1426.217282][T30956] loop0: detected capacity change from 0 to 512
[ 1426.224636][T30956] EXT4-fs: Ignoring removed nobh option
[ 1426.230683][T30956] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 2147483647)!
[ 1426.241674][T30956] EXT4-fs (loop0): group descriptors corrupted!
[ 1426.902905][T30960] FAULT_INJECTION: forcing a failure.
[ 1426.902905][T30960] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1426.916333][T30960] CPU: 1 PID: 30960 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1426.927267][T30960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1426.937318][T30960] Call Trace:
[ 1426.940594][T30960]
[ 1426.943517][T30960] dump_stack_lvl+0xd6/0x130
[ 1426.948137][T30960] dump_stack+0x11/0x20
[ 1426.952292][T30960] should_fail_ex+0x224/0x230
[ 1426.956966][T30960] __alloc_pages+0x10a/0x340
[ 1426.961640][T30960] vma_alloc_folio+0x6a0/0x8e0
[ 1426.966474][T30960] do_anonymous_page+0x15a/0x9c0
[ 1426.971419][T30960] ? do_wp_page+0x22a/0x640
[ 1426.975921][T30960] handle_mm_fault+0x8dc/0xb20
[ 1426.980721][T30960] do_user_addr_fault+0x4a1/0x980
[ 1426.985822][T30960] exc_page_fault+0x60/0x160
[ 1426.990424][T30960] asm_exc_page_fault+0x22/0x30
[ 1426.995349][T30960] RIP: 0033:0x7fc7bd7110c0
[ 1426.999833][T30960] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1427.019445][T30960] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010206
[ 1427.025514][T30960] RAX: 0000000000001000 RBX: 00007fc7bcac5660 RCX: 0000000000000009
[ 1427.033484][T30960] RDX: 00007fc7b46a6000 RSI: 000000000000000d RDI: 00007fc7bcac5700
[ 1427.041452][T30960] RBP: 00000000000000dc R08: 0000000000000007 R09: 0000000000000050
07:33:31 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 17)
[ 1427.049435][T30960] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
[ 1427.057405][T30960] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 00000000000000ff
[ 1427.065377][T30960]
[ 1427.068477][T30960] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1427.078573][T30960] loop2: detected capacity change from 0 to 512
[ 1427.089333][T30961] loop5: detected capacity change from 0 to 512
07:33:31 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRhh5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oi4HhEDzezKAtXmf7cW5yf+XJyfSKJef/P3pFHuj8X5iaJo8b59eWYojUg/SeLIOvXOXrp8brxWm7qY50fmzr83Mnvp8jPT58fPTp2dujB26tTJE6PPPzf2bEfi7M/aevjDmaOHXn372usTp6+98+PXWXv35/tb4+iUalRXHssWj3e6si7rb0knPV1sCFtSiYjsdNXr9fr1GIhKLJ+8gXjl4642DthVWb/f0373Qh34D0ui2y0AuqP4os/uf4vtNg097gg3X2zeAGVx38q35p6eSPMyvavubzupGhGnF/76Ittil+YhAABafZuNf55eb/yXxn0t5e7K14YGI+LuiDgQEfdExMGIuDeiUfb+iHhgi/VXV+XXjn/SG9sKbJOy8d8L+drWyvFfMfqLwUqe62/E35ucma5NHc+PyVD07snyoxvU8d3Lv3zWbl/r+C/bsvqLsWDejhs9qyboJsfnxncSc6ubHzXmAK+sjT9ZWglIIuJQRBzext/Pjtn0k18dbbf/n+PfQAfWmepfRjzRPP8LsSr+QrLx+uTI/6I2dXykuCrW+unnq2+0q39H8XdAdv73rnv9L8U/mLSu185uvY6rv37a9p5mu9d/X/JWI92Xv/bB+NzcxdGIvuS1ta+PLb+3yBfls/iHjq3f/w/E8pE4EhHZRfxgRDwUEQ/nbX8kIh6NiGMbxP/DS4+9u/34d1cW/+SWzv/WE5Vz33/Trv7Nnf+TjdRQ/spmPv8228CdHDsAAAD4t0gbz8An6fBSOk2Hh5vP8B+MvWltZnbuqTMz71+YbD4rPxi9aTHTNdAyHzqazw0X+bFV+RP5vPHnlf838sMTM7XJbgcPJbevTf/P/FbpduuAXef3WlBe+j+Ul/4P5aX/Q3np/1Be6/X/K11oB3D7+f6H8tL/obz0fygv/R9KaSe/65cocyLSO6IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8HQAA///sAu3h")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1427.135781][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1427.144345][T30963] loop4: detected capacity change from 0 to 512
[ 1427.154613][T30963] EXT4-fs: Ignoring removed nobh option
[ 1427.172067][T30961] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1427.184257][T30961] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2966/file0 supports timestamps until 2038 (0x7fffffff)
[ 1427.185912][T30972] loop0: detected capacity change from 0 to 512
[ 1427.211284][T30972] EXT4-fs: Ignoring removed nobh option
[ 1427.219056][T30968] loop1: detected capacity change from 0 to 512
[ 1427.226842][T30968] EXT4-fs: Ignoring removed nobh option
[ 1427.235336][T30972] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 4294967295)!
[ 1427.246182][T30972] EXT4-fs (loop0): group descriptors corrupted!
[ 1427.255033][T30960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1427.267399][T30960] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2990/file0 supports timestamps until 2038 (0x7fffffff)
[ 1427.283600][T30976] FAULT_INJECTION: forcing a failure.
[ 1427.283600][T30976] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1427.296896][T30976] CPU: 1 PID: 30976 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1427.307872][T30976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1427.318004][T30976] Call Trace:
[ 1427.321275][T30976]
[ 1427.324195][T30976] dump_stack_lvl+0xd6/0x130
[ 1427.328779][T30976] dump_stack+0x11/0x20
[ 1427.332923][T30976] should_fail_ex+0x224/0x230
[ 1427.337657][T30976] __alloc_pages+0x10a/0x340
[ 1427.342245][T30976] alloc_pages+0x3f1/0x4f0
[ 1427.346690][T30976] get_zeroed_page+0x13/0x40
[ 1427.351272][T30976] mon_bin_open+0x1ba/0x3c0
[ 1427.355769][T30976] chrdev_open+0x362/0x3d0
[ 1427.360229][T30976] ? cd_forget+0xe0/0xe0
[ 1427.364574][T30976] do_dentry_open+0x59a/0x910
[ 1427.369310][T30976] vfs_open+0x43/0x50
[ 1427.373410][T30976] path_openat+0x16b8/0x1b60
[ 1427.378061][T30976] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1427.383692][T30976] ? find_lowest_rq+0x72/0x170
[ 1427.388444][T30976] ? find_lock_lowest_rq+0x40/0x110
[ 1427.393638][T30976] do_filp_open+0x105/0x220
[ 1427.398286][T30976] do_sys_openat2+0xb5/0x2a0
[ 1427.402871][T30976] ? __x64_sys_openat+0xc3/0x110
[ 1427.407804][T30976] ? __x64_sys_openat+0x9d/0x110
[ 1427.412775][T30976] __x64_sys_openat+0xef/0x110
[ 1427.417535][T30976] do_syscall_64+0x2b/0x70
[ 1427.421938][T30976] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1427.427833][T30976] RIP: 0033:0x7f53668d4234
[ 1427.432235][T30976] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1427.451907][T30976] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1427.460306][T30976] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1427.468262][T30976] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1427.476219][T30976] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1427.484244][T30976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1427.492211][T30976] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1427.500217][T30976]
07:33:31 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1427.543349][T30963] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1427.556761][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1427.588047][T30968] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1427.600650][T30963] EXT4-fs (loop4): Remounting filesystem read-only
[ 1427.609682][T30968] EXT4-fs (loop1): Remounting filesystem read-only
07:33:31 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 16)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1427.639390][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1427.650780][T30963] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1427.667222][T30968] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
07:33:32 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBxe1rvWlgC/sey0TxQRsUXfXb/W2y3aNhxW7jxYuMGKIv7Zr419vREmpfpXXN/207ViDi98PcX2RYdmocAAGj2bTb+eXqj8V8a9zWVuytfGxqMiLsj4kBE3BMRByPi3oh62fsj4oFt1l9dk18//kmv7yiwLcrGfy/ka1urx3/F6C8GK3muvx5/b3JmujZ1PD8mQ9G7J8uPblLHdy//8lmrfc3jv2zL6i/Ggnk7rvesmaCbHJ8b303MzW58FNn9/5X18SfLKwFJRByKiMM7+PvZMZt+8qujrfb/e/ybaMM609KXEU80zv9CrIm/kGy+PjlyR9Smjo8UV8V6P/189Y1W9e8q/jbIzv/eDa//5fgHk+b12tnt13H1t09b3tPs9PrvS96qp/vy1z4Yn5u7OBrRl7y2/vWxlfcW+aJ8Fv/QsY37/4FYORJHIiK7iB+MiIci4uG87Y9ExKMRcWyT+H946bF3dx5/Z2XxT27r/G8/UTn3/Tet6t/a+T9ZTw3lr2zl82+rDdzNsQMAAID/irT+DHySDi+n03R4uPEM/8HYm9ZmZueeOjPz/oXJxrPyg9GbFjNdA03zoaP53HCRH1uTP5HPG39eubOeH56YqU12O3gouX0t+n/m90q3Wwd0nN9rQXnp/1Be+j+Ul/4P5aX/Q3lt1P+vdKEdwK3n+x/KS/+H8tL/obz0fyil3fyuX6LMiUhvi2ZIdCjR7U8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9vgnAAD//8dM5e4=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1427.682944][T30963] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1427.700167][T30968] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1427.709436][T30963] EXT4-fs (loop4): 1 truncate cleaned up
[ 1427.720338][T30963] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:32 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiRsHxBGJv4ATXBBwQuIKd1SpQrlQOBmtvZs4D4c8nLqwn4+0zox3nJnv7o49nlkHUFrV7CGJ2B8Rv0TEQDO7skC1+efm4vzEn4vzE0nU66//njTK/bE4P1EULV63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxQZ99/y22WzT0uC3ceD57/KwR/818a+7piTQv07vq+20nVSPi9MJfn2db7NI8BABAq2+y8c+T643/0rinpdwd+drQYETcGREHIuKuiDgYEXdHNMreGxH3bbH+6qr82vFPen1bgW1SNv57Ll/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr598edP2u1rHf9lW1Z/MRbM23G9Z9UE3eT43PhOYm5144PGHOCVtfEnSysBSUQciojD2/j/2TGbfvzLo+32/3P8G+jAOlP9i4jHmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPW1dvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9deP236n2e7135e80Uj35c+9Nz43d3E0oi95Ze3zY8uvLfJF+Sz+oWPr9/8DsXwkjkREdhHfHxEPRMSDedsfioiHI+LYBvF//8Ijb28//t2VxT+5pfO/9UTl3Hdft6t/c+f/ZCM1lD+zmfe/zTZwJ8cOAAAA/i3Sxj3wSTq8lE7T4eHmPfwHY29am5mde+LMzLsXJpv3yg9Gb1rMdA20zIeO5nPDRX5sVf5EPm/8aeX/jfzwxExtstvBQ8nta9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcej7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZfwcAAP//mcPqgQ==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:32 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MLi9Qbf53a2Fu/K+FufEk6vU3/0ga5f5cmBsvihbv259nBtOI9JMkjq5R78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+/Pn7m+js/fp2190C+vzWOTqlGdfmxbPF4pyvrsr6WdLKniw1hUyoRkZ2unkb/749KLJ28/njl4642DthR9Xq9vrf97vk68D+WRLdbAOy+SssXfXb/W2y7Me64Xdx8sXkDlMV9K9+ae/ZEmpfpWXF/20nViDgz//cX2RY7NA8BANDq22z88/Ra47807mspd1e+NjQQEXdHxMGIuCciDkXEvRGNsvdHxAObrL+6Ir96/JPe2FJgG5SN/17I17aWj/+K0V8MVPJcXyP+nuTsVG3yRH5MBqNnb5YfWaeO717+5bN2+1rHf9mW1V+MBfN23NizYoJuYmx2bDsxt7r5UWMO8Orq+JPFlYAkIg5HxJEt/P3smE09+dWxdvv/Pf51dGCdqf5lxBPN8z8fK+IvJOuvTw7fEbXJE8PFVbHaTz9fe6Nd/duKvwOy879vzet/Mf6BpHW9dmbzdVz77dO29zRbvf57k7ca6d78tQ/GZmcvjUT0Jq+tfn106b1FviifxT94fO3+fzCWjsTRiMgu4gcj4qGIeDhv+yMR8WhEHF8n/h9eeuzdrce/s7L4JzZ1/jefqJz//pt29W/s/J9qpAbzVzby+bfRBm7n2AEAAMB/Rdp4Bj5JhxbTaTo01HyG/1DsS2vTM7NPnZ1+/+JE81n5gehJi5mu/pb50JF8brjIj67In8znjT+v3NnID41P1ya6HTyU3P42/T/ze6XbrQN2nN9rQXnp/1Be+j+Ul/4P5aX/Q3mt1f+vdqEdwO7z/Q/lpf9Deen/UF76P5TSdn7XL1HmRKS3RTMkdijR7U8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgnAAD//1385fE=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1427.735324][T30968] EXT4-fs (loop1): 1 truncate cleaned up
[ 1427.740998][T30968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1427.773341][T30981] loop0: detected capacity change from 0 to 512
[ 1427.782901][T30981] EXT4-fs: Ignoring removed nobh option
[ 1427.792478][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1427.800836][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1428.413764][T30985] FAULT_INJECTION: forcing a failure.
[ 1428.413764][T30985] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1428.427093][T30985] CPU: 1 PID: 30985 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1428.438026][T30985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1428.448141][T30985] Call Trace:
[ 1428.451415][T30985]
[ 1428.454413][T30985] dump_stack_lvl+0xd6/0x130
[ 1428.459050][T30985] dump_stack+0x11/0x20
[ 1428.463251][T30985] should_fail_ex+0x224/0x230
[ 1428.467928][T30985] __alloc_pages+0x10a/0x340
[ 1428.472563][T30985] vma_alloc_folio+0x6a0/0x8e0
[ 1428.477325][T30985] ? folio_add_lru_vma+0x44/0x60
[ 1428.482330][T30985] do_anonymous_page+0x15a/0x9c0
[ 1428.487310][T30985] handle_mm_fault+0x8dc/0xb20
[ 1428.492076][T30985] do_user_addr_fault+0x4a1/0x980
[ 1428.497131][T30985] ? switch_fpu_return+0x83/0x190
[ 1428.502297][T30985] exc_page_fault+0x60/0x160
[ 1428.506892][T30985] asm_exc_page_fault+0x22/0x30
[ 1428.511802][T30985] RIP: 0033:0x7fc7bd7110c0
[ 1428.516223][T30985] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1428.523955][T30986] loop5: detected capacity change from 0 to 512
[ 1428.535878][T30985] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010202
[ 1428.535899][T30985] RAX: 0000000000002000 RBX: 00007fc7bcac5660 RCX: 0000000000000002
[ 1428.535910][T30985] RDX: 00007fc7b46a6000 RSI: 000000000000005b RDI: 00007fc7bcac5700
[ 1428.535921][T30985] RBP: 00000000000000fb R08: 0000000000000009 R09: 00000000000001c6
[ 1428.535932][T30985] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
[ 1428.580122][T30985] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 000000000000000b
[ 1428.588155][T30985]
[ 1428.591267][T30985] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1428.597393][T30986] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:32 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 18)
[ 1428.601386][T30985] loop2: detected capacity change from 0 to 512
[ 1428.634550][T30981] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1428.650222][T30981] EXT4-fs (loop0): Remounting filesystem read-only
[ 1428.657375][T30981] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1428.658061][T30994] loop1: detected capacity change from 0 to 512
[ 1428.672875][T30985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1428.677354][T30994] EXT4-fs: Ignoring removed nobh option
[ 1428.688526][T30985] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2991/file0 supports timestamps until 2038 (0x7fffffff)
07:33:33 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1428.699956][T30981] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1428.740356][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1428.759835][T30998] loop4: detected capacity change from 0 to 512
[ 1428.768784][T30999] FAULT_INJECTION: forcing a failure.
[ 1428.768784][T30999] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1428.782022][T30999] CPU: 1 PID: 30999 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1428.792967][T30999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1428.803008][T30999] Call Trace:
[ 1428.806286][T30999]
[ 1428.809286][T30999] dump_stack_lvl+0xd6/0x130
[ 1428.813892][T30999] dump_stack+0x11/0x20
[ 1428.818042][T30999] should_fail_ex+0x224/0x230
[ 1428.822724][T30999] __alloc_pages+0x10a/0x340
[ 1428.827315][T30999] alloc_pages+0x3f1/0x4f0
[ 1428.831772][T30999] get_zeroed_page+0x13/0x40
[ 1428.836374][T30999] mon_bin_open+0x1ba/0x3c0
[ 1428.840954][T30999] chrdev_open+0x362/0x3d0
[ 1428.845387][T30999] ? cd_forget+0xe0/0xe0
[ 1428.849632][T30999] do_dentry_open+0x59a/0x910
[ 1428.854339][T30999] vfs_open+0x43/0x50
[ 1428.858401][T30999] path_openat+0x16b8/0x1b60
[ 1428.862984][T30999] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1428.868671][T30999] ? _parse_integer_limit+0x16f/0x190
[ 1428.874036][T30999] do_filp_open+0x105/0x220
[ 1428.878536][T30999] do_sys_openat2+0xb5/0x2a0
[ 1428.883140][T30999] ? mutex_lock+0x9/0x30
[ 1428.887374][T30999] ? fput+0x2c/0x130
[ 1428.891260][T30999] __x64_sys_openat+0xef/0x110
[ 1428.896100][T30999] do_syscall_64+0x2b/0x70
[ 1428.900582][T30999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1428.906467][T30999] RIP: 0033:0x7f53668d4234
[ 1428.910870][T30999] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1428.930465][T30999] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
07:33:33 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 17)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1428.938905][T30999] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1428.946873][T30999] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1428.954847][T30999] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1428.962811][T30999] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1428.970789][T30999] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1428.978889][T30999]
[ 1429.015857][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1429.027310][T30998] EXT4-fs: Ignoring removed nobh option
[ 1429.038798][T30994] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1429.055625][T30981] EXT4-fs (loop0): 1 truncate cleaned up
[ 1429.061380][T30981] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1429.075872][T30994] EXT4-fs (loop1): Remounting filesystem read-only
[ 1429.082504][T30994] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1429.111907][T30994] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1429.128355][T30994] EXT4-fs (loop1): 1 truncate cleaned up
07:33:33 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBpyZ7W+xaWgP+xbDQPlFHxRZ/d/xbbLRp33BZuvNi4AcrivplvjT09keZletfc37ZTNSJOL/z9RbZFh+YhAACafZuNf57eaPyXxn1N5e7K14YGI+LuiDgQEfdExMGIuDeiXvb+iHhgm/VX1+TXj3/S6zsKbIuy8d8L+drW6vFfMfqLwUqe66/H35ucma5NHc+PyVD07snyo5vU8d3Lv3zWal/z+C/bsvqLsWDejus9ayboJsfnxncTc7MbH0V2/39lffzJ8kpAEhGHIuLwDv5+dsymn/zqaKv9/x7/JtqwzrT0ZcQTjfO/EGviLySbr0+O3BG1qeMjxVWx3k8/X32jVf27ir8NsvO/d8Prfzn+waR5vXZ2+3Vc/e3Tlvc0O73++5K36um+/LUPxufmLo5G9CWvrX99bOW9Rb4on8U/dGzj/n8gVo7EkYjILuIHI+KhiHg4b/sjEfFoRBzbJP4fXnrs3Z3H31lZ/JPbOv/bT1TOff9Nq/q3dv5P1lND+Stb+fzbagN3c+wAAADgvyKtPwOfpMPL6TQdHm48w38w9qa1mdm5p87MvH9hsvGs/GD0psVM10DTfOhoPjdc5MfW5E/k88afV+6s54cnZmqT3Q4eSm5fi/6f+b3S7dYBHef3WlBe+j+Ul/4P5aX/Q3np/1BeG/X/K11oB3Dr+f6H8tL/obz0fygv/R9KaTe/65cocyLS26IZEh1KdPuTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD3+CQAA//+7heXv")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1429.157473][T30998] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1429.170868][T30998] EXT4-fs (loop4): Remounting filesystem read-only
[ 1429.177944][T30998] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:33:33 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY309ae+Z2zjPf7s55dmYvgNKqZj+SiAMR8WtE9DezywtUm79uLcyN/7UwN55Evf7mH0mj3J8Lc+NF0eJ9+/PMYBqRfpLE0TXqnbl85fxYrTZ5Kc8Pz154b3jm8pVnpi6MnZs8N3lx9PTpUydHnn9u9NmOxNmXtfXIh9PHDr/69vXXx89cf+fHr7P2Hsj3t8bRKdWoLj+WLR7vdGVd1teSTvZ0sSFsSiUistPV0+j//VGJpZPXH6983NXGATuqXq/X97bfPV8H/seS6HYLgN3XepuW3f8W226MO24XN19s3gBlcd/Kt+aePZHmZXpW3N92UjUizsz//UW2xQ7NQwAAtPo2G/88vdb4L437Wsrdla8NDUTE3RFxMCLuiYhDEXFvRKPs/RHxwCbrr67Irx7/pDe2FNgGZeO/F/K1reXjv2L0FwOVPNfXiL8nOTtVmzyRH5PB6Nmb5UfWqeO7l3/5rN2+1vFftmX1F2PBvB039qyYoJsYmx3bTsytbn7UmAO8ujr+ZHElIImIwxFxZAt/PztmU09+dazd/n+Pfx0dWGeqfxnxRPP8z8eK+AvJ+uuTw3dEbfLEcHFVrPbTz9feaFf/tuLvgOz871vz+l+MfyBpXa+d2Xwd1377tO09zVav/97krUa6N3/tg7HZ2UsjEb3Ja6tfH116b5EvymfxDx5fu/8fjKUjcTQisov4wYh4KCIeztv+SEQ8GhHH14n/h5cee3fr8e+sLP6JTZ3/zScq57//pl39Gzv/pxqpwfyVjXz+bbSB2zl2AAAA8F+RNp6BT9KhxXSaDg01n+E/FPvS2vTM7FNnp9+/ONF8Vn4getJipqu/ZT50JJ8bLvKjK/In83njzyt3NvJD49O1iW4HDyW3v03/z/xe6XbrgB3n+1pQXvo/lJf+D+Wl/0N56f9QXmv1/6tdaAew+/z/h/LS/6G89H8oL/0fSmk73+uXKHMi0tuiGRI7lOj2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/BMAAP//Sjzl8g==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:33 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0VEgSiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWzRvw38625pyfSvEzvqvvbTqpGxOmFvz7PttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+hcRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//4T66oI=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1429.238321][T30998] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1429.253734][T30998] EXT4-fs (loop4): 1 truncate cleaned up
[ 1429.290768][T31008] loop0: detected capacity change from 0 to 512
[ 1429.304967][T31008] EXT4-fs: Ignoring removed nobh option
[ 1429.314270][T31011] loop1: detected capacity change from 0 to 512
[ 1429.317592][T31008] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1429.321783][T31011] EXT4-fs: Ignoring removed nobh option
[ 1429.334113][T31012] loop4: detected capacity change from 0 to 512
[ 1430.906353][T31016] FAULT_INJECTION: forcing a failure.
[ 1430.906353][T31016] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1430.919619][T31016] CPU: 1 PID: 31016 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1430.930633][T31016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1430.940740][T31016] Call Trace:
[ 1430.944015][T31016]
[ 1430.946934][T31016] dump_stack_lvl+0xd6/0x130
[ 1430.951542][T31016] dump_stack+0x11/0x20
[ 1430.955682][T31016] should_fail_ex+0x224/0x230
[ 1430.960346][T31016] __alloc_pages+0x10a/0x340
[ 1430.965008][T31016] vma_alloc_folio+0x6a0/0x8e0
[ 1430.969758][T31016] wp_page_copy+0x13e/0x1710
[ 1430.974391][T31016] ? debug_smp_processor_id+0x13/0x20
[ 1430.979814][T31016] ? preempt_count_add+0x5e/0xa0
[ 1430.984754][T31016] do_wp_page+0x22a/0x640
[ 1430.989072][T31016] handle_mm_fault+0x644/0xb20
[ 1430.993920][T31016] do_user_addr_fault+0x4a1/0x980
[ 1430.998939][T31016] exc_page_fault+0x60/0x160
[ 1431.003527][T31016] asm_exc_page_fault+0x22/0x30
[ 1431.008371][T31016] RIP: 0033:0x7fc7bd7111a1
[ 1431.012771][T31016] Code: 08 77 56 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c1 77 1c 49 8b 75 00 49 89 c1 49 29 c9 46 0f b6 0c 0e 45 84 c9 74 08 <44> 88 0c 06 49 8b 45 10 48 83 c0 01 49 89 45 10 83 ea 01 73 d2 41
[ 1431.032367][T31016] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010202
[ 1431.038421][T31016] RAX: 0000000000003005 RBX: 00007fc7bcaa4660 RCX: 0000000000000800
[ 1431.046399][T31016] RDX: 0000000000000101 RSI: 00007fc7b4685000 RDI: 00007fc7bcaa4700
[ 1431.054361][T31016] RBP: 0000000000000102 R08: 0000000000000000 R09: 0000000000000008
[ 1431.062332][T31016] R10: 0000000000000009 R11: 00000000000004a4 R12: 00007fc7bcaa4670
[ 1431.070345][T31016] R13: 00007fc7bcaa4700 R14: 0000000000000601 R15: 0000000000000015
[ 1431.078318][T31016]
[ 1431.081451][T31016] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1431.091892][T31016] loop2: detected capacity change from 0 to 512
[ 1431.103990][T31015] loop5: detected capacity change from 0 to 512
07:33:35 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 19)
[ 1431.127771][T31012] EXT4-fs: Ignoring removed nobh option
[ 1431.144489][T31008] EXT4-fs (loop0): Remounting filesystem read-only
[ 1431.146920][T31011] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1431.153603][T31008] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1431.165372][T31012] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1431.179266][T31011] EXT4-fs (loop1): Remounting filesystem read-only
[ 1431.189516][T31012] EXT4-fs (loop4): Remounting filesystem read-only
[ 1431.195709][T31011] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1431.201822][T31012] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1431.217427][T31008] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1431.230958][T31016] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2992/file0 supports timestamps until 2038 (0x7fffffff)
[ 1431.245591][T31015] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2968/file0 supports timestamps until 2038 (0x7fffffff)
07:33:35 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv13ULfZBQyqMPwFAQEY+kSQv0wAUEEgeQkOBQjiFJq1C3QU2QaBXRgFA5okrcEUck/gJOcEHACYkr3FGlCuVC4WS09m7iPBzycOLC/n7StjPecWa+3R17dmYdQGnVsn+SiP0R8WtE9LWySwvUWv/dmp8d+2t+diyJRuPNP5JmuT/nZ8eKosX79uWZgTQi/SSJo6vUO335yvnRen3iUp4fmrnw3tD05SvPTF4YPTdxbuLiyOnTp04OP//cyLNdifNA1tYjH04dO/zq29dfHztz/Z0fv87auz/f3x5Ht9SitvRYtnm825X12IG2dLKrhw1hQyoRkZ2uarP/90UlFk9eX7zycU8bB2yrRqPR2NN591wD+B9LotctAHZete2LPrv/LbadGHfcLm6+2LoByuK+lW+tPbsizctUl93fdlMtIs7M/f1FtsU2zUMAALT7Nhv/PL3a+C+N+9rK3ZWvDfVHxN0RcTAi7omIQxFxb0Sz7P0R8cAG668ty68c/6Q3NhXYOmXjvxfyta2l479i9Bf9lTx3oBl/NTk7WZ84kR+TgajuyfLDa9Tx3cu/fNZpX/v4L9uy+ouxYN6OG7uWTdCNj86MbiXmdjc/as4BXl0Zf7KwEpBExOGIOLKJv58ds8knvzrWaf+/x7+GLqwzNb6MeKJ1/udiWfyFZO31yaE7oj5xYqi4Klb66edrb3Sqf0vxd0F2/veuev0vxN+ftK/XTm+8jmu/fdrxnmaz1//u5K1menf+2gejMzOXhiN2J6+tfH1k8b1FviifxT9wfPX+fzAWj8TRiMgu4gcj4qGIeDhv+yMR8WhEHF8j/h9eeuzdzce/vbL4xzd0/jeeqJz//ptO9a/v/J9qpgbyV9bz+bfeBm7l2AEAAMB/Rdp8Bj5JBxfSaTo42HqG/1DsTetT0zNPnZ16/+J461n5/qimxUxXX9t86HA+N1zkR5blT+bzxp9X7mzmB8em6uO9Dh5Kbl+H/p/5vdLr1gHbzu+1oLz0fygv/R/KS/+H8tL/obxW6/9Xe9AOYOf5/ofy0v+hvPR/KC/9H0ppK7/rlyhzItLbohkS25To9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd/wTAAD//zZ85fM=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1431.264370][T31011] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1431.273306][T31008] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1431.296636][T31011] EXT4-fs (loop1): 1 truncate cleaned up
[ 1431.301659][T31008] EXT4-fs (loop0): 1 truncate cleaned up
07:33:35 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBp6Z7W+xaWgP+xbDQPlFHxRZ/d/xbbLRp33BZuvNi4AcrivplvjT09keZletfc37ZTNSJOL/z9RbZFh+YhAACafZuNf57eaPyXxn1N5e7K14YGI+LuiDgQEfdExMGIuDeiXvb+iHhgm/VX1+TXj3/S6zsKbIuy8d8L+drW6vFfMfqLwUqe66/H35ucma5NHc+PyVD07snyo5vU8d3Lv3zWal/z+C/bsvqLsWDejus9ayboJsfnxncTc7MbH0V2/39lffzJ8kpAEhGHIuLwDv5+dsymn/zqaKv9/x7/JtqwzrT0ZcQTjfO/EGviLySbr0+O3BG1qeMjxVWx3k8/X32jVf27ir8NsvO/d8Prfzn+waR5vXZ2+3Vc/e3Tlvc0O73++5K36um+/LUPxufmLo5G9CWvrX99bOW9Rb4on8U/dGzj/n8gVo7EkYjILuIHI+KhiHg4b/sjEfFoRBzbJP4fXnrs3Z3H31lZ/JPbOv/bT1TOff9Nq/q3dv5P1lND+Stb+fzbagN3c+wAAADgvyKtPwOfpMPL6TQdHm48w38w9qa1mdm5p87MvH9hsvGs/GD0psVM10DTfOhoPjdc5MfW5E/k88afV+6s54cnZmqT3Q4eSm5fi/6f+b3S7dYBHef3WlBe+j+Ul/4P5aX/Q3np/1BeG/X/K11oB3Dr+f6H8tL/obz0fygv/R9KaTe/65cocyLS26IZEh1KdPuTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD3+CQAA//+vvuXw")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1431.322097][T31012] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1431.342560][T31012] EXT4-fs (loop4): 1 truncate cleaned up
[ 1431.424353][T31030] FAULT_INJECTION: forcing a failure.
[ 1431.424353][T31030] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1431.437617][T31030] CPU: 1 PID: 31030 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1431.448613][T31030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1431.458831][T31030] Call Trace:
[ 1431.462117][T31030]
[ 1431.465061][T31030] dump_stack_lvl+0xd6/0x130
[ 1431.469715][T31030] dump_stack+0x11/0x20
[ 1431.473882][T31030] should_fail_ex+0x224/0x230
[ 1431.478606][T31030] __alloc_pages+0x10a/0x340
[ 1431.483260][T31030] alloc_pages+0x3f1/0x4f0
[ 1431.487690][T31030] get_zeroed_page+0x13/0x40
[ 1431.492404][T31030] mon_bin_open+0x1ba/0x3c0
[ 1431.496974][T31030] chrdev_open+0x362/0x3d0
[ 1431.501393][T31030] ? cd_forget+0xe0/0xe0
[ 1431.505707][T31030] do_dentry_open+0x59a/0x910
[ 1431.510386][T31030] vfs_open+0x43/0x50
[ 1431.514402][T31030] path_openat+0x16b8/0x1b60
[ 1431.519044][T31030] ? _parse_integer_limit+0x16f/0x190
[ 1431.524444][T31030] do_filp_open+0x105/0x220
[ 1431.529223][T31030] do_sys_openat2+0xb5/0x2a0
[ 1431.533882][T31030] ? __schedule+0x546/0x6f0
[ 1431.538413][T31030] __x64_sys_openat+0xef/0x110
[ 1431.543223][T31030] do_syscall_64+0x2b/0x70
[ 1431.547631][T31030] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1431.554043][T31030] RIP: 0033:0x7f53668d4234
[ 1431.558500][T31030] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1431.578169][T31030] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1431.586573][T31030] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1431.594536][T31030] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1431.602496][T31030] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1431.610470][T31030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1431.618502][T31030] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1431.628194][T31030]
[ 1431.651445][T31029] loop0: detected capacity change from 0 to 512
07:33:35 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1431.675411][T31029] EXT4-fs: Ignoring removed nobh option
07:33:36 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiSMS4ojEX8AJLgg4IXGFO6pUoVwonIzW3k2ch0MeTl3Yz0daZ8Y7zsx3d8cez6wDKK1q9pBE7I+IXyJioJldWaDa/HNzcX7iz8X5iSTq9dd/Txrl/licnyiKFq/bl2eG0oj0oySOrFPv7KXL58ZrtamLeX5k7vw7I7OXLj81fX787NTZqQtjp06dPDH67DNjT3ckzv6srYffnzl66OU3r706cfraWz98lbV3f76/NY5OqUZ15bFs8WinK+uy/pZ00tPFhrAllYjITldvo/8PRCWWT95AvPRhVxsH7Kp6vV7f0373Qh34D0ui2y0AuqP4oM++/xbbLRp63BZuPJ89ftaI/2a+Nff0RJqX6V31/baTqhFxeuGvz7MtdmkeAgCg1TfZ+OfJ9cZ/adzTUu6OfG1oMCLujIgDEXFXRByMiLsjGmXvjYj7tlh/dVV+7fgnvb6twDYpG/89l69trRz/FaO/GKzkuf5G/L3Jmena1PH8mAxF754sP7pBHd+++PMn7fa1jv+yLau/GAvm7bjes2qCbnJ8bnwnMbe68UFjDvDK2viTpZWAJCIORcThbfz/7JhNP/7l0Xb7/zn+DXRgnan+RcRjzfO/EKviLyQbr0+O/C9qU8dHiqtirR9/uvpau/p3FH8HZOd/77rX/1L8g0nreu3s1uu4+uvHbb/TbPf670veaKT78ufeG5+buzga0Ze8svb5seXXFvmifBb/0LH1+/+BWD4SRyIiu4jvj4gHIuLBvO0PRcTDEXFsg/i/f+GRt7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayp/ZzPvfZhu4k2MHAAAA/xZp4x74JB1eSqfp8HDzHv6DsTetzczOPXFm5t0Lk8175QejNy1mugZa5kNH87nhIj+2Kn8inzf+tPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuPZ//UF76P5SX/g/lpf9DKe3kd/0SZU5Eels0Q2KXEt1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//hPnqgg==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1431.788646][T31031] loop1: detected capacity change from 0 to 512
[ 1431.797469][T31031] EXT4-fs: Ignoring removed nobh option
07:33:36 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1431.876728][T31029] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1431.884242][T31031] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1431.891140][T31029] EXT4-fs (loop0): Remounting filesystem read-only
[ 1431.907879][T31029] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1431.909668][T31031] EXT4-fs (loop1): Remounting filesystem read-only
[ 1431.930656][T31031] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1431.945617][T31031] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1431.946227][T31029] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
07:33:36 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 20)
[ 1431.962688][T31031] EXT4-fs (loop1): 1 truncate cleaned up
07:33:36 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MLi9Qbf53a2Fu/K+FufEk6vU3/0ga5f5cmBsvihbv259nBtOI9JMkjq5R78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+/Pn7m+js/fp2190C+vzWOTqlGdfmxbPF4pyvrsr6WdLKniw1hUyoRkZ2unkb/749KLJ28/njl4642DthR9Xq9vrf97vk68D+WRLdbAOy+3pYv+uz+t9h2Y9xxu7j5YvMGKIv7Vr419+yJNC/Ts+L+tpOqEXFm/u8vsi12aB4CAKDVt9n45+m1xn9p3NdS7q58bWggIu6OiIMRcU9EHIqIeyMaZe+PiAc2WX91RX71+Ce9saXANigb/72Qr20tH/8Vo78YqOS5vkb8PcnZqdrkifyYDEbP3iw/sk4d3738y2ft9rWO/7Itq78YC+btuLFnxQTdxNjs2HZibnXzo8Yc4NXV8SeLKwFJRByOiCNb+PvZMZt68qtj7fb/e/zr6MA6U/3LiCea538+VsRfSNZfnxy+I2qTJ4aLq2K1n36+9ka7+rcVfwdk53/fmtf/YvwDSet67czm67j226dt72m2ev33Jm810sU97Adjs7OXRiJ6k9dWvz669N4iX5TP4h88vnb/PxhLR+JoRGQX8YMR8VBEPJy3/ZGIeDQijq8T/w8vPfbu1uPfWVn8E5s6/5tPVM5//027+jd2/k81UoP5Kxv5/NtoA7dz7AAAAOC/Im08A5+kQ4vpNB0aaj7Dfyj2pbXpmdmnzk6/f3Gi+az8QPSkxUxXf8t86Eg+N1zkR1fkT+bzxp9X7mzkh8anaxPdDh5Kbn+b/p/5vdLt1gE7zu+1oLz0fygv/R/KS/+H8tL/obzW6v9Xu9AOYPf5/ofy0v+hvPR/KC/9H0ppO7/rlyhzItLbohkSO5To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wTAAD//yK85fQ=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1432.014272][T31029] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1432.022769][T31042] loop4: detected capacity change from 0 to 512
[ 1432.031245][T31029] EXT4-fs (loop0): 1 truncate cleaned up
[ 1432.031805][T31042] EXT4-fs: Ignoring removed nobh option
[ 1432.054696][T31042] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
07:33:36 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBplT2t9y0sAf9j2WgeKKPiiz67/y22WzTuuC3ceLFxA5TFfTPfGnt6Is3L9K65v22nakScXvj7i2yLDs1DAAA0+zYb/zy90fgvjfuayt2Vrw0NRsTdEXEgIu6JiIMRcW9Evez9EfHANuuvrsmvH/+k13cU2BZl478X8rWt1eO/YvQXg5U811+Pvzc5M12bOp4fk6Ho3ZPlRzep47uXf/ms1b7m8V+2ZfUXY8G8Hdd71kzQTY7Pje8m5mY3Pors/v/K+viT5ZWAJCIORcThHfz97JhNP/nV0Vb7/z3+TbRhnWnpy4gnGud/IdbEX0g2X58cuSNqU8dHiqtivZ9+vvpGq/p3FX8bZOd/74bX/3L8g0nzeu3s9uu4+tunLe9pdnr99yVv1dN9+WsfjM/NXRyN6EteW//62Mp7i3xRPot/6NjG/f9ArByJIxGRXcQPRsRDEfFw3vZHIuLRiDi2Sfw/vPTYuzuPv7Oy+Ce3df63n6ic+/6bVvVv7fyfrKeG8le28vm31Qbu5tgBAADAf0VafwY+SYeX02k6PNx4hv9g7E1rM7NzT52Zef/CZONZ+cHoTYuZroGm+dDRfG64yI+tyZ/I540/r9xZzw9PzNQmux08lNy+Fv0/83ul260DOs7vtaC89H8oL/0fykv/h/LS/6G8Nur/V7rQDuDW8/0P5aX/Q3np/1Be+j+U0m5+1y9R5kSkt0UzJDqU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//+j9+Xx")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1433.143887][ T3119] EXT4-fs unmount: 18 callbacks suppressed
[ 1433.143901][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1433.147197][T31042] EXT4-fs (loop4): Remounting filesystem read-only
[ 1433.161123][T31047] loop1: detected capacity change from 0 to 512
[ 1433.170933][T11133] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1433.172720][T31047] EXT4-fs: Ignoring removed nobh option
[ 1433.187023][T31042] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1433.739263][T31044] FAULT_INJECTION: forcing a failure.
[ 1433.739263][T31044] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1433.752533][T31044] CPU: 0 PID: 31044 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1433.763473][T31044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1433.773555][T31044] Call Trace:
[ 1433.776898][T31044]
[ 1433.779834][T31044] dump_stack_lvl+0xd6/0x130
[ 1433.784448][T31044] dump_stack+0x11/0x20
[ 1433.788612][T31044] should_fail_ex+0x224/0x230
[ 1433.793343][T31044] __alloc_pages+0x10a/0x340
[ 1433.797944][T31044] vma_alloc_folio+0x6a0/0x8e0
[ 1433.802721][T31044] ? folio_add_lru_vma+0x44/0x60
[ 1433.807660][T31044] wp_page_copy+0x13e/0x1710
[ 1433.812260][T31044] ? preempt_count_add+0x5e/0xa0
[ 1433.817219][T31044] do_wp_page+0x22a/0x640
[ 1433.821606][T31044] handle_mm_fault+0x644/0xb20
[ 1433.826437][T31044] do_user_addr_fault+0x4a1/0x980
[ 1433.831604][T31044] exc_page_fault+0x60/0x160
[ 1433.836208][T31044] asm_exc_page_fault+0x22/0x30
[ 1433.841067][T31044] RIP: 0033:0x7fc7bd7111a1
[ 1433.845488][T31044] Code: 08 77 56 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c1 77 1c 49 8b 75 00 49 89 c1 49 29 c9 46 0f b6 0c 0e 45 84 c9 74 08 <44> 88 0c 06 49 8b 45 10 48 83 c0 01 49 89 45 10 83 ea 01 73 d2 41
[ 1433.865384][T31044] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010202
[ 1433.871571][T31044] RAX: 0000000000004005 RBX: 00007fc7bcac5660 RCX: 0000000000000800
[ 1433.879602][T31044] RDX: 0000000000000101 RSI: 00007fc7b46a6000 RDI: 00007fc7bcac5700
[ 1433.887661][T31044] RBP: 0000000000000102 R08: 0000000000000000 R09: 0000000000000008
[ 1433.895632][T31044] R10: 0000000000000009 R11: 00000000000004a4 R12: 00007fc7bcac5670
[ 1433.903608][T31044] R13: 00007fc7bcac5700 R14: 0000000000000601 R15: 0000000000000015
[ 1433.911720][T31044]
[ 1433.914819][T31044] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1433.927491][T31044] loop2: detected capacity change from 0 to 512
[ 1433.942530][T31045] loop5: detected capacity change from 0 to 512
[ 1433.951298][T31049] FAULT_INJECTION: forcing a failure.
[ 1433.951298][T31049] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1433.964541][T31049] CPU: 0 PID: 31049 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1433.975558][T31049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1433.985618][T31049] Call Trace:
[ 1433.988884][T31049]
[ 1433.991804][T31049] dump_stack_lvl+0xd6/0x130
[ 1433.996386][T31049] dump_stack+0x11/0x20
[ 1434.000527][T31049] should_fail_ex+0x224/0x230
[ 1434.005194][T31049] __alloc_pages+0x10a/0x340
[ 1434.009813][T31049] alloc_pages+0x3f1/0x4f0
[ 1434.014293][T31049] get_zeroed_page+0x13/0x40
[ 1434.018881][T31049] mon_bin_open+0x1ba/0x3c0
[ 1434.023391][T31049] chrdev_open+0x362/0x3d0
[ 1434.027897][T31049] ? cd_forget+0xe0/0xe0
[ 1434.032191][T31049] do_dentry_open+0x59a/0x910
[ 1434.036877][T31049] vfs_open+0x43/0x50
[ 1434.040857][T31049] path_openat+0x16b8/0x1b60
[ 1434.045442][T31049] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1434.051123][T31049] ? plist_check_list+0x14c/0x170
[ 1434.056177][T31049] do_filp_open+0x105/0x220
[ 1434.061719][T31049] do_sys_openat2+0xb5/0x2a0
[ 1434.066314][T31049] __x64_sys_openat+0xef/0x110
[ 1434.071136][T31049] do_syscall_64+0x2b/0x70
[ 1434.075629][T31049] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1434.081547][T31049] RIP: 0033:0x7f53668d4234
[ 1434.085951][T31049] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1434.105547][T31049] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1434.113992][T31049] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1434.121954][T31049] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1434.129919][T31049] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1434.137878][T31049] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1434.145856][T31049] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1434.153909][T31049]
[ 1434.160074][T31042] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1434.175783][T31042] EXT4-fs (loop4): 1 truncate cleaned up
[ 1434.181436][T31042] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1434.187480][T31047] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1434.212261][T31052] loop0: detected capacity change from 0 to 512
[ 1434.225496][T31045] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1434.243318][T31052] EXT4-fs: Ignoring removed nobh option
[ 1434.251271][T31052] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1434.271420][T31052] EXT4-fs (loop0): Remounting filesystem read-only
[ 1434.278218][T31052] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
07:33:38 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 21)
[ 1434.304393][T31047] EXT4-fs (loop1): Remounting filesystem read-only
[ 1434.306769][T31044] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1434.311066][T31047] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1434.323079][T31044] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2993/file0 supports timestamps until 2038 (0x7fffffff)
07:33:38 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiUSIhSiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWzRvw38625pyfSvEzvqvvbTqpGxOmFvz7PttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+hcRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//3Aw6oM=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:38 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1434.339499][T31052] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1434.356065][T31047] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1434.387377][T31052] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
07:33:38 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 19)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1434.392249][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1434.404047][T31047] EXT4-fs (loop1): 1 truncate cleaned up
[ 1434.406179][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1434.410915][T31047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1434.415190][T31052] EXT4-fs (loop0): 1 truncate cleaned up
[ 1434.437657][T31052] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1434.501715][T31062] FAULT_INJECTION: forcing a failure.
[ 1434.501715][T31062] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1434.515057][T31062] CPU: 0 PID: 31062 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1434.526053][T31062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1434.536137][T31062] Call Trace:
[ 1434.539419][T31062]
[ 1434.542338][T31062] dump_stack_lvl+0xd6/0x130
[ 1434.546984][T31062] dump_stack+0x11/0x20
[ 1434.551136][T31062] should_fail_ex+0x224/0x230
[ 1434.555803][T31062] __alloc_pages+0x10a/0x340
[ 1434.560426][T31062] alloc_pages+0x3f1/0x4f0
[ 1434.564836][T31062] get_zeroed_page+0x13/0x40
[ 1434.569484][T31062] mon_bin_open+0x1ba/0x3c0
[ 1434.573984][T31062] chrdev_open+0x362/0x3d0
[ 1434.578440][T31062] ? cd_forget+0xe0/0xe0
[ 1434.582720][T31062] do_dentry_open+0x59a/0x910
[ 1434.587538][T31062] vfs_open+0x43/0x50
[ 1434.591531][T31062] path_openat+0x16b8/0x1b60
[ 1434.596129][T31062] ? _parse_integer_limit+0x16f/0x190
[ 1434.601574][T31062] do_filp_open+0x105/0x220
[ 1434.606078][T31062] do_sys_openat2+0xb5/0x2a0
[ 1434.610868][T31062] ? mutex_lock+0x9/0x30
[ 1434.615148][T31062] ? fput+0x2c/0x130
[ 1434.619202][T31062] __x64_sys_openat+0xef/0x110
[ 1434.624025][T31062] do_syscall_64+0x2b/0x70
[ 1434.628434][T31062] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1434.634391][T31062] RIP: 0033:0x7f53668d4234
[ 1434.638813][T31062] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1434.659320][T31062] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1434.667739][T31062] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1434.675746][T31062] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1434.683703][T31062] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1434.691693][T31062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1434.699743][T31062] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1434.707733][T31062]
[ 1434.733999][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:39 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBpPXta71tYAv7HstE8UEbFF312/1tst2jccVu48WLjBiiL+2a+Nfb0RJqX6V1zf9tO1Yg4vfD3F9kWHZqHAABo9m02/nl6o/FfGvc1lbsrXxsajIi7I+JARNwTEQcj4t6Ietn7I+KBbdZfXZNfP/5Jr+8osC3Kxn8v5Gtbq8d/xegvBit5rr8ef29yZro2dTw/JkPRuyfLj25Sx3cv//JZq33N479sy+ovxoJ5O66vnaCbHJ8b303MzW58FNn9/5X18SfLKwFJRByKiMM7+PvZMZt+8qujrfb/e/ybaMM609KXEU80zv9CrIm/kGy+PjlyR9Smjo8UV8V6P/189Y1W9e8q/jbIzv/eDa//5fgHk+b12tnt13H1t09b3tPs9PrvS96qp/vy1z4Yn5u7OBrRl7y2/vWxlfcW+aJ8Fv/QsY37/4FYORJHIiK7iB+MiIci4uG87Y9ExKMRcWyT+H946bF3dx5/Z2XxT27r/G8/UTn3/Tet6t/a+T9ZTw3lr2zl82+rDdzNsQMAAID/irT+DHySDi+n03R4uPEM/8HYm9ZmZueeOjPz/oXJxrPyg9GbFjNdA03zoaP53HCRH1uTP5HPG39eubOeH56YqU12O3gouX0t+n/m90q3Wwd0nN9rQXnp/1Be+j+Ul/4P5aX/Q3lt1P+vdKEdwK3n+x/KS/+H8tL/obz0fyil3fyuX6LMiUhvi2ZIdCjR7U8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9vgnAAD//5gw5fI=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1434.791282][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1435.176518][T31066] loop5: detected capacity change from 0 to 512
07:33:39 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 22)
07:33:39 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv9+IEnBibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MLi9Qbf53a2Fu/K+FufEk6vU3/0ga5f5cmBsvihbv259nBtOI9JMkjq5R78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+/Pn7m+js/fp2190C+vzWOTqlGdfmxbPF4pyvrsr6WdLKniw1hUyoRkZ2unkb/749KLJ28/njl4642DthR9Xq9vq/97vk68D+WRLdbAOy+3pYv+uz+t9h2Y9xxu7j5YvMGKIv7Vr419+yJNC/Ts+L+tpOqEXFm/u8vsi12aB4CAKDVt9n45+m1xn9p3NdS7q58bWggIu6OiIMRcU9EHIqIeyMaZe+PiAc2WX91RX71+Ce9saXANigb/72Qr20tH/8Vo78YqOS5vkb8PcnZqdrkifyYDEbPviw/sk4d3738y2ft9rWO/7Itq78YC+btuLFnxQTdxNjs2HZibnXzo8Yc4NXV8SeLKwFJRByOiCNb+PvZMZt68qtj7fb/e/zr6MA6U/3LiCea538+VsRfSNZfnxy+I2qTJ4aLq2K1n36+9ka7+rcVfwdk5793zet/Mf6BpHW9dmbzdVz77dO29zRbvf73Jm810nvz1z4Ym529NBKxN3lt9eujS+8t8kX5LP7B42v3/4OxdCSORkR2ET8YEQ9FxMN52x+JiEcj4vg68f/w0mPvbj3+nZXFP7Gp87/5ROX899+0q39j5/9UIzWYv7KRz7+NNnA7xw4AAAD+K9LGM/BJOrSYTtOhoeYz/IeiN61Nz8w+dXb6/YsTzWflB6InLWa6+lvmQ0fyueEiP7oifzKfN/68cmcjPzQ+XZvodvBQcvvb9P/M75Vutw7YcX6vBeWl/0N56f9QXvo/lJf+D+W1Vv+/2oV2ALvP9z+Ul/4P5aX/Q3np/1BK2/ldv0SZE5HeFs2Q2KFEtz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuOfAAAA///TreX4")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1435.281951][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1435.372056][T31075] loop0: detected capacity change from 0 to 512
[ 1435.376806][T31077] loop4: detected capacity change from 0 to 512
[ 1435.382188][ T9929] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1435.385599][T31075] EXT4-fs: Ignoring removed nobh option
[ 1435.403908][T31077] EXT4-fs: Ignoring removed nobh option
[ 1435.404125][T31066] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1435.421775][T31066] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2970/file0 supports timestamps until 2038 (0x7fffffff)
[ 1436.056938][T31080] FAULT_INJECTION: forcing a failure.
[ 1436.056938][T31080] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1436.070189][T31080] CPU: 1 PID: 31080 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1436.081170][T31080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1436.091289][T31080] Call Trace:
[ 1436.094612][T31080]
[ 1436.097612][T31080] dump_stack_lvl+0xd6/0x130
[ 1436.102214][T31080] dump_stack+0x11/0x20
[ 1436.106493][T31080] should_fail_ex+0x224/0x230
[ 1436.111234][T31080] __alloc_pages+0x10a/0x340
[ 1436.115846][T31080] alloc_pages+0x3f1/0x4f0
[ 1436.120291][T31080] get_zeroed_page+0x13/0x40
[ 1436.124936][T31080] mon_bin_open+0x1ba/0x3c0
[ 1436.129467][T31080] chrdev_open+0x362/0x3d0
[ 1436.133907][T31080] ? cd_forget+0xe0/0xe0
[ 1436.138179][T31080] do_dentry_open+0x59a/0x910
[ 1436.139715][T31079] FAULT_INJECTION: forcing a failure.
[ 1436.139715][T31079] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1436.142893][T31080] vfs_open+0x43/0x50
[ 1436.160058][T31080] path_openat+0x16b8/0x1b60
[ 1436.164761][T31080] ? _parse_integer_limit+0x16f/0x190
[ 1436.170128][T31080] do_filp_open+0x105/0x220
[ 1436.174626][T31080] do_sys_openat2+0xb5/0x2a0
[ 1436.179864][T31080] ? mutex_lock+0x9/0x30
[ 1436.184146][T31080] ? fput+0x2c/0x130
[ 1436.188042][T31080] __x64_sys_openat+0xef/0x110
[ 1436.192839][T31080] do_syscall_64+0x2b/0x70
[ 1436.197308][T31080] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1436.203271][T31080] RIP: 0033:0x7f53668d4234
[ 1436.207680][T31080] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1436.227369][T31080] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1436.235783][T31080] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1436.243757][T31080] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1436.251725][T31080] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1436.259701][T31080] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1436.267670][T31080] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1436.276440][T31080]
[ 1436.279464][T31079] CPU: 0 PID: 31079 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1436.290483][T31079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1436.299543][T31078] loop1: detected capacity change from 0 to 512
[ 1436.300549][T31079] Call Trace:
[ 1436.300556][T31079]
[ 1436.300563][T31079] dump_stack_lvl+0xd6/0x130
[ 1436.300585][T31079] dump_stack+0x11/0x20
[ 1436.300601][T31079] should_fail_ex+0x224/0x230
[ 1436.326647][T31079] __alloc_pages+0x10a/0x340
[ 1436.327301][T31077] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1436.331275][T31079] vma_alloc_folio+0x6a0/0x8e0
[ 1436.345103][T31075] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1436.347474][T31079] ? _raw_spin_unlock+0x10/0x50
[ 1436.366642][T31079] wp_page_copy+0x13e/0x1710
[ 1436.371290][T31079] ? preempt_count_add+0x5e/0xa0
[ 1436.376255][T31079] do_wp_page+0x22a/0x640
[ 1436.376851][T31078] EXT4-fs: Ignoring removed nobh option
[ 1436.380593][T31079] handle_mm_fault+0x644/0xb20
[ 1436.390614][T31077] EXT4-fs (loop4): Remounting filesystem read-only
[ 1436.391044][T31079] do_user_addr_fault+0x4a1/0x980
[ 1436.398693][T31075] EXT4-fs (loop0): Remounting filesystem read-only
[ 1436.402533][T31079] exc_page_fault+0x60/0x160
[ 1436.410503][T31077] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1436.413584][T31079] asm_exc_page_fault+0x22/0x30
[ 1436.413612][T31079] RIP: 0033:0x7fc7bd7111a1
[ 1436.413626][T31079] Code: 08 77 56 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c1 77 1c 49 8b 75 00 49 89 c1 49 29 c9 46 0f b6 0c 0e 45 84 c9 74 08 <44> 88 0c 06 49 8b 45 10 48 83 c0 01 49 89 45 10 83 ea 01 73 d2 41
07:33:40 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 23)
[ 1436.413662][T31079] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010202
[ 1436.413677][T31079] RAX: 0000000000005005 RBX: 00007fc7bcac5660 RCX: 0000000000000800
[ 1436.430681][T31078] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1436.432695][T31079] RDX: 0000000000000101 RSI: 00007fc7b46a6000 RDI: 00007fc7bcac5700
[ 1436.437333][T31075] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1436.456718][T31079] RBP: 0000000000000102 R08: 0000000000000000 R09: 0000000000000008
[ 1436.456732][T31079] R10: 0000000000000009 R11: 00000000000004a4 R12: 00007fc7bcac5670
[ 1436.456761][T31079] R13: 00007fc7bcac5700 R14: 0000000000000601 R15: 0000000000000015
[ 1436.456778][T31079]
[ 1436.456892][T31079] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1436.465455][T31078] EXT4-fs (loop1): Remounting filesystem read-only
[ 1436.480603][T31079] loop2: detected capacity change from 0 to 512
[ 1436.498024][T31077] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0,
[ 1436.506736][T31078] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1436.511042][T31077] inode 13:
[ 1436.527402][T31075] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1436.530036][T31077] block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1436.531339][T31077] EXT4-fs (loop4): 1 truncate cleaned up
[ 1436.539428][T31078] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0,
[ 1436.544303][T31077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1436.550532][T31078] inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1436.631955][T31087] FAULT_INJECTION: forcing a failure.
[ 1436.631955][T31087] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1436.645381][T31087] CPU: 0 PID: 31087 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1436.656324][T31087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1436.666367][T31087] Call Trace:
[ 1436.669714][T31087]
[ 1436.672693][T31087] dump_stack_lvl+0xd6/0x130
[ 1436.677324][T31087] dump_stack+0x11/0x20
[ 1436.681512][T31087] should_fail_ex+0x224/0x230
[ 1436.686181][T31087] __alloc_pages+0x10a/0x340
[ 1436.690770][T31087] alloc_pages+0x3f1/0x4f0
[ 1436.695186][T31087] get_zeroed_page+0x13/0x40
[ 1436.703678][T31087] mon_bin_open+0x1ba/0x3c0
[ 1436.708178][T31087] chrdev_open+0x362/0x3d0
[ 1436.712725][T31087] ? cd_forget+0xe0/0xe0
[ 1436.716977][T31087] do_dentry_open+0x59a/0x910
[ 1436.721651][T31087] vfs_open+0x43/0x50
[ 1436.725701][T31087] path_openat+0x16b8/0x1b60
[ 1436.730284][T31087] ? _parse_integer_limit+0x16f/0x190
[ 1436.735649][T31087] do_filp_open+0x105/0x220
[ 1436.740150][T31087] do_sys_openat2+0xb5/0x2a0
[ 1436.744735][T31087] ? mutex_lock+0x9/0x30
[ 1436.748970][T31087] ? fput+0x2c/0x130
[ 1436.752856][T31087] __x64_sys_openat+0xef/0x110
[ 1436.757650][T31087] do_syscall_64+0x2b/0x70
[ 1436.762056][T31087] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1436.767963][T31087] RIP: 0033:0x7f53668d4234
[ 1436.772401][T31087] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1436.792097][T31087] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1436.800509][T31087] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1436.808474][T31087] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1436.816576][T31087] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1436.824614][T31087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1436.832573][T31087] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1436.840619][T31087]
07:33:41 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x9, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1436.857025][T31075] EXT4-fs (loop0): 1 truncate cleaned up
[ 1436.862876][T31075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1436.876397][T31078] EXT4-fs (loop1): 1 truncate cleaned up
[ 1436.882071][T31078] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1436.899898][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1436.914009][T31079] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1436.926281][T31079] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2994/file0 supports timestamps until 2038 (0x7fffffff)
[ 1437.030779][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:41 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7sXO75fEsQnhkQdwEBAWDzt2AqSgAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpx9gf18pE1mbuc8893duZud2QugtKrZP0nEgYj4JSL6m9nlBarN/24vzI3/uTA3nkS9/sbvSaPcHwtz40XR4n3788xgGpF+nMSxNeqduXL1wlitNnk5zw/PXnx3eObK1aenLo6dnzw/eWn0zJnTp0aee3b0mY7E2Ze19egH08ePvPLWjdfGz954+4evsvYeyPe3xtEp1aguP5YtHut0ZV3W15JO9nSxIWxKJSKy09XT6P/9UYmlk9cfL3/U1cYBO6per9f3tt89Xwf+w5LodguA3Xew5Ys+u/8ttt0Yd9wpbr3QvAHK4r6db809eyLNy/SsuL/tpGpEnJ3/6/Nsix2ahwAAaPVNNv55aq3xXxr3tpQ7mK8NDUTEXRFxKCLujojDEXFPRKPsfRFx/ybrr67Irx7/pDe3FNgGZeO/5/O1reXjv2L0FwOVPNfXiL8nOTdVmzyZH5PB6Nmb5UfWqePbl37+tN2+1vFftmX1F2PBvB0396yYoJsYmx3bTsytbn3YmAO8tjr+ZHElIImIIxFxdAt/PztmU098ebzd/n+Ofx0dWGeqfxHxePP8z8eK+AvJ+uuTw/+L2uTJ4eKqWO3Hn66/3q7+bcXfAdn537fm9b8Y/0DSul47s/k6rv/6Sdt7mq1e/73Jm410b/7a+2Ozs5dHInqTV1e/Prr03iJflM/iHzyxdv8/FEtH4lhEZBfxAxHxYEQ8lLf94Yh4JCJOrBP/9y8++s7W499ZWfwTmzr/m09ULnz3dbv6N3b+TzdSg/krG/n822gDt3PsAAAA4N8ibTwDn6RDi+k0HRpqPsN/OPaltemZ2SfPTb93aaL5rPxA9KTFTFd/y3zoSD43XORHV+RP5fPGn1X+38gPjU/XJrodPJTc/jb9P/NbpdutA3ac32tBeen/UF76P5SX/g/lpf9Dea3V/691oR3A7vP9D+Wl/0N56f9QXvo/lNJ2ftcvUeZEpHdEMyR2KNHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+DsAAP//hK3l/A==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:41 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 20)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1437.080816][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:41 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv93wOJDE2ITzyAA4CwuJhx06AFDQgkChAQoIilMZ2IpNLjGIjkcgiBqFQokj0iBKJv4AKGgRUSLTQo0gRckOgMtq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVy/5JIvZHxK8R0d/MrixQa/53c2Fu/K+FufEkFhff/CNplPtzYW68KFq8b1+eGUwj0k+SOLJOvTOXLp8bq9cnL+b54dnz7w3PXLr8zNT5sbOTZycvjJ46dfLEyPPPjT7bkTj7srYe/nD66KFX3772+vjpa+/8+HXW3v35/tY4OqUWtZXHssXjna6sy/pa0klPFxvCllQiIjtd1Ub/749KLJ+8/njl4642Dtht1T3t980vAv9j2WgeKKPiiz67/y22WzTuuC3ceLF5A5TFfTPfmnt6Is3LVFfd33ZSLSJOz//9RbbFLs1DAAC0+jYb/zy93vgvjftayt2Vrw0NRMTdEXEgIu6JiIMRcW9Eo+z9EfHAFuuvrcqvHf+k17cV2CZl478X8rWtleO/YvQXA5U819eIv5qcmapPHs+PyWBU92T5kQ3q+O7lXz5rt691/JdtWf3FWDBvx/WeVRN0E2OzYzuJudWNjyK7/7+yNv5kaSUgiYhDEXF4G38/O2ZTT351tN3+f49/Ax1YZ1r8MuKJ5vmfj1XxF5KN1yeH74j65PHh4qpY66efr77Rrv4dxd8B2fnfu+71vxT/QNK6Xjuz9Tqu/vZp23ua7V7/vclbjXRv/toHY7OzF0ciepPX1r4+uvzeIl+Uz+IfPLZ+/z8Qy0fiSERkF/GDEfFQRDyct/2RiHg0Io5tEP8PLz327vbj311Z/BNbOv9bT1TOff9Nu/o3d/5PNlKD+Sub+fzbbAN3cuwAAADgvyJtPAOfpENL6TQdGmo+w38w9qb16ZnZp85Mv39hovms/EBU02Kmq79lPnQknxsu8qOr8ifyeePPK3c28kPj0/WJbgcPJbevTf/P/F7pduuAXef3WlBe+j+Ul/4P5aX/Q3np/1Be6/X/K11oB3Dr+f6H8tL/obz0fygv/R9KaSe/65cocyLS26IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8EwAA//+MaeXz")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:33:41 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiStCHJH4CzjBBQEnJK5wR5UqlAuFk9Hau4nzcMjDqQv7+UjrzHjHmfnu7tjjmXUApVXNHpKI/RHxS0QMNLMrC1Sbf24uzk/8uTg/kUS9/vrvSaPcH4vzE0XR4nX78sxQGpF+lMSRdeqdvXT53HitNnUxz4/MnX9nZPbS5aemz4+fnTo7dWHs1KmTJ0affWbs6Y7E2Z+19fD7M0cPvfzmtVcnTl9764evsvbuz/e3xtEp1aiuPJYtHu10ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz7sauOAXVWv1+t72u9eqAP/YUl0uwVAdxQf9Nn332K7RUOP28KN57PHzxrx38y35p6eSPMyvau+33ZSNSJOL/z1ebbFLs1DAAC0+iYb/zy53vgvjXtayt2Rrw0NRsSdEXEgIu6KiIMRcXdEo+y9EXHfFuuvrsqvHf+k17cV2CZl47/n8rWtleO/YvQXg5U819+Ivzc5M12bOp4fk6Ho3ZPlRzeo49sXf/6k3b7W8V+2ZfUXY8G8Hdd7Vk3QTY7Pje8k5lY3PmjMAV5ZG3+ytBKQRMShiDi8jf+fHbPpx7882m7/P8e/gQ6sM9W/iHisef4XYlX8hWTj9cmR/0Vt6vhIcVWs9eNPV19rV/+O4u+A7PzvXff6X4p/MGldr53deh1Xf/247Xea7V7/fckbjXRf/tx743NzF0cj+pJX1j4/tvzaIl+Uz+IfOrZ+/z8Qy0fiSERkF/H9EfFARDyYt/2hiHg4Io5tEP/3Lzzy9vbj311Z/JNbOv9bT1TOffd1u/o3d/5PNlJD+TObef/bbAN3cuwAAADg3yJt3AOfpMNL6TQdHm7ew38w9qa1mdm5J87MvHthsnmv/GD0psVM10DLfOhoPjdc5MdW5U/k88afVv7fyA9PzNQmux08lNy+Nv0/81ul260Ddp3fa0F56f9QXvo/lJf+D+Wl/0N5rdf/r3ShHcCt5/Mfykv/h/LS/6G89H8opZ38rl+izIlIb4tmSOxSotvvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//cC/qgw==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1437.164260][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1437.173996][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1437.211439][T31096] loop1: detected capacity change from 0 to 512
[ 1437.211863][T31097] loop0: detected capacity change from 0 to 512
[ 1437.226393][T31099] loop4: detected capacity change from 0 to 512
[ 1437.231595][T31097] EXT4-fs: Ignoring removed nobh option
[ 1437.240874][T31096] EXT4-fs: Ignoring removed nobh option
[ 1437.243034][T31099] EXT4-fs: Ignoring removed nobh option
[ 1437.253082][T31097] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1437.256900][T31096] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1437.269471][T31097] EXT4-fs (loop0): Remounting filesystem read-only
[ 1437.279473][T31096] EXT4-fs (loop1): Remounting filesystem read-only
[ 1437.287779][T31099] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1437.938122][T31105] FAULT_INJECTION: forcing a failure.
[ 1437.938122][T31105] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1437.951410][T31105] CPU: 1 PID: 31105 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1437.962391][T31105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1437.972459][T31105] Call Trace:
[ 1437.975752][T31105]
[ 1437.978679][T31105] dump_stack_lvl+0xd6/0x130
[ 1437.983274][T31105] dump_stack+0x11/0x20
[ 1437.987432][T31105] should_fail_ex+0x224/0x230
[ 1437.992397][T31105] __alloc_pages+0x10a/0x340
[ 1437.997002][T31105] vma_alloc_folio+0x6a0/0x8e0
[ 1438.001766][T31105] do_anonymous_page+0x15a/0x9c0
[ 1438.006726][T31105] ? do_wp_page+0x22a/0x640
[ 1438.011239][T31105] handle_mm_fault+0x8dc/0xb20
[ 1438.016095][T31105] do_user_addr_fault+0x4a1/0x980
[ 1438.020547][T31104] loop5: detected capacity change from 0 to 512
[ 1438.021120][T31105] exc_page_fault+0x60/0x160
[ 1438.032171][T31105] asm_exc_page_fault+0x22/0x30
[ 1438.037051][T31105] RIP: 0033:0x7fc7bd7110c0
[ 1438.041463][T31105] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1438.061117][T31105] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010206
[ 1438.067246][T31105] RAX: 0000000000006000 RBX: 00007fc7bcac5660 RCX: 0000000000000012
[ 1438.075207][T31105] RDX: 00007fc7b46a6000 RSI: 0000000000000001 RDI: 00007fc7bcac5700
[ 1438.083260][T31105] RBP: 00000000000000ed R08: 000000000000000b R09: 00000000000007de
[ 1438.091414][T31105] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
[ 1438.099376][T31105] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 0000000000000050
[ 1438.107473][T31105]
[ 1438.110601][T31105] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1438.110754][T31097] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
07:33:42 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 24)
[ 1438.118580][T31096] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1438.132885][T31105] loop2: detected capacity change from 0 to 512
[ 1438.160050][T31099] EXT4-fs (loop4): Remounting filesystem read-only
[ 1438.160695][T31104] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1438.167121][T31097] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1438.180239][T31099] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1438.196783][T31096] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1438.204323][T31097] EXT4-fs (loop0): 1 truncate cleaned up
[ 1438.219366][T31096] EXT4-fs (loop1): 1 truncate cleaned up
[ 1438.223323][T31097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1438.241099][T31096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1438.255756][T31099] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1438.274579][T31111] FAULT_INJECTION: forcing a failure.
[ 1438.274579][T31111] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1438.287978][T31111] CPU: 1 PID: 31111 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1438.298912][T31111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1438.308971][T31111] Call Trace:
[ 1438.312289][T31111]
[ 1438.315211][T31111] dump_stack_lvl+0xd6/0x130
[ 1438.319795][T31111] dump_stack+0x11/0x20
[ 1438.323939][T31111] should_fail_ex+0x224/0x230
[ 1438.328662][T31111] __alloc_pages+0x10a/0x340
[ 1438.333368][T31111] alloc_pages+0x3f1/0x4f0
[ 1438.337780][T31111] get_zeroed_page+0x13/0x40
[ 1438.342399][T31111] mon_bin_open+0x1ba/0x3c0
[ 1438.346910][T31111] chrdev_open+0x362/0x3d0
[ 1438.351348][T31111] ? cd_forget+0xe0/0xe0
[ 1438.355605][T31111] do_dentry_open+0x59a/0x910
[ 1438.360373][T31111] vfs_open+0x43/0x50
[ 1438.364515][T31111] path_openat+0x16b8/0x1b60
[ 1438.369107][T31111] ? _parse_integer_limit+0x16f/0x190
[ 1438.374593][T31111] do_filp_open+0x105/0x220
[ 1438.379156][T31111] do_sys_openat2+0xb5/0x2a0
[ 1438.383798][T31111] ? mutex_lock+0x9/0x30
[ 1438.388134][T31111] ? fput+0x2c/0x130
[ 1438.392259][T31111] __x64_sys_openat+0xef/0x110
[ 1438.397048][T31111] do_syscall_64+0x2b/0x70
[ 1438.401559][T31111] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1438.407570][T31111] RIP: 0033:0x7f53668d4234
[ 1438.412066][T31111] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1438.431757][T31111] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1438.440217][T31111] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1438.448178][T31111] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1438.456144][T31111] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1438.464142][T31111] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1438.472117][T31111] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1438.480199][T31111]
07:33:42 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1438.528221][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1438.574932][T31099] EXT4-fs (loop4): 1 truncate cleaned up
[ 1438.580644][T31099] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1438.595103][T31105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1438.607374][T31105] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2995/file0 supports timestamps until 2038 (0x7fffffff)
07:33:42 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBpfXta71tYAv7HstE8UEbFF312/1tst2jccVu48WLjBiiL+2a+Nfb0RJqX6V1zf9tO1Yg4vfD3F9kWHZqHAABo9m02/nl6o/FfGvc1lbsrXxsajIi7I+JARNwTEQcj4t6Ietn7I+KBbdZfXZNfP/5Jr+8osC3Kxn8v5Gtbq8d/xegvBit5rr8ef29yZro2dTw/JkPRuyfLj25Sx3cv//JZq33N479sy+ovxoJ5O673rJmgmxyfG99NzM1ufBTZ/f+V9fEnyysBSUQciojDO/j72TGbfvKro632/3v8m2jDOtPSlxFPNM7/QqyJv5Bsvj45ckfUpo6PFFfFej/9fPWNVvXvKv42yM7/3g2v/+X4B5Pm9drZ7ddx9bdPW97T7PT670veqqf78tc+GJ+buzga0Ze8tv71sZX3FvmifBb/0LGN+/+BWDkSRyIiu4gfjIiHIuLhvO2PRMSjEXFsk/h/eOmxd3cef2dl8U9u6/xvP1E59/03rerf2vk/WU8N5a9s5fNvqw3czbEDAACA/4q0/gx8kg4vp9N0eLjxDP/B2JvWZmbnnjoz8/6Fycaz8oPRmxYzXQNN86Gj+dxwkR9bkz+Rzxt/Xrmznh+emKlNdjt4KLl9Lfp/5vdKt1sHdJzfa0F56f9QXvo/lJf+D+Wl/0N5bdT/r3ShHcCt5/sfykv/h/LS/6G89H8opd38rl+izIlIb4tmSHQo0e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4JwAA//+AouX0")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:33:42 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MLi9Qbf53a2Fu/K+FufEk6vU3/0ga5f5cmBsvihbv259nBtOI9JMkjq5R78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+/Pn7m+js/fp2190C+vzWOTqlGdfmxbPF4pyvrsr6WdLKniw1hUyoRkZ2unkb/749KLJ28/njl4642DthR9Xq9vrf97vk68D+WRLdbAOy+/pYv+uz+t9h2Y9xxu7j5YvMGKIv7Vr419+yJNC/Ts+L+tpOqEXFm/u8vsi12aB4CAKDVt9n45+m1xn9p3NdS7q58bWggIu6OiIMRcU9EHIqIeyMaZe+PiAc2WX91RX71+Ce9saXANigb/72Qr20tH/8Vo78YqOS5vkb8PcnZqdrkifyYDEbP3iw/sk4d3738y2ft9rWO/7Itq78YC+btuLFnxQTdxNjs2HZibnXzo8Yc4NXV8SeLKwFJRByOiCNb+PvZMZt68qtj7fb/e/zr6MA6U/3LiCea538+VsRfSNZfnxy+I2qTJ4aLq2K1n36+9ka7+rcVfwdk53/fmtf/YvwDSet67czm67j226dt72m2ev33Jm810r35ax+Mzc5eGonoTV5b/fro0nuLfFE+i3/w+Nr9/2AsHYmjEZFdxA9GxEMR8XDe9kci4tGIOL5O/D+89Ni7W49/Z2XxT2zq/G8+UTn//Tft6t/Y+T/VSA3mr2zk82+jDdzOsQMAAID/irTxDHySDi2m03RoqPkM/6HYl9amZ2afOjv9/sWJ5rPyA9GTFjNd/S3zoSP53HCRH12RP5nPG39eubORHxqfrk10O3gouf1t+n/m90q3WwfsOL/XgvLS/6G89H8oL/0fykv/h/Jaq/9f7UI7gN3n+x/KS/+H8tL/obz0fyil7fyuX6LMiUhvi2ZI7FCi259MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfFPAAAA//9w7eX9")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1438.666158][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1438.700715][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:33:43 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 21)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:43 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SJEicRfQAUNAiokWuhRpAi5IVAd2rtd+/w448c5F9jPR9pk5nbOM9/dnbvZmb0ASqua/ZNE7I+IXyJioJldWaDa/O/m4vzEn4vzE0nU66//njTK/bE4P1EULd63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxRZ/d/xbbLRp63BZuPJ/dsH7WiP9mvjX39ESal+lddX/bSdWIOL3w1+fZFrs0DwEA0OqbbPzz5HrjvzTuaSl3R742NBgRd0bEgYi4KyIORsTdEY2y90bEfVusv7oqv3b8k17fVmCblI3/nsvXtlaO/4rRXwxW8lx/I/7e5Mx0bep4fkyGondPlh/doI5vX/z5k3b7Wsd/2ZbVX4wF83Zc71k1QTc5Pje+k5hb3figMQd4ZW38ydJKQBIRhyLi8Db+fnbMph//8mi7/f8c/wY6sM5U/yLiseb5X4hV8ReSjdcnR/4XtanjI8VVsdaPP119rV39O4q/A7Lzv3fd638p/sGkdb12dut1XP3147b3NNu9/vuSNxrpvvy198bn5i6ORvQlr6x9fWz5vUW+KJ/FP3Rs/f5/IJaPxJGIyC7i+yPigYh4MG/7QxHxcEQc2yD+71945O3tx7+7svgnt3T+t56onPvu63b1b+78n2ykhvJXNvP5t9kG7uTYAQAAwL9F2ngGPkmHl9JpOjzcfIb/YOxNazOzc0+cmXn3wmTzWfnB6E2Lma6BlvnQ0XxuuMiPrcqfyOeNP638v5EfnpipTXY7eCi5fW36f+a3SrdbB+w6v9eC8tL/obz0fygv/R/KS/+H8lqv/1/pQjuAW8/3P5SX/g/lpf9Deen/UEo7+V2/RJkTkd4WzZDYpUS3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//1tm6oQ=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1438.762077][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1438.797406][T31118] loop1: detected capacity change from 0 to 512
[ 1438.802422][T31122] loop0: detected capacity change from 0 to 512
[ 1438.808320][T31118] EXT4-fs: Ignoring removed nobh option
[ 1438.811703][T31122] EXT4-fs: Ignoring removed nobh option
[ 1438.818458][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1438.822600][T31122] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1440.090390][T31125] loop5: detected capacity change from 0 to 512
[ 1440.098359][T31127] FAULT_INJECTION: forcing a failure.
[ 1440.098359][T31127] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1440.111611][T31127] CPU: 1 PID: 31127 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1440.122540][T31127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1440.132580][T31127] Call Trace:
[ 1440.135845][T31127]
[ 1440.138761][T31127] dump_stack_lvl+0xd6/0x130
[ 1440.143401][T31127] dump_stack+0x11/0x20
[ 1440.147683][T31127] should_fail_ex+0x224/0x230
[ 1440.152353][T31127] __alloc_pages+0x10a/0x340
[ 1440.156936][T31127] vma_alloc_folio+0x6a0/0x8e0
[ 1440.161687][T31127] ? folio_add_lru_vma+0x44/0x60
[ 1440.166668][T31127] do_anonymous_page+0x15a/0x9c0
[ 1440.171719][T31127] handle_mm_fault+0x8dc/0xb20
[ 1440.176474][T31127] do_user_addr_fault+0x4a1/0x980
[ 1440.181559][T31127] exc_page_fault+0x60/0x160
[ 1440.186194][T31127] asm_exc_page_fault+0x22/0x30
[ 1440.191039][T31127] RIP: 0033:0x7fc7bd7110c0
[ 1440.195440][T31127] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1440.215264][T31127] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010206
[ 1440.221328][T31127] RAX: 0000000000007000 RBX: 00007fc7bcaa4660 RCX: 0000000000000000
[ 1440.229297][T31127] RDX: 00007fc7b4685000 RSI: 0000000000000005 RDI: 00007fc7bcaa4700
[ 1440.237334][T31127] RBP: 0000000000000079 R08: 0000000000000008 R09: 00000000000000be
[ 1440.245308][T31127] R10: 0000000000000010 R11: 00007fc7bcaa4660 R12: 00007fc7bcaa4670
[ 1440.253328][T31127] R13: 00007fc7bcaa4700 R14: 0000000000000001 R15: 0000000000000003
[ 1440.261382][T31127]
[ 1440.264542][T31127] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1440.274432][T31127] loop2: detected capacity change from 0 to 512
[ 1440.320807][T31129] loop4: detected capacity change from 0 to 512
[ 1440.351713][T31125] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 25)
[ 1440.363927][T31125] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2972/file0 supports timestamps until 2038 (0x7fffffff)
[ 1440.370812][T31129] EXT4-fs: Ignoring removed nobh option
[ 1440.385321][T31122] EXT4-fs (loop0): Remounting filesystem read-only
[ 1440.392593][T31118] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1440.393467][T31122] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1440.410064][T31127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1440.419191][T31122] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1440.430835][T31127] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2996/file0 supports timestamps until 2038 (0x7fffffff)
[ 1440.443539][T31122] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1440.467518][T31118] EXT4-fs (loop1): Remounting filesystem read-only
[ 1440.472178][T31129] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1440.475139][T31122] EXT4-fs (loop0): 1 truncate cleaned up
[ 1440.487668][T31129] EXT4-fs (loop4): Remounting filesystem read-only
[ 1440.491189][T31122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:44 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1440.498026][T31118] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1440.533017][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1440.566085][T31118] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1440.581567][T31138] FAULT_INJECTION: forcing a failure.
[ 1440.581567][T31138] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1440.595163][T31138] CPU: 0 PID: 31138 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1440.606177][T31138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1440.616220][T31138] Call Trace:
[ 1440.619520][T31138]
[ 1440.622445][T31138] dump_stack_lvl+0xd6/0x130
[ 1440.627025][T31138] dump_stack+0x11/0x20
[ 1440.631169][T31138] should_fail_ex+0x224/0x230
[ 1440.635901][T31138] __alloc_pages+0x10a/0x340
[ 1440.640561][T31138] alloc_pages+0x3f1/0x4f0
[ 1440.644966][T31138] get_zeroed_page+0x13/0x40
[ 1440.649614][T31138] mon_bin_open+0x1ba/0x3c0
[ 1440.654118][T31138] chrdev_open+0x362/0x3d0
[ 1440.658533][T31138] ? cd_forget+0xe0/0xe0
[ 1440.662904][T31138] do_dentry_open+0x59a/0x910
[ 1440.667632][T31138] vfs_open+0x43/0x50
[ 1440.671681][T31138] path_openat+0x16b8/0x1b60
[ 1440.676317][T31138] ? _parse_integer_limit+0x16f/0x190
[ 1440.681681][T31138] do_filp_open+0x105/0x220
[ 1440.686179][T31138] do_sys_openat2+0xb5/0x2a0
[ 1440.690768][T31138] ? mutex_lock+0x9/0x30
[ 1440.695014][T31138] ? fput+0x2c/0x130
[ 1440.698900][T31138] __x64_sys_openat+0xef/0x110
[ 1440.703660][T31138] do_syscall_64+0x2b/0x70
[ 1440.708133][T31138] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1440.714019][T31138] RIP: 0033:0x7f53668d4234
[ 1440.718423][T31138] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1440.738035][T31138] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1440.746463][T31138] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1440.754422][T31138] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1440.762434][T31138] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1440.770401][T31138] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1440.778361][T31138] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1440.786334][T31138]
[ 1440.797385][T31129] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1440.817700][T31118] EXT4-fs (loop1): 1 truncate cleaned up
[ 1440.823413][T31118] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1440.837947][T31129] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1440.861756][T31129] EXT4-fs (loop4): 1 truncate cleaned up
[ 1440.867477][T31129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:33:45 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHnBibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0smeLjaEbalERHa6eur9fyAqsXLyBuKVj7vaOKDT+va23rewBPyPZaN5oIyKL/rs/rfYbtG447Zw48XGDVAW9818a+zZE2lepmfN/W07VSPi9MLfX2RbdGgeAgCg2bfZ+OfpjcZ/adzXVO6ufG1oMCLujogDEXFPRByMiHsj6mXvj4gHtll/dU1+/fgnvb6jwLYoG/+9kK9trR7/FaO/GKzkuf56/D3Jmena1PH8mAxFz94sP7pJHd+9/MtnrfY1j/+yLau/GAvm7bi+Z80E3eT43PhuYm5246PI7v+vrI8/WV4JSCLiUEQc3sHfz47Z9JNfHW21/9/j30Qb1pmWvox4onH+F2JN/IVk8/XJkTuiNnV8pLgq1vvp56tvtKp/V/G3QXb++za8/pfjH0ya12tnt1/H1d8+bXlPs9Prvzd5q57uzV/7YHxu7uJoRG/y2vrXx1beW+SL8ln8Q8c27v8HYuVIHImI7CJ+MCIeioiH87Y/EhGPRsSxTeL/4aXH3t15/J2VxT+5rfO//UTl3PfftKp/a+f/ZD01lL+ylc+/rTZwN8cOAAAA/ivS+jPwSTq8nE7T4eHGM/wHoy+tzczOPXVm5v0Lk41n5QejJy1mugaa5kNH87nhIj+2Jn8inzf+vHJnPT88MVOb7HbwUHL7WvT/zO+VbrcO6Di/14Ly0v+hvPR/KC/9H8pL/4fy2qj/X+lCO4Bbz/c/lJf+D+Wl/0N56f9QSrv5Xb9EmROR3hbNkOhQotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO3xTwAAAP//UYbl+A==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:33:45 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhgbCI88gIOAsHjYsRMgBQ0IJAqQkKAIpbGdyOQSo9hIJLKIQSiUKBI9okTiL6CCBgEVEi30KFKE3BCoDu3drnN+nPHj7AvZ30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxG8RMdDMLi9Qbf53Y3F+4u/F+Ykk6vW3/kwa5f5anJ8oihbv25dnhtKI9NMkDq9R7+zFS2fHa7WpC3l+ZO7c+yOzFy89O31u/MzUmanzYydPnjg++sLzY891JM7+rK2HPpo5cvC1d66+MXHq6rs/fZO1d3++vzWOTqlGdfmxbPFEpyvrsv6WdNLTxYawKZWIyE5Xb6P/D0Qlbp68gXj1k642DthR9Xq9vqf97oU6cBtLotstAHbfPS1f9Nn9b7HtxrjjVnH9peYNUBb3jXxr7umJNC/Tu+L+tpOqEXFq4Z8vsy12aB4CAKDVd9n455m1xn9p3N9S7q58bWgwIu6OiGzseG9EHIiI+yIaZR+IiAc3WX91RX71+Ce9tqXANigb/72Yr20tH/8Vo78YrOS5/kb8vcnp6drUsfyYDEXvniw/uk4d37/y6+ft9rWO/7Itq78YC+btuNazYoJucnxufDsxt7r+cWMO8PLq+JOllYAkIg5GxKEt/P3smE0/9fWRdvv/O/51dGCdqf5VxJPN878QK+IvJOuvT47cEbWpYyPFVbHaz79cebNd/duKvwOy8793zet/Kf7BpHW9dnbzdVz5/bO29zRbvf77krcb6b78tQ/H5+YujEb0Ja+vfn3s5nuLfFE+i3/o6Nr9v7g/zuI/HBHZRfxQRDwcEY/kbX80Ih6LiKPrxP/jy4+/t/X4d1YW/+Smzv/mE5WzP3zbrv6Nnf8TjdRQ/spGPv822sDtHDsAAAD4v0gbz8An6fBSOk2Hh5vP8B+IvWltZnbu6dMzH5yfbD4rPxi9aTHTNdAyHzqazw0X+bEV+eP5vPEXlTsb+eGJmdpkt4OHktvXpv9n/qh0u3XAjvN7LSgv/R/KS/+H8tL/obz0fyivtfr/5S60A9h9vv+hvPR/KC/9H8pL/4dS2s7v+iXKnIj0lmiGxA4luv3JBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BgAA//81reYA")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:45 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTOIIxJ/ASe4IOCExBXuqFKFcqFwMlp7N3EeDnk4dWE/H2mdGe84M9/dHXs8sw6gtKrZQxKxPyJ+iYiBZnZlgWrzz83F+Yk/F+cnkqjXX/89aZT7Y3F+oihavG5fnhlKI9KPkjiyTr2zly6fG6/Vpi7m+ZG58++MzF66/NT0+fGzU2enLoydOnXyxOizz4w93ZE4+7O2Hn5/5uihl9+89urE6Wtv/fBV1t79+f7WODqlGtWVx7LFo52urMv6W9JJTxcbwpZUIiI7Xb2N/j8QlVg+eQPx0oddbRywq+r1en1P+90LdeA/LIlutwDojuKDPvv+W2y3aOhxW7jxfPb4WSP+m/nW3NMTaV6md9X3206qRsTphb8+z7bYpXkIAIBW32TjnyfXG/+lcU9LuTvytaHBiLgzIg5ExF0RcTAi7o5olL03Iu7bYv3VVfm145/0+rYC26Rs/Pdcvra1cvxXjP5isJLn+hvx9yZnpmtTx/NjMhS9e7L86AZ1fPviz5+029c6/su2rP5iLJi343rPqgm6yfG58Z3E3OrGB405wCtr40+WVgKSiDgUEYe38f+zYzb9+JdH2+3/5/g30IF1pvoXEY81z/9CrIq/kGy8Pjnyv6hNHR8proq1fvzp6mvt6t9R/B2Qnf+9617/S/EPJq3rtbNbr+Pqrx+3/U6z3eu/L3mjke7Ln3tvfG7u4mhEX/LK2ufHll9b5IvyWfxDx9bv/wdi+UgciYjsIr4/Ih6IiAfztj8UEQ9HxLEN4v/+hUfe3n78uyuLf3JL53/ricq5775uV//mzv/JRmoof2Yz73+bbeBOjh0AAAD8W6SNe+CTdHgpnabDw817+A/G3rQ2Mzv3xJmZdy9MNu+VH4zetJjpGmiZDx3N54aL/Niq/Il83vjTyv8b+eGJmdpkt4OHktvXpv9nfqt0u3XArvN7LSgv/R/KS/+H8tL/obz0fyiv9fr/lS60A7j1fP5Deen/UF76P5SX/g+ltJPf9UuUORHpbdEMiV1KdPudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DgAA//9bZeqE")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:45 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 22)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1441.058658][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1441.065017][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1441.070139][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1441.086498][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1441.107845][T31143] loop1: detected capacity change from 0 to 512
[ 1441.122769][T31146] loop4: detected capacity change from 0 to 512
[ 1441.130465][T31143] EXT4-fs: Ignoring removed nobh option
[ 1441.137259][T31146] EXT4-fs: Ignoring removed nobh option
[ 1441.160219][T31148] loop0: detected capacity change from 0 to 512
[ 1441.170103][T31149] loop5: detected capacity change from 0 to 512
[ 1441.179525][T31148] EXT4-fs: Ignoring removed nobh option
07:33:45 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 26)
[ 1441.220540][T31149] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1441.335341][T31146] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1441.350460][T31148] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1442.141978][T31148] EXT4-fs (loop0): Remounting filesystem read-only
[ 1442.149789][T31146] EXT4-fs (loop4): Remounting filesystem read-only
[ 1442.157896][T31143] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1442.170173][T31148] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1442.184017][T31146] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1442.200778][T31160] FAULT_INJECTION: forcing a failure.
[ 1442.200778][T31160] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1442.208316][T31159] FAULT_INJECTION: forcing a failure.
[ 1442.208316][T31159] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1442.214037][T31160] CPU: 1 PID: 31160 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1442.238162][T31160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1442.248208][T31160] Call Trace:
[ 1442.251473][T31160]
[ 1442.254402][T31160] dump_stack_lvl+0xd6/0x130
[ 1442.259038][T31160] dump_stack+0x11/0x20
[ 1442.263200][T31160] should_fail_ex+0x224/0x230
[ 1442.267907][T31160] __alloc_pages+0x10a/0x340
[ 1442.272498][T31160] alloc_pages+0x3f1/0x4f0
[ 1442.276906][T31160] get_zeroed_page+0x13/0x40
[ 1442.281561][T31160] mon_bin_open+0x1ba/0x3c0
[ 1442.286166][T31160] chrdev_open+0x362/0x3d0
[ 1442.290640][T31160] ? cd_forget+0xe0/0xe0
[ 1442.294873][T31160] do_dentry_open+0x59a/0x910
[ 1442.299545][T31160] vfs_open+0x43/0x50
[ 1442.303550][T31160] path_openat+0x16b8/0x1b60
[ 1442.308192][T31160] ? _parse_integer_limit+0x16f/0x190
[ 1442.313581][T31160] do_filp_open+0x105/0x220
[ 1442.318080][T31160] do_sys_openat2+0xb5/0x2a0
[ 1442.322738][T31160] ? mutex_lock+0x9/0x30
[ 1442.327053][T31160] ? fput+0x2c/0x130
[ 1442.330979][T31160] __x64_sys_openat+0xef/0x110
[ 1442.335737][T31160] do_syscall_64+0x2b/0x70
[ 1442.340191][T31160] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1442.346137][T31160] RIP: 0033:0x7f53668d4234
[ 1442.350537][T31160] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1442.370134][T31160] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1442.378531][T31160] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1442.386490][T31160] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1442.394461][T31160] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1442.402486][T31160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1442.410468][T31160] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1442.418440][T31160]
[ 1442.421446][T31159] CPU: 0 PID: 31159 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1442.432230][T31143] EXT4-fs (loop1): Remounting filesystem read-only
[ 1442.432456][T31159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1442.432467][T31159] Call Trace:
[ 1442.432473][T31159]
[ 1442.432479][T31159] dump_stack_lvl+0xd6/0x130
[ 1442.432501][T31159] dump_stack+0x11/0x20
[ 1442.432516][T31159] should_fail_ex+0x224/0x230
[ 1442.439538][T31148] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1442.449047][T31159] __alloc_pages+0x10a/0x340
[ 1442.449080][T31159] vma_alloc_folio+0x6a0/0x8e0
[ 1442.449097][T31159] ? folio_add_lru_vma+0x44/0x60
07:33:46 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1442.449115][T31159] do_anonymous_page+0x15a/0x9c0
[ 1442.454577][T31143] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1442.455360][T31159] handle_mm_fault+0x8dc/0xb20
[ 1442.455386][T31159] do_user_addr_fault+0x4a1/0x980
[ 1442.460337][T31146] EXT4-fs (loop4): 1 truncate cleaned up
[ 1442.464075][T31159] exc_page_fault+0x60/0x160
[ 1442.464101][T31159] asm_exc_page_fault+0x22/0x30
[ 1442.464125][T31159] RIP: 0033:0x7fc7bd7110c0
07:33:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQokiUYMokfgLqKBBQIVECz2KFCE3BKpDe7drnx9n/DjnAvv5SJvM3M555ru7czc7sxdAaVWzf5KI/RHxS0QMNLMrC1Sb/91cnJ/4c3F+Iol6/fXfk0a5PxbnJ4qixfv25ZmhNCL9KIkj69Q7e+nyufFabepinh+ZO//OyOyly09Nnx8/O3V26sLYqVMnT4w++8zY0x2Jsz9r6+H3Z44eevnNa69OnL721g9fZe3dn+9vjaNTqlFdeSxbPNrpyrqsvyWd9HSxIWxJJSKy09Xb6P8DUYnlkzcQL33Y1cYBu6per9f3tN+9UAf+w5LodguA7ii+6LP732K7RUOP28KN57Mb1s8a8d/Mt+aenkjzMr2r7m87qRoRpxf++jzbYpfmIQAAWn2TjX+eXG/8l8Y9LeXuyNeGBiPizog4EBF3RcTBiLg7olH23oi4b4v1V1fl145/0uvbCmyTsvHfc/na1srxXzH6i8FKnutvxN+bnJmuTR3Pj8lQ9O7J8qMb1PHtiz9/0m5f6/gv27L6i7Fg3o7rPasm6CbH58Z3EnOrGx805gCvrI0/WVoJSCLiUEQc3sbfz47Z9ONfHm23/5/j30AH1pnqX0Q81jz/C7Eq/kKy8frkyP+iNnV8pLgq1vrxp6uvtat/R/F3QHb+9657/S/FP5i0rtfObr2Oq79+3PaeZrvXf1/yRiPdl7/23vjc3MXRiL7klbWvjy2/t8gX5bP4h46t3/8PxPKROBIR2UV8f0Q8EBEP5m1/KCIejohjG8T//QuPvL39+HdXFv/kls7/1hOVc9993a7+zZ3/k43UUP7KZj7/NtvAnRw7AAAA+LdIG8/AJ+nwUjpNh4ebz/AfjL1pbWZ27okzM+9emGw+Kz8YvWkx0zXQMh86ms8NF/mxVfkT+bzxp5X/N/LDEzO1yW4HDyW3r03/z/xW6XbrgF3n91pQXvo/lJf+D+Wl/0N56f9QXuv1/ytdaAdw6/n+h/LS/6G89H8oL/0fSmknv+uXKHMi0tuiGRK7lOj2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/B0AAP//RpzqhQ==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:46 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fEsQnhkQdwEBAWDzt2AqSgAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbApXR3u3a58cZP+5ygf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGGtnVBaqN/24tzk/8uTg/kcTS0hu/J/VyfyzOTxRFi/ftyzNDaUT6cRJHN6h39vKV8+O12tSlPD8yd+HdkdnLV56evjB+burc1MWx06dPnRx97tmxZ9oSZ3/W1iMfzBw7/Mpb11+bOHP97R++ytq7P9/fHEe7VKO6+lg2eazdlXVZf1M66eliQ9iWSkRkp6u33v8HohIrJ28gXv6oq40DOu3Antb7FpaA/7BsNA+UUfFFn93/FtttGnfcEW6+0LgByuK+lW+NPT2R5mV619zftlM1Is4s/PV5tkWH5iEAAJp9k41/ntpo/JfGvU3lDuRrQ4MRcVdEHIyIuyPiUETcE1Eve19E3L/N+qtr8uvHP+mNHQW2Rdn47/l8bWv1+K8Y/cVgJc/11+PvTc5O16ZO5MdkKHr3ZPnRTer49qWfP221r3n8l21Z/cVYMG/HjZ41E3ST43Pju4m52c0PI7v/v7o+/mR5JSCJiMMRcWQHfz87ZtNPfHms1f5/jn8TbVhnWvoi4vHG+V+INfEXks3XJ0f+F7WpEyPFVbHejz9de71V/buKvw2y8793w+t/Of7BpHm9dnb7dVz79ZOW9zQ7vf77kjfr6b78tffH5+YujUb0Ja+uf31s5b1FviifxT90fOP+fzBWjsTRiMgu4gci4sGIeChv+8MR8UhEHN8k/u9ffPSdncffWVn8k9s6/9tPVM5/93Wr+rd2/k/VU0P5K1v5/NtqA3dz7AAAAODfIq0/A5+kw8vpNB0ebjzDfyj2prWZ2bknz868d3Gy8az8YPSmxUzXQNN86Gg+N1zkx9bkT+bzxp9V/l/PD0/M1Ca7HTyU3L4W/T/zW6XbrQM6zu+1oLz0fygv/R/KS/+H8tL/obw26v9Xu9AO4Pbz/Q/lpf9Deen/UF76P5TSbn7XL1HmRKR3RDMkOpTo9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAe/wdAAD//yJq5fw=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:33:46 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 27)
[ 1442.468796][T31146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1442.477437][T31159] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1442.477457][T31159] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010206
[ 1442.477479][T31159] RAX: 0000000000008000 RBX: 00007fc7bcac5660 RCX: 000000000000000b
[ 1442.477491][T31159] RDX: 00007fc7b46a6000 RSI: 000000000000003f RDI: 00007fc7bcac5700
[ 1442.484424][T31143] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0,
[ 1442.486849][T31159] RBP: 0000000000000066 R08: 0000000000000009 R09: 00000000000001c6
[ 1442.486863][T31159] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
[ 1442.486876][T31159] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 0000000000000027
[ 1442.486891][T31159]
[ 1442.491797][T31143] inode 13:
[ 1442.496747][T31159] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1442.499019][T31159] loop2: detected capacity change from 0 to 512
[ 1442.511037][T31143] block 100:
[ 1442.527402][T31148] EXT4-fs (loop0): 1 truncate cleaned up
[ 1442.531112][T31143] freeing already freed block (bit 99); block bitmap corrupt.
[ 1442.535978][T31148] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1442.545971][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1442.605729][T31143] EXT4-fs (loop1): 1 truncate cleaned up
[ 1442.638204][T31159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1442.639625][T31143] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1442.645887][T31159] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2997/file0 supports timestamps until 2038 (0x7fffffff)
[ 1442.729096][T31168] FAULT_INJECTION: forcing a failure.
[ 1442.729096][T31168] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1442.742368][T31168] CPU: 1 PID: 31168 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1442.753294][T31168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1442.763338][T31168] Call Trace:
[ 1442.766606][T31168]
[ 1442.769523][T31168] dump_stack_lvl+0xd6/0x130
[ 1442.774189][T31168] dump_stack+0x11/0x20
[ 1442.778382][T31168] should_fail_ex+0x224/0x230
[ 1442.783092][T31168] __alloc_pages+0x10a/0x340
[ 1442.787691][T31168] alloc_pages+0x3f1/0x4f0
[ 1442.792145][T31168] get_zeroed_page+0x13/0x40
[ 1442.796728][T31168] mon_bin_open+0x1ba/0x3c0
[ 1442.801277][T31168] chrdev_open+0x362/0x3d0
[ 1442.805789][T31168] ? cd_forget+0xe0/0xe0
[ 1442.810105][T31168] do_dentry_open+0x59a/0x910
[ 1442.814788][T31168] vfs_open+0x43/0x50
[ 1442.818764][T31168] path_openat+0x16b8/0x1b60
[ 1442.823352][T31168] ? _parse_integer_limit+0x16f/0x190
[ 1442.828732][T31168] do_filp_open+0x105/0x220
[ 1442.833289][T31168] do_sys_openat2+0xb5/0x2a0
[ 1442.838000][T31168] ? mutex_lock+0x9/0x30
[ 1442.842303][T31168] ? fput+0x2c/0x130
[ 1442.846194][T31168] __x64_sys_openat+0xef/0x110
[ 1442.850954][T31168] do_syscall_64+0x2b/0x70
[ 1442.855444][T31168] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1442.861410][T31168] RIP: 0033:0x7f53668d4234
[ 1442.865842][T31168] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1442.885470][T31168] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1442.893867][T31168] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1442.901824][T31168] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1442.909785][T31168] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1442.917745][T31168] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1442.925701][T31168] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1442.933742][T31168]
07:33:48 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPH2RfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MLi9Qbf53a2Fu/K+FufEk6vU3/0ga5f5cmBsvihbv259nBtOI9JMkjq5R78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+/Pn7m+js/fp2190C+vzWOTqlGdfmxbPF4pyvrsr6WdLKniw1hUyoRkZ2unkb/749KLJ28/njl4642DthR9Xq9vrf97vk68D+WRLdbAOy+e1q+6LP732LbjXHH7eLmi80boCzuW/nW3LMn0rxMz4r7206qRsSZ+b+/yLbYoXkIAIBW32bjn6fXGv+lcV9LubvytaGBiLg7Ig5GRDZ+PBQR90Y0yt4fEQ9ssv7qivzq8U96Y0uBbVA2/nshX9taPv4rRn8xUMlzfY34e5KzU7XJE/kxGYyevVl+ZJ06vnv5l8/a7Wsd/2VbVn8xFszbcWPPigm6ibHZse3E3OrmR405wKur408WVwKSiDgcEUe28PezYzb15FfH2u3/9/jX0YF1pvqXEU80z/98rIi/kKy/Pjl8R9QmTwwXV8VqP/187Y129W8r/g7Izv++Na//xfgHktb12pnN13Htt0/b3tNs9frvTd5qpHvz1z4Ym529NBLRm7y2+vXRpfcW+aJ8Fv/g8bX7/8FYOhJHIyK7iB+MiIci4uG87Y9ExKMRcXyd+H946bF3tx7/zsrin9jU+d98onL++2/a1b+x83+qkRrMX9nI599GG7idYwcAAAD/FWnjGfgkHVpMp+nQUPMZ/kOxL61Nz8w+dXb6/YsTzWflB6InLWa6+lvmQ0fyueEiP7oifzKfN/68cmcjPzQ+XZvodvBQcvvb9P/M75Vutw7YcX6vBeWl/0N56f9QXvo/lJf+D+W1Vv+/2oV2ALvP9z+Ul/4P5aX/Q3np/1BK2/ldv0SZE5HeFs2Q2KFEtz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuOfAAAA//8h7eYB")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1444.148604][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1444.158443][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1444.174831][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1444.178677][T31171] loop4: detected capacity change from 0 to 512
[ 1444.184801][T11133] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
07:33:48 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 28)
[ 1444.483817][T31172] loop5: detected capacity change from 0 to 512
[ 1444.509617][T31171] EXT4-fs: Ignoring removed nobh option
[ 1444.544935][T31171] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1444.548376][T31178] loop0: detected capacity change from 0 to 512
[ 1444.559604][T31171] EXT4-fs (loop4): Remounting filesystem read-only
[ 1444.566916][T31178] EXT4-fs: Ignoring removed nobh option
[ 1444.573925][T31171] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1444.580022][T31172] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1444.604831][T31172] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2974/file0 supports timestamps until 2038 (0x7fffffff)
[ 1444.655840][T31182] FAULT_INJECTION: forcing a failure.
[ 1444.655840][T31182] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1444.669110][T31182] CPU: 0 PID: 31182 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1444.680041][T31182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1444.690155][T31182] Call Trace:
[ 1444.693492][T31182]
[ 1444.696434][T31182] dump_stack_lvl+0xd6/0x130
[ 1444.701019][T31182] dump_stack+0x11/0x20
[ 1444.705168][T31182] should_fail_ex+0x224/0x230
[ 1444.709835][T31182] __alloc_pages+0x10a/0x340
[ 1444.714453][T31182] alloc_pages+0x3f1/0x4f0
[ 1444.718897][T31182] get_zeroed_page+0x13/0x40
[ 1444.723576][T31182] mon_bin_open+0x1ba/0x3c0
[ 1444.728173][T31182] chrdev_open+0x362/0x3d0
[ 1444.732668][T31182] ? cd_forget+0xe0/0xe0
[ 1444.737004][T31182] do_dentry_open+0x59a/0x910
[ 1444.741771][T31182] vfs_open+0x43/0x50
[ 1444.745770][T31182] path_openat+0x16b8/0x1b60
[ 1444.750363][T31182] ? _parse_integer_limit+0x16f/0x190
[ 1444.755740][T31182] do_filp_open+0x105/0x220
[ 1444.760318][T31182] do_sys_openat2+0xb5/0x2a0
[ 1444.764906][T31182] ? mutex_lock+0x9/0x30
[ 1444.769397][T31182] ? fput+0x2c/0x130
[ 1444.773512][T31182] __x64_sys_openat+0xef/0x110
[ 1444.778400][T31182] do_syscall_64+0x2b/0x70
[ 1444.783262][T31182] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1444.789198][T31182] RIP: 0033:0x7f53668d4234
[ 1444.793707][T31182] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1444.813355][T31182] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1444.821790][T31182] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1444.829864][T31182] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1444.840287][T31182] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
07:33:49 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 23)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:49 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1444.849072][T31182] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1444.857311][T31182] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1444.865693][T31182]
[ 1444.929153][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1444.940483][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1444.952082][T31171] EXT4-fs (loop4): 1 truncate cleaned up
[ 1444.957840][T31171] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1444.981148][T31183] loop1: detected capacity change from 0 to 512
[ 1444.994312][T31183] EXT4-fs: Ignoring removed nobh option
07:33:49 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiXvFEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TOjHecme/ujj2eWQdQWtXsIYnYHxG/RMRAM7uyQLX559bi/MSfi/MTSdTrb/6eNMr9sTg/URQtXrcvzwylEeknSRxZp97ZS5fPjddqUxfz/Mjc+fdGZi9dfmb6/PjZqbNTF8ZOnTp5YvT558ae7Uic/VlbD384c/TQq29fe33i9LV3fvgqa+/+fH9rHJ1SjerKY9ni8U5X1mX9Lemkp4sNYUsqEZGdrt5G/x+ISiyfvIF45eOuNg7YVfV6vb6n/e6FOvAflkS3WwB0R/FBn33/LbbbNPS4I9x8MXu83oj/Vr419/REmpfpXfX9tpOqEXF64a/r2Ra7NA8BANDqm2z88/R647807mspd1e+NjQYEXdHxIGIuCciDkbEvRGNsvdHxANbrL+6Kr92/JPe2FZgm5SN/17I17ZWjv+K0V8MVvJcfyP+3uTMdG3qeH5MhqJ3T5Yf3aCOb1/++bN2+1rHf9mW1V+MBfN23OhZNUE3OT43vpOYW938qDEHeGVt/MnSSkASEYci4vA2/n92zKaf/PJou/3/HP8GOrDOVP8i4onm+V+IVfEXko3XJ0f+F7Wp4yPFVbHWjz9dfaNd/TuKvwOy87933et/Kf7BpHW9dnbrdVz99dO232m2e/33JW810n35cx+Mz81dHI3oS15b+/zY8muLfFE+i3/o2Pr9/0AsH4kjEZFdxA9GxEMR8XDe9kci4tGIOLZB/N+/9Ni7249/d2XxT27p/G89UTn33dft6t/c+T/ZSA3lz2zm/W+zDdzJsQMAAIB/i7RxD3ySDi+l03R4uHkP/8HYm9ZmZueeOjPz/oXJ5r3yg9GbFjNdAy3zoaP53HCRH1uVP5HPG39e+X8jPzwxU5vsdvBQcvva9P/Mb5Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/0oV2ALefz38oL/0fykv/h/LS/6GUdvK7fokyJyK9I5ohsUuJbr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMbfAQAA//9Gm+qF")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1445.033101][T31183] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1445.058136][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1445.075444][T31178] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1445.089692][T31183] EXT4-fs (loop1): Remounting filesystem read-only
[ 1445.097523][T31178] EXT4-fs (loop0): Remounting filesystem read-only
[ 1445.105521][T31183] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1445.121183][T31178] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1445.138436][T31183] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1445.145067][T31178] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1445.155224][T31183] EXT4-fs (loop1): 1 truncate cleaned up
07:33:49 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDIri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b1+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7s7Ye/nDm6KFX3772+sTpa+/8+HXW3v35/uY42qUa1dXHssnj7a6sy/qb0klPFxvCtlQiIjtdvfX+PxCVWDl5A/HKx11tHNBpA3ta71tYAv7HstE8UEbFF312/1tst2jccVu48WLjBiiL+2a+Nfb0RJqX6V1zf9tO1Yg4vfD3F9kWHZqHAABo9m02/nl6o/FfGvc1lbsrXxsajIi7I+JARNwTEQcj4t6Ietn7I+KBbdZfXZNfP/5Jr+8osC3Kxn8v5Gtbq8d/xegvBit5rr8ef29yZro2dTw/JkPRuyfLj25Sx3cv//JZq33N479sy+ovxoJ5O673rJmgmxyfG99NzM1ufBTZ/f+V9fEnyysBSUQciojDO/j72TGbfvKro632/3v8m2jDOtPSlxFPNM7/QqyJv5Bsvj45ckfUpo6PFFfFej/9fPWNVvXvKv42yM7/3g2v/+X4B5Pm9drZ7ddx9bdPW97T7PT670veqqf78tc+GJ+buzga0Ze8tv71sZX3FvmifBb/0LGN+/+BWDkSRyIiu4gfjIiHIuLhvO2PRMSjEXFsk/h/eOmxd3cef2dl8U9u6/xvP1E59/03rerf2vk/WU8N5a9s5fNvqw3czbEDAACA/4q0/gx8kg4vp9N0eLjxDP/B2JvWZmbnnjoz8/6Fycaz8oPRmxYzXQNN86Gj+dxwkR9bkz+Rzxt/Xrmznh+emKlNdjt4KLl9Lfp/5vdKt1sHdJzfa0F56f9QXvo/lJf+D+Wl/0N5bdT/r3ShHcCt5/sfykv/h/LS/6G89H8opd38rl+izIlIb4tmSHQo0e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4JwAA//8Wo+X9")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1445.172269][T31183] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1445.179767][T31178] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1445.199226][T31178] EXT4-fs (loop0): 1 truncate cleaned up
[ 1445.204979][T31178] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1445.232141][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1445.866522][T31191] loop5: detected capacity change from 0 to 512
[ 1445.892160][T31195] FAULT_INJECTION: forcing a failure.
[ 1445.892160][T31195] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1445.905593][T31195] CPU: 0 PID: 31195 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1445.916530][T31195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1445.926573][T31195] Call Trace:
[ 1445.929919][T31195]
[ 1445.932839][T31195] dump_stack_lvl+0xd6/0x130
[ 1445.937482][T31195] dump_stack+0x11/0x20
[ 1445.941753][T31195] should_fail_ex+0x224/0x230
[ 1445.946421][T31195] __alloc_pages+0x10a/0x340
[ 1445.951066][T31195] vma_alloc_folio+0x6a0/0x8e0
[ 1445.955957][T31195] ? folio_add_lru_vma+0x44/0x60
[ 1445.961150][T31195] do_anonymous_page+0x15a/0x9c0
[ 1445.966083][T31195] handle_mm_fault+0x8dc/0xb20
[ 1445.970838][T31195] do_user_addr_fault+0x4a1/0x980
[ 1445.975895][T31195] exc_page_fault+0x60/0x160
[ 1445.980498][T31195] asm_exc_page_fault+0x22/0x30
[ 1445.985345][T31195] RIP: 0033:0x7fc7bd7110c0
[ 1445.989749][T31195] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1446.009558][T31195] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010206
[ 1446.015635][T31195] RAX: 0000000000009000 RBX: 00007fc7bcaa4660 RCX: 0000000000000009
[ 1446.023614][T31195] RDX: 00007fc7b4685000 RSI: 0000000000000000 RDI: 00007fc7bcaa4700
[ 1446.031770][T31195] RBP: 00000000000000fa R08: 0000000000000007 R09: 0000000000000050
[ 1446.039734][T31195] R10: 0000000000000010 R11: 00007fc7bcaa4660 R12: 00007fc7bcaa4670
[ 1446.047740][T31195] R13: 00007fc7bcaa4700 R14: 0000000000000001 R15: 00000000000000ff
[ 1446.055905][T31195]
[ 1446.058983][T31195] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
07:33:50 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGRhg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MrixQbf53c3Fu/K/FufEk6vU3/0ga5f5cnBsvihbv259nBtOI9JMkjq5T78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+9Pn7m2js/fp2190C+vzWOTqlGdeWxbPF4pyvrsr6WdLKniw1hSyoRkZ2unkb/749KLJ+8/njl4642DthV9Xq9vrf97oU68D+WRLdbAHTFfPFFn93/FtstGnrcFm682LwByuK+mW/NPXsizcv0rLq/7aRqRJxZ+PuLbItdmocAAGj1bTb+eXq98V8a97WUuytfGxqIiLsj4mBE3BMRhyLi3ohG2fsj4oEt1l9dlV87/kmvbyuwTcrGfy/ka1srx3/F6C8GKnmurxF/T3J2qjZ5Ij8mg9GzN8uPbFDHdy//8lm7fa3jv2zL6i/Ggnk7ru9ZNUE3MTY7tpOYW934qDEHOL82/mRpJSCJiMMRcWQbfz87ZlNPfnWs3f5/j38DHVhnqn8Z8UTz/C/EqvgLycbrk8N3RG3yxHBxVaz1089X32hX/47i74Ds/O9b9/pfin8gaV2vndl6HVd/+7TtPc12r//e5K1Gujd/7YOx2dlLIxG9yWtrXx9dfm+RL8pn8Q8eX7//H4zlI3E0IrKL+MGIeCgiHs7b/khEPBoRxzeI/4eXHnt3+/Hvriz+iS2d/60nKue//6Zd/Zs7/6caqcH8lc18/m22gTs5dgAAAPBfkTaegU/SoaV0mg4NNZ/hPxT70tr0zOxTZ6ffvzjRfFZ+IHrSYqarv2U+dCSfGy7yo6vyJ/N5488rdzbyQ+PTtYluBw8lt79N/8/8Xul264Bd5/daUF76P5SX/g/lpf9Deen/UF7r9f/5LrQDuPV8/0N56f9QXvo/lJf+D6W0k9/1S5Q5Eelt0QyJXUp0+5MJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgM/4JAAD//7+36Wo=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:50 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 29)
[ 1446.068816][T31195] loop2: detected capacity change from 0 to 512
[ 1446.118654][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1446.152618][T31193] loop4: detected capacity change from 0 to 512
[ 1446.173528][T31191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1446.201040][T31195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1446.214871][T31195] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2998/file0 supports timestamps until 2038 (0x7fffffff)
[ 1446.240651][T31193] EXT4-fs: Ignoring removed nobh option
[ 1446.280912][T31202] FAULT_INJECTION: forcing a failure.
[ 1446.280912][T31202] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1446.294366][T31202] CPU: 0 PID: 31202 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1446.305387][T31202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1446.315648][T31202] Call Trace:
[ 1446.318921][T31202]
[ 1446.322054][T31202] dump_stack_lvl+0xd6/0x130
[ 1446.326635][T31202] dump_stack+0x11/0x20
[ 1446.330873][T31202] should_fail_ex+0x224/0x230
[ 1446.335636][T31202] __alloc_pages+0x10a/0x340
[ 1446.340219][T31202] alloc_pages+0x3f1/0x4f0
[ 1446.344663][T31202] get_zeroed_page+0x13/0x40
[ 1446.349310][T31202] mon_bin_open+0x1ba/0x3c0
[ 1446.353857][T31202] chrdev_open+0x362/0x3d0
[ 1446.358364][T31202] ? cd_forget+0xe0/0xe0
[ 1446.362689][T31202] do_dentry_open+0x59a/0x910
[ 1446.367375][T31202] vfs_open+0x43/0x50
[ 1446.371353][T31202] path_openat+0x16b8/0x1b60
[ 1446.375948][T31202] ? _parse_integer_limit+0x16f/0x190
[ 1446.381383][T31202] do_filp_open+0x105/0x220
[ 1446.385889][T31202] do_sys_openat2+0xb5/0x2a0
[ 1446.390495][T31202] ? mutex_lock+0x9/0x30
[ 1446.395220][T31202] ? fput+0x2c/0x130
[ 1446.399124][T31202] __x64_sys_openat+0xef/0x110
[ 1446.403901][T31202] do_syscall_64+0x2b/0x70
[ 1446.408334][T31202] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1446.414318][T31202] RIP: 0033:0x7f53668d4234
[ 1446.418773][T31202] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1446.438545][T31202] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1446.447046][T31202] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1446.455008][T31202] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1446.462970][T31202] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1446.470928][T31202] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1446.478975][T31202] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1446.486945][T31202]
07:33:50 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1446.561373][T31193] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1446.602655][T31205] loop0: detected capacity change from 0 to 512
[ 1446.610334][T31205] EXT4-fs: Ignoring removed nobh option
[ 1446.617939][T31193] EXT4-fs (loop4): Remounting filesystem read-only
[ 1446.626253][T31193] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1446.644796][T31205] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1446.657820][T31205] EXT4-fs (loop0): Remounting filesystem read-only
[ 1446.665445][T31193] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1446.681729][T31205] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1446.701057][T31193] EXT4-fs (loop4): 1 truncate cleaned up
[ 1446.706768][T31193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1446.721227][T31205] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1446.735944][T31205] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
07:33:51 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 24)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:51 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0UeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/ubvSaPcH4vzE0XR4n378sxQGpF+ksSRdeqdvXT53HitNnUxz4/MnX9vZPbS5Wemz4+fnTo7dWHs1KmTJ0aff27s2Y7E2Z+19fCHM0cPvfr2tdcnTl9754evsvbuz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIVz7uauOAXVWv1+t72u9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHmi9kN6/VG/LfyrbmnJ9K8TO+q+9tOqkbE6YW/rmdb7NI8BABAq2+y8c/T643/0rivpdxd+drQYETcHREHIuKeiDgYEfdGNMreHxEPbLH+6qr82vFPemNbgW1SNv57IV/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr59+efP2u1rHf9lW1Z/MRbM23GjZ9UE3eT43PhOYm5186PGHOCVtfEnSysBSUQciojD2/j72TGbfvLLo+32/3P8G+jAOlP9i4gnmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPWNdvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9ddP297TbPf670veaqT78tc+GJ+buzga0Ze8tvb1seX3FvmifBb/0LH1+/+BWD4SRyIiu4gfjIiHIuLhvO2PRMSjEXFsg/i/f+mxd7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayl/ZzOffZhu4k2MHAAAA/xZp4xn4JB1eSqfp8HDzGf6DsTetzczOPXVm5v0Lk81n5QejNy1mugZa5kNH87nhIj+2Kn8inzf+vPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuP9//UF76P5SX/g/lpf9DKe3kd/0SZU5Eekc0Q2KXEt3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//MdLqhg==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1446.757790][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1446.767091][T31205] EXT4-fs (loop0): 1 truncate cleaned up
[ 1446.772642][T31208] loop1: detected capacity change from 0 to 512
[ 1446.772739][T31205] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1446.780880][T31208] EXT4-fs: Ignoring removed nobh option
07:33:51 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhgbEx55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQGe3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/Iri5Qbfx3c3F+4q/F+Ykklpbe/COpl/tzcX6iKFq8b3+eGUoj0k+SOLJBvbOXLp8br9WmLub5kbnz743MXrr8zPT58bNTZ6cujJ06dfLE6PPPjT3bljj7srYe/nDm6KFX3772+sTpa+/8+HXW3gP5/uY42qUa1dXHssnj7a6sy/qa0smeLjaEbalERHa6eur9vz8qsXLy+uOVj7vaOKDTBve23rewBPyPZaN5oIyKL/rs/rfYbtG447Zw48XGDVAW9818a+zZE2lepmfN/W07VSPi9MLfX2RbdGgeAgCg2bfZ+OfpjcZ/adzXVO6ufG1oICLujojBiLgnIg5GxL0R9bL3R8QD26y/uia/fvyTXt9RYFuUjf9eyNe2Vo//itFfDFTyXF89/p7kzHRt6nh+TIaiZ2+WH92kju9e/uWzVvuax3/ZltVfjAXzdlzfs2aCbnJ8bnw3MTe78VFk9/9X1sefLK8EJBFxKCIO7+DvZ8ds+smvjrba/+/xb6IN60xLX0Y80Tj/C7Em/kKy+frkyB1Rmzo+UlwV6/3089U3WtW/q/jbIDv/+za8/pfjH0ia12tnt1/H1d8+bXlPs9Prvzd5q57uzV/7YHxu7uJoRG/y2vrXx1beW+SL8ln8Q8c27v+DsXIkjkREdhE/GBEPRcTDedsfiYhHI+LYJvH/8NJj7+48/s7K4p/c1vnffqJy7vtvWtW/tfN/sp4ayl/ZyuffVhu4m2MHAAAA/xVp/Rn4JB1eTqfp8HDjGf6DsS+tzczOPXVm5v0Lk41n5QeiJy1muvqb5kNH87nhIj+2Jn8inzf+vHJnPT88MVOb7HbwUHL7W/T/zO+VbrcO6Di/14Ly0v+hvPR/KC/9H8pL/4fy2qj/X+lCO4Bbz/c/lJf+D+Wl/0N56f9QSrv5Xb9EmROR3hbNkOhQotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO3xTwAAAP//8z/mAA==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1446.801724][T31208] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1446.815530][T31208] EXT4-fs (loop1): Remounting filesystem read-only
[ 1446.822838][T31208] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1446.858528][T31208] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1446.862873][T31214] loop4: detected capacity change from 0 to 512
[ 1446.883336][T31214] EXT4-fs: Ignoring removed nobh option
[ 1446.889954][T31208] EXT4-fs (loop1): 1 truncate cleaned up
[ 1446.925194][T31219] FAULT_INJECTION: forcing a failure.
[ 1446.925194][T31219] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1446.938506][T31219] CPU: 1 PID: 31219 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1446.949453][T31219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1446.959680][T31219] Call Trace:
[ 1446.962947][T31219]
[ 1446.965868][T31219] dump_stack_lvl+0xd6/0x130
[ 1446.970775][T31219] dump_stack+0x11/0x20
[ 1446.974921][T31219] should_fail_ex+0x224/0x230
[ 1446.979604][T31219] __alloc_pages+0x10a/0x340
[ 1446.984302][T31219] vma_alloc_folio+0x6a0/0x8e0
[ 1446.989503][T31219] ? do_anonymous_page+0x2da/0x9c0
[ 1446.994671][T31219] do_anonymous_page+0x15a/0x9c0
[ 1446.999723][T31219] handle_mm_fault+0x8dc/0xb20
[ 1447.004650][T31219] do_user_addr_fault+0x4a1/0x980
[ 1447.009692][T31219] exc_page_fault+0x60/0x160
[ 1447.014279][T31219] asm_exc_page_fault+0x22/0x30
[ 1447.019178][T31219] RIP: 0033:0x7fc7bd7110c0
[ 1447.023597][T31219] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1447.044488][T31219] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010206
[ 1447.050807][T31219] RAX: 0000000000010000 RBX: 00007fc7bcaa4660 RCX: 0000000000000006
[ 1447.058787][T31219] RDX: 00007fc7b4685000 RSI: 0000000000000001 RDI: 00007fc7bcaa4700
[ 1447.066866][T31219] RBP: 0000000000000032 R08: 0000000000000008 R09: 00000000000000be
[ 1447.075025][T31219] R10: 0000000000000010 R11: 00007fc7bcaa4660 R12: 00007fc7bcaa4670
[ 1447.082997][T31219] R13: 00007fc7bcaa4700 R14: 0000000000000001 R15: 000000000000000c
[ 1447.090977][T31219]
[ 1447.094035][T31219] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1447.104469][T31219] loop2: detected capacity change from 0 to 512
[ 1447.158923][T31214] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
07:33:51 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 30)
[ 1447.593006][T31223] loop5: detected capacity change from 0 to 512
07:33:51 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTtwROIv4AQXBJyQuMIdVapQLhRORmvvJs7DIQ+nLuznI60z4x1n5ru7Y49n1gGUVjV7SCL2R8QvETHQzK4sUG3+ubk4P/Hn4vxEEvX6678njXJ/LM5PFEWL1+3LM0NpRPpREkfWqXf20uVz47Xa1MU8PzJ3/p2R2UuXn5o+P3526uzUhbFTp06eGH32mbGnOxJnf9bWw+/PHD308pvXXp04fe2tH77K2rs/398aR6dUo7ryWLZ4tNOVdVl/Szrp6WJD2JJKRGSnq7fR/weiEssnbyBe+rCrjQN2Vb1er+9pv3uhDvyHJdHtFgDdUXzQZ99/i+0WDT1uCzeezx4/b8R/M9+ae3oizcv0rvp+20nViDi98Ndn2Ra7NA8BANDqm2z88+R647807mkpd0e+NjQYEXdGxIGIuCsiDkbE3RGNsvdGxH1brL+6Kr92/JNe31Zgm5SN/57L17ZWjv+K0V8MVvJcfyP+3uTMdG3qeH5MhqJ3T5Yf3aCOb1/8+ZN2+1rHf9mW1V+MBfN2XO9ZNUE3OT43vpOYW934oDEHeGVt/MnSSkASEYci4vA2/n92zKYf//Jou/3/HP8GOrDOVP8i4rHm+V+IVfEXko3XJ0f+F7Wp4yPFVbHWjz9dfa1d/TuKvwOy87933et/Kf7BpHW9dnbrdVz99eO232m2e/33JW800n35c++Nz81dHI3oS15Z+/zY8muLfFE+i3/o2Pr9/0AsH4kjEZFdxPdHxAMR8WDe9oci4uGIOLZB/N+/8Mjb249/d2XxT27p/G89UTn33dft6t/c+T/ZSA3lz2zm/W+zDdzJsQMAAIB/i7RxD3ySDi+l03R4uHkP/8HYm9ZmZueeODPz7oXJ5r3yg9GbFjNdAy3zoaP53HCRH1uVP5HPG39a+X8jPzwxU5vsdvBQcvva9P/Mb5Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/0oV2ALeez38oL/0fykv/h/LS/6GUdvK7fokyJyK9LZohsUuJbr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMbfAQAA//8x0eqG")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1447.634865][T31214] EXT4-fs (loop4): Remounting filesystem read-only
[ 1447.644539][T31214] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1447.660634][T31214] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1447.677101][T31214] EXT4-fs (loop4): 1 truncate cleaned up
07:33:52 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7sXO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRQo8iRcgNgYZDe7drnx9n/Dj7Avv5SJvM3M555ru7czc7sxdAaVWzf5KIAxHxc0T0N7PLC1Sb/91amBv/Y2FuPIl6/fXfkka53xfmxouixfv255nBNCL9KImja9Q7c/nK+bFabfJSnh+evfDO8MzlK09NXRg7N3lu8uLo6dOnTo48+8zo0x2Jsy9r65H3p48dfvnN66+On7n+1vdfZu09kO9vjaNTqlFdfixbPNrpyrqsryWd7OliQ9iUSkRkp6un0f/7oxJLJ68/Xvqwq40DdlS9Xq/vbb97vg78hyXR7RYAu++ver1efNFn97/FtktDj9vCzeebN0BZ3LfyrblnT6R5mZ4V97edVI2IM/N/fpZtsUPzEAAArb7Oxj9PrjX+S+OelnJ35GtDAxFxZ0QcjIi7IuJQRNwd0Sh7b0Tct8n6qyvyq8c/6Y0tBbZB2fjvuXxta/n4rxj9xUAlz/U14u9Jzk7VJk/kx2QwevZm+ZF16vjmxZ8+abevdfyXbVn9xVgwb8eNPSsm6CbGZse2E3Ormx805gCvro4/WVwJSCLicEQc2cLfz47Z1ONfHGu3/5/jX0cH1pnqn0c81jz/87Ei/kKy/vrk8P+iNnliuLgqVvvhx2uvtat/W/F3QHb+9615/S/GP5C0rtfObL6Oa7983PaeZqvXf2/yRiPdm7/23tjs7KWRiN7kldWvjy69t8gX5bP4B4+v3f8PxtKROBoR2UV8f0Q8EBEP5m1/KCIejojj68T/3QuPvL31+HdWFv/Eps7/5hOV899+1a7+jZ3/U43UYP7KRj7/NtrA7Rw7AAAA+LdIG8/AJ+nQYjpNh4aaz/Afin1pbXpm9omz0+9enGg+Kz8QPWkx09XfMh86ks8NF/nRFfmT+bzxp5X/N/JD49O1iW4HDyW3v03/z/xa6XbrgB3n91pQXvo/lJf+D+Wl/0N56f9QXmv1/6tdaAew+3z/Q3np/1Be+j+Ul/4PpbSd3/VLlDkR6W3RDIkdSnT7kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//8WHp6Q==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1447.744473][T31229] loop0: detected capacity change from 0 to 512
[ 1447.751904][T31229] EXT4-fs: Ignoring removed nobh option
[ 1447.760165][T31219] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/2999/file0 supports timestamps until 2038 (0x7fffffff)
[ 1447.767507][T31232] loop4: detected capacity change from 0 to 512
[ 1447.791630][T31232] EXT4-fs: Ignoring removed nobh option
[ 1447.791994][T31223] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2976/file0 supports timestamps until 2038 (0x7fffffff)
[ 1447.822929][T31229] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1447.860937][T31229] EXT4-fs (loop0): Remounting filesystem read-only
[ 1447.868303][T31240] FAULT_INJECTION: forcing a failure.
[ 1447.868303][T31240] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1447.881637][T31240] CPU: 1 PID: 31240 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1447.892587][T31240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1447.902987][T31240] Call Trace:
[ 1447.906254][T31240]
[ 1447.909177][T31240] dump_stack_lvl+0xd6/0x130
[ 1447.913861][T31240] dump_stack+0x11/0x20
[ 1447.918006][T31240] should_fail_ex+0x224/0x230
[ 1447.922811][T31240] __alloc_pages+0x10a/0x340
[ 1447.927398][T31240] alloc_pages+0x3f1/0x4f0
[ 1447.931918][T31240] get_zeroed_page+0x13/0x40
[ 1447.936678][T31240] mon_bin_open+0x1ba/0x3c0
[ 1447.941199][T31240] chrdev_open+0x362/0x3d0
[ 1447.945638][T31240] ? cd_forget+0xe0/0xe0
[ 1447.949875][T31240] do_dentry_open+0x59a/0x910
[ 1447.954549][T31240] vfs_open+0x43/0x50
[ 1447.958657][T31240] path_openat+0x16b8/0x1b60
[ 1447.963337][T31240] ? _parse_integer_limit+0x16f/0x190
[ 1447.968722][T31240] do_filp_open+0x105/0x220
[ 1447.973237][T31240] do_sys_openat2+0xb5/0x2a0
[ 1447.977826][T31240] ? mutex_lock+0x9/0x30
[ 1447.982213][T31240] ? fput+0x2c/0x130
[ 1447.986110][T31240] __x64_sys_openat+0xef/0x110
[ 1447.990921][T31240] do_syscall_64+0x2b/0x70
[ 1447.995366][T31240] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1448.001632][T31240] RIP: 0033:0x7f53668d4234
[ 1448.006084][T31240] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1448.025694][T31240] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1448.034180][T31240] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1448.042140][T31240] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1448.050221][T31240] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1448.058181][T31240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1448.066153][T31240] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1448.074122][T31240]
[ 1448.102685][T31229] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1448.133796][T31229] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
07:33:52 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:52 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv10kKbUNCKY8+AENBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolVEA0LliCpxRxyR+As4wQUBJySucEeVKpQLhZPR2ruJ83DIw6kL+/tJG8/sjjPz7e7Y4xk7gNKqZn+SiP0R8WtEDDSzKwtUmw83F+cn/lqcn0iiXn/zj6RR7s/F+YmiaPG8fXlmKI1IP0niyDr1zl66fG68Vpu6mOdH5s6/NzJ76fIz0+fHz06dnbowdurUyROjzz839mxH4uzP2nr4w5mjh159+9rrE6evvfPj11l79+fHW+PolGpUV57LFo93urIu629JJz1dbAhbUomI7HL1Nvr/QFRi+eINxCsfd7VxwK6q1+v1Pe0PL9SB/7Ekut0CoDuKN/rs82+x3aKhx23hxovNxyzum/nW3NMTaV6md9Xn206qRsTphb+/yLbYpXkIAIBW32bjn6fXG/+lcV9LubvytaHBiLg7Ig5ExD0RcTAi7o1olL0/Ih7YYv3VVfm145/0+rYC26Rs/PdCvra1cvxXjP5isJLn+hvx9yZnpmtTx/NzMhS9e7L86AZ1fPfyL5+1O9Y6/su2rP5iLJi343rPqgm6yfG58Z3E3OrGR405wCtr40+WVgKSiDgUEYe38f+zczb95FdH2x3/9/g30IF1pvqXEU80r/9CrIq/kGy8PjlyR9Smjo8Ud8VaP/189Y129e8o/g7Irv/ede//pfgHk9b12tmt13H1t0/bfqbZ7v3fl7zVSPfl+z4Yn5u7OBrRl7y2dv/Y8nOLfFE+i3/o2Pr9/0Asn4kjEZHdxA9GxEMR8XDe9kci4tGIOLZB/D+89Ni7249/d2XxT27p+m89UTn3/Tft6t/c9T/ZSA3lezbz+rfZBu7k3AEAAMB/Rdr4DnySDi+l03R4uPkd/oOxN63NzM49dWbm/QuTze/KD0ZvWsx0DbTMh47mc8NFfmxV/kQ+b/x55c5GfnhipjbZ7eCh5Pa16f+Z3yvdbh2w6/xeC8pL/4fy0v+hvPR/KC/9H8prvf5/pQvtAG497/9QXvo/lJf+D+Wl/0Mp7eR3/RJlTkR6WzRDYpcS3X5lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AgAA//8w1Onm")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1448.158841][T31232] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1448.188550][T31229] EXT4-fs (loop0): 1 truncate cleaned up
07:33:52 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2CThkQdwEBAWDzt2AqSgAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbApXR3u3a58cZP+5ygf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGGtnVBaqN/24tzk/8uTg/kcTS0hu/J/VyfyzOTxRFi/ftyzNDaUT6cRJHN6h39vKV8+O12tSlPD8yd+HdkdnLV56evjB+burc1MWx06dPnRx97tmxZ9oSZ3/W1iMfzBw7/Mpb11+bOHP97R++ytq7P9/fHEe7VKO6+lg2eazdlXVZf1M66eliQ9iWSkRkp6u33v8HohIrJ28gXv6oq40DOu3gntb7FpaA/7BsNA+UUfFFn93/FtttGnfcEW6+0LgByuK+lW+NPT2R5mV619zftlM1Is4s/PV5tkWH5iEAAJp9k41/ntpo/JfGvU3l7srXhgYj4u6IOBARByPiUETcE1Eve19E3L/N+qtr8uvHP+mNHQW2Rdn47/l8bWv1+K8Y/cVgJc/11+PvTc5O16ZO5MdkKHr3ZPnRTer49qWfP221r3n8l21Z/cVYMG/HjZ41E3ST43Pju4m52c0PI7v/v7o+/mR5JSCJiMMRcWQHfz87ZtNPfHms1f5/jn8TbVhnWvoi4vHG+V+INfEXks3XJ0f+F7WpEyPFVbHejz9de71V/buKvw2y8793w+t/Of7BpHm9dnb7dVz79ZOW9zQ7vf77kjfr6b78tffH5+YujUb0Ja+uf31s5b1FviifxT90fOP+fyBWjsTRiMgu4gci4sGIeChv+8MR8UhEHN8k/u9ffPSdncffWVn8k9s6/9tPVM5/93Wr+rd2/k/VU0P5K1v5/NtqA3dz7AAAAODfIq0/A5+kw8vpNB0ebjzDfyj2prWZ2bknz868d3Gy8az8YPSmxUzXQNN86Gg+N1zkx9bkT+bzxp9V/l/PD0/M1Ca7HTyU3L4W/T/zW6XbrQM6zu+1oLz0fygv/R/KS/+H8tL/obw26v9Xu9AO4Pbz/Q/lpf9Deen/UF76P5TSbn7XL1HmRKR3RDMkOpTo9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAe/wdAAD//+d45gE=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1448.211297][T31242] loop1: detected capacity change from 0 to 512
[ 1448.241082][T31232] EXT4-fs (loop4): Remounting filesystem read-only
[ 1448.249378][T31242] EXT4-fs: Ignoring removed nobh option
07:33:52 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0QMlEn8BFTQIqJBooUeRIuSGQHVo73bt8+OMH+dcYD8faZOZ2znPfHd37mZn9gIorWr2TxKxPyJ+iYiBZnZlgWrzv5uL8xN/Ls5PJFGvv/570ij3x+L8RFG0eN++PDOURqQfJXFknXpnL10+N16rTV3M8yNz598Zmb10+anp8+Nnp85OXRg7derkidFnnxl7uiNx9mdtPfz+zNFDL7957dWJ09fe+uGrrL378/2tcXRKNaorj2WLRztdWZf1t6STni42hC2pRER2unob/X8gKrF88gbipQ+72jhgV9Xr9fqe9rsX6sB/WBLdbgHQHcUXfXb/W2y3aOhxW7jxfHbD+nkj/pv51tzTE2lepnfV/W0nVSPi9MJfn2Vb7NI8BABAq2+y8c+T643/0rinpdwd+drQYETcGREHIuKuiDgYEXdHNMreGxH3bbH+6qr82vFPen1bgW1SNv57Ll/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr598edP2u1rHf9lW1Z/MRbM23G9Z9UE3eT43PhOYm5144PGHOCVtfEnSysBSUQciojD2/j72TGbfvzLo+32/3P8G+jAOlP9i4jHmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPW1dvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9deP297TbPf670veaKT78tfeG5+buzga0Ze8svb1seX3FvmifBb/0LH1+/+BWD4SRyIiu4jvj4gHIuLBvO0PRcTDEXFsg/i/f+GRt7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayl/ZzOffZhu4k2MHAAAA/xZp4xn4JB1eSqfp8HDzGf6DsTetzczOPXFm5t0Lk81n5QejNy1mugZa5kNH87nhIj+2Kn8inzf+tPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuPd//UF76P5SX/g/lpf9DKe3kd/0SZU5Eels0Q2KXEt3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//HQjqhw==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:52 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 25)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1448.280215][T31232] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1448.296911][T31232] EXT4-fs (loop4): 1 truncate cleaned up
[ 1448.303594][T31242] EXT4-fs (loop1): corrupt root inode, run e2fsck
[ 1448.310260][T31242] EXT4-fs (loop1): mount failed
07:33:52 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64FIHEASQkOJRjSNIq1G1QEyRaRTQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TtjHecme/Ojj2esQMorWr2TxKxPyJ+iYiBZnZlgWrzv1uL8xN/Ls5PJFGvv/F70ij3x+L8RFG0eN6+PDOURqQfJ3FknXpnL185P16rTV3K8yNzF94dmb185ZnpC+Pnps5NXRw7derkidHnnxt7tiNx9mdtPfzBzNFDr7x1/bWJM9ff/uGrrL378/OtcXRKNaorr2WLxztdWZf1t6STni42hC2pRETWXb2N8T8QlVjuvIF4+aOuNg7YVfV6vb6n/emFOvAflkS3WwB0R/FGn33+LY7bNPW4I9w8HUvrGLfyo3mmJ9K8TO+qz7edVI2IMwt/fZ4dsUvrEAAArb45HRFPrzf/S+O+lnJ35XtDgxFxd0QciIh7IuJgRNwb0Sh7f0Q8sMX6q6vya+c/6Y1tBbZJ2fzvhXxva+X8r5j9xWAlz/U34u9Nzk7Xpo7n12Qoevdk+dEN6vj2pZ8/bXeudf6XHVn9xVwwb8eNnlULdJPjc+M7ibnVzQ8ba4BX18afLO0EZPPjQxFxeBt/P7tm009+ebTd+X+OfwMd2GeqfxHxRLP/F2JV/IVk4/3Jkf9Fber4SHFXrPXjT9deb1f/juLvgKz/9657/y/FP5i07tfObr2Oa79+0vYzzXbv/77kzUa6L3/s/fG5uUujEX3Jq2sfH1t+bpEvymfxDx1bf/wfiOUrcSQispv4wYh4KCIeztv+SEQ8GhHHNoj/+xcfe2f78e+uLP7JLfX/1hOV89993a7+zfX/yUZqKH9kM69/m23gTq4dAAAA/Fukje/AJ+nwUjpNh4eb3+E/GHvT2szs3FNnZ967ONn8rvxg9KbFStdAy3roaL42XOTHVuVP5OvGn1X+38gPT8zUJrsdPJTcvjbjP/NbpdutA3ad32tBeRn/UF7GP5SX8Q/lZfxDea03/q92oR3A7ef9H8rL+IfyMv6hvIx/KKWd/K5fosyJSO+IZkjsUqLbr0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8XcAAAD//xwM6ec=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1448.381146][T31247] loop0: detected capacity change from 0 to 512
[ 1448.395866][T31247] EXT4-fs: Ignoring removed nobh option
[ 1448.410822][T31252] loop4: detected capacity change from 0 to 512
[ 1448.414596][T31247] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1448.424272][T31252] EXT4-fs: Ignoring removed nobh option
[ 1448.437639][T31247] EXT4-fs (loop0): Remounting filesystem read-only
[ 1448.443092][T31255] loop1: detected capacity change from 0 to 512
[ 1448.445665][T31252] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1448.451243][T31255] EXT4-fs: Ignoring removed nobh option
[ 1450.085374][T31258] loop5: detected capacity change from 0 to 512
[ 1450.093668][T31259] FAULT_INJECTION: forcing a failure.
[ 1450.093668][T31259] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1450.107159][T31259] CPU: 0 PID: 31259 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1450.119636][T31259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1450.131973][T31259] Call Trace:
[ 1450.135333][T31259]
[ 1450.138268][T31259] dump_stack_lvl+0xd6/0x130
[ 1450.143055][T31259] dump_stack+0x11/0x20
[ 1450.147361][T31259] should_fail_ex+0x224/0x230
[ 1450.152218][T31259] __alloc_pages+0x10a/0x340
[ 1450.156904][T31259] vma_alloc_folio+0x6a0/0x8e0
[ 1450.161737][T31259] ? __alloc_pages+0x199/0x340
[ 1450.166510][T31259] wp_page_copy+0x13e/0x1710
[ 1450.171234][T31259] ? debug_smp_processor_id+0x13/0x20
[ 1450.176617][T31259] ? preempt_count_add+0x5e/0xa0
[ 1450.181604][T31259] do_wp_page+0x22a/0x640
[ 1450.186026][T31259] handle_mm_fault+0x644/0xb20
[ 1450.191064][T31259] do_user_addr_fault+0x4a1/0x980
[ 1450.196121][T31259] exc_page_fault+0x60/0x160
[ 1450.200713][T31259] asm_exc_page_fault+0x22/0x30
[ 1450.205642][T31259] RIP: 0033:0x7fc7bd7110c0
[ 1450.210760][T31259] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1450.230907][T31259] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010206
[ 1450.237052][T31259] RAX: 0000000000011008 RBX: 00007fc7bcaa4660 RCX: 0000000000000023
[ 1450.245041][T31259] RDX: 00007fc7b4685000 RSI: 000000000000000f RDI: 00007fc7bcaa4700
[ 1450.253010][T31259] RBP: 0000000000000008 R08: 0000000000000009 R09: 00000000000001c6
[ 1450.261018][T31259] R10: 0000000000000010 R11: 00007fc7bcaa4660 R12: 00007fc7bcaa4670
[ 1450.269513][T31259] R13: 00007fc7bcaa4700 R14: 0000000000000001 R15: 00000000000000f6
[ 1450.278097][T31259]
07:33:54 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 31)
[ 1450.281139][T31247] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1450.281195][T31259] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1450.306772][T31259] loop2: detected capacity change from 0 to 512
[ 1450.324088][T31252] EXT4-fs (loop4): Remounting filesystem read-only
[ 1450.331743][T31252] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1450.333867][T31247] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 3: invalid block bitmap
[ 1450.348007][T31252] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1450.360419][T31255] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1450.373994][T31247] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1450.387531][T31252] EXT4-fs (loop4): 1 truncate cleaned up
[ 1450.395507][T31259] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3000/file0 supports timestamps until 2038 (0x7fffffff)
[ 1450.399892][T31255] EXT4-fs (loop1): Remounting filesystem read-only
[ 1450.422871][T31247] EXT4-fs (loop0): 1 truncate cleaned up
[ 1450.454111][T31255] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1450.470171][T31255] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1450.485587][T31267] FAULT_INJECTION: forcing a failure.
[ 1450.485587][T31267] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1450.500065][T31267] CPU: 1 PID: 31267 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1450.511015][T31267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1450.521073][T31267] Call Trace:
[ 1450.524384][T31267]
[ 1450.527343][T31267] dump_stack_lvl+0xd6/0x130
[ 1450.531934][T31267] dump_stack+0x11/0x20
[ 1450.536690][T31267] should_fail_ex+0x224/0x230
[ 1450.541361][T31267] __alloc_pages+0x10a/0x340
[ 1450.545987][T31267] alloc_pages+0x3f1/0x4f0
[ 1450.550397][T31267] get_zeroed_page+0x13/0x40
[ 1450.554985][T31267] mon_bin_open+0x1ba/0x3c0
[ 1450.559617][T31267] chrdev_open+0x362/0x3d0
[ 1450.564121][T31267] ? cd_forget+0xe0/0xe0
[ 1450.568553][T31267] do_dentry_open+0x59a/0x910
[ 1450.573292][T31267] vfs_open+0x43/0x50
[ 1450.577347][T31267] path_openat+0x16b8/0x1b60
[ 1450.581951][T31267] ? _parse_integer_limit+0x16f/0x190
[ 1450.587434][T31267] do_filp_open+0x105/0x220
[ 1450.592201][T31267] do_sys_openat2+0xb5/0x2a0
[ 1450.596790][T31267] ? mutex_lock+0x9/0x30
[ 1450.601032][T31267] ? fput+0x2c/0x130
[ 1450.605025][T31267] __x64_sys_openat+0xef/0x110
[ 1450.609830][T31267] do_syscall_64+0x2b/0x70
[ 1450.614251][T31267] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1450.620160][T31267] RIP: 0033:0x7f53668d4234
[ 1450.624571][T31267] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1450.644258][T31267] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1450.652661][T31267] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1450.660652][T31267] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1450.668636][T31267] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1450.677707][T31267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1450.686124][T31267] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1450.694343][T31267]
07:33:54 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTvqEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TOjHecme/ujj2eWQdQWtXsIYnYHxG/RMRAM7uyQLX559bi/MSfi/MTSdTrb/6eNMr9sTg/URQtXrcvzwylEeknSRxZp97ZS5fPjddqUxfz/Mjc+fdGZi9dfmb6/PjZqbNTF8ZOnTp5YvT558ae7Uic/VlbD384c/TQq29fe33i9LV3fvgqa+/+fH9rHJ1SjerKY9ni8U5X1mX9Lemkp4sNYUsqEZGdrt5G/x+ISiyfvIF45eOuNg7YVfV6vb6n/e6FOvAflkS3WwB0R/FBn33/LbbbNPS4I9x8MXu83oj/Vr419/REmpfpXfX9tpOqEXF64a8vsi12aR4CAKDVN9n45+n1xn9p3NdS7q58bWgwIu6OiAMRcU9EHIyIeyMaZe+PiAe2WH91VX7t+Ce9sa3ANikb/72Qr22tHP8Vo78YrOS5/kb8vcmZ6drU8fyYDEXvniw/ukEd377882ft9rWO/7Itq78YC+btuNGzaoJucnxufCcxt7r5UWMO8Mra+JOllYAkIg5FxOFt/P/smE0/+eXRdvv/Of4NdGCdqX494onm+V+IVfEXko3XJ0f+F7Wp4yPFVbHWjz9dfaNd/TuKvwOy87933et/Kf7BpHW9dnbrdVz99dO232m2e/33JW810n35cx+Mz81dHI3oS15b+/zY8muLfFE+i3/o2Pr9/0AsH4kjEZFdxA9GxEMR8XDe9kci4tGIOLZB/N+/9Ni7249/d2XxT27p/G89UTn33dft6t/c+T/ZSA3lz2zm/W+zDdzJsQMAAIB/i7RxD3ySDi+l03R4uHkP/8HYm9ZmZueeOjPz/oXJ5r3yg9GbFjNdAy3zoaP53HCRH1uVP5HPG39e+X8jPzwxU5vsdvBQcvva9P/Mb5Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/0oV2ALefz38oL/0fykv/h/LS/6GUdvK7fokyJyK9I5ohsUuJbr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMbfAQAA//8dB+qH")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:55 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:55 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRQo8iRcgNgYZDe7drnx9n/DjnAvv5SJvM3M555ru7czc7sxdAaVWzf5KI/RHxc0QMNLMrC1Sb/91cnJ/4Y3F+Iol6/fXfkka53xfnJ4qixfv25ZmhNCL9KIkj69Q7e+nyufFabepinh+ZO//OyOyly09Nnx8/O3V26sLYqVMnT4w++8zY0x2Jsz9r6+H3Z44eevnNa69OnL721vdfZu3dn+9vjaNTqlFdeSxbPNrpyrqsvyWd9HSxIWxJJSKy09Xb6P8DUYnlkzcQL33Y1cYBu6per/+1p/3uhTrwH5aN5oEyKr7os/vfYrtFQ4/bwo3nmzdAWdw38625pyfSvEzvqvvbTqpGxOmFPz/LttileQgAgFZfZ+OfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV88+JPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34F0fb7f/n+DfQgXWm+ucRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV++PHqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+ovH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf/fCI29vP/7dlcU/uaXzv/VE5dy3X7Wrf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VrrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//+lo6ek=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1450.770880][T31255] EXT4-fs (loop1): 1 truncate cleaned up
07:33:55 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpv292sbEkp59AEYCiLikTRpgR64FIHEASQkOJRjSNIq1G1QEyRaRTQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzzsurCfj7TtzO46M9+dHXs8sw6gtKrZP0nE/oj4JSIGmtmVJ1Sb/91anJ/4c3F+Iol6/Y3fk8Z5fyzOTxSnFq/bl2eG0oj04ySOrFPu7OUr58drtalLeX5k7sK7I7OXrzwzfWH83NS5qYtjp06dPDH6/HNjz3Ykzv6sroc/mDl66JW3rr82ceb62z98ldV3f368NY5OqUZ15bVs8XinC+ux/pZ0squHFWFLKhGRNVdfo/8PRCWWG28gXv6op5UDuqper9f3tD+8UAf+w5LodQ2A3ig+6LPvv8V2m4Yed4SbpyPSPP5b+dY8squxP/LvRv1dKr8aEWcW/vo826JL8xAAAK2+OR0RT683/kvjvpbz7srXhgYj4u6IOBAR90TEwYi4N6Jx7v0R8cAWy6+uyq8d/6Q3thXYJmXjvxfyta2V479i9BeDlTzX34i/Lzk7XZs6nl+Toejbk+VHNyjj25d+/rTdsdbxX7Zl5RdjwbweN3atmqCbHJ8b30nMrW5+2JgDvLo2/mRpJSCJiEMRcXgbfz+7ZtNPfnm03fF/jn8DHVhnqn8R8USz/RdiVfyFZOP1yZH/RW3q+EhxV6z140/XXm9X/o7i74Cs/feue/8vxT+YtK7Xzm69jGu/ftL2O8127//dyZuN9O583/vjc3OXRiN2J6+u3T+2/NoiX5yfxT90bP3+fyCWr8SRiMhu4gcj4qGIeDiv+yMR8WhEHNsg/u9ffOyd7cffXVn8k1tq/60nKue/+7pd+Ztr/5ON1FC+ZzPvf5ut4E6uHQAAAPxbpI1n4JN0eCmdpsPDzWf4D8betDYzO/fU2Zn3Lk42n5UfjL60mOkaaJkPHc3nhov82Kr8iXze+LPK/xv54YmZ2mSvg4eS29em/2d+q/S6dkDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9qD+oB3H4+/6G89H8oL/0fykv/h1Laye/6JcqciPSOqIZElxK9fmcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojL8DAAD//wdE6eg=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:55 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 26)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1451.017691][T31272] loop1: detected capacity change from 0 to 512
[ 1451.027962][T31274] loop0: detected capacity change from 0 to 512
[ 1451.039200][T31276] loop4: detected capacity change from 0 to 512
[ 1451.041585][T31272] EXT4-fs: Ignoring removed nobh option
[ 1451.047896][T31276] EXT4-fs: Ignoring removed nobh option
[ 1451.058290][T31274] EXT4-fs: Ignoring removed nobh option
[ 1451.068499][T31276] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1451.070407][T31274] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1451.085516][T31272] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1451.769809][T31283] FAULT_INJECTION: forcing a failure.
[ 1451.769809][T31283] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1451.783071][T31283] CPU: 1 PID: 31283 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1451.794022][T31283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1451.804851][T31283] Call Trace:
[ 1451.808131][T31283]
[ 1451.811062][T31283] dump_stack_lvl+0xd6/0x130
[ 1451.815671][T31283] dump_stack+0x11/0x20
07:33:56 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 32)
[ 1451.819922][T31283] should_fail_ex+0x224/0x230
[ 1451.824612][T31283] __alloc_pages+0x10a/0x340
[ 1451.829511][T31283] vma_alloc_folio+0x6a0/0x8e0
[ 1451.834004][T31282] loop5: detected capacity change from 0 to 512
[ 1451.834446][T31283] ? sysvec_reschedule_ipi+0x58/0x100
[ 1451.846168][T31283] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1451.852086][T31283] do_anonymous_page+0x15a/0x9c0
[ 1451.857090][T31283] handle_mm_fault+0x8dc/0xb20
[ 1451.861919][T31283] do_user_addr_fault+0x4a1/0x980
[ 1451.867098][T31283] ? switch_fpu_return+0x83/0x190
[ 1451.872143][T31283] exc_page_fault+0x60/0x160
[ 1451.876727][T31283] asm_exc_page_fault+0x22/0x30
[ 1451.881656][T31283] RIP: 0033:0x7fc7bd7110c0
[ 1451.886064][T31283] Code: e8 e5 fe ff ff 41 89 c7 85 c0 78 40 3d ff 00 00 00 7f 2f 49 8b 45 10 49 3b 45 08 0f 84 19 01 00 00 45 85 ff 74 0c 49 8b 55 00 <44> 88 3c 02 49 8b 45 10 48 83 c0 01 49 89 45 10 eb be 66 0f 1f 44
[ 1451.905708][T31283] RSP: 002b:00007fc7bcac5600 EFLAGS: 00010202
[ 1451.911841][T31283] RAX: 0000000000012000 RBX: 00007fc7bcac5660 RCX: 0000000000000007
[ 1451.919875][T31283] RDX: 00007fc7b46a6000 RSI: 000000000000002b RDI: 00007fc7bcac5700
[ 1451.928040][T31283] RBP: 0000000000000063 R08: 0000000000000007 R09: 0000000000000050
[ 1451.936013][T31283] R10: 0000000000000010 R11: 00007fc7bcac5660 R12: 00007fc7bcac5670
[ 1451.944343][T31283] R13: 00007fc7bcac5700 R14: 0000000000000001 R15: 0000000000000073
[ 1451.952584][T31283]
[ 1451.955786][T31283] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1451.957178][T31276] EXT4-fs (loop4): Remounting filesystem read-only
[ 1451.965254][T31274] EXT4-fs (loop0): Remounting filesystem read-only
[ 1451.971575][T31283] loop2: detected capacity change from 0 to 512
[ 1451.982036][T31272] EXT4-fs (loop1): Remounting filesystem read-only
[ 1451.990134][T31276] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1451.990554][T31274] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1452.006939][T31272] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1452.021039][T31274] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1452.033504][T31276] EXT4-fs (loop4): 1 truncate cleaned up
[ 1452.049790][T31272] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
07:33:56 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0aOUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/ubvSaPcH4vzE0XR4n378sxQGpF+ksSRdeqdvXT53HitNnUxz4/MnX9vZPbS5Wemz4+fnTo7dWHs1KmTJ0aff27s2Y7E2Z+19fCHM0cPvfr2tdcnTl9754evsvbuz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIVz7uauOAXVWv1+t72u9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHmi9kN6/VG/LfyrbmnJ9K8TO+q+9tOqkbE6YW/vsi22KV5CACAVt9k45+n1xv/pXFfS7m78rWhwYi4OyIORMQ9EXEwIu6NaJS9PyIe2GL91VX5teOf9Ma2AtukbPz3Qr62tXL8V4z+YrCS5/ob8fcmZ6ZrU8fzYzIUvXuy/OgGdXz78s+ftdvXOv7Ltqz+YiyYt+NGz6oJusnxufGdxNzq5keNOcAra+NPllYCkog4FBGHt/H3s2M2/eSXR9vt/+f4N9CBdab69Ygnmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPWNdvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9ddP297TbPf670veaqT78tc+GJ+buzga0Ze8tvb1seX3FvmifBb/0LH1+/+BWD4SRyIiu4gfjIiHIuLhvO2PRMSjEXFsg/i/f+mxd7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayl/ZzOffZhu4k2MHAAAA/xZp4xn4JB1eSqfp8HDzGf6DsTetzczOPXVm5v0Lk81n5QejNy1mugZa5kNH87nhIj+2Kn8inzf+vPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuP9//UF76P5SX/g/lpf9DKe3kd/0SZU5Eekc0Q2KXEt3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//CD7qiA==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1452.054452][T31282] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2978/file0 supports timestamps until 2038 (0x7fffffff)
[ 1452.077927][T31274] EXT4-fs (loop0): 1 truncate cleaned up
[ 1452.095923][T31272] EXT4-fs (loop1): 1 truncate cleaned up
[ 1452.103930][T31283] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3001/file0 supports timestamps until 2038 (0x7fffffff)
[ 1452.171100][T31292] FAULT_INJECTION: forcing a failure.
[ 1452.171100][T31292] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1452.184608][T31292] CPU: 0 PID: 31292 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1452.195660][T31292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1452.205701][T31292] Call Trace:
[ 1452.209014][T31292]
[ 1452.212068][T31292] dump_stack_lvl+0xd6/0x130
[ 1452.216647][T31292] dump_stack+0x11/0x20
[ 1452.220896][T31292] should_fail_ex+0x224/0x230
[ 1452.225687][T31292] __alloc_pages+0x10a/0x340
[ 1452.230289][T31292] alloc_pages+0x3f1/0x4f0
[ 1452.234739][T31292] get_zeroed_page+0x13/0x40
[ 1452.239393][T31292] mon_bin_open+0x1ba/0x3c0
[ 1452.243939][T31292] chrdev_open+0x362/0x3d0
[ 1452.248363][T31292] ? cd_forget+0xe0/0xe0
[ 1452.252626][T31292] do_dentry_open+0x59a/0x910
[ 1452.257356][T31292] vfs_open+0x43/0x50
[ 1452.261344][T31292] path_openat+0x16b8/0x1b60
[ 1452.265929][T31292] ? _parse_integer_limit+0x16f/0x190
[ 1452.271291][T31292] do_filp_open+0x105/0x220
[ 1452.275866][T31292] do_sys_openat2+0xb5/0x2a0
[ 1452.280499][T31292] ? __schedule+0x546/0x6f0
[ 1452.284994][T31292] __x64_sys_openat+0xef/0x110
[ 1452.289829][T31292] do_syscall_64+0x2b/0x70
[ 1452.294253][T31292] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1452.300244][T31292] RIP: 0033:0x7f53668d4234
[ 1452.304661][T31292] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1452.324555][T31292] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1452.333022][T31292] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1452.341014][T31292] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1452.348980][T31292] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1452.356954][T31292] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1452.365173][T31292] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1452.373172][T31292]
07:33:56 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x11, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:56 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGRhg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIg5ExK8R0d/MrixQbf53c3Fu/K/FufEk6vU3/0ga5f5cnBsvihbv259nBtOI9JMkjq5T78zlK+fHarXJS3l+ePbCe8Mzl688M3Vh7NzkucmLo6dPnzo58vxzo892JM6+rK1HPpw+dvjVt6+9Pn7m2js/fp2190C+vzWOTqlGdeWxbPF4pyvrsr6WdLKniw1hSyoRkZ2unkb/749KLJ+8/njl4642DthV8/V6fW/73Qt14H8sG80DZVR80Wf3v8V2i4Yet4UbLzZvgLK4b+Zbc8+eSPMyPavubzupGhFnFv7+Ittil+YhAABafZuNf55eb/yXxn0t5e7K14YGIuLuiDgYEfdExKGIuDeiUfb+iHhgi/VXV+XXjn/S69sKbJOy8d8L+drWyvFfMfqLgUqe62vE35OcnapNnsiPyWD07M3yIxvU8d3Lv3zWbl/r+C/bsvqLsWDejut7Vk3QTYzNju0k5lY3Pors/n9+bfzJ0kpAEhGHI+LINv5+dsymnvzqWLv9/x7/BjqwzlT/MuKJ5vlfiFXxF5KN1yeH74ja5Inh4qpY66efr77Rrv4dxd8B2fnft+71vxT/QNK6Xjuz9Tqu/vZp23ua7V7/vclbjXRv/toHY7Ozl0YiepPX1r4+uvzeIl+Uz+IfPL5+/z8Yy0fiaERkF/GDEfFQRDyct/2RiHg0Io5vEP8PLz327vbj311Z/BNbOv9bT1TOf/9Nu/o3d/5PNVKD+Sub+fzbbAN3cuwAAADgvyJtPAOfpENL6TQdGmo+w38o9qW16ZnZp85Ov39xovms/ED0pMVMV3/LfOhIPjdc5EdX5U/m88afV+5s5IfGp2sT3Q4eSm5/m/6f+b3S7dYBu87vtaC89H8oL/0fykv/h/LS/6G81uv/811oB3Dr+f6H8tL/obz0fygv/R9KaSe/65cocyLS26IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8EwAA//+/++lq")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:33:56 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQBIFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/sbvSaPcH4vzE0XR4n378sxQGpF+nMSRdeqdvXzl/HitNnUpz4/MXXh3ZPbylWemL4yfmzo3dXHs1KmTJ0aff27s2Y7E2Z+19fAHM0cPvfLW9dcmzlx/+4evsvbuz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz/qauOAXVWv1+t72u9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHm6ea9eBb3rXxr7umJNC/Tu+r+tpOqEXFm4a/Psy12aR4CAKDVN6cj4un1xn9p3NdS7q58bWgwIu6OiAMRcU9EHIyIeyMaZe+PiAe2WH91VX7t+Ce9sa3ANikb/72Qr22tHP8Vo78YrOS5/kb8vcnZ6drU8fyYDEXvniw/ukEd377086ft9rWO/7Itq78YC+btuNGzaoJucnxufCcxt7r5YWMO8Ora+JOllYAkIg5FxOFt/P3smE0/+eXRdvv/Of4NdGCdqf5FxBPN878Qq+IvJBuvT478L2pTx0eKq2KtH3+69nq7+ncUfwdk53/vutf/UvyDSet67ezW67j26ydt72m2e/33JW820n35a++Pz81dGo3oS15d+/rY8nuLfFE+i3/o2Pr9/0AsH4kjEZFdxA9GxEMR8XDe9kci4tGIOLZB/N+/+Ng7249/d2XxT27p/G89UTn/3dft6t/c+T/ZSA3lr2zm82+zDdzJsQMAAIB/i7TxDHySDi+l03R4uPkM/8HYm9ZmZueeOjvz3sXJ5rPyg9GbFjNdAy3zoaP53HCRH1uVP5HPG39W+X8jPzwxU5vsdvBQcvva9P/Mb5Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/2oV2ALef738oL/0fykv/h/LS/6GUdvK7fokyJyK9I5ohsUuJbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMbfAQAA//8vv+oL")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1452.519624][T31295] loop4: detected capacity change from 0 to 512
[ 1452.529513][T31295] EXT4-fs: Ignoring removed nobh option
[ 1452.555232][T31295] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1452.568300][T31295] EXT4-fs (loop4): Remounting filesystem read-only
[ 1452.575287][T31295] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1452.591483][T31295] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1452.608305][T31295] EXT4-fs (loop4): 1 truncate cleaned up
07:33:56 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTuCGxJ/ASe4IOCExBXuqFKFcqFwMlp7N3EeDnk4dWE/H2mdGe84M9/dHXs8sw6gtKrZQxKxPyJ+iYiBZnZlgWrzz83F+Yk/F+cnkqjXX/89aZT7Y3F+oihavG5fnhlKI9KPkjiyTr2zly6fG6/Vpi7m+ZG58++MzF66/NT0+fGzU2enLoydOnXyxOizz4w93ZE4+7O2Hn5/5uihl9+89urE6Wtv/fBV1t79+f7WODqlGtWVx7LFo52urMv6W9JJTxcbwpZUIiI7Xb2N/j8QlVg+eQPx0oddbRywq+r1en1P+90LdeA/LIlutwDojuKDPvv+W2y3aOhxW7jxfPb4RSP+m/nW3NMTaV6md9X3206qRsTphb8+y7bYpXkIAIBW32TjnyfXG/+lcU9LuTvytaHBiLgzIg5ExF0RcTAi7o5olL03Iu7bYv3VVfm145/0+rYC26Rs/Pdcvra1cvxXjP5isJLn+hvx9yZnpmtTx/NjMhS9e7L86AZ1fPviz5+029c6/su2rP5iLJi343rPqgm6yfG58Z3E3OrGB405wCtr40+WVgKSiDgUEYe38f+zYzb9+JdH2+3/5/g30IF1pvrnEY81z/9CrIq/kGy8Pjnyv6hNHR8proq1fvzp6mvt6t9R/B2Qnf+9617/S/EPJq3rtbNbr+Pqrx+3/U6z3eu/L3mjke7Ln3tvfG7u4mhEX/LK2ufHll9b5IvyWfxDx9bv/wdi+UgciYjsIr4/Ih6IiAfztj8UEQ9HxLEN4v/+hUfe3n78uyuLf3JL53/ricq5775uV//mzv/JRmoof2Yz73+bbeBOjh0AAAD8W6SNe+CTdHgpnabDw817+A/G3rQ2Mzv3xJmZdy9MNu+VH4zetJjpGmiZDx3N54aL/Niq/Il83vjTyv8b+eGJmdpkt4OHktvXpv9nfqt0u3XArvN7LSgv/R/KS/+H8tL/obz0fyiv9fr/lS60A7j1fP5Deen/UF76P5SX/g+ltJPf9UuUORHpbdEMiV1KdPudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DgAA//8IPeqI")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:33:56 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 27)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1452.697883][T31299] loop0: detected capacity change from 0 to 512
[ 1452.706780][T31299] EXT4-fs: Ignoring removed nobh option
[ 1452.716739][T31299] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1452.726990][T31303] loop1: detected capacity change from 0 to 512
[ 1452.731178][ T9929] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1452.740967][T31306] loop4: detected capacity change from 0 to 512
[ 1452.748407][T31299] EXT4-fs (loop0): Remounting filesystem read-only
[ 1452.753506][T31303] EXT4-fs: Ignoring removed nobh option
[ 1452.757323][T31299] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1452.763898][T31306] EXT4-fs: Ignoring removed nobh option
[ 1452.786013][T31306] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1452.798099][T31306] EXT4-fs (loop4): Remounting filesystem read-only
[ 1453.380240][T31306] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1453.434482][T31308] loop5: detected capacity change from 0 to 512
[ 1453.444930][T31311] FAULT_INJECTION: forcing a failure.
[ 1453.444930][T31311] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1453.458173][T31311] CPU: 0 PID: 31311 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1453.469102][T31311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1453.479270][T31311] Call Trace:
[ 1453.482539][T31311]
[ 1453.485459][T31311] dump_stack_lvl+0xd6/0x130
[ 1453.490048][T31311] dump_stack+0x11/0x20
[ 1453.494189][T31311] should_fail_ex+0x224/0x230
[ 1453.498892][T31311] __alloc_pages+0x10a/0x340
[ 1453.503493][T31311] vma_alloc_folio+0x6a0/0x8e0
[ 1453.508347][T31311] ? __alloc_pages+0x199/0x340
[ 1453.513110][T31311] wp_page_copy+0x13e/0x1710
[ 1453.517687][T31311] ? debug_smp_processor_id+0x13/0x20
[ 1453.523055][T31311] ? delay_tsc+0xc1/0xe0
[ 1453.527320][T31311] ? preempt_count_add+0x5e/0xa0
[ 1453.532262][T31311] do_wp_page+0x22a/0x640
[ 1453.536695][T31311] handle_mm_fault+0x644/0xb20
[ 1453.541521][T31311] do_user_addr_fault+0x4a1/0x980
[ 1453.546583][T31311] exc_page_fault+0x60/0x160
[ 1453.551216][T31311] asm_exc_page_fault+0x22/0x30
[ 1453.556083][T31311] RIP: 0033:0x7fc7bd7111a1
[ 1453.560499][T31311] Code: 08 77 56 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c1 77 1c 49 8b 75 00 49 89 c1 49 29 c9 46 0f b6 0c 0e 45 84 c9 74 08 <44> 88 0c 06 49 8b 45 10 48 83 c0 01 49 89 45 10 83 ea 01 73 d2 41
[ 1453.580429][T31311] RSP: 002b:00007fc7bcaa4600 EFLAGS: 00010202
[ 1453.586551][T31311] RAX: 0000000000015800 RBX: 00007fc7bcaa4660 RCX: 000000000000344f
[ 1453.594510][T31311] RDX: 0000000000000063 RSI: 00007fc7b4685000 RDI: 00007fc7bcaa4700
[ 1453.602615][T31311] RBP: 0000000000000064 R08: 000000000000000d R09: 0000000000000073
[ 1453.610587][T31311] R10: 000000000000000c R11: 00000000000004a4 R12: 00007fc7bcaa4670
[ 1453.618545][T31311] R13: 00007fc7bcaa4700 R14: 0000000000003001 R15: 000000000000001b
[ 1453.626509][T31311]
07:33:57 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 33)
[ 1453.629603][T31311] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1453.640958][T31311] loop2: detected capacity change from 0 to 512
[ 1453.668291][T31306] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1453.678059][T31299] EXT4-fs error (device loop0): ext4_validate_block_bitmap:399: comm syz-executor.0: bg 0: block 5: invalid block bitmap
[ 1453.690853][T31306] EXT4-fs (loop4): 1 truncate cleaned up
[ 1453.701826][T31299] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6071: Corrupt filesystem
[ 1453.703741][T31311] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3002/file0 supports timestamps until 2038 (0x7fffffff)
07:33:58 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SPokPgLqKBBQIVECz2KFCE3BKpDe7drnx9n/DjnAvv5SJvM3M555ru7czc7sxdAaVWzf5KI/RHxS0QMNLMrC1Sb/91cnJ/4c3F+Iol6/fXfk0a5PxbnJ4qixfv25ZmhNCL9KIkj69Q7e+nyufFabepinh+ZO//OyOyly09Nnx8/O3V26sLYqVMnT4w++8zY0x2Jsz9r6+H3Z44eevnNa69OnL721g9fZe3dn+9vjaNTqlFdeSxbPNrpyrqsvyWd9HSxIWxJJSKy09Xb6P8DUYnlkzcQL33Y1cYBu6per9f3tN+9UAf+w5LodguA7ii+6LP732K7RUOP28KN57Mb1i8a8d/Mt+aenkjzMr2r7m87qRoRpxf++izbYpfmIQAAWn2TjX+eXG/8l8Y9LeXuyNeGBiPizog4EBF3RcTBiLg7olH23oi4b4v1V1fl145/0uvbCmyTsvHfc/na1srxXzH6i8FKnutvxN+bnJmuTR3Pj8lQ9O7J8qMb1PHtiz9/0m5f6/gv27L6i7Fg3o7rPasm6CbH58Z3EnOrGx805gCvrI0/WVoJSCLiUEQc3sbfz47Z9ONfHm23/5/j30AH1pnqn0c81jz/C7Eq/kKy8frkyP+iNnV8pLgq1vrxp6uvtat/R/F3QHb+9657/S/FP5i0rtfObr2Oq79+3PaeZrvXf1/yRiPdl7/23vjc3MXRiL7klbWvjy2/t8gX5bP4h46t3/8PxPKROBIR2UV8f0Q8EBEP5m1/KCIejohjG8T//QuPvL39+HdXFv/kls7/1hOVc9993a7+zZ3/k43UUP7KZj7/NtvAnRw7AAAA+LdIG8/AJ+nwUjpNh4ebz/AfjL1pbWZ27okzM+9emGw+Kz8YvWkx0zXQMh86ms8NF/mxVfkT+bzxp5X/N/LDEzO1yW4HDyW3r03/z/xW6XbrgF3n91pQXvo/lJf+D+Wl/0N56f9QXuv1/ytdaAdw6/n+h/LS/6G89H8oL/0fSmknv+uXKHMi0tuiGRK7lOj2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/B0AAP//82XqiQ==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1453.711075][T31303] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1453.742543][T31299] EXT4-fs (loop0): 1 truncate cleaned up
[ 1453.746460][T31303] EXT4-fs (loop1): Remounting filesystem read-only
[ 1453.760477][T31303] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1453.800079][T31303] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1453.824914][T31319] FAULT_INJECTION: forcing a failure.
[ 1453.824914][T31319] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1453.838273][T31319] CPU: 1 PID: 31319 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1453.849208][T31319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1453.859319][T31319] Call Trace:
[ 1453.862594][T31319]
[ 1453.865528][T31319] dump_stack_lvl+0xd6/0x130
[ 1453.870109][T31319] dump_stack+0x11/0x20
[ 1453.874326][T31319] should_fail_ex+0x224/0x230
[ 1453.879020][T31319] __alloc_pages+0x10a/0x340
[ 1453.883603][T31319] alloc_pages+0x3f1/0x4f0
[ 1453.888043][T31319] get_zeroed_page+0x13/0x40
[ 1453.893654][T31319] mon_bin_open+0x1ba/0x3c0
[ 1453.898158][T31319] chrdev_open+0x362/0x3d0
[ 1453.902576][T31319] ? cd_forget+0xe0/0xe0
[ 1453.906812][T31319] do_dentry_open+0x59a/0x910
[ 1453.911508][T31319] vfs_open+0x43/0x50
[ 1453.915493][T31319] path_openat+0x16b8/0x1b60
[ 1453.920239][T31319] ? _parse_integer_limit+0x16f/0x190
[ 1453.925611][T31319] do_filp_open+0x105/0x220
[ 1453.930238][T31319] do_sys_openat2+0xb5/0x2a0
[ 1453.934874][T31319] ? mutex_lock+0x9/0x30
[ 1453.939118][T31319] ? fput+0x2c/0x130
[ 1453.943155][T31319] __x64_sys_openat+0xef/0x110
[ 1453.947921][T31319] do_syscall_64+0x2b/0x70
[ 1453.952861][T31319] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1453.959122][T31319] RIP: 0033:0x7f53668d4234
[ 1453.963526][T31319] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1453.983237][T31319] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1453.991648][T31319] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1454.000563][T31319] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1454.008531][T31319] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1454.016579][T31319] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1454.024542][T31319] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1454.032535][T31319]
07:33:58 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x12, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:58 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIyE5Xb6P/D0Qllk/eQLzycVcbB+yqer1e32D3Qh34H0ui2y0AuqP4os/uf4vt1ow8bg83XmzeAGVx38y35p6eSPMyvavubzupGhGnF/7+Ittil+YhAABafZuNf55eb/yXxn0t5e7K14YGI+LuiDgQEfdExMGIuDeiUfb+iHhgi/VXV+XXjn/S69sKbJOy8d8L+drWyvFfMfqLwUqe62/E35ucma5NHc+PyVD07snyoxvU8d3Lv3zWbl/r+C/bsvqLsWDejus9e1a+Z3J8bnwnMbe68VFjDvDK2viTpZWAJCIORcThbfz97JhNP/nV0Xb7/z3+DXRgnan+ZcQTzfO/EKviLyQbr0+O3BG1qeMjxVWx1k8/X32jXf07ir8DsvO/d93rfyn+waR1vXZ263Vc/e3Ttvc0273++5K3Gum+/LUPxufmLo5G9CWvrX19bPm9Rb4on8U/dGz9/n8glo/EkYjILuIHI+KhiHg4b/sjEfFoRBzbIP4fXnrs3e3Hv7uy+Ce3dP63nqic+/6bdvVv7vyfbKSG8lc28/m32Qbu5NgBAADAf0XaeAY+SYeX0mk6PNx8hv9g7E1rM7NzT52Zef/CZPNZ+cHoTYuZroGW+dDRfG64yI+typ/I540/r9zZyA9PzNQmux08lNy+Nv0/83ul260Ddp3fa0F56f9QXvo/lJf+D+Wl/0N5rdf/r3ShHcCt5/sfykv/h/LS/6G89H8opZ38rl+izIlIb4tmSOxSotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xTwAAAP//MCjp4w==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1454.090532][T31303] EXT4-fs (loop1): 1 truncate cleaned up
[ 1454.119929][T31322] loop4: detected capacity change from 0 to 512
[ 1454.152183][T31322] EXT4-fs: Ignoring removed nobh option
07:33:58 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AEN5RDySJi3QA5cikDiAhASHcgxJWoW6DWqCRKuIBoTKEVXijjgi8RdwggsCTkhc4Y4qVSgXCiejtXcT5+GQh1MX9veTtp3xjjPz7ezY4xk7gNKqZv8kEfsi4teI6G9mlxeoNv+7uTA3/tfC3HgS9fqbfySNcn8uzI0XRYvn7c0zg2lE+kkSh9eod+bS5XNjtdrkxTw/PHv+veGZS5efnTo/dnby7OSF0ZMnTxwfeeH50ec6Emdf1tZDH04fOfjq29deHz997Z0fv87auy8/3xpHp1Sjuvxatni805V1WV9LOtnVxYawKZWIyLqrpzH++6MSS53XH6983NXGATuqXq/Xd7c/PV8H/seS6HYLgO4o3uizz7/FcYumHreFG6cinsjjv5kfzTO7Is3L9Kz4fNtJ1Yg4Pf/3F9kRO7QOAQDQ6ttTEfHMWvO/NO5rKXdXvjc0EBF3R8T+iLgnIg5ExL0RjbL3R8QDm6y/uiK/ev6TXt9SYBuUzf9ezPe2ls//itlfDFTyXF8j/p7kzFRt8lh+TQajZ3eWH1mnju9e/uWzduda53/ZkdVfzAXzdlzftWKBbmJsdmw7Mbe68VFjDfDK6viTxZ2AJCIORsShLfz97JpNPfXVkXbn/z3+dXRgn6n+ZcSTzf6fjxXxF5L19yeH74ja5LHh4q5Y7aefr77Rrv5txd8BWf/vWfP+X4x/IGndr53ZfB1Xf/u07Weard7/vclbjXRv/tgHY7OzF0ciepPXVj8+uvTcIl+Uz+IfPLr2+N8fS1ficERkN/GDEfFQRDyct/2RiHg0Io6uE/8PLz327tbj31lZ/BOb6v/NJyrnvv+mXf0b6/8TjdRg/shGXv822sDtXDsAAAD4r0gb34FP0qHFdJoODTW/w38g9qS16ZnZp89Mv39hovld+YHoSYuVrv6W9dCRfG24yI+uyB/P140/r9zZyA+NT9cmuh08lNzeNuM/83ul260Ddpzfa0F5Gf9QXsY/lJfxD+Vl/EN5rTX+r3ShHcCt5/0fysv4h/Iy/qG8jH8ope38rl+izIlIb4tmSOxQotuvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xTwAAAP//GvfqDA==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1454.196745][T31322] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1454.216707][T31322] EXT4-fs (loop4): Remounting filesystem read-only
[ 1454.224758][T31322] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:33:58 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 28)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:58 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTtCnJD4CzjBBQEnJK5wR5UqlAuFk9Hau4nzcMjDqQv7+UjrzHjHmfnu7tjjmXUApVXNHpKI/RHxS0QMNLMrC1Sbf24uzk/8uTg/kUS9/vrvSaPcH4vzE0XR4nX78sxQGpF+lMSRdeqdvXT53HitNnUxz4/MnX9nZPbS5aemz4+fnTo7dWHs1KmTJ0affWbs6Y7E2Z+19fD7M0cPvfzmtVcnTl9764evsvbuz/e3xtEp1aiuPJYtHu10ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz7sauOAXVWv1+t72u9eqAP/YUl0uwVAdxQf9Nn332K7RUOP28KN57PHLxrx38y35p6eSPMyvau+33ZSNSJOL/z1WbbFLs1DAAC0+iYb/zy53vgvjXtayt2Rrw0NRsSdEXEgIu6KiIMRcXdEo+y9EXHfFuuvrsqvHf+k17cV2CZl47/n8rWtleO/YvQXg5U819+Ivzc5M12bOp4fk6Ho3ZPlRzeo49sXf/6k3b7W8V+2ZfUXY8G8Hdd7Vk3QTY7Pje8k5lY3PmjMAV5ZG3+ytBKQRMShiDi8jf+fHbPpx7882m7/P8e/gQ6sM9U/j3isef4XYlX8hWTj9cmR/0Vt6vhIcVWs9eNPV19rV/+O4u+A7PzvXff6X4p/MGldr53deh1Xf/247Xea7V7/fckbjXRf/tx743NzF0cj+pJX1j4/tvzaIl+Uz+IfOrZ+/z8Qy0fiSERkF/H9EfFARDyYt/2hiHg4Io5tEP/3Lzzy9vbj311Z/JNbOv9bT1TOffd1u/o3d/5PNlJD+TObef/bbAN3cuwAAADg3yJt3AOfpMNL6TQdHm7ew38w9qa1mdm5J87MvHthsnmv/GD0psVM10DLfOhoPjdc5MdW5U/k88afVv7fyA9PzNQmux08lNy+Nv0/81ul260Ddp3fa0F56f9QXvo/lJf+D+Wl/0N5rdf/r3ShHcCt5/Mfykv/h/LS/6G89H8opZ38rl+izIlIb4tmSOxSotvvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//82TqiQ==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1454.240130][T31322] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1454.256767][T31322] EXT4-fs (loop4): 1 truncate cleaned up
[ 1454.320328][T31327] loop1: detected capacity change from 0 to 512
[ 1454.328093][T31327] EXT4-fs: Ignoring removed nobh option
[ 1454.341517][T31327] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1454.347806][T31332] loop0: detected capacity change from 0 to 512
[ 1454.357292][ T9501] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1454.362874][T31332] EXT4-fs: Ignoring removed nobh option
[ 1454.382854][T31332] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1454.434203][T31336] loop5: detected capacity change from 0 to 512
[ 1454.457626][T31338] loop4: detected capacity change from 0 to 512
[ 1454.946127][T31327] EXT4-fs (loop1): Remounting filesystem read-only
[ 1454.954311][T31341] FAULT_INJECTION: forcing a failure.
[ 1454.954311][T31341] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1454.967562][T31341] CPU: 0 PID: 31341 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1454.978496][T31341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1454.988614][T31341] Call Trace:
[ 1454.991880][T31341]
[ 1454.994797][T31341] dump_stack_lvl+0xd6/0x130
[ 1454.999470][T31341] dump_stack+0x11/0x20
[ 1455.003701][T31341] should_fail_ex+0x224/0x230
[ 1455.008380][T31341] __alloc_pages+0x10a/0x340
[ 1455.013025][T31341] vma_alloc_folio+0x6a0/0x8e0
[ 1455.017883][T31341] shmem_get_folio_gfp+0x53f/0x1330
[ 1455.023268][T31341] shmem_write_begin+0xa2/0x1e0
[ 1455.028115][T31341] generic_perform_write+0x1d4/0x3f0
[ 1455.033425][T31341] ? file_update_time+0x36a/0x3a0
[ 1455.038625][T31341] __generic_file_write_iter+0xe3/0x280
[ 1455.044638][T31341] generic_file_write_iter+0x79/0x1c0
[ 1455.050002][T31341] vfs_write+0x468/0x760
[ 1455.054331][T31341] ksys_write+0xe8/0x1a0
[ 1455.058740][T31341] __x64_sys_write+0x3e/0x50
[ 1455.063666][T31341] do_syscall_64+0x2b/0x70
[ 1455.068075][T31341] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1455.073971][T31341] RIP: 0033:0x7fc7bd725e2f
[ 1455.078382][T31341] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1455.098374][T31341] RSP: 002b:00007fc7bcaa4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1455.107040][T31341] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc7bd725e2f
[ 1455.115039][T31341] RDX: 0000000000040000 RSI: 00007fc7b4685000 RDI: 0000000000000007
[ 1455.123878][T31341] RBP: 00007fc7b4685000 R08: 0000000000000000 R09: 00000000000004a0
[ 1455.132016][T31341] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000
[ 1455.139976][T31341] R13: 00007fc7bcaa4fdc R14: 00007fc7bcaa4fe0 R15: 0000000020000582
[ 1455.148043][T31341]
[ 1455.167089][T31338] EXT4-fs: Ignoring removed nobh option
[ 1455.174308][T31332] EXT4-fs (loop0): Remounting filesystem read-only
07:33:59 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 34)
[ 1455.192146][T31327] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1455.218425][T31332] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1455.239539][T31327] EXT4-fs (loop1): 1 truncate cleaned up
[ 1455.296557][T31347] FAULT_INJECTION: forcing a failure.
[ 1455.296557][T31347] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1455.310492][T31347] CPU: 1 PID: 31347 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1455.321552][T31347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1455.331668][T31347] Call Trace:
[ 1455.334987][T31347]
[ 1455.337906][T31347] dump_stack_lvl+0xd6/0x130
[ 1455.342486][T31347] dump_stack+0x11/0x20
[ 1455.346699][T31347] should_fail_ex+0x224/0x230
[ 1455.351486][T31347] __alloc_pages+0x10a/0x340
[ 1455.356075][T31347] alloc_pages+0x3f1/0x4f0
[ 1455.360507][T31347] get_zeroed_page+0x13/0x40
[ 1455.365123][T31347] mon_bin_open+0x1ba/0x3c0
[ 1455.369633][T31347] chrdev_open+0x362/0x3d0
[ 1455.374069][T31347] ? cd_forget+0xe0/0xe0
[ 1455.378337][T31347] do_dentry_open+0x59a/0x910
[ 1455.383171][T31347] vfs_open+0x43/0x50
[ 1455.387436][T31347] path_openat+0x16b8/0x1b60
[ 1455.392136][T31347] ? _parse_integer_limit+0x16f/0x190
[ 1455.397693][T31347] do_filp_open+0x105/0x220
[ 1455.402391][T31347] do_sys_openat2+0xb5/0x2a0
[ 1455.407075][T31347] ? mutex_lock+0x9/0x30
[ 1455.411375][T31347] ? fput+0x2c/0x130
[ 1455.415331][T31347] __x64_sys_openat+0xef/0x110
[ 1455.420122][T31347] do_syscall_64+0x2b/0x70
[ 1455.424610][T31347] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1455.430500][T31347] RIP: 0033:0x7f53668d4234
[ 1455.434957][T31347] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1455.455254][T31347] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1455.463695][T31347] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1455.471652][T31347] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1455.479610][T31347] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1455.487729][T31347] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1455.495685][T31347] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1455.503649][T31347]
[ 1455.510717][T31332] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 223 vs 220 free clusters
[ 1455.534085][T31336] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2980/file0 supports timestamps until 2038 (0x7fffffff)
[ 1455.556912][T31332] EXT4-fs (loop0): 1 truncate cleaned up
[ 1455.587815][T31338] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
07:33:59 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 29)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:33:59 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIyE5Xb6P/D0Qllk/eQLzycVcbB+yqer1eb/cdFRELdeB/LIlutwDojuKLPrv/LbZbNPS4Ldx4sXkDlMV9M9+ae3oizcv0rrq/7aRqRJxe+PuLbItdmocAAGj1bTb+eXq98V8a97WUuytfGxqMiLsj4kBE3BMRByPi3ohG2fsj4oEt1l9dlV87/kmvbyuwTcrGfy/ka1srx3/F6C8GK3muvxF/b3JmujZ1PD8mQ9G7J8uPblDHdy//8lm7fa3jv2zL6i/Ggnk7rvfsWfmeyfG58Z3E3OrGR405wCtr40+WVgKSiDgUEYe38fezYzb95FdH2+3/9/g30IF1pvqXEU80z/9CrIq/kGy8PjlyR9Smjo8UV8VaP/189Y129e8o/g7Izv/eda//pfgHk9b12tmt13H1t0/b3tNs9/rvS95qpPvy1z4Yn5u7OBrRl7y29vWx5fcW+aJ8Fv/QsfX7/4FYPhJHIiK7iB+MiIci4uG87Y9ExKMRcWyD+H946bF3tx//7srin9zS+d96onLu+2/a1b+583+ykRrKX9nM599mG7iTYwcAAAD/FWnjGfgkHV5Kp+nwcPMZ/oOxN63NzM49dWbm/QuTzWflB6M3LWa6BlrmQ0fzueEiP7YqfyKfN/68cmcjPzwxU5vsdvBQcvva9P/M75Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/0oV2ALee738oL/0fykv/h/LS/6GUdvK7fokyJyK9LZohsUuJbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMY/AQAA//8kYOnk")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:33:59 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1455.694518][T31338] EXT4-fs (loop4): Remounting filesystem read-only
[ 1455.701149][T31338] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1455.717360][T31338] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1455.757419][T31338] EXT4-fs (loop4): 1 truncate cleaned up
07:34:00 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpv092sbEkp59AEYCiLikVcL9MClCCQOICHBoRxDklahboOaINEqogGhckSVuCOOSPwFnOCCgBMSV7ijShXKhcLJaO3dxHk45OHUhf18pG1nvOPMfHd27PGMHUBpVbN/kogDEfFLRPQ3sysLVJv/3Vqcn/hzcX4iiXr9jd+TRrk/FucniqLF8/bnmcE0Iv04iaPr1Dt7+cr58Vpt6lKeH5678O7w7OUrz0xfGD83dW7q4tipUydPjD7/3NizHYmzL2vrkQ9mjh1+5a3rr02cuf72D19l7T2Qn2+No1OqUV15LVs83unKuqyvJZ3s6WJD2JJKRGTd1dMY//1RieXO64+XP+pq44BdVa/X63vbn16oA/9hSXS7BUB3FG/02eff4rhNU487ws3TESN5/Lfyo3lmT6R5mZ5Vn287qRoRZxb++jw7YpfWIQAAWn1zOiKeXm/+l8Z9LeXuyveGBiLi7og4GBH3RMShiLg3olH2/oh4YIv1V1fl185/0hvbCmyTsvnfC/ne1sr5XzH7i4FKnutrxN+TnJ2uTY3k12QwevZm+dEN6vj2pZ8/bXeudf6XHVn9xVwwb8eNPasW6CbH58Z3EnOrmx821gCvro0/WdoJSCLicEQc2cbfz67Z9JNfHmt3/p/j30AH9pnqX0Q80ez/hVgVfyHZeH9y+H9RmxoZLu6KtX786drr7erfUfwdkPX/vnXv/6X4B5LW/drZrddx7ddP2n6m2e7935u82Uj35o+9Pz43d2k0ojd5de3jY8vPLfJF+Sz+wePrj/+DsXwljkZEdhM/GBEPRcTDedsfiYhHI+L4BvF//+Jj72w//t2VxT+5pf7feqJy/ruv29W/uf4/2UgN5o9s5vVvsw3cybUDAACAf4u08R34JB1aSqfp0FDzO/yHYl9am5mde+rszHsXJ5vflR+InrRY6epvWQ8dzdeGi/zYqvyJfN34s8r/G/mhiZnaZLeDh5Lb32b8Z36rdLt1wK7zey0oL+Mfysv4h/Iy/qG8jH8or/XG/9UutAO4/bz/Q3kZ/1Bexj+Ul/EPpbST3/VLlDkR6R3RDIldSnT7lQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//SxjqFg==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:00 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNEhcRfQAUNAiokWuhRpAi5IVAd2rtd+/w448c5F9jPR9pk5nbOM9/dnbvZmb0ASqua/ZNE7I+IXyJioJldWaDa/O/m4vzEn4vzE0nU66//njTK/bE4P1EULd63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxRZ/d/xbbLRp63BZuPJ/dsH7RiP9mvjX39ESal+lddX/bSdWIOL3w12fZFrs0DwEA0OqbbPzz5HrjvzTuaSl3R742NBgRd0bEgYi4KyIORsTdEY2y90bEfVusv7oqv3b8k17fVmCblI3/nsvXtlaO/4rRXwxW8lx/I/7e5Mx0bep4fkyGondPlh/doI5vX/z5k3b7Wsd/2ZbVX4wF83Zc71k1QTc5Pje+k5hb3figMQd4ZW38ydJKQBIRhyLi8Db+fnbMph//8mi7/f8c/wY6sM5U/zziseb5X4hV8ReSjdcnR/4XtanjI8VVsdaPP119rV39O4q/A7Lzv3fd638p/sGkdb12dut1XP3147b3NNu9/vuSNxrpvvy198bn5i6ORvQlr6x9fWz5vUW+KJ/FP3Rs/f5/IJaPxJGIyC7i+yPigYh4MG/7QxHxcEQc2yD+71945O3tx7+7svgnt3T+t56onPvu63b1b+78n2ykhvJXNvP5t9kG7uTYAQAAwL9F2ngGPkmHl9JpOjzcfIb/YOxNazOzc0+cmXn3wmTzWfnB6E2Lma6BlvnQ0XxuuMiPrcqfyOeNP638v5EfnpipTXY7eCi5fW36f+a3SrdbB+w6v9eC8tL/obz0fygv/R/KS/+H8lqv/1/pQjuAW8/3P5SX/g/lpf9Deen/UEo7+V2/RJkTkd4WzZDYpUS3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//96b6oo=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1455.800120][T31354] loop0: detected capacity change from 0 to 512
[ 1455.803165][ T9929] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1455.809437][T31354] EXT4-fs: Ignoring removed nobh option
[ 1455.828613][T31354] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1455.843911][T31354] EXT4-fs (loop0): Remounting filesystem read-only
[ 1456.538483][T31359] loop5: detected capacity change from 0 to 512
[ 1456.551552][T31360] FAULT_INJECTION: forcing a failure.
[ 1456.551552][T31360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1456.564631][T31360] CPU: 1 PID: 31360 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1456.575947][T31360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1456.586024][T31360] Call Trace:
[ 1456.589300][T31360]
[ 1456.592332][T31360] dump_stack_lvl+0xd6/0x130
[ 1456.597000][T31360] dump_stack+0x11/0x20
[ 1456.601190][T31360] should_fail_ex+0x224/0x230
[ 1456.605879][T31360] should_fail+0x7/0x10
[ 1456.610138][T31360] should_fail_usercopy+0x16/0x20
[ 1456.615170][T31360] copy_page_from_iter_atomic+0x249/0xc10
[ 1456.620970][T31360] ? PageHeadHuge+0x3b/0x120
[ 1456.625555][T31360] ? shmem_write_begin+0x131/0x1e0
[ 1456.630663][T31360] generic_perform_write+0x214/0x3f0
[ 1456.635939][T31360] ? file_update_time+0x1f5/0x3a0
[ 1456.641005][T31360] __generic_file_write_iter+0xe3/0x280
[ 1456.646607][T31360] generic_file_write_iter+0x79/0x1c0
[ 1456.651972][T31360] vfs_write+0x468/0x760
[ 1456.656206][T31360] ksys_write+0xe8/0x1a0
[ 1456.660570][T31360] __x64_sys_write+0x3e/0x50
[ 1456.665196][T31360] do_syscall_64+0x2b/0x70
[ 1456.669605][T31360] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1456.675570][T31360] RIP: 0033:0x7fc7bd725e2f
[ 1456.679986][T31360] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1456.699611][T31360] RSP: 002b:00007fc7bcaa4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1456.708030][T31360] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc7bd725e2f
[ 1456.715988][T31360] RDX: 0000000000040000 RSI: 00007fc7b4685000 RDI: 0000000000000007
[ 1456.723945][T31360] RBP: 00007fc7b4685000 R08: 0000000000000000 R09: 00000000000004a0
07:34:01 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 35)
[ 1456.731957][T31360] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000
[ 1456.739946][T31360] R13: 00007fc7bcaa4fdc R14: 00007fc7bcaa4fe0 R15: 0000000020000582
[ 1456.747907][T31360]
[ 1456.752549][T31360] loop2: detected capacity change from 0 to 512
[ 1456.823722][T31364] loop1: detected capacity change from 0 to 512
[ 1456.830829][T31364] EXT4-fs: Ignoring removed nobh option
[ 1456.832198][T31354] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters
[ 1456.847423][T31360] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3004/file0 supports timestamps until 2038 (0x7fffffff)
[ 1456.857622][T31370] loop4: detected capacity change from 0 to 512
[ 1456.890214][T31364] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1456.911775][T31370] EXT4-fs: Ignoring removed nobh option
[ 1456.918288][T31372] FAULT_INJECTION: forcing a failure.
[ 1456.918288][T31372] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1456.931669][T31372] CPU: 1 PID: 31372 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1456.942684][T31372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1456.952726][T31372] Call Trace:
[ 1456.956005][T31372]
[ 1456.958938][T31372] dump_stack_lvl+0xd6/0x130
[ 1456.963518][T31372] dump_stack+0x11/0x20
[ 1456.967672][T31372] should_fail_ex+0x224/0x230
[ 1456.972364][T31372] __alloc_pages+0x10a/0x340
[ 1456.977018][T31372] alloc_pages+0x3f1/0x4f0
[ 1456.981484][T31372] get_zeroed_page+0x13/0x40
[ 1456.986167][T31372] mon_bin_open+0x1ba/0x3c0
[ 1456.990736][T31372] chrdev_open+0x362/0x3d0
[ 1456.995149][T31372] ? cd_forget+0xe0/0xe0
[ 1456.999428][T31372] do_dentry_open+0x59a/0x910
[ 1457.004122][T31372] vfs_open+0x43/0x50
[ 1457.008103][T31372] path_openat+0x16b8/0x1b60
[ 1457.012699][T31372] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1457.018381][T31372] ? plist_check_list+0x14c/0x170
[ 1457.023534][T31372] do_filp_open+0x105/0x220
[ 1457.028046][T31372] do_sys_openat2+0xb5/0x2a0
[ 1457.032715][T31372] ? __schedule+0x546/0x6f0
[ 1457.037289][T31372] __x64_sys_openat+0xef/0x110
[ 1457.042061][T31372] do_syscall_64+0x2b/0x70
[ 1457.046478][T31372] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1457.052383][T31372] RIP: 0033:0x7f53668d4234
[ 1457.056906][T31372] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1457.076546][T31372] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1457.084950][T31372] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1457.092910][T31372] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1457.100893][T31372] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1457.108872][T31372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1457.116837][T31372] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1457.124853][T31372]
07:34:01 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 30)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:01 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x18, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1457.184637][T31364] EXT4-fs (loop1): Remounting filesystem read-only
[ 1457.197147][T31354] EXT4-fs (loop0): 1 truncate cleaned up
[ 1457.203987][T31364] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1457.220480][T31364] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1457.237184][T31364] EXT4-fs (loop1): 1 truncate cleaned up
07:34:01 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zzPfzs7d7MxeAKVVzf5JIvZHxK8RMdDMrjyg2vzv5uL8xF+L8xNJ1Otv/pE0jvtzcX6iOLR43748M5RGpJ8kcWSdcmcvXT43XqtNXczzI3Pn3xuZvXT5menz42enzk5dGDt16uSJ0eefG3u2I3H2Z3U9/OHM0UOvvn3t9YnT19758eusvvvz/a1xdEo1qivPZYvHO11Yl/W3pJOeLlaELalERNZcvY3+PxCVWG68gXjl465WDthV9Xq9nrbfvVAH/seS6HYNgO4ovuiz+99iu0VDj9vCjRebN0BZ3DfzrbmnJ4pxUe+q+9tOqkbE6YW/v8i22KV5CACAVt9m45+n1xv/pXFfy3F35WtDgxFxd0QciIh7IuJgRNwb0Tj2/oh4YIvlV1fl145/0uvbCmyTsvHfC/na1srx39Ks2GAlz/U34u9NzkzXpo7n52Qoevdk+dENyvju5V8+a7evdfyXbVn5xVgwr8f1nj0r3zM5Pje+k5hb3fioMQd4ZW38ydJKQBIRhyLi8Db+fnbOpp/86mi7/f8e/wY6sM5U/zLiiWb7L8Sq+AvJxuuTI3dEber4SHFVrPXTz1ffaFf+juLvgKz99657/S/FP5i0rtfObr2Mq7992vaeZrvXf1/yViPdl7/2wfjc3MXRiL7ktbWvjy2/t8gXx2fxDx1bv/8fiOUzcSQisov4wYh4KCIezuv+SEQ8GhHHNoj/h5cee3f78e+uLP7JLbX/1hOVc99/0678zbX/yUZqKH9lM59/m63gTs4dAAAA/FekjWfgk3R4KZ2mw8PNZ/gPxt60NjM799SZmfcvTDaflR+M3rSY6RpomQ8dzeeGi/zYqvyJfN7488qdjfzwxExtstvBQ8nta9P/M79Xul07YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX6gHcer7/obz0fygv/R/KS/+HUtrJ7/olypyI9LaohsQuJbr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZ/wQAAP//GJjp5Q==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:34:01 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64FIHEASQkOJRjSNIq1G1QEyRaRTQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TtjHecme/Ojj2esQMorWr2TxKxPyJ+iYiBZnZlgWrzv1uL8xN/Ls5PJFGvv/F70ij3x+L8RFG0eN6+PDOURqQfJ3FknXpnL185P16rTV3K8yNzF94dmb185ZnpC+Pnps5NXRw7derkidHnnxt7tiNx9mdtPfzBzNFDr7x1/bWJM9ff/uGrrL378/OtcXRKNaorr2WLxztdWZf1t6STni42hC2pRETWXb2N8T8QlVjuvIF4+aOuNg7YVfV6vb6n/emFOvAflkS3WwB0R/FGn33+LY7bNPW4I9w8HTGWx38rP5pneiLNy/Su+nzbSdWIOLPw1+fZEbu0DgEA0Oqb0xHx9HrzvzTuayl3V743NBgRd0fEgYi4JyIORsS9EY2y90fEA1usv7oqv3b+k97YVmCblM3/Xsj3tlbO/4rZXwxW8lx/I/7e5Ox0bep4fk2GondPlh/doI5vX/r503bnWud/2ZHVX8wF83bc6Fm1QDc5Pje+k5hb3fywsQZ4dW38ydJOQBIRhyLi8Db+fnbNpp/88mi78/8c/wY6sM9U/yLiiWb/L8Sq+AvJxvuTI/+L2tTxkeKuWOvHn6693q7+HcXfAVn/7133/l+KfzBp3a+d3Xod1379pO1nmu3e/33Jm410X/7Y++Nzc5dGI/qSV9c+Prb83CJflM/iHzq2/vg/EMtX4khEZDfxgxHxUEQ8nLf9kYh4NCKObRD/9y8+9s72499dWfyTW+r/rScq57/7ul39m+v/k43UUP7IZl7/NtvAnVw7AAAA+LdIG9+BT9LhpXSaDg83v8N/MPamtZnZuafOzrx3cbL5XfnB6E2Lla6BlvXQ0XxtuMiPrcqfyNeNP6v8v5EfnpipTXY7eCi5fW3Gf+a3SrdbB+w6v9eC8jL+obyMfygv4x/Ky/iH8lpv/F/tQjuA28/7P5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4RzZDYpUS3X5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//yGI6hg=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1457.329924][T31370] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1457.368132][T31370] EXT4-fs (loop4): Remounting filesystem read-only
[ 1457.376074][T31370] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1457.392706][T31370] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1457.430272][T31370] EXT4-fs (loop4): 1 truncate cleaned up
[ 1457.441667][T31379] loop0: detected capacity change from 0 to 512
[ 1457.442196][T31382] loop1: detected capacity change from 0 to 512
[ 1457.448731][T31379] EXT4-fs: Ignoring removed nobh option
[ 1457.466015][T31382] EXT4-fs: Ignoring removed nobh option
[ 1457.466175][T31379] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1458.102651][T31385] loop5: detected capacity change from 0 to 512
[ 1458.122391][T31386] FAULT_INJECTION: forcing a failure.
[ 1458.122391][T31386] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1458.135675][T31386] CPU: 1 PID: 31386 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1458.146646][T31386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1458.156803][T31386] Call Trace:
[ 1458.160072][T31386]
[ 1458.163032][T31386] dump_stack_lvl+0xd6/0x130
[ 1458.167674][T31386] dump_stack+0x11/0x20
[ 1458.171848][T31386] should_fail_ex+0x224/0x230
[ 1458.176573][T31386] __alloc_pages+0x10a/0x340
[ 1458.181267][T31386] vma_alloc_folio+0x6a0/0x8e0
[ 1458.186067][T31386] shmem_get_folio_gfp+0x53f/0x1330
[ 1458.191274][T31386] shmem_write_begin+0xa2/0x1e0
[ 1458.196232][T31386] generic_perform_write+0x1d4/0x3f0
[ 1458.201700][T31386] ? shmem_write_begin+0x1e0/0x1e0
[ 1458.206835][T31386] __generic_file_write_iter+0xe3/0x280
[ 1458.212400][T31386] generic_file_write_iter+0x79/0x1c0
[ 1458.217786][T31386] vfs_write+0x468/0x760
[ 1458.222077][T31386] ksys_write+0xe8/0x1a0
[ 1458.226323][T31386] __x64_sys_write+0x3e/0x50
[ 1458.230906][T31386] do_syscall_64+0x2b/0x70
[ 1458.235313][T31386] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1458.241283][T31386] RIP: 0033:0x7fc7bd725e2f
[ 1458.245718][T31386] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1458.265404][T31386] RSP: 002b:00007fc7bcaa4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1458.273842][T31386] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc7bd725e2f
[ 1458.281800][T31386] RDX: 0000000000040000 RSI: 00007fc7b4685000 RDI: 0000000000000007
[ 1458.289765][T31386] RBP: 00007fc7b4685000 R08: 0000000000000000 R09: 00000000000004a0
[ 1458.297728][T31386] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000
[ 1458.305750][T31386] R13: 00007fc7bcaa4fdc R14: 00007fc7bcaa4fe0 R15: 0000000020000582
[ 1458.313744][T31386]
[ 1458.356807][T31379] EXT4-fs (loop0): Remounting filesystem read-only
[ 1458.386753][T31379] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
07:34:02 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 36)
07:34:02 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTtC4oLEX8AJLgg4IXGFO6pUoVwonIzW3k2ch0MeTl3Yz0daZ8Y7zsx3d8cez6wDKK1q9pBE7I+IXyJioJldWaDa/HNzcX7iz8X5iSTq9dd/Txrl/licnyiKFq/bl2eG0oj0oySOrFPv7KXL58ZrtamLeX5k7vw7I7OXLj81fX787NTZqQtjp06dPDH67DNjT3ckzv6srYffnzl66OU3r706cfraWz98lbV3f76/NY5OqUZ15bFs8WinK+uy/pZ00tPFhrAllYjITldvo/8PRCWWT95AvPRhVxsH7Kp6vV7f0373Qh34D0ui2y0AuqP4oM++/xbbLRp63BZuPJ89ftGI/2a+Nff0RJqX6V31/baTqhFxeuGvz7ItdmkeAgCg1TfZ+OfJ9cZ/adzTUu6OfG1oMCLujIgDEXFXRByMiLsjGmXvjYj7tlh/dVV+7fgnvb6twDYpG/89l69trRz/FaO/GKzkuf5G/L3Jmena1PH8mAxF754sP7pBHd+++PMn7fa1jv+yLau/GAvm7bjes2qCbnJ8bnwnMbe68UFjDvDK2viTpZWAJCIORcThbfz/7JhNP/7l0Xb7/zn+DXRgnan+ecRjzfO/EKviLyQbr0+O/C9qU8dHiqtirR9/uvpau/p3FH8HZOd/77rX/1L8g0nreu3s1uu4+uvHbb/TbPf670veaKT78ufeG5+buzga0Ze8svb5seXXFvmifBb/0LH1+/+BWD4SRyIiu4jvj4gHIuLBvO0PRcTDEXFsg/i/f+GRt7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayp/ZzPvfZhu4k2MHAAAA/xZp4x74JB1eSqfp8HDzHv6DsTetzczOPXFm5t0Lk8175QejNy1mugZa5kNH87nhIj+2Kn8inzf+tPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuPZ//UF76P5SX/g/lpf9DKe3kd/0SZU5Eels0Q2KXEt1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//3prqig==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1458.411022][T31379] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters
[ 1458.432084][T31382] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1458.446641][T31385] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2982/file0 supports timestamps until 2038 (0x7fffffff)
07:34:02 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 31)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1458.462962][T31393] loop4: detected capacity change from 0 to 512
[ 1458.470439][T31393] EXT4-fs: Ignoring removed nobh option
[ 1458.476872][T31379] EXT4-fs (loop0): 1 truncate cleaned up
[ 1458.483417][T31382] EXT4-fs (loop1): Remounting filesystem read-only
[ 1458.489988][T31382] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1458.534210][T31398] FAULT_INJECTION: forcing a failure.
[ 1458.534210][T31398] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1458.547489][T31398] CPU: 1 PID: 31398 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1458.558428][T31398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1458.568627][T31398] Call Trace:
[ 1458.571896][T31398]
[ 1458.577793][T31398] dump_stack_lvl+0xd6/0x130
[ 1458.582375][T31398] dump_stack+0x11/0x20
[ 1458.586519][T31398] should_fail_ex+0x224/0x230
[ 1458.591308][T31398] __alloc_pages+0x10a/0x340
[ 1458.595937][T31398] alloc_pages+0x3f1/0x4f0
[ 1458.600477][T31398] get_zeroed_page+0x13/0x40
[ 1458.605062][T31398] mon_bin_open+0x1ba/0x3c0
[ 1458.609648][T31398] chrdev_open+0x362/0x3d0
[ 1458.614190][T31398] ? cd_forget+0xe0/0xe0
[ 1458.618429][T31398] do_dentry_open+0x59a/0x910
[ 1458.623185][T31398] vfs_open+0x43/0x50
[ 1458.627282][T31398] path_openat+0x16b8/0x1b60
[ 1458.632021][T31398] ? find_lowest_rq+0x72/0x170
[ 1458.636798][T31398] ? find_lock_lowest_rq+0x40/0x110
[ 1458.642049][T31398] do_filp_open+0x105/0x220
[ 1458.646595][T31398] do_sys_openat2+0xb5/0x2a0
[ 1458.651193][T31398] ? mutex_lock+0x9/0x30
[ 1458.655532][T31398] ? fput+0x2c/0x130
[ 1458.659444][T31398] __x64_sys_openat+0xef/0x110
[ 1458.664304][T31398] do_syscall_64+0x2b/0x70
[ 1458.668902][T31398] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1458.674894][T31398] RIP: 0033:0x7f53668d4234
[ 1458.679485][T31398] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1458.699269][T31398] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1458.707674][T31398] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1458.715702][T31398] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1458.723675][T31398] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1458.731636][T31398] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1458.739604][T31398] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1458.747647][T31398]
[ 1459.164041][T31382] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1459.181093][T31393] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:34:03 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 37)
07:34:03 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x1b, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1459.435989][T31399] loop2: detected capacity change from 0 to 512
[ 1459.455797][T31382] EXT4-fs (loop1): 1 truncate cleaned up
[ 1459.470210][T31393] EXT4-fs (loop4): Remounting filesystem read-only
07:34:03 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRQo8iRcgNgerQ3u3a58cZP865kP18pE1mbuc8893duZud2QugtKrZP0nE/oj4NSIGmtmVBarN/24uzk/8tTg/kUS9/uYfSaPcn4vzE0XR4n378sxQGpF+ksSRdeqdvXT53HitNnUxz4/MnX9vZPbS5Wemz4+fnTo7dWHs1KmTJ0aff27s2Y7E2Z+19fCHM0cPvfr2tdcnTl9758evs/buz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIVz7uauOAXVWv1+uV9rsX6sAdLIlutwDojuKLPrv/LbZbNPS4Ldx4sXkDlMV9M9+ae3oizcv0rrq/7aRqRJxe+PuLbItdmocAAGj1bTb+eXq98V8a97WUuytfGxqMiLsj4kBE3BMRByPi3ohG2fsj4oEt1l9dlV87/kmvbyuwTcrGfy/ka1srx3/F6C8GK3muvxF/b3JmujZ1PD8mQ9G7J8uPblDHdy//8lm7fa3jv2zL6i/Ggnk7rvfsWfmeyfG58Z3E3OrGR405wCtr40+WVgKSiDgUEYe38fezYzb95FdH2+3/9/g30IF1pvqXEU80z/9CrIq/kGy8Pjnyv6hNHR8proq1fvr56hvt6t9R/B2Qnf+9617/S/EPJq3rtbNbr+Pqb5+2vafZ7vXfl7zVSPflr30wPjd3cTSiL3lt7etjy+8t8kX5LP6hY+v3/wOxfCSORER2ET8YEQ9FxMN52x+JiEcj4tgG8f/w0mPvbj/+3ZXFP7ml87/1ROXc99+0q39z5/9kIzWUv7KZz7/NNnAnxw4AAAD+K9LGM/BJOryUTtPh4eYz/Adjb1qbmZ176szM+xcmm8/KD0ZvWsx0DbTMh47mc8NFfmxV/kQ+b/x55f+N/PDETG2y28FDye1r0/8zv2/wYDBwh/B7LSgv/R/KS/+H8tL/obz0fyiv9fr/lS60A7j1fP9Deen/UF76P5SX/g+ltJPf9UuUORHpbdEMiV1KdPuTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+CQAA//8M0Onm")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1459.477367][T31393] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1459.504105][T31393] EXT4-fs (loop4): 1 truncate cleaned up
[ 1459.522020][T31407] loop0: detected capacity change from 0 to 512
[ 1459.527815][T11133] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1459.530061][T31407] EXT4-fs: Ignoring removed nobh option
[ 1459.553708][T31399] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3006/file0 supports timestamps until 2038 (0x7fffffff)
[ 1460.212768][T31410] loop5: detected capacity change from 0 to 512
[ 1460.221640][T31411] FAULT_INJECTION: forcing a failure.
[ 1460.221640][T31411] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1460.235656][T31411] CPU: 1 PID: 31411 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1460.246592][T31411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1460.256642][T31411] Call Trace:
[ 1460.259964][T31411]
[ 1460.262937][T31411] dump_stack_lvl+0xd6/0x130
[ 1460.267519][T31411] dump_stack+0x11/0x20
[ 1460.271661][T31411] should_fail_ex+0x224/0x230
[ 1460.276370][T31411] __alloc_pages+0x10a/0x340
[ 1460.281022][T31411] alloc_pages+0x3f1/0x4f0
[ 1460.285507][T31411] get_zeroed_page+0x13/0x40
[ 1460.290197][T31411] mon_bin_open+0x1ba/0x3c0
[ 1460.294829][T31411] chrdev_open+0x362/0x3d0
[ 1460.299357][T31411] ? cd_forget+0xe0/0xe0
[ 1460.303604][T31411] do_dentry_open+0x59a/0x910
[ 1460.308289][T31411] vfs_open+0x43/0x50
[ 1460.312321][T31411] path_openat+0x16b8/0x1b60
[ 1460.316955][T31411] ? _parse_integer_limit+0x16f/0x190
[ 1460.322320][T31411] do_filp_open+0x105/0x220
[ 1460.326948][T31411] do_sys_openat2+0xb5/0x2a0
[ 1460.331563][T31411] ? mutex_lock+0x9/0x30
[ 1460.336028][T31411] ? fput+0x2c/0x130
[ 1460.339916][T31411] __x64_sys_openat+0xef/0x110
[ 1460.344705][T31411] do_syscall_64+0x2b/0x70
[ 1460.349110][T31411] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1460.355091][T31411] RIP: 0033:0x7f53668d4234
[ 1460.359564][T31411] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1460.379190][T31411] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1460.387849][T31411] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1460.395833][T31411] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1460.403879][T31411] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1460.411851][T31411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1460.419918][T31411] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1460.427907][T31411]
07:34:04 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28trXFUYAPDv3mlSbRsTa330oY5WMfhImrRqFyJUFFwoCLqoy5ikJXbaSBPBlmCjSF1Kwb24FPwLXOlG1JXgVvdSKJKN1dXInbk3mTwm5jHpVO/vB7c9Z+6ZnPPdc8/MmXNmAiitavZPErEvIn6NiP5mdnmBavO/mwtz438tzI0nUa+/+UfSKPfnwtx4UbR43t48M5hGpJ8kcXiNemcuXT43VqtNXszzw7Pn3xueuXT5manzY2cnz05eGD158sTxkeefG322I3H2ZW099OH0kYOvvn3t9fHT19758eusvfvy861xdEo1qsuvZYvHO11Zl/W1pJNdXWwIm1KJiKy7ehrjvz8qsdR5/fHKx11tHLCj6vV6fXf70/N14H8siW63AOiO4o0++/xbHLdo6nFbuHEq4sU8/pv50TyzK9K8TM+Kz7edVI2I0/N/f5EdsUPrEAAArb49FRFPrzX/S+O+lnJ35XtDAxFxd0Tsj4h7IuJARNwb0Sh7f0Q8sMn6qyvyq+c/6fUtBbZB2fzvhXxva/n8r5j9xUAlz/U14u9JzkzVJo/l12QwenZn+ZF16vju5V8+a3eudf6XHVn9xVwwb8f1XSsW6CbGZse2E3OrGx811gCvrI4/WdwJSCLiYEQc2sLfz67Z1JNfHWl3/t/jX0cH9pnqX0Y80ez/+VgRfyFZf39y+I6oTR4bLu6K1X76+eob7erfVvwdkPX/njXv/8X4B5LW/dqZzddx9bdP236m2er935u81Uj35o99MDY7e3Ekojd5bfXjo0vPLfJF+Sz+waNrj//9sXQlDkdEdhM/GBEPRcTDedsfiYhHI+LoOvH/8NJj7249/p2VxT+xqf7ffKJy7vtv2tW/sf4/0UgN5o9s5PVvow3czrUDAACA/4q08R34JB1aTKfp0FDzO/wHYk9am56ZferM9PsXJprflR+InrRY6epvWQ8dydeGi/zoivzxfN3488qdjfzQ+HRtotvBQ8ntbTP+M79Xut06YMf5vRaUl/EP5WX8Q3kZ/1Bexj+U11rj/0oX2gHcet7/obyMfygv4x/Ky/iHUtrO7/olypyI9LZohsQOJbr9ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZ/wQAAP//KBnqJA==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:04 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SMkGiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWLRvw38625pyfSvEzvqvvbTqpGxOmFvz7LttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+ucRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//8nR6os=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1460.453202][T31407] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
07:34:04 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 32)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:04 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x22, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:04 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 38)
[ 1460.520829][T31407] EXT4-fs (loop0): Remounting filesystem read-only
[ 1460.534929][T31407] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1460.567513][T31407] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1460.589276][T31407] EXT4-fs (loop0): 1 truncate cleaned up
07:34:04 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIyE5Xb6P/D0Qllk/eQLzycVcbB+yqer1e3+DjeqEO/I8l0e0WAN1RfNFn97/FdouGHreFGy82b4CyuG/mW3NPT6R5md5V97edVI2I0wt/f5FtsUvzEAAArb7Nxj9Przf+S+O+lnJ35WtDgxFxd0QciIh7IuJgRNwb0Sh7f0Q8sMX6q6vya8c/6fVtBbZJ2fjvhXxta+X4rxj9xWAlz/U34u9NzkzXpo7nx2Qoevdk+dEN6vju5V8+a7evdfyXbVn9xVgwb8f1nj0r3zM5Pje+k5hb3fioMQd4ZW38ydJKQBIRhyLi8Db+fnbMpp/86mi7/f8e/wY6sM5U/zLiieb5X4hV8ReSjdcnR+6I2tTxkeKqWOunn6++0a7+HcXfAdn537vu9b8U/2DSul47u/U6rv72adt7mu1e/33JW410X/7aB+NzcxdHI/qS19a+Prb83iJflM/iHzq2fv8/EMtH4khEZBfxgxHxUEQ8nLf9kYh4NCKObRD/Dy899u72499dWfyTWzr/W09Uzn3/Tbv6N3f+TzZSQ/krm/n822wDd3LsAAAA4L8ibTwDn6TDS+k0HR5uPsN/MPamtZnZuafOzLx/YbL5rPxg9KbFTNdAy3zoaD43XOTHVuVP5PPGn1fubOSHJ2Zqk90OHkpuX5v+n/m90u3WAbvO77WgvPR/KC/9H8pL/4fy0v+hvNbr/1e60A7g1vP9D+Wl/0N56f9QXvo/lNJOftcvUeZEpLdFMyR2KdHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+CcAAP//AQjp5w==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1460.615671][T31419] loop1: detected capacity change from 0 to 512
[ 1460.630350][T31422] loop4: detected capacity change from 0 to 512
[ 1460.633364][T31419] EXT4-fs: Ignoring removed nobh option
[ 1460.637774][T31422] EXT4-fs: Ignoring removed nobh option
[ 1462.145023][T31419] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1462.156912][T31419] EXT4-fs (loop1): Remounting filesystem read-only
[ 1462.157553][T31422] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1462.163542][T31419] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1462.248914][T31425] FAULT_INJECTION: forcing a failure.
[ 1462.248914][T31425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1462.261992][T31425] CPU: 1 PID: 31425 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1462.273021][T31425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1462.283130][T31425] Call Trace:
[ 1462.286483][T31425]
[ 1462.289417][T31425] dump_stack_lvl+0xd6/0x130
[ 1462.294090][T31425] dump_stack+0x11/0x20
[ 1462.298436][T31425] should_fail_ex+0x224/0x230
[ 1462.303137][T31425] should_fail+0x7/0x10
[ 1462.307360][T31425] should_fail_usercopy+0x16/0x20
[ 1462.312405][T31425] copy_page_from_iter_atomic+0x249/0xc10
[ 1462.318161][T31425] ? PageHeadHuge+0x3b/0x120
[ 1462.322756][T31425] ? shmem_write_begin+0x131/0x1e0
[ 1462.327880][T31425] generic_perform_write+0x214/0x3f0
[ 1462.333202][T31425] ? shmem_write_begin+0x1e0/0x1e0
[ 1462.338324][T31425] __generic_file_write_iter+0xe3/0x280
[ 1462.343882][T31425] generic_file_write_iter+0x79/0x1c0
[ 1462.349319][T31425] vfs_write+0x468/0x760
[ 1462.353579][T31425] ksys_write+0xe8/0x1a0
[ 1462.358060][T31425] __x64_sys_write+0x3e/0x50
[ 1462.362743][T31425] do_syscall_64+0x2b/0x70
[ 1462.367166][T31425] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1462.373202][T31425] RIP: 0033:0x7fc7bd725e2f
[ 1462.377673][T31425] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1462.397355][T31425] RSP: 002b:00007fc7bcac5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1462.405972][T31425] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc7bd725e2f
[ 1462.414002][T31425] RDX: 0000000000040000 RSI: 00007fc7b46a6000 RDI: 0000000000000007
[ 1462.422038][T31425] RBP: 00007fc7b46a6000 R08: 0000000000000000 R09: 00000000000004a0
[ 1462.430041][T31425] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000
[ 1462.438022][T31425] R13: 00007fc7bcac5fdc R14: 00007fc7bcac5fe0 R15: 0000000020000582
[ 1462.446146][T31425]
[ 1462.450242][T31425] loop2: detected capacity change from 0 to 512
[ 1462.457603][T31426] FAULT_INJECTION: forcing a failure.
[ 1462.457603][T31426] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1462.470823][T31426] CPU: 1 PID: 31426 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1462.481797][T31426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1462.491864][T31426] Call Trace:
[ 1462.495250][T31426]
[ 1462.498244][T31426] dump_stack_lvl+0xd6/0x130
[ 1462.502973][T31426] dump_stack+0x11/0x20
[ 1462.507159][T31426] should_fail_ex+0x224/0x230
[ 1462.511838][T31426] __alloc_pages+0x10a/0x340
[ 1462.516529][T31426] alloc_pages+0x3f1/0x4f0
[ 1462.520946][T31426] get_zeroed_page+0x13/0x40
[ 1462.525584][T31426] mon_bin_open+0x1ba/0x3c0
[ 1462.530130][T31426] chrdev_open+0x362/0x3d0
[ 1462.534653][T31426] ? cd_forget+0xe0/0xe0
[ 1462.538900][T31426] do_dentry_open+0x59a/0x910
[ 1462.543688][T31426] vfs_open+0x43/0x50
[ 1462.547677][T31426] path_openat+0x16b8/0x1b60
[ 1462.552348][T31426] ? _parse_integer_limit+0x16f/0x190
[ 1462.557762][T31426] do_filp_open+0x105/0x220
[ 1462.562275][T31426] do_sys_openat2+0xb5/0x2a0
[ 1462.566942][T31426] ? mutex_lock+0x9/0x30
[ 1462.571188][T31426] ? fput+0x2c/0x130
[ 1462.575163][T31426] __x64_sys_openat+0xef/0x110
[ 1462.580033][T31426] do_syscall_64+0x2b/0x70
[ 1462.584449][T31426] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1462.590351][T31426] RIP: 0033:0x7f53668d4234
[ 1462.594800][T31426] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1462.614509][T31426] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1462.622926][T31426] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1462.630982][T31426] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1462.639047][T31426] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1462.647032][T31426] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1462.655063][T31426] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1462.663066][T31426]
[ 1462.669483][T31429] loop5: detected capacity change from 0 to 512
[ 1462.679240][T31422] EXT4-fs (loop4): Remounting filesystem read-only
[ 1462.691536][T31419] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
07:34:07 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 39)
[ 1462.765201][T31432] loop0: detected capacity change from 0 to 512
[ 1462.772120][T31422] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1462.831731][T31432] EXT4-fs: Ignoring removed nobh option
[ 1462.852242][T31425] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3007/file0 supports timestamps until 2038 (0x7fffffff)
07:34:07 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1462.877745][T31432] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1462.890703][T31432] EXT4-fs (loop0): Remounting filesystem read-only
[ 1462.897508][T31419] EXT4-fs (loop1): 1 truncate cleaned up
[ 1462.899154][T31432] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1462.937185][T31422] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1462.951680][T31432] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters
[ 1462.952059][T31432] EXT4-fs (loop0): 1 truncate cleaned up
[ 1462.981085][T31441] FAULT_INJECTION: forcing a failure.
[ 1462.981085][T31441] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1462.994623][T31441] CPU: 0 PID: 31441 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1463.005591][T31441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1463.015697][T31441] Call Trace:
[ 1463.018965][T31441]
[ 1463.021934][T31441] dump_stack_lvl+0xd6/0x130
[ 1463.026517][T31441] dump_stack+0x11/0x20
[ 1463.030659][T31441] should_fail_ex+0x224/0x230
[ 1463.035338][T31441] __alloc_pages+0x10a/0x340
[ 1463.039931][T31441] alloc_pages+0x3f1/0x4f0
[ 1463.044469][T31441] get_zeroed_page+0x13/0x40
[ 1463.049082][T31441] mon_bin_open+0x1ba/0x3c0
[ 1463.053604][T31441] chrdev_open+0x362/0x3d0
[ 1463.058121][T31441] ? cd_forget+0xe0/0xe0
[ 1463.062370][T31441] do_dentry_open+0x59a/0x910
[ 1463.067112][T31441] vfs_open+0x43/0x50
[ 1463.071098][T31441] path_openat+0x16b8/0x1b60
[ 1463.075700][T31441] ? __mod_memcg_lruvec_state+0x3d/0x100
[ 1463.081383][T31441] ? plist_check_list+0x14c/0x170
[ 1463.086936][T31441] do_filp_open+0x105/0x220
[ 1463.091482][T31441] do_sys_openat2+0xb5/0x2a0
[ 1463.096177][T31441] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1463.101862][T31441] __x64_sys_openat+0xef/0x110
[ 1463.107272][T31441] do_syscall_64+0x2b/0x70
[ 1463.111677][T31441] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1463.117723][T31441] RIP: 0033:0x7f53668d4234
[ 1463.122154][T31441] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1463.141841][T31441] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1463.150413][T31441] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1463.158383][T31441] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1463.166341][T31441] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1463.174300][T31441] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1463.183041][T31441] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1463.191006][T31441]
07:34:08 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 33)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:08 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 40)
[ 1463.754570][T31443] loop5: detected capacity change from 0 to 512
[ 1463.777276][T31422] EXT4-fs (loop4): 1 truncate cleaned up
[ 1463.783050][T31422] EXT4-fs mount: 84 callbacks suppressed
[ 1463.783063][T31422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:08 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28trXFUYAPDv3mlSbRsTa330oY5WMfhImrRqF4JUFFwoCLqoy5ikJXbaSBPBlmCjSF1Kwb24FPwLXOlG1JXgVvdSKJKN1dXInbk3mTwm5jHpVO/vB7c9Z+6ZnPPdc8/MmXNmAiitavZPErEvIn6NiP5mdnmBavO/mwtz438tzI0nUa+/+UfSKPfnwtx4UbR43t48M5hGpJ8kcXiNemcuXT43VqtNXszzw7Pn3xueuXT5manzY2cnz05eGD158sTxkeefG322I3H2ZW099OH0kYOvvn3t9fHT19758eusvfvy861xdEo1qsuvZYvHO11Zl/W1pJNdXWwIm1KJiKy7ehrjvz8qsdR5/fHKx11tHLCj6vV6fXf70/N14H8siW63AOiO4o0++/xbHLdo6nFbuHEq4sU8/pv50TyzK9K8TM+Kz7edVI2I0/N/f5EdsUPrEAAArb49FRFPrzX/S+O+lnJ35XtDAxFxd0Tsj4h7IuJARNwb0Sh7f0Q8sMn6qyvyq+c/6fUtBbZB2fzvhXxva/n8r5j9xUAlz/U14u9JzkzVJo/l12QwenZn+ZF16vju5V8+a3eudf6XHVn9xVwwb8f1XSsW6CbGZse2E3OrGx811gCvrI4/WdwJSCLiYEQc2sLfz67Z1JNfHWl3/t/jX0cH9pnqX0Y80ez/+VgRfyFZf39y+I6oTR4bLu6K1X76+eob7erfVvwdkPX/njXv/8X4B5LW/dqZzddx9bdP236m2er935u81Uj35o99MDY7e3Ekojd5bfXjo0vPLfJF+Sz+waNrj//9sXQlDkdEdhM/GBEPRcTDedsfiYhHI+LoOvH/8NJj7249/p2VxT+xqf7ffKJy7vtv2tW/sf4/0UgN5o9s5PVvow3czrUDAACA/4q08R34JB1aTKfp0FDzO/wHYk9am56ZferM9PsXJprflR+InrRY6epvWQ8dydeGi/zoivzxfN3488qdjfzQ+HRtotvBQ8ntbTP+M79Xut06YMf5vRaUl/EP5WX8Q3kZ/1Bexj+U11rj/0oX2gHcet7/obyMfygv4x/Ky/iHUtrO7/olypyI9LZohsQOJbr9ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZ/wQAAP//E1HqJQ==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:08 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTviwAGJv4ATXBBwQuIKd1SpQrlQOBmtvZs4D4c8nLqwn4+0zox3nJnv7o49nlkHUFrV7CGJ2B8Rv0TEQDO7skC1+efm4vzEn4vzE0nU66//njTK/bE4P1EULV63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxQZ99/y22WzT0uC3ceD57/KIR/818a+7piTQv07vq+20nVSPi9MJfn2Vb7NI8BABAq2+y8c+T643/0rinpdwd+drQYETcGREHIuKuiDgYEXdHNMreGxH3bbH+6qr82vFPen1bgW1SNv57Ll/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr598edP2u1rHf9lW1Z/MRbM23G9Z9UE3eT43PhOYm5144PGHOCVtfEnSysBSUQciojD2/j/2TGbfvzLo+32/3P8G+jAOlP984jHmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPW1dvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9deP236n2e7135e80Uj35c+9Nz43d3E0oi95Ze3zY8uvLfJF+Sz+oWPr9/8DsXwkjkREdhHfHxEPRMSDedsfioiHI+LYBvF//8Ijb28//t2VxT+5pfO/9UTl3Hdft6t/c+f/ZCM1lD+zmfe/zTZwJ8cOAAAA/i3Sxj3wSTq8lE7T4eHmPfwHY29am5mde+LMzLsXJpv3yg9Gb1rMdA20zIeO5nPDRX5sVf5EPm/8aeX/jfzwxExtstvBQ8nta9P/M79Vut06YNf5vRaUl/4P5aX/Q3np/1Be+j+U13r9/0oX2gHcej7/obz0fygv/R/KS/+HUtrJ7/olypyI9LZohsQuJbr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZfwcAAP//ydDqiw==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:08 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv13ULbUNCKY8+AENBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolVEA0LliCpxRxyR+As4wQUBJySucEeVKpQLhZPR2ruJ83DIw6kL+/tJ2854x5n5dnfs2Zl1AKVVy/5JIvZHxK8R0d/KLi9Qa/13c2Fu/K+FufEkGo03/0ia5f5cmBsvihbv25dnBtOI9JMkjqxR78yly+fG6vXJi3l+ePb8e8Mzly4/M3V+7Ozk2ckLo6dOnTwx8vxzo892Jc6+rK2HP5w+eujVt6+9Pn762js/fp21d3++vz2ObqlFbfmxbPN4tyvrsb62dLKrhw1hUyoRkZ2uarP/90cllk5ef7zycU8bB+yoRqPRqHbePd8A/seS6HULgN4ovuiz+99iu0VDj9vCjRdbN0BZ3DfzrbVnV6R5meqK+9tuqkXE6fm/v8i22KF5CACAdt9m45+n1xr/pXFfW7m78rWhgYi4OyIORMQ9EXEwIu6NaJa9PyIe2GT9tRX51eOf9PqWAtugbPz3Qr62tXz8V4z+YqCS5/qa8VeTM1P1yeP5MRmM6p4sP7JOHd+9/Mtnnfa1j/+yLau/GAvm7bi+a8/y90yMzY5tJ+Z2Nz5qzgFeWR1/srgSkETEoYg4vIW/nx2zqSe/Otpp/7/Hv44urDM1vox4onX+52NF/IVk/fXJ4TuiPnl8uLgqVvvp56tvdKp/W/F3QXb+9655/S/GP5C0r9fObL6Oq7992vGeZqvX/+7krWZ6d/7aB2OzsxdHInYnr61+fXTpvUW+KJ/FP3hs7f5/IJaOxJGIyC7iByPioYh4OG/7IxHxaEQcWyf+H1567N2tx7+zsvgnNnX+N5+onPv+m071b+z8n2ymBvNXNvL5t9EGbufYAQAAwH9F2nwGPkmHFtNpOjTUeob/YOxN69Mzs0+dmX7/wkTrWfmBqKbFTFd/23zoSD43XORHV+RP5PPGn1fubOaHxqfrE70OHkpuX4f+n/m90uvWATvO77WgvPR/KC/9H8pL/4fy0v+hvNbq/1d60A7g1vP9D+Wl/0N56f9QXvo/lNJ2ftcvUeZEpLdFMyR2KNHrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+CcAAP//9THp6A==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1463.833724][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1463.869717][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:34:08 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x25, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1463.874642][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1463.879378][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1463.957784][T31450] loop1: detected capacity change from 0 to 512
[ 1463.970168][T31450] EXT4-fs: Ignoring removed nobh option
[ 1463.976595][T31453] FAULT_INJECTION: forcing a failure.
[ 1463.976595][T31453] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1463.989903][T31453] CPU: 0 PID: 31453 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1464.000904][T31453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1464.010998][T31453] Call Trace:
[ 1464.014278][T31453]
[ 1464.017302][T31453] dump_stack_lvl+0xd6/0x130
[ 1464.021902][T31453] dump_stack+0x11/0x20
[ 1464.026175][T31453] should_fail_ex+0x224/0x230
[ 1464.030848][T31453] __alloc_pages+0x10a/0x340
[ 1464.035478][T31453] alloc_pages+0x3f1/0x4f0
[ 1464.039904][T31453] get_zeroed_page+0x13/0x40
[ 1464.044491][T31453] mon_bin_open+0x1ba/0x3c0
[ 1464.049027][T31453] chrdev_open+0x362/0x3d0
[ 1464.053514][T31453] ? cd_forget+0xe0/0xe0
[ 1464.057878][T31453] do_dentry_open+0x59a/0x910
[ 1464.062581][T31453] vfs_open+0x43/0x50
[ 1464.066569][T31453] path_openat+0x16b8/0x1b60
[ 1464.071176][T31453] ? _parse_integer_limit+0x16f/0x190
[ 1464.076614][T31453] do_filp_open+0x105/0x220
[ 1464.081418][T31453] do_sys_openat2+0xb5/0x2a0
[ 1464.086019][T31453] ? mutex_lock+0x9/0x30
[ 1464.090410][T31453] ? fput+0x2c/0x130
[ 1464.094302][T31453] __x64_sys_openat+0xef/0x110
[ 1464.099067][T31453] do_syscall_64+0x2b/0x70
[ 1464.103477][T31453] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1464.109408][T31453] RIP: 0033:0x7f53668d4234
[ 1464.113903][T31453] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1464.133518][T31453] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1464.142026][T31453] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1464.150012][T31453] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1464.158272][T31453] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1464.166291][T31453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1464.174321][T31453] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1464.182286][T31453]
[ 1465.153631][T31457] loop0: detected capacity change from 0 to 512
[ 1465.160909][T31457] EXT4-fs: Ignoring removed nobh option
[ 1465.168567][T31450] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1465.169020][T31457] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1465.183028][T31450] EXT4-fs (loop1): Remounting filesystem read-only
[ 1465.292809][T31460] FAULT_INJECTION: forcing a failure.
[ 1465.292809][T31460] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1465.306504][T31460] CPU: 1 PID: 31460 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1465.317442][T31460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1465.328003][T31460] Call Trace:
[ 1465.331273][T31460]
[ 1465.334212][T31460] dump_stack_lvl+0xd6/0x130
[ 1465.339357][T31460] dump_stack+0x11/0x20
[ 1465.343510][T31460] should_fail_ex+0x224/0x230
[ 1465.348185][T31460] __alloc_pages+0x10a/0x340
[ 1465.352833][T31460] vma_alloc_folio+0x6a0/0x8e0
[ 1465.357620][T31460] shmem_get_folio_gfp+0x53f/0x1330
[ 1465.362822][T31460] shmem_write_begin+0xa2/0x1e0
[ 1465.367806][T31460] generic_perform_write+0x1d4/0x3f0
[ 1465.373094][T31460] ? shmem_write_begin+0x1e0/0x1e0
[ 1465.378208][T31460] __generic_file_write_iter+0xe3/0x280
[ 1465.384963][T31460] generic_file_write_iter+0x79/0x1c0
[ 1465.390407][T31460] vfs_write+0x468/0x760
[ 1465.394672][T31460] ksys_write+0xe8/0x1a0
[ 1465.399232][T31460] __x64_sys_write+0x3e/0x50
[ 1465.403827][T31460] do_syscall_64+0x2b/0x70
[ 1465.408305][T31460] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1465.414371][T31460] RIP: 0033:0x7fc7bd725e2f
[ 1465.418790][T31460] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1465.438744][T31460] RSP: 002b:00007fc7bcaa4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1465.447253][T31460] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc7bd725e2f
[ 1465.455231][T31460] RDX: 0000000000040000 RSI: 00007fc7b4685000 RDI: 0000000000000007
[ 1465.463355][T31460] RBP: 00007fc7b4685000 R08: 0000000000000000 R09: 00000000000004a0
[ 1465.471339][T31460] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000
[ 1465.479326][T31460] R13: 00007fc7bcaa4fdc R14: 00007fc7bcaa4fe0 R15: 0000000020000582
[ 1465.487369][T31460]
07:34:09 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 41)
[ 1465.500938][T31450] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1465.517591][T31450] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1465.631490][T31457] EXT4-fs (loop0): Remounting filesystem read-only
[ 1465.644986][T31463] loop5: detected capacity change from 0 to 512
07:34:10 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") (fail_nth: 34)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1465.671956][T31457] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1465.688395][T31450] EXT4-fs (loop1): 1 truncate cleaned up
[ 1465.694253][T31450] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1466.111560][T31469] FAULT_INJECTION: forcing a failure.
[ 1466.111560][T31469] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1466.124833][T31469] CPU: 0 PID: 31469 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1466.135766][T31469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1466.145911][T31469] Call Trace:
[ 1466.149181][T31469]
[ 1466.152210][T31469] dump_stack_lvl+0xd6/0x130
[ 1466.156840][T31469] dump_stack+0x11/0x20
[ 1466.160992][T31469] should_fail_ex+0x224/0x230
[ 1466.165677][T31469] __alloc_pages+0x10a/0x340
[ 1466.170265][T31469] alloc_pages+0x3f1/0x4f0
[ 1466.174672][T31469] get_zeroed_page+0x13/0x40
[ 1466.179323][T31469] mon_bin_open+0x1ba/0x3c0
[ 1466.183891][T31469] chrdev_open+0x362/0x3d0
[ 1466.188438][T31469] ? cd_forget+0xe0/0xe0
[ 1466.192757][T31469] do_dentry_open+0x59a/0x910
[ 1466.197699][T31469] vfs_open+0x43/0x50
[ 1466.201700][T31469] path_openat+0x16b8/0x1b60
[ 1466.206378][T31469] ? _parse_integer_limit+0x16f/0x190
[ 1466.211838][T31469] ? debug_smp_processor_id+0x13/0x20
[ 1466.217221][T31469] do_filp_open+0x105/0x220
[ 1466.221738][T31469] do_sys_openat2+0xb5/0x2a0
[ 1466.226341][T31469] ? mutex_lock+0x9/0x30
[ 1466.230610][T31469] ? fput+0x2c/0x130
[ 1466.234498][T31469] __x64_sys_openat+0xef/0x110
[ 1466.239305][T31469] do_syscall_64+0x2b/0x70
[ 1466.243787][T31469] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1466.249689][T31469] RIP: 0033:0x7f53668d4234
[ 1466.254131][T31469] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1466.273745][T31469] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1466.282250][T31469] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1466.290247][T31469] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1466.298211][T31469] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
07:34:10 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1466.306385][T31469] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1466.314345][T31469] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1466.322410][T31469]
[ 1466.361216][T31457] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1466.388409][T31467] loop4: detected capacity change from 0 to 512
[ 1466.409527][T31467] EXT4-fs: Ignoring removed nobh option
[ 1466.455185][T31457] EXT4-fs (loop0): 1 truncate cleaned up
[ 1466.460954][T31457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1466.546343][T31475] loop5: detected capacity change from 0 to 512
07:34:10 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 42)
07:34:10 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIyE5Xb6P/D0Qllk/eQLzycVcbB+yqer1e72u/e6EO/I8l0e0WAN1RfNFn97/FdouGHreFGy82b4CyuG/mW3NPT6R5md5V97edVI2I0wt/f5FtsUvzEAAArb7Nxj9Przf+S+O+lnJ35WtDgxFxd0QciIh7IuJgRNwb0Sh7f0Q8sMX6q6vya8c/6fVtBbZJ2fjvhXxta+X4rxj9xWAlz/U34u9NzkzXpo7nx2Qoevdk+dEN6vju5V8+a7evdfyXbVn9xVgwb8f1nj0r3zM5Pje+k5hb3fioMQd4ZW38ydJKQBIRhyLi8Db+fnbMpp/86mi7/f8e/wY6sM5U/zLiieb5X4hV8ReSjdcnR+6I2tTxkeKqWOunn6++0a7+HcXfAdn537vu9b8U/2DSul47u/U6rv72adt7mu1e/33JW410MXf9wfjc3MXRiL7ktbWvjy2/t8gX5bP4h46t3/8PxPKROBIR2UX8YEQ8FBEP521/JCIejYhjG8T/w0uPvbv9+HdXFv/kls7/1hOVc99/067+zZ3/k43UUP7KZj7/NtvAnRw7AAAA+K9IG8/AJ+nwUjpNh4ebz/AfjL1pbWZ27qkzM+9fmGw+Kz8YvWkx0zXQMh86ms8NF/mxVfkT+bzx55U7G/nhiZnaZLeDh5Lb16b/Z36vdLt1wK7zey0oL/0fykv/h/LS/6G89H8or/X6/5UutAO49Xz/Q3np/1Be+j+Ul/4PpbST3/VLlDkR6W3RDIldSnT7kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/gkAAP//6Wnp6Q==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1466.694863][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1467.012742][T31483] FAULT_INJECTION: forcing a failure.
[ 1467.012742][T31483] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1467.026132][T31483] CPU: 0 PID: 31483 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1467.037159][T31483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1467.047650][T31483] Call Trace:
[ 1467.051028][T31483]
[ 1467.054053][T31483] dump_stack_lvl+0xd6/0x130
[ 1467.058779][T31483] dump_stack+0x11/0x20
[ 1467.063064][T31483] should_fail_ex+0x224/0x230
[ 1467.067765][T31483] __alloc_pages+0x10a/0x340
[ 1467.072392][T31483] alloc_pages+0x3f1/0x4f0
[ 1467.077685][T31483] get_zeroed_page+0x13/0x40
[ 1467.082375][T31483] mon_bin_open+0x1ba/0x3c0
[ 1467.086894][T31483] chrdev_open+0x362/0x3d0
[ 1467.091317][T31483] ? cd_forget+0xe0/0xe0
[ 1467.095586][T31483] do_dentry_open+0x59a/0x910
[ 1467.100343][T31483] vfs_open+0x43/0x50
[ 1467.104324][T31483] path_openat+0x16b8/0x1b60
[ 1467.108918][T31483] ? _parse_integer_limit+0x16f/0x190
[ 1467.114367][T31483] do_filp_open+0x105/0x220
[ 1467.118876][T31483] do_sys_openat2+0xb5/0x2a0
[ 1467.123469][T31483] ? mutex_lock+0x9/0x30
[ 1467.127731][T31483] ? fput+0x2c/0x130
[ 1467.131617][T31483] __x64_sys_openat+0xef/0x110
[ 1467.136567][T31483] do_syscall_64+0x2b/0x70
[ 1467.140975][T31483] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1467.146924][T31483] RIP: 0033:0x7f53668d4234
[ 1467.151487][T31483] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1467.171087][T31483] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1467.179560][T31483] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1467.187524][T31483] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1467.195492][T31483] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1467.203525][T31483] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1467.211498][T31483] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1467.219615][T31483]
07:34:11 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QAweKQOIAEhIcyjEkaRXqNqgJEq0iGhAqR1SJO+KIxF/ACS4IOCFxhTuqVKFcKJyM1t5NnIdDHk5d2N9P2nbGO87Mt7Njj2fsAEqrmv2TROyLiF8jor+ZXV6g2vzv5sLc+F8Lc+NJ1Otv/pE0yv25MDdeFC2etzfPDKYR6SdJHF6j3plLl8+N1WqTF/P88Oz594ZnLl1+Zur82NnJs5MXRk+ePHF85PnnRp/tSJx9WVsPfTh95OCrb197ffz0tXd+/Dpr7778fGscnVKN6vJr2eLxTlfWZX0t6WRXFxvCplQiIuuunsb4749KLHVef7zycVcbB+yoer1e393+9Hwd+B9LotstALqjeKPPPv8Wxy2aetwWbpyKeDGP/2Z+NM/sijQv07Pi820nVSPi9PzfX2RH7NA6BABAq29PRcTTa83/0rivpdxd+d7QQETcHRH7I+KeiDgQEfdGNMreHxEPbLL+6or86vlPen1LgW1QNv97Id/bWj7/K2Z/MVDJc32N+HuSM1O1yWP5NRmMnt1ZfmSdOr57+ZfP2p1rnf9lR1Z/MRfM23F914oFuomx2bHtxNzqxkeNNcArq+NPFncCkog4GBGHtvD3s2s29eRXR9qd//f419GBfab6lxFPNPt/PlbEX0jW358cviNqk8eGi7titZ9+vvpGu/q3FX8HZP2/Z837fzH+gaR1v3Zm83Vc/e3Ttp9ptnr/9yZvNdK9+WMfjM3OXhyJ6E1eW/346NJzi3xRPot/8Oja439/LF2JwxGR3cQPRsRDEfFw3vZHIuLRiDi6Tvw/vPTYu1uPf2dl8U9sqv83n6ic+/6bdvVvrP9PNFKD+SMbef3baAO3c+0AAADgvyJtfAc+SYcW02k6NNT8Dv+B2JPWpmdmnzoz/f6FieZ35QeiJy1Wuvpb1kNH8rXhIj+6In88Xzf+vHJnIz80Pl2b6HbwUHJ724z/zO+VbrcO2HF+rwXlZfxDeRn/UF7GP5SX8Q/ltdb4v9KFdgC3nvd/KC/jH8rL+IfyMv6hlLbzu36JMicivS2aIbFDiW6/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTGPwEAAP///nrqJg==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:11 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1467.310435][T31467] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1467.357496][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1467.395285][T31467] EXT4-fs (loop4): Remounting filesystem read-only
[ 1467.413191][T31467] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1467.436842][T31480] FAULT_INJECTION: forcing a failure.
[ 1467.436842][T31480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1467.450029][T31480] CPU: 0 PID: 31480 Comm: syz-executor.2 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1467.461092][T31480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1467.471232][T31480] Call Trace:
[ 1467.474535][T31480]
[ 1467.477466][T31480] dump_stack_lvl+0xd6/0x130
[ 1467.482063][T31480] dump_stack+0x11/0x20
[ 1467.486230][T31480] should_fail_ex+0x224/0x230
[ 1467.490996][T31480] should_fail+0x7/0x10
[ 1467.495251][T31480] should_fail_usercopy+0x16/0x20
[ 1467.500532][T31480] copy_page_from_iter_atomic+0x249/0xc10
[ 1467.506300][T31480] ? PageHeadHuge+0x3b/0x120
[ 1467.510918][T31480] ? shmem_write_begin+0x131/0x1e0
[ 1467.516096][T31480] generic_perform_write+0x214/0x3f0
[ 1467.521395][T31480] ? shmem_write_begin+0x1e0/0x1e0
[ 1467.526571][T31480] __generic_file_write_iter+0xe3/0x280
[ 1467.532170][T31480] generic_file_write_iter+0x79/0x1c0
[ 1467.537715][T31480] vfs_write+0x468/0x760
[ 1467.542003][T31480] ksys_write+0xe8/0x1a0
[ 1467.546318][T31480] __x64_sys_write+0x3e/0x50
[ 1467.550966][T31480] do_syscall_64+0x2b/0x70
[ 1467.555380][T31480] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1467.561385][T31480] RIP: 0033:0x7fc7bd725e2f
[ 1467.565801][T31480] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[ 1467.585487][T31480] RSP: 002b:00007fc7bcaa4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1467.594013][T31480] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc7bd725e2f
[ 1467.601998][T31480] RDX: 0000000000040000 RSI: 00007fc7b4464000 RDI: 0000000000000007
[ 1467.609978][T31480] RBP: 00007fc7b4464000 R08: 0000000000000000 R09: 00000000000004a0
[ 1467.618019][T31480] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000
[ 1467.626023][T31480] R13: 00007fc7bcaa4fdc R14: 00007fc7bcaa4fe0 R15: 0000000020000582
[ 1467.634001][T31480]
[ 1467.646008][T31488] loop5: detected capacity change from 0 to 512
07:34:11 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 43)
[ 1467.663123][T31480] loop2: detected capacity change from 0 to 512
[ 1467.755945][T31467] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1467.900635][T31494] loop1: detected capacity change from 0 to 512
[ 1467.908424][T31495] loop0: detected capacity change from 0 to 512
[ 1467.916049][T31467] EXT4-fs (loop4): 1 truncate cleaned up
[ 1467.922693][T31467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1467.932267][T31494] EXT4-fs: Ignoring removed nobh option
[ 1467.964756][T31495] EXT4-fs: Ignoring removed nobh option
[ 1467.995030][T31498] FAULT_INJECTION: forcing a failure.
[ 1467.995030][T31498] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1468.008515][T31498] CPU: 1 PID: 31498 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1468.019615][T31498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1468.029690][T31498] Call Trace:
[ 1468.032964][T31498]
[ 1468.035927][T31498] dump_stack_lvl+0xd6/0x130
[ 1468.040604][T31498] dump_stack+0x11/0x20
[ 1468.044748][T31498] should_fail_ex+0x224/0x230
[ 1468.049450][T31498] __alloc_pages+0x10a/0x340
[ 1468.054577][T31498] alloc_pages+0x3f1/0x4f0
[ 1468.059793][T31498] get_zeroed_page+0x13/0x40
[ 1468.064786][T31498] mon_bin_open+0x1ba/0x3c0
[ 1468.069573][T31498] chrdev_open+0x362/0x3d0
[ 1468.074142][T31498] ? cd_forget+0xe0/0xe0
[ 1468.078438][T31498] do_dentry_open+0x59a/0x910
[ 1468.083128][T31498] vfs_open+0x43/0x50
[ 1468.087233][T31498] path_openat+0x16b8/0x1b60
[ 1468.091929][T31498] ? _parse_integer_limit+0xe2/0x190
[ 1468.097236][T31498] ? plist_check_list+0x14c/0x170
[ 1468.102283][T31498] do_filp_open+0x105/0x220
[ 1468.106875][T31498] do_sys_openat2+0xb5/0x2a0
[ 1468.111555][T31498] ? __schedule+0x546/0x6f0
[ 1468.116342][T31498] __x64_sys_openat+0xef/0x110
[ 1468.121109][T31498] do_syscall_64+0x2b/0x70
[ 1468.125567][T31498] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1468.131466][T31498] RIP: 0033:0x7f53668d4234
[ 1468.135917][T31498] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1468.155614][T31498] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1468.164105][T31498] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1468.172213][T31498] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1468.180303][T31498] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1468.188644][T31498] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1468.196832][T31498] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1468.205158][T31498]
07:34:12 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SMKCiT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWLRvw38625pyfSvEzvqvvbTqpGxOmFvz7LttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+ucRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//7UH6ow=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:12 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x43, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1468.296260][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1468.309020][T31480] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1468.329423][T31495] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1468.646441][T31504] loop5: detected capacity change from 0 to 512
[ 1468.756131][T31480] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3009/file0 supports timestamps until 2038 (0x7fffffff)
[ 1468.777208][T31495] EXT4-fs (loop0): Remounting filesystem read-only
[ 1468.790331][T31494] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
07:34:13 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 44)
[ 1468.873454][T31495] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1468.888185][T31494] EXT4-fs (loop1): Remounting filesystem read-only
[ 1468.895580][T31504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1468.896704][T31494] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1468.915640][T31495] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1468.927509][T31509] loop4: detected capacity change from 0 to 512
[ 1468.938698][T31495] EXT4-fs (loop0): 1 truncate cleaned up
[ 1468.949090][T31495] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1468.957851][T31509] EXT4-fs: Ignoring removed nobh option
[ 1468.999251][T31494] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1469.014712][T31511] FAULT_INJECTION: forcing a failure.
[ 1469.014712][T31511] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1469.027936][T31511] CPU: 0 PID: 31511 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1469.038875][T31511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1469.049443][T31511] Call Trace:
[ 1469.052724][T31511]
[ 1469.055750][T31511] dump_stack_lvl+0xd6/0x130
[ 1469.060366][T31511] dump_stack+0x11/0x20
[ 1469.064600][T31511] should_fail_ex+0x224/0x230
[ 1469.069370][T31511] __alloc_pages+0x10a/0x340
[ 1469.073974][T31511] alloc_pages+0x3f1/0x4f0
[ 1469.078478][T31511] get_zeroed_page+0x13/0x40
[ 1469.083119][T31511] mon_bin_open+0x1ba/0x3c0
[ 1469.087625][T31511] chrdev_open+0x362/0x3d0
[ 1469.092093][T31511] ? cd_forget+0xe0/0xe0
[ 1469.096403][T31511] do_dentry_open+0x59a/0x910
[ 1469.101083][T31511] vfs_open+0x43/0x50
[ 1469.105141][T31511] path_openat+0x16b8/0x1b60
[ 1469.109785][T31511] ? plist_check_list+0x14c/0x170
[ 1469.114809][T31511] do_filp_open+0x105/0x220
[ 1469.119401][T31511] do_sys_openat2+0xb5/0x2a0
[ 1469.124066][T31511] ? __x64_sys_openat+0x8d/0x110
[ 1469.129206][T31511] ? __x64_sys_openat+0x9d/0x110
[ 1469.134248][T31511] __x64_sys_openat+0xef/0x110
[ 1469.139098][T31511] do_syscall_64+0x2b/0x70
[ 1469.143547][T31511] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1469.149484][T31511] RIP: 0033:0x7f53668d4234
[ 1469.153888][T31511] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1469.173576][T31511] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1469.182005][T31511] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1469.189968][T31511] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1469.198024][T31511] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1469.206086][T31511] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1469.214111][T31511] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1469.222080][T31511]
07:34:13 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x48, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:13 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tlOfkn8swnhkQdwEBAWDzt2AqSgAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nEgYj4JSIGmtmVBarN/24tzk/8uTg/kUS9/sbvSaPcH4vzE0XR4n3788xQGpF+nMTRdeqdvXzl/HitNnUpz4/MXXh3ZPbylaenL4yfmzo3dXHs9OlTJ0efe3bsmY7E2Z+19cgHM8cOv/LW9dcmzlx/+4evsvYeyPe3xtEp1aiuPJYtHut0ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz/qauOAXVWv1+t72+9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHmC80boCzuW/nW3NMTaV6md9X9bSdVI+LMwl+fZ1vs0jwEAECrb7Lxz1Prjf/SuLel3P/ztaHBiLgrIg5GxN0RcSgi7ololL0vIu7fYv3VVfm145/0xrYC26Rs/Pd8vra1cvxXjP5isJLn+hvx9yZnp2tTJ/JjMhS9e7L86AZ1fPvSz5+229c6/su2rP5iLJi340bPnpXvmRyfG99JzK1uftiYA7y6Nv5kaSUgiYjDEXFkG38/O2bTT3x5rN3+f45/Ax1YZ6p/EfF48/wvxKr4C8nG65Mje6M2dWKkuCrW+vGna6+3q39H8XdAdv73rXv9L8U/mLSu185uvY5rv37S9p5mu9d/X/JmI92Xv/b++NzcpdGIvuTVta+PLb+3yBfls/iHjq/f/w/G8pE4GhHZRfxARDwYEQ/lbX84Ih6JiOMbxP/9i4++s/34d1cW/+SWzv/WE5Xz333drv7Nnf9TjdRQ/spmPv8228CdHDsAAAD4t0gbz8An6fBSOk2Hh5vP8B+KfWltZnbuybMz712cbD4rPxi9aTHTNdAyHzqazw0X+bFV+ZP5vPFnlf818sMTM7XJbgcPJbe/Tf/P/FbpduuAXef3WlBe+j+Ul/4P5aX/Q3np/1Be6/X/q11oB3D7+f6H8tL/obz0fygv/R9KaSe/65cocyLSO6IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8HQAA///R2enr")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1469.288132][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1469.306337][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1469.325485][T31509] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1469.358559][T31494] EXT4-fs (loop1): 1 truncate cleaned up
[ 1469.364298][T31494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1469.379263][T31509] EXT4-fs (loop4): Remounting filesystem read-only
[ 1469.407683][T31509] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:34:13 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:13 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikEACCQkO5RiStAp1G9QEiVYRDQiVI6rEHXFE4i/gBBcEnJC4wh1VqlAuFE5Ga+8mzsMhD6cu7O8nbTvjHWfm29mxxzN2AKVVzf5JIvZFxK8R0d/MLi9Qbf53c2Fu/K+FufEk6vU3/0ga5f5cmBsvihbP25tnBtOI9JMkDq9R78yly+fGarXJi3l+ePb8e8Mzly4/M3V+7Ozk2ckLoydPnjg+8vxzo892JM6+rK2HPpw+cvCVt6+9Pn762js/fp21d19+vjWOTqlGdfm1bPF4pyvrsr6WdLKriw1hUyoRkXVXT2P890clljqvP17+uKuNA3ZUvV6v725/er4O/I8l0e0WAN1RvNFnn3+L4xZNPW4LN05FvJrHfzM/mmd2RZqX6Vnx+baTqhFxev7vL7IjdmgdAgCg1benIuLpteZ/adzXUu6ufG9oICLujoj9EXFPRByIiHsjGmXvj4gHNll/dUV+9fwnvb6lwDYom/+9kO9tLZ//FbO/GKjkub5G/D3Jmana5LH8mgxGz+4sP7JOHd+99Mtn7c61zv+yI6u/mAvm7bi+a8UC3cTY7Nh2Ym5146PGGuCV1fEnizsBSUQcjIhDW/j72TWbevKrI+3O/3v86+jAPlP9y4gnmv0/HyviLyTr708O3xG1yWPDxV2x2k8/X32jXf3bir8Dsv7fs+b9vxj/QNK6Xzuz+Tqu/vZp2880W73/e5O3Gune/LEPxmZnL45E9CavrX58dOm5Rb4on8U/eHTt8b8/lq7E4YjIbuIHI+KhiHg4b/sjEfFoRBxdJ/4fXnzs3a3Hv7Oy+Cc21f+bT1TOff9Nu/o31v8nGqnB/JGNvP5ttIHbuXYAAADwX5E2vgOfpEOL6TQdGmp+h/9A7Elr0zOzT52Zfv/CRPO78gPRkxYrXf0t66Ej+dpwkR9dkT+erxt/XrmzkR8an65NdDt4KLm9bcZ/5vdKt1sH7Di/14LyMv6hvIx/KC/jH8rL+IfyWmv8X+lCO4Bbz/s/lJfxD+Vl/EN5Gf9QStv5Xb9EmROR3hbNkNihRLdfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjnwAAAP//Q3LqLw==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1469.494473][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1469.518571][T31509] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1469.537372][T31517] loop0: detected capacity change from 0 to 512
[ 1469.544054][T31509] EXT4-fs (loop4): 1 truncate cleaned up
[ 1469.544733][T31517] EXT4-fs: Ignoring removed nobh option
[ 1469.549726][T31509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1469.557399][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1469.632597][T31520] loop5: detected capacity change from 0 to 512
[ 1469.656374][T31517] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
07:34:14 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 45)
07:34:14 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTvigoTEX8AJLgg4IXGFO6pUoVwonIzW3k2ch0MeTl3Yz0daZ8Y7zsx3d8cez6wDKK1q9pBE7I+IXyJioJldWaDa/HNzcX7iz8X5iSTq9dd/Txrl/licnyiKFq/bl2eG0oj0oySOrFPv7KXL58ZrtamLeX5k7vw7I7OXLj81fX787NTZqQtjp06dPDH67DNjT3ckzv6srYffnzl66OU3r706cfraWz98lbV3f76/NY5OqUZ15bFs8WinK+uy/pZ00tPFhrAllYjITldvo/8PRCWWT95AvPRhVxsH7Kp6vV7f0373Qh34D0ui2y0AuqP4oM++/xbbLRp63BZuPJ89ftGI/2a+Nff0RJqX6V31/baTqhFxeuGvz7ItdmkeAgCg1TfZ+OfJ9cZ/adzTUu6OfG1oMCLujIgDEXFXRByMiLsjGmXvjYj7tlh/dVV+7fgnvb6twDYpG/89l69trRz/FaO/GKzkuf5G/L3Jmena1PH8mAxF754sP7pBHd+++PMn7fa1jv+yLau/GAvm7bjes2qCbnJ8bnwnMbe68UFjDvDK2viTpZWAJCIORcThbfz/7JhNP/7l0Xb7/zn+DXRgnan+ecRjzfO/EKviLyQbr0+O/C9qU8dHiqtirR9/uvpau/p3FH8HZOd/77rX/1L8g0nreu3s1uu4+uvHbb/TbPf670veaKT78ufeG5+buzga0Ze8svb5seXXFvmifBb/0LH1+/+BWD4SRyIiu4jvj4gHIuLBvO0PRcTDEXFsg/i/f+GRt7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayp/ZzPvfZhu4k2MHAAAA/xZp4x74JB1eSqfp8HDzHv6DsTetzczOPXFm5t0Lk8175QejNy1mugZa5kNH87nhIj+2Kn8inzf+tPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuPZ//UF76P5SX/g/lpf9DKe3kd/0SZU5Eels0Q2KXEt1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//tQbqjA==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1470.110924][T31524] loop2: detected capacity change from 0 to 512
[ 1470.125785][T31517] EXT4-fs (loop0): Remounting filesystem read-only
[ 1470.169924][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1470.180314][T31517] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1470.318550][T31530] FAULT_INJECTION: forcing a failure.
[ 1470.318550][T31530] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1470.331833][T31530] CPU: 1 PID: 31530 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1470.342763][T31530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1470.352846][T31530] Call Trace:
[ 1470.356198][T31530]
[ 1470.359126][T31530] dump_stack_lvl+0xd6/0x130
[ 1470.363719][T31530] dump_stack+0x11/0x20
[ 1470.367865][T31530] should_fail_ex+0x224/0x230
[ 1470.372622][T31530] __alloc_pages+0x10a/0x340
[ 1470.377240][T31530] alloc_pages+0x3f1/0x4f0
[ 1470.381691][T31530] get_zeroed_page+0x13/0x40
[ 1470.386283][T31530] mon_bin_open+0x1ba/0x3c0
[ 1470.391049][T31530] chrdev_open+0x362/0x3d0
[ 1470.395460][T31530] ? cd_forget+0xe0/0xe0
[ 1470.399734][T31530] do_dentry_open+0x59a/0x910
[ 1470.404421][T31530] vfs_open+0x43/0x50
[ 1470.408424][T31530] path_openat+0x16b8/0x1b60
[ 1470.413024][T31530] ? plist_check_list+0x14c/0x170
[ 1470.418145][T31530] do_filp_open+0x105/0x220
[ 1470.422653][T31530] do_sys_openat2+0xb5/0x2a0
[ 1470.427264][T31530] ? __schedule+0x546/0x6f0
[ 1470.431880][T31530] __x64_sys_openat+0xef/0x110
[ 1470.436684][T31530] do_syscall_64+0x2b/0x70
[ 1470.441441][T31530] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1470.447328][T31530] RIP: 0033:0x7f53668d4234
[ 1470.451730][T31530] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1470.471363][T31530] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1470.479770][T31530] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1470.487817][T31530] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1470.495829][T31530] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1470.503972][T31530] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1470.512072][T31530] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1470.520109][T31530]
[ 1470.565766][T31532] loop1: detected capacity change from 0 to 512
[ 1470.576871][T31524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1470.589154][T31524] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3010/file0 supports timestamps until 2038 (0x7fffffff)
[ 1470.638046][T31520] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1470.650355][T31520] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2990/file0 supports timestamps until 2038 (0x7fffffff)
[ 1470.674826][T31517] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters
07:34:15 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1470.757157][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1470.793673][T31532] EXT4-fs: Ignoring removed nobh option
07:34:15 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x4c, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1470.804078][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1470.812909][T31517] EXT4-fs (loop0): 1 truncate cleaned up
[ 1470.818842][T31517] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1470.823651][T31532] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1470.846609][T31538] loop4: detected capacity change from 0 to 512
07:34:15 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnOLw//bEJ45AEcBITFw46dACloQCBRgIQERSiN7UQmlxjFRiKRRQxCoUSR6BElEn8BFTQIqJBooUeRIuSGQHVo73bt8+OMH+dcYD8faZOZ2znPfHd37mZn9gIorWr2TxJxICJ+iYiBZnZlgWrzv1uL8xN/Ls5PJFGvv/F70ij3x+L8RFG0eN/+PDOURqQfJ3F0nXpnL185P16rTV3K8yNzF94dmb185enpC+Pnps5NXRw7ffrUydHnnh17piNx9mdtPfLBzLHDr7x1/bWJM9ff/uGrrL0H8v2tcXRKNaorj2WLxzpdWZf1t6STni42hC2pRER2unob/X8gKrF88gbi5Y+62jhgV9Xr9fre9rsX6sB/WBLdbgHQHcUXfXb/W2y3aehxR7j5QvMGKIv7Vr419/REmpfpXXV/20nViDiz8Nfn2Ra7NA8BANDqm2z889R647807m0p9/98bWgwIu6KiIMRcXdEHIqIeyIaZe+LiPu3WH91VX7t+Ce9sa3ANikb/z2fr22tHP8Vo78YrOS5/kb8vcnZ6drUifyYDEXvniw/ukEd377086ft9rWO/7Itq78YC+btuNGzZ+V7JsfnxncSc6ubHzbmAK+ujT9ZWglIIuJwRBzZxt/Pjtn0E18ea7f/n+PfQAfWmepfRDzePP8LsSr+QrLx+uTI/6I2dWKkuCrW+vGna6+3q39H8XdAdv73rXv9L8U/mLSu185uvY5rv37S9p5mu9d/X/JmI92Xv/b++NzcpdGIvuTVta+PLb+3yBfls/iHjq/f/w/G8pE4GhHZRfxARDwYEQ/lbX84Ih6JiOMbxP/9i4++s/34d1cW/+SWzv/WE5Xz333drv7Nnf9TjdRQ/spmPv8228CdHDsAAAD4t0gbz8An6fBSOk2Hh5vP8B+KfWltZnbuybMz712cbD4rPxi9aTHTNdAyHzqazw0X+bFV+ZP5vPFnlb2N/PDETG2y28FDye1v0/8zv1W63Tpg1/m9FpSX/g/lpf9Deen/UF76P5TXev3/ahfaAdx+vv+hvPR/KC/9H8pL/4dS2snv+iXKnIj0jmiGxC4luv3JBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bl/BwAA///GEens")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1470.857545][T31538] EXT4-fs: Ignoring removed nobh option
[ 1470.873634][T31532] EXT4-fs (loop1): Remounting filesystem read-only
[ 1470.874882][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1470.880232][T31532] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1470.895038][T31538] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1470.905993][T31532] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1470.923846][T31538] EXT4-fs (loop4): Remounting filesystem read-only
[ 1470.938155][T31538] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1470.954747][T31532] EXT4-fs (loop1): 1 truncate cleaned up
[ 1470.960475][T31532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1470.976450][T31538] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
07:34:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 46)
[ 1471.624518][T31545] loop5: detected capacity change from 0 to 512
[ 1471.639365][T31546] loop2: detected capacity change from 0 to 512
[ 1471.675189][T31551] loop0: detected capacity change from 0 to 512
[ 1471.681866][T31538] EXT4-fs (loop4): 1 truncate cleaned up
[ 1471.682394][T31551] EXT4-fs: Ignoring removed nobh option
[ 1471.687575][T31538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1471.710543][T31545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1471.710572][T31546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1471.723046][T31545] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2991/file0 supports timestamps until 2038 (0x7fffffff)
[ 1471.735173][T31546] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3011/file0 supports timestamps until 2038 (0x7fffffff)
[ 1471.790093][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1471.806860][T31558] FAULT_INJECTION: forcing a failure.
[ 1471.806860][T31558] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1471.820131][T31558] CPU: 0 PID: 31558 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1471.831514][T31558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1471.841559][T31558] Call Trace:
[ 1471.844862][T31558]
[ 1471.847789][T31558] dump_stack_lvl+0xd6/0x130
[ 1471.852372][T31558] dump_stack+0x11/0x20
[ 1471.856531][T31558] should_fail_ex+0x224/0x230
[ 1471.861235][T31558] __alloc_pages+0x10a/0x340
[ 1471.865886][T31558] alloc_pages+0x3f1/0x4f0
[ 1471.870399][T31558] get_zeroed_page+0x13/0x40
[ 1471.874985][T31558] mon_bin_open+0x1ba/0x3c0
[ 1471.879572][T31558] chrdev_open+0x362/0x3d0
[ 1471.883983][T31558] ? cd_forget+0xe0/0xe0
[ 1471.888222][T31558] do_dentry_open+0x59a/0x910
[ 1471.892923][T31558] vfs_open+0x43/0x50
[ 1471.896901][T31558] path_openat+0x16b8/0x1b60
[ 1471.901506][T31558] ? _parse_integer_limit+0x16f/0x190
[ 1471.906916][T31558] do_filp_open+0x105/0x220
[ 1471.911500][T31558] do_sys_openat2+0xb5/0x2a0
[ 1471.916098][T31558] ? mutex_lock+0x9/0x30
[ 1471.920556][T31558] ? fput+0x2c/0x130
[ 1471.924459][T31558] __x64_sys_openat+0xef/0x110
[ 1471.929454][T31558] do_syscall_64+0x2b/0x70
[ 1471.933952][T31558] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1471.940105][T31558] RIP: 0033:0x7f53668d4234
[ 1471.944514][T31558] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1471.964136][T31558] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1471.972539][T31558] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1471.980548][T31558] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1471.988573][T31558] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1471.996536][T31558] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1472.004593][T31558] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1472.012719][T31558]
07:34:16 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x51, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:16 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:16 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SMaJCT+AipoEFAh0UKPIkXIDYHq0N7t2ufHGT/OucB+PtImM7dznvnu7tzNzuwFUFrV7J8kYn9E/BIRA83sygLV5n83F+cn/lycn0iiXn/996RR7o/F+YmiaPG+fXlmKI1IP0riyDr1zl66fG68Vpu6mOdH5s6/MzJ76fJT0+fHz06dnbowdurUyROjzz4z9nRH4uzP2nr4/Zmjh15+89qrE6evvfXDV1l79+f7W+PolGpUVx7LFo92urIu629JJz1dbAhbUomI7HT1Nvr/QFRi+eQNxEsfdrVxwK6q1+v1Pe13L9SB/7Akut0CoDuKL/rs/rfYbtHQ47Zw4/nshvWLRvw38625pyfSvEzvqvvbTqpGxOmFvz7LttileQgAgFbfZOOfJ9cb/6VxT0u5O/K1ocGIuDMiDkTEXRFxMCLujmiUvTci7tti/dVV+bXjn/T6tgLbpGz891y+trVy/FeM/mKwkuf6G/H3Jmema1PH82MyFL17svzoBnV8++LPn7Tb1zr+y7as/mIsmLfjes+qCbrJ8bnxncTc6sYHjTnAK2vjT5ZWApKIOBQRh7fx97NjNv34l0fb7f/n+DfQgXWm+ucRjzXP/0Ksir+QbLw+OfK/qE0dHymuirV+/Onqa+3q31H8HZCd/73rXv9L8Q8mreu1s1uv4+qvH7e9p9nu9d+XvNFI9+WvvTc+N3dxNKIveWXt62PL7y3yRfks/qFj6/f/A7F8JI5ERHYR3x8RD0TEg3nbH4qIhyPi2Abxf//CI29vP/7dlcU/uaXzv/VE5dx3X7erf3Pn/2QjNZS/spnPv802cCfHDgAAAP4t0sYz8Ek6vJRO0+Hh5jP8B2NvWpuZnXvizMy7Fyabz8oPRm9azHQNtMyHjuZzw0V+bFX+RD5v/Gnl/4388MRMbbLbwUPJ7WvT/zO/VbrdOmDX+b0WlJf+D+Wl/0N56f9QXvo/lNd6/f9KF9oB3Hq+/6G89H8oL/0fykv/h1Laye/6JcqciPS2aIbELiW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGX8HAAD//6A96o0=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1472.082769][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1472.092925][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:34:16 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikDiAhASHckEKSVqFug1qgkSriAaEyhFV4o44IvEXcIILAk5IXOGOKlUoFwono7V3E+fhkIdTF/b3k7ad8Y4z8+3s2OMZO4DSqmb/JBH7IuLXiOhvZpcXqDb/u7kwN/7Xwtx4EvX6G38kjXJ/LsyNF0WL5+3NM4NpRPpJEofXqHfm0uVzY7Xa5MU8Pzx7/r3hmUuXn5k6P3Z28uzkhdGTJ08cH3n+udFnOxJnX9bWQx9OHzn4ylvXXhs/fe2dH7/O2rsvP98aR6dUo7r8WrZ4vNOVdVlfSzrZ1cWGsCmViMi6q6cx/vujEkud1x8vf9zVxgE7ql6v13e3Pz1fB/7Hkuh2C4DuKN7os8+/xXGLph63hRunIt7O47+ZH80zuyLNy/Ss+HzbSdWIOD3/9xfZETu0DgEA0OrbUxHx9FrzvzTuayl3V743NBARd0fE/oi4JyIORMS9EY2y90fEA5usv7oiv3r+k17fUmAblM3/Xsj3tpbP/4rZXwxU8lxfI/6e5MxUbfJYfk0Go2d3lh9Zp47vXvrls3bnWud/2ZHVX8wF83Zc37VigW5ibHZsOzG3uvFRYw3wyur4k8WdgCQiDkbEoS38/eyaTT351ZF25/89/nV0YJ+p/mXEE83+n48V8ReS9fcnh++I2uSx4eKuWO2nn6++3q7+bcXfAVn/71nz/l+MfyBp3a+d2XwdV3/7tO1nmq3e/73Jm410b/7YB2OzsxdHInqTV1c/Prr03CJflM/iHzy69vjfH0tX4nBEZDfxgxHxUEQ8nLf9kYh4NCKOrhP/Dy8+9u7W499ZWfwTm+r/zScq577/pl39G+v/E43UYP7IRl7/NtrA7Vw7AAAA+K9IG9+BT9KhxXSaDg01v8N/IPaktemZ2afOTL9/YaL5XfmB6EmLla7+lvXQkXxtuMiPrsgfz9eNP6/c2cgPjU/XJrodPJTc3jbjP/N7pdutA3ac32tBeRn/UF7GP5SX8Q/lZfxDea01/q90oR3Aref9H8rL+IfyMv6hvIx/KKXt/K5fosyJSG+LZkjsUKLbr0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8U8AAAD//47s6kQ=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1472.154641][T31551] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1472.171689][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1472.196928][T31551] EXT4-fs (loop0): Remounting filesystem read-only
[ 1472.204198][T31551] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1472.220795][T31551] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1472.237864][T31551] EXT4-fs (loop0): 1 truncate cleaned up
[ 1472.243599][T31551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:16 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92IH4hibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv68szQ2lE+kkSR9apd/bS5XPjtdrUxTw/Mnf+vZHZS5efmT4/fnbq7NSFsVOnTp4Yff65sWc7Emd/1tbDH84cPfTq29denzh97Z0fv87auz/f3xpHp1SjuvJYtni805V1WX9LOtnTxYawJZWIyE5XT6P/D0Qllk/eQLzycVcbB+yqer1e72u/e6EO/I8l0e0WAN1RfNFn97/FdouGHreFGy82b4CyuG/mW3PPnkjzMj2r7m87qRoRpxf+/iLbYpfmIQAAWn2bjX+eXm/8l8Z9LeXuyteGBiPi7og4EBH3RMTBiLg3olH2/oh4YIv1V1fl145/0uvbCmyTsvHfC/na1srxXzH6i8FKnutvxN+TnJmuTR3Pj8lQ9OzN8qMb1PHdy7981m5f6/gv27L6i7Fg3o7re/aufM/k+Nz4TmJudeOjxhzglbXxJ0srAUlEHIqIw9v4+9kxm37yq6Pt9v97/BvowDpT/cuIJ5rnfyFWxV9INl6fHLkjalPHR4qrYq2ffr76Rrv6dxR/B2Tnf9+61/9S/INJ63rt7NbruPrbp23vabZ7/fcmbzXSvflrH4zPzV0cjehNXlv7+tjye4t8UT6Lf+jY+v3/QCwfiSMRkV3ED0bEQxHxcN72RyLi0Yg4tkH8P7z02Lvbj393ZfFPbun8bz1ROff9N+3q39z5P9lIDeWvbObzb7MN3MmxAwAAgP+KtPEMfJIOL6XTdHi4+Qz/wdiX1mZm5546M/P+hcnms/KD0ZMWM10DLfOho/nccJEfW5U/kc8bf165s5EfnpipTXY7eCi5vjb9P/N7pdutA3ad32tBeen/UF76P5SX/g/lpf9Dea3X/690oR3Aref7H8pL/4fy0v+hvPR/KKWd/K5fosyJSG+LZkjsUqLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8U8AAAD//66B6e4=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1472.299492][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1472.328596][T31563] loop1: detected capacity change from 0 to 512
[ 1472.336653][T31563] EXT4-fs: Ignoring removed nobh option
[ 1472.343866][T31565] loop4: detected capacity change from 0 to 512
[ 1472.348028][T31563] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1472.350926][T31565] EXT4-fs: Ignoring removed nobh option
[ 1472.373378][T31563] EXT4-fs (loop1): Remounting filesystem read-only
[ 1472.380161][T31563] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1473.064785][T31573] loop2: detected capacity change from 0 to 512
[ 1473.083532][T31574] loop5: detected capacity change from 0 to 512
07:34:17 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 47)
[ 1473.117665][T31571] loop0: detected capacity change from 0 to 512
[ 1473.131397][T31571] EXT4-fs: Ignoring removed nobh option
[ 1473.143243][T31573] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1473.146594][T31565] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1473.164099][T31563] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1473.173033][T31565] EXT4-fs (loop4): Remounting filesystem read-only
[ 1473.184680][T31574] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1473.191562][T31563] EXT4-fs (loop1): 1 truncate cleaned up
[ 1473.206143][T31565] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1473.207691][T31563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1473.224955][T31565] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1473.253743][T31571] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1473.278916][T31565] EXT4-fs (loop4): 1 truncate cleaned up
[ 1473.284723][T31565] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1473.304126][T31581] FAULT_INJECTION: forcing a failure.
[ 1473.304126][T31581] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1473.317660][T31581] CPU: 0 PID: 31581 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1473.329094][T31581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1473.339238][T31581] Call Trace:
[ 1473.342508][T31581]
[ 1473.345428][T31581] dump_stack_lvl+0xd6/0x130
[ 1473.350026][T31581] dump_stack+0x11/0x20
[ 1473.354181][T31581] should_fail_ex+0x224/0x230
[ 1473.358940][T31581] __alloc_pages+0x10a/0x340
[ 1473.363584][T31581] alloc_pages+0x3f1/0x4f0
[ 1473.368058][T31581] get_zeroed_page+0x13/0x40
[ 1473.372641][T31581] mon_bin_open+0x1ba/0x3c0
[ 1473.377440][T31581] chrdev_open+0x362/0x3d0
[ 1473.381945][T31581] ? cd_forget+0xe0/0xe0
[ 1473.386326][T31581] do_dentry_open+0x59a/0x910
[ 1473.391002][T31581] vfs_open+0x43/0x50
[ 1473.394979][T31581] path_openat+0x16b8/0x1b60
[ 1473.399588][T31581] ? plist_check_list+0x14c/0x170
[ 1473.404693][T31581] do_filp_open+0x105/0x220
[ 1473.409193][T31581] do_sys_openat2+0xb5/0x2a0
[ 1473.413839][T31581] ? __schedule+0x546/0x6f0
[ 1473.418387][T31581] __x64_sys_openat+0xef/0x110
[ 1473.423401][T31581] do_syscall_64+0x2b/0x70
[ 1473.427804][T31581] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1473.433878][T31581] RIP: 0033:0x7f53668d4234
[ 1473.438312][T31581] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1473.457972][T31581] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1473.467034][T31581] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1473.475316][T31581] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1473.484271][T31581] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1473.492866][T31581] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1473.500995][T31581] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1473.509333][T31581]
07:34:17 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x60, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:17 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1473.561540][ T3128] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1473.577701][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1473.590363][T31571] EXT4-fs (loop0): Remounting filesystem read-only
[ 1473.597148][T31571] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1473.635547][T31571] EXT4-fs error (device loop0): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1473.660262][T31571] EXT4-fs (loop0): 1 truncate cleaned up
[ 1473.665990][T31571] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:17 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTvihJD4CzjBBQEnJK5wR5UqlAuFk9Hau4nzcMjDqQv7+UjrzHjHmfnu7tjjmXUApVXNHpKI/RHxS0QMNLMrC1Sbf24uzk/8uTg/kUS9/vrvSaPcH4vzE0XR4nX78sxQGpF+lMSRdeqdvXT53HitNnUxz4/MnX9nZPbS5aemz4+fnTo7dWHs1KmTJ0affWbs6Y7E2Z+19fD7M0cPvfzmtVcnTl9764evsvbuz/e3xtEp1aiuPJYtHu10ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz7sauOAXVWv1+t72u9eqAP/YUl0uwVAdxQf9Nn332K7RUOP28KN57PHLxrx38y35p6eSPMyvau+33ZSNSJOL/z1WbbFLs1DAAC0+iYb/zy53vgvjXtayt2Rrw0NRsSdEXEgIu6KiIMRcXdEo+y9EXHfFuuvrsqvHf+k17cV2CZl47/n8rWtleO/YvQXg5U819+Ivzc5M12bOp4fk6Ho3ZPlRzeo49sXf/6k3b7W8V+2ZfUXY8G8Hdd7Vk3QTY7Pje8k5lY3PmjMAV5ZG3+ytBKQRMShiDi8jf+fHbPpx7882m7/P8e/gQ6sM9U/j3isef4XYlX8hWTj9cmR/0Vt6vhIcVWs9eNPV19rV/+O4u+A7PzvXff6X4p/MGldr53deh1Xf/247Xea7V7/fckbjXRf/tx743NzF0cj+pJX1j4/tvzaIl+Uz+IfOrZ+/z8Qy0fiSERkF/H9EfFARDyYt/2hiHg4Io5tEP/3Lzzy9vbj311Z/JNbOv9bT1TOffd1u/o3d/5PNlJD+TObef/bbAN3cuwAAADg3yJt3AOfpMNL6TQdHm7ew38w9qa1mdm5J87MvHthsnmv/GD0psVM10DLfOhoPjdc5MdW5U/k88afVv7fyA9PzNQmux08lNy+Nv0/81ul260Ddp3fa0F56f9QXvo/lJf+D+Wl/0N5rdf/r3ShHcCt5/Mfykv/h/LS/6G89H8opZ38rl+izIlIb4tmSOxSotvvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//oDzqjQ==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1473.687054][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:34:18 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64FIHEASQkOJRjSNIq1G1QEyRaRTQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TtjHecme/Ojj2esQMorWr2TxKxPyJ+iYiBZnZlgWrzv1uL8xN/Ls5PJFGvv/F70ij3x+L8RFG0eN6+PDOURqQfJ3FknXpnL185P16rTV3K8yNzF94dmb185ZnpC+Pnps5NXRw7derkidHnnxt7tiNx9mdtPfzBzNFDr7x1/bWJM9ff/uGrrL378/OtcXRKNaorr2WLxztdWZf1t6STni42hC2pRETWXb2N8T8QlVjuvIF4+aOuNg7YVfV6vb6n/emFOvAflkS3WwB0R/FGn33+LY7bNPW4I9w8HTGdx38rP5pneiLNy/Su+nzbSdWIOLPw1+fZEbu0DgEA0Oqb0xHx9HrzvzTuayl3V743NBgRd0fEgYi4JyIORsS9EY2y90fEA1usv7oqv3b+k97YVmCblM3/Xsj3tlbO/4rZXwxW8lx/I/7e5Ox0bep4fk2GondPlh/doI5vX/r503bnWud/2ZHVX8wF83bc6Fm1QDc5Pje+k5hb3fywsQZ4dW38ydJOQBIRhyLi8Db+fnbNpp/88mi78/8c/wY6sM9U/yLiiWb/L8Sq+AvJxvuTI/+L2tTxkeKuWOvHn6693q7+HcXfAVn/7133/l+KfzBp3a+d3Xod1379pO1nmu3e/33Jm410X/7Y++Nzc5dGI/qSV9c+Prb83CJflM/iHzq2/vg/EMtX4khEZDfxgxHxUEQ8nLf9kYh4NCKObRD/9y8+9s72499dWfyTW+r/rScq57/7ul39m+v/k43UUP7IZl7/NtvAnVw7AAAA+LdIG9+BT9LhpXSaDg83v8N/MPamtZnZuafOzrx3cbL5XfnB6E2Lla6BlvXQ0XxtuMiPrcqfyNeNP6v8v5EfnpipTXY7eCi5fW3Gf+a3SrdbB+w6v9eC8jL+obyMfygv4x/Ky/iH8lpv/F/tQjuA28/7P5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4RzZDYpUS3X5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//6pF6k8=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:18 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIyE5Xb6P/D0Qllk/eQLzycVcbB+yqer1eH2y/e6EO/I8l0e0WAN1RfNFn97/FdouGHreFGy82b4CyuG/mW3NPT6R5md5V97edVI2I0wt/f5FtsUvzEAAArb7Nxj9Przf+S+O+lnJ35WtDgxFxd0QciIh7IuJgRNwb0Sh7f0Q8sMX6q6vya8c/6fVtBbZJ2fjvhXxta+X4rxj9xWAlz/U34u9NzkzXpo7nx2Qoevdk+dEN6vju5V8+a7evdfyXbVn9xVgwb8f1nj0r3zM5Pje+k5hb3fioMQd4ZW38ydJKQBIRhyLi8Db+fnbMpp/86mi7/f8e/wY6sM5U/zLiieb5X4hV8ReSjdcnR+6I2tTxkeKqWOunn6++0a7+HcXfAdn537vu9b8U/2DSul47u/U6rv72adt7mu1e/33JW410X/7aB+NzcxdHI/qS19a+Prb83iJflM/iHzq2fv8/EMtH4khEZBfxgxHxUEQ8nLf9kYh4NCKObRD/Dy899u72499dWfyTWzr/W09Uzn3/Tbv6N3f+TzZSQ/krm/n822wDd3LsAAAA4L8ibTwDn6TDS+k0HR5uPsN/MPamtZnZuafOzLx/YbL5rPxg9KbFTNdAy3zoaD43XOTHVuVP5PPGn1fubOSHJ2Zqk90OHkpuX5v+n/m90u3WAbvO77WgvPR/KC/9H8pL/4fy0v+hvNbr/1e60A7g1vP9D+Wl/0N56f9QXvo/lNJOftcvUeZEpLdFMyR2KdHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+CcAAP//c5np8w==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1473.780361][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1473.782917][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1473.814572][T31588] loop4: detected capacity change from 0 to 512
[ 1473.824089][T31588] EXT4-fs: Ignoring removed nobh option
[ 1474.500031][T31593] loop2: detected capacity change from 0 to 512
[ 1474.517583][T31594] loop5: detected capacity change from 0 to 512
07:34:18 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 48)
[ 1474.542415][T31590] loop1: detected capacity change from 0 to 512
[ 1474.570483][T31595] loop0: detected capacity change from 0 to 512
[ 1474.599012][T31590] EXT4-fs: Ignoring removed nobh option
[ 1474.605890][T31595] EXT4-fs: Ignoring removed nobh option
[ 1474.613052][T31593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1474.615745][T31590] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1474.625381][T31593] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3013/file0 supports timestamps until 2038 (0x7fffffff)
[ 1474.637615][T31588] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1474.662835][T31590] EXT4-fs (loop1): Remounting filesystem read-only
[ 1474.663731][T31595] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1474.684279][T31595] EXT4-fs (loop0): Remounting filesystem read-only
[ 1474.708207][T31588] EXT4-fs (loop4): Remounting filesystem read-only
[ 1474.714821][T31588] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1474.730936][T31604] FAULT_INJECTION: forcing a failure.
[ 1474.730936][T31604] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1474.744364][T31604] CPU: 0 PID: 31604 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1474.755293][T31604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1474.765445][T31604] Call Trace:
[ 1474.768818][T31604]
[ 1474.771763][T31604] dump_stack_lvl+0xd6/0x130
[ 1474.776392][T31604] dump_stack+0x11/0x20
[ 1474.780628][T31604] should_fail_ex+0x224/0x230
[ 1474.785346][T31604] __alloc_pages+0x10a/0x340
[ 1474.789954][T31604] alloc_pages+0x3f1/0x4f0
[ 1474.794376][T31604] get_zeroed_page+0x13/0x40
[ 1474.799157][T31604] mon_bin_open+0x1ba/0x3c0
[ 1474.803724][T31604] chrdev_open+0x362/0x3d0
[ 1474.808193][T31604] ? cd_forget+0xe0/0xe0
[ 1474.812452][T31604] do_dentry_open+0x59a/0x910
[ 1474.817209][T31604] vfs_open+0x43/0x50
[ 1474.821195][T31604] path_openat+0x16b8/0x1b60
[ 1474.825809][T31604] do_filp_open+0x105/0x220
[ 1474.830384][T31604] do_sys_openat2+0xb5/0x2a0
[ 1474.834971][T31604] ? mutex_lock+0x9/0x30
[ 1474.839326][T31604] ? fput+0x2c/0x130
[ 1474.843219][T31604] __x64_sys_openat+0xef/0x110
[ 1474.848013][T31604] do_syscall_64+0x2b/0x70
[ 1474.852503][T31604] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1474.858390][T31604] RIP: 0033:0x7f53668d4234
[ 1474.862813][T31604] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1474.882437][T31604] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1474.890951][T31604] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1474.898914][T31604] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1474.906888][T31604] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1474.914952][T31604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1474.923135][T31604] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1474.931125][T31604]
[ 1474.943100][T31588] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
07:34:19 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x68, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1474.959806][T31588] EXT4-fs (loop4): 1 truncate cleaned up
[ 1474.966007][T31588] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1474.980368][T31595] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1475.003319][T31590] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1475.056029][T31590] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1475.070733][T31595] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters
[ 1475.087049][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1475.097776][T31590] EXT4-fs (loop1): 1 truncate cleaned up
[ 1475.103485][T31590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1475.253991][T31608] loop5: detected capacity change from 0 to 512
[ 1475.287107][T31595] EXT4-fs (loop0): 1 truncate cleaned up
07:34:19 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1475.292977][T31595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:19 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64FIHEASQkOJRjSNIq1G1QEyRaRTQgVI6oEnfEEYm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TtjHecme/Ojj2esQMorWr2TxKxPyJ+iYiBZnZlgWrzv1uL8xN/Ls5PJFGvv/F70ij3x+L8RFG0eN6+PDOURqQfJ3FknXpnL185P16rTV3K8yNzF94dmb185ZnpC+Pnps5NXRw7derkidHnnxt7tiNx9mdtPfzBzNFDr7x1/bWJM9ff/uGrrL378/OtcXRKNaorr2WLxztdWZf1t6STni42hC2pRETWXb2N8T8QlVjuvIF4+aOuNg7YVfV6vb6n/emFOvAflkS3WwB0R/FGn33+LY7bNPW4I9w8HbGQx38rP5pneiLNy/Su+nzbSdWIOLPw1+fZEbu0DgEA0Oqb0xHx9HrzvzTuayl3V743NBgRd0fEgYi4JyIORsS9EY2y90fEA1usv7oqv3b+k97YVmCblM3/Xsj3tlbO/4rZXwxW8lx/I/7e5Ox0bep4fk2GondPlh/doI5vX/r503bnWud/2ZHVX8wF83bc6Fm1QDc5Pje+k5hb3fywsQZ4dW38ydJOQBIRhyLi8Db+fnbNpp/88mi78/8c/wY6sM9U/yLiiWb/L8Sq+AvJxvuTI/+L2tTxkeKuWOvHn6693q7+HcXfAVn/7133/l+KfzBp3a+d3Xod1379pO1nmu3e/33Jm410X/7Y++Nzc5dGI/qSV9c+Prb83CJflM/iHzq2/vg/EMtX4khEZDfxgxHxUEQ8nLf9kYh4NCKObRD/9y8+9s72499dWfyTW+r/rScq57/7ul39m+v/k43UUP7IZl7/NtvAnVw7AAAA+LdIG9+BT9LhpXSaDg83v8N/MPamtZnZuafOzrx3cbL5XfnB6E2Lla6BlvXQ0XxtuMiPrcqfyNeNP6v8v5EfnpipTXY7eCi5fW3Gf+a3SrdbB+w6v9eC8jL+obyMfygv4x/Ky/iH8lpv/F/tQjuA28/7P5SX8Q/lZfxDeRn/UEo7+V2/RJkTkd4RzZDYpUS3X5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//8wv6mY=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1475.353057][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:34:19 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 49)
[ 1475.646640][T31613] loop2: detected capacity change from 0 to 512
[ 1476.039607][T31618] FAULT_INJECTION: forcing a failure.
[ 1476.039607][T31618] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1476.052880][T31618] CPU: 1 PID: 31618 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1476.064075][T31618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1476.074613][T31618] Call Trace:
[ 1476.077899][T31618]
[ 1476.080948][T31618] dump_stack_lvl+0xd6/0x130
[ 1476.085639][T31618] dump_stack+0x11/0x20
[ 1476.090076][T31618] should_fail_ex+0x224/0x230
[ 1476.094754][T31618] __alloc_pages+0x10a/0x340
[ 1476.099351][T31618] alloc_pages+0x3f1/0x4f0
[ 1476.103760][T31618] ? alloc_pages+0x5/0x4f0
[ 1476.108169][T31618] get_zeroed_page+0x13/0x40
[ 1476.112838][T31618] mon_bin_open+0x1ba/0x3c0
[ 1476.117431][T31618] chrdev_open+0x362/0x3d0
[ 1476.122289][T31618] ? cd_forget+0xe0/0xe0
[ 1476.126605][T31618] do_dentry_open+0x59a/0x910
[ 1476.131425][T31618] vfs_open+0x43/0x50
[ 1476.135420][T31618] path_openat+0x16b8/0x1b60
[ 1476.140031][T31618] ? _parse_integer_limit+0x16f/0x190
[ 1476.145397][T31618] do_filp_open+0x105/0x220
[ 1476.150028][T31618] do_sys_openat2+0xb5/0x2a0
[ 1476.154724][T31618] ? mutex_lock+0x9/0x30
[ 1476.158976][T31618] ? fput+0x2c/0x130
[ 1476.162895][T31618] __x64_sys_openat+0xef/0x110
[ 1476.167728][T31618] do_syscall_64+0x2b/0x70
[ 1476.172131][T31618] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1476.178027][T31618] RIP: 0033:0x7f53668d4234
[ 1476.182497][T31618] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1476.203639][T31618] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1476.212044][T31618] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1476.220108][T31618] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1476.228072][T31618] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1476.236088][T31618] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1476.244096][T31618] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1476.252062][T31618]
[ 1476.274528][T31613] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:20 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x6c, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1476.301329][ T3147] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1476.505600][T31626] loop5: detected capacity change from 0 to 512
07:34:20 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:20 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 50)
07:34:20 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SMqhMRfQAUNAiokWuhRpAi5IVAd2rtd+/w448c5F9jPR9pk5nbOM9/dnbvZmb0ASqua/ZNE7I+IXyJioJldWaDa/O/m4vzEn4vzE0nU66//njTK/bE4P1EULd63L88MpRHpR0kcWafe2UuXz43XalMX8/zI3Pl3RmYvXX5q+vz42amzUxfGTp06eWL02WfGnu5InP1ZWw+/P3P00MtvXnt14vS1t374Kmvv/nx/axydUo3qymPZ4tFOV9Zl/S3ppKeLDWFLKhGRna7eRv8fiEosn7yBeOnDrjYO2FX1er2+p/3uhTrwH5ZEt1sAdEfxRZ/d/xbbLRp63BZuPJ/dsH7RiP9mvjX39ESal+lddX/bSdWIOL3w12fZFrs0DwEA0OqbbPzz5HrjvzTuaSl3R742NBgRd0bEgYi4KyIORsTdEY2y90bEfVusv7oqv3b8k17fVmCblI3/nsvXtlaO/4rRXwxW8lx/I/7e5Mx0bep4fkyGondPlh/doI5vX/z5k3b7Wsd/2ZbVX4wF83Zc71k1QTc5Pje+k5hb3figMQd4ZW38ydJKQBIRhyLi8Db+fnbMph//8mi7/f8c/wY6sM5U/zziseb5X4hV8ReSjdcnR/4XtanjI8VVsdaPP119rV39O4q/A7Lzv3fd638p/sGkdb12dut1XP3147b3NNu9/vuSNxrpvvy198bn5i6ORvQlr6x9fWz5vUW+KJ/FP3Rs/f5/IJaPxJGIyC7i+yPigYh4MG/7QxHxcEQc2yD+71945O3tx7+7svgnt3T+t56onPvu63b1b+78n2ykhvJXNvP5t9kG7uTYAQAAwL9F2ngGPkmHl9JpOjzcfIb/YOxNazOzc0+cmXn3wmTzWfnB6E2Lma6BlvnQ0XxuuMiPrcqfyOeNP638v5EfnpipTXY7eCi5fW36f+a3SrdbB+w6v9eC8tL/obz0fygv/R/KS/+H8lqv/1/pQjuAW8/3P5SX/g/lpf9Deen/UEo7+V2/RJkTkd4WzZDYpUS3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA64+8AAAD//4tz6o4=")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1476.561286][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
07:34:20 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QAxcQSBxAQoJDOYYkrULdBjVBolVEA0LliCpxRxyR+As4wQUBJySucEeVKpQLhZPR2rup83DIw64L+/tJ2854x5n5dnfs2Zl1AKVVzf5JIvZFxK8RMdjMrixQbf53Y2lh8q+lhckk6vU3/0ga5f5cWpgsihbv25tnhtOI9JMkDq9T79zFS2cnarXpC3l+dP7ce6NzFy89M3Nu4sz0menz4ydPnjg+9vxz4892JM6BrK2HPpw9cvDVt6++Pnnq6js/fp21d1++vzWOTqlGdeWxbPF4pyvrsYGWdLKrhw1hSyoRkZ2uvkb/H4xK3Dx5g/HKxz1tHNBV9Xq9vr/97sU68D+WRK9bAPRG8UWf3f8W2y0aetwWrr/YvAHK4r6Rb809uyLNy/Stur/tpGpEnFr8+4tsiy7NQwAAtPo2G/88vd74L437Wsrdla8NDUXE3RGxPyLuiYgDEXFvRKPs/RHxwBbrr67Krx3/pNe2FdgmZeO/F/K1rZXjv2L0F0OVPDfQiL8vOT1Tmz6WH5Ph6Nud5cc2qOO7l3/5rN2+1vFftmX1F2PBvB3Xdu1e+Z6pifmJncTc6vpHjTnAy2vjT5ZXApKIOBgRh7bx97NjNvPkV0fa7f/3+DfQgXWm+pcRTzTP/2Ksir+QbLw+OXpH1KaPjRZXxVo//XzljXb17yj+DsjO/551r//l+IeS1vXaua3XceW3T9ve02z3+u9P3mqk+/PXPpiYn78wFtGfvLb29fGb7y3yRfks/uGj6/f/Yl48i/9wRGQX8YMR8VBEPJy3/ZGIeDQijm4Q/w8vPfbu9uPvriz+qS2d/60nKme//6Zd/Zs7/ycaqeH8lc18/m22gTs5dgAAAPBfkTaegU/SkeV0mo6MNJ/hPxB70trs3PxTp2ffPz/VfFZ+KPrSYqZrsGU+dCyfGy7y46vyx/N5488rdzbyI5OztaleBw8lt7dN/8/8Xul164Cu83stKC/9H8pL/4fy0v+hvPR/KK/1+v/lHrQDuPV8/0N56f9QXvo/lJf+D6W0k9/1S5Q5Eelt0QyJLiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGf8EAAD//1wJ6fU=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1476.646637][ T3119] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1476.946193][T31630] FAULT_INJECTION: forcing a failure.
[ 1476.946193][T31630] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1476.959448][T31630] CPU: 1 PID: 31630 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1476.970416][T31630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1476.980562][T31630] Call Trace:
[ 1476.983826][T31630]
[ 1476.986745][T31630] dump_stack_lvl+0xd6/0x130
[ 1476.991329][T31630] dump_stack+0x11/0x20
[ 1476.995475][T31630] should_fail_ex+0x224/0x230
[ 1477.000142][T31630] __alloc_pages+0x10a/0x340
[ 1477.004790][T31630] alloc_pages+0x3f1/0x4f0
[ 1477.009194][T31630] get_zeroed_page+0x13/0x40
[ 1477.013779][T31630] mon_bin_open+0x1ba/0x3c0
[ 1477.018363][T31630] chrdev_open+0x362/0x3d0
[ 1477.022778][T31630] ? cd_forget+0xe0/0xe0
[ 1477.027017][T31630] do_dentry_open+0x59a/0x910
[ 1477.031691][T31630] vfs_open+0x43/0x50
[ 1477.035802][T31630] path_openat+0x16b8/0x1b60
[ 1477.040442][T31630] ? _parse_integer_limit+0x16f/0x190
[ 1477.045812][T31630] do_filp_open+0x105/0x220
[ 1477.050409][T31630] do_sys_openat2+0xb5/0x2a0
[ 1477.055010][T31630] ? mutex_lock+0x9/0x30
[ 1477.059309][T31630] ? fput+0x2c/0x130
[ 1477.063199][T31630] __x64_sys_openat+0xef/0x110
[ 1477.068107][T31630] do_syscall_64+0x2b/0x70
[ 1477.072529][T31630] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1477.078492][T31630] RIP: 0033:0x7f53668d4234
[ 1477.082919][T31630] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1477.102622][T31630] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1477.111068][T31630] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1477.119027][T31630] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1477.127307][T31630] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1477.135444][T31630] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1477.143555][T31630] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1477.152146][T31630]
[ 1477.166457][T31632] loop1: detected capacity change from 0 to 512
[ 1477.173501][T31632] EXT4-fs: Ignoring removed nobh option
[ 1477.186969][T31632] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
07:34:21 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x74, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1477.223742][T31632] EXT4-fs (loop1): Remounting filesystem read-only
[ 1477.254476][T31632] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1477.276080][T31632] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1477.291363][T31632] EXT4-fs (loop1): 1 truncate cleaned up
[ 1477.297095][T31632] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:21 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikDiAhASHcgxJWoW6DWqCRKuIhgqVI6rEHXFE4i/gBBcEnJC4wh1VqlAuFE5Ga+8mzsMhD6cu7O8nbTvjHWfm29mxxzN2AKVVzf5JIvZFxK8R0d/MLi9Qbf53a2Fu/K+FufEk6vW3/kga5f5cmBsvihbP25tnBtOI9JMkDq9R78yly+fGarXJi3l+ePb8+8Mzly4/N3V+7Ozk2ckLoydPnjg+8uILo893JM6+rK2HPpo+cvC1d66/MX76+rs/fp21d19+vjWOTqlGdfm1bPFkpyvrsr6WdLKriw1hUyoRkXVXT2P890clljqvP1692tXGATuqXq/Xd7c/PV8H/seS6HYLgO4o3uizz7/FcZumHneEm6cirubx38qP5pldkeZlelZ8vu2kakScnv/7i+yIHVqHAABo9e2piHh2rflfGg+0lLsn3xsaiIh7I2J/RNwXEQci4v6IRtkHI+KhTdZfXZFfPf9Jb2wpsA3K5n8v5Xtby+d/xewvBip5rq8Rf09yZqo2eSy/JoPRszvLj6xTx3ev/PJZu3Ot87/syOov5oJ5O27sWrFANzE2O7admFvd/LixBnhldfzJ4k5AEhEHI+LQFv5+ds2mnv7qSLvz/x7/Ojqwz1T/MuKpZv/Px4r4C8n6+5PDd0Vt8thwcVes9tPP195sV/+24u+ArP/3rHn/L8Y/kLTu185svo5rv33a9jPNVu//3uTtRro3f+zDsdnZiyMRvcnrqx8fXXpukS/KZ/EPHl17/O+PpStxOCKym/jhiHgkIh7N2/5YRDweEUfXif+Hl594b+vx76ws/olN9f/mE5Vz33/Trv6N9f+JRmowf2Qjr38bbeB2rh0AAAD8V6SN78An6dBiOk2Hhprf4T8Qe9La9MzsM2emP7gw0fyu/ED0pMVKV3/LeuhIvjZc5EdX5I/n68afV+5u5IfGp2sT3Q4eSm5vm/Gf+b3S7dYBO87vtaC8jH8oL+Mfysv4h/Iy/qG81hr/V7rQDuD28/4P5WX8Q3kZ/1Bexj+U0nZ+1y9R5kSkd0QzJHYo0e1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74JwAA//+in+po")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1477.374866][T31639] loop4: detected capacity change from 0 to 512
[ 1477.382988][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1477.391393][T31643] loop0: detected capacity change from 0 to 512
[ 1477.395916][T31639] EXT4-fs: Ignoring removed nobh option
[ 1477.433506][T31645] loop1: detected capacity change from 0 to 512
[ 1477.440892][T31643] EXT4-fs: Ignoring removed nobh option
[ 1477.459924][T31646] loop5: detected capacity change from 0 to 512
07:34:21 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 51)
[ 1477.673921][T31648] loop2: detected capacity change from 0 to 512
[ 1477.714835][T31648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1477.727061][T31648] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3015/file0 supports timestamps until 2038 (0x7fffffff)
[ 1477.759513][T31645] EXT4-fs: Ignoring removed nobh option
[ 1478.160574][T31656] FAULT_INJECTION: forcing a failure.
[ 1478.160574][T31656] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1478.173880][T31656] CPU: 0 PID: 31656 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1478.184828][T31656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1478.194887][T31656] Call Trace:
[ 1478.198169][T31656]
[ 1478.201089][T31656] dump_stack_lvl+0xd6/0x130
[ 1478.205837][T31656] dump_stack+0x11/0x20
[ 1478.209991][T31656] should_fail_ex+0x224/0x230
[ 1478.214673][T31656] __alloc_pages+0x10a/0x340
[ 1478.219294][T31656] alloc_pages+0x3f1/0x4f0
[ 1478.223811][T31656] get_zeroed_page+0x13/0x40
[ 1478.228408][T31656] mon_bin_open+0x1ba/0x3c0
[ 1478.232994][T31656] chrdev_open+0x362/0x3d0
[ 1478.237529][T31656] ? cd_forget+0xe0/0xe0
[ 1478.241870][T31656] do_dentry_open+0x59a/0x910
[ 1478.246551][T31656] vfs_open+0x43/0x50
[ 1478.250552][T31656] path_openat+0x16b8/0x1b60
[ 1478.255141][T31656] ? _parse_integer_limit+0x16f/0x190
[ 1478.260630][T31656] do_filp_open+0x105/0x220
[ 1478.265132][T31656] do_sys_openat2+0xb5/0x2a0
[ 1478.269812][T31656] ? mutex_lock+0x9/0x30
[ 1478.274139][T31656] ? fput+0x2c/0x130
[ 1478.278281][T31656] __x64_sys_openat+0xef/0x110
[ 1478.283207][T31656] do_syscall_64+0x2b/0x70
[ 1478.287793][T31656] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1478.293957][T31656] RIP: 0033:0x7f53668d4234
[ 1478.298379][T31656] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1478.318142][T31656] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1478.326631][T31656] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1478.334592][T31656] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1478.342821][T31656] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1478.350864][T31656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1478.358834][T31656] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1478.366816][T31656]
[ 1478.397727][T31639] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
07:34:22 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x7a, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1478.414590][T31645] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1478.428405][T31639] EXT4-fs (loop4): Remounting filesystem read-only
[ 1478.474427][T31643] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1478.487930][T31639] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1478.503730][T31645] EXT4-fs (loop1): Remounting filesystem read-only
[ 1478.511417][T31643] EXT4-fs (loop0): Remounting filesystem read-only
[ 1478.519115][T31645] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1478.521043][T31639] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1478.533812][T31643] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1478.554085][T31639] EXT4-fs (loop4): 1 truncate cleaned up
07:34:22 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:22 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 52)
[ 1478.568424][T31639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1478.582721][T31643] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1478.607063][T31643] EXT4-fs (loop0): 1 truncate cleaned up
[ 1478.612769][T31643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
07:34:22 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTviBhJ/ASe4IOCExBXuqFKFcqFwMlp7N3EeDnk4dWE/H2mdGe84M9/dHXs8sw6gtKrZQxKxPyJ+iYiBZnZlgWrzz83F+Yk/F+cnkqjXX/89aZT7Y3F+oihavG5fnhlKI9KPkjiyTr2zly6fG6/Vpi7m+ZG58++MzF66/NT0+fGzU2enLoydOnXyxOizz4w93ZE4+7O2Hn5/5uihl9+89urE6Wtv/fBV1t79+f7WODqlGtWVx7LFo52urMv6W9JJTxcbwpZUIiI7Xb2N/j8QlVg+eQPx0oddbRywq+r1en1P+90LdeA/LIlutwDojuKDPvv+W2y3aOhxW7jxfPb4RSP+m/nW3NMTaV6md9X3206qRsTphb8+y7bYpXkIAIBW32TjnyfXG/+lcU9LuTvytaHBiLgzIg5ExF0RcTAi7o5olL03Iu7bYv3VVfm145/0+rYC26Rs/Pdcvra1cvxXjP5isJLn+hvx9yZnpmtTx/NjMhS9e7L86AZ1fPviz5+029c6/su2rP5iLJi343rPqgm6yfG58Z3E3OrGB405wCtr40+WVgKSiDgUEYe38f+zYzb9+JdH2+3/5/g30IF1pvrnEY81z/9CrIq/kGy8Pjnyv6hNHR8proq1fvzp6mvt6t9R/B2Qnf+9617/S/EPJq3rtbNbr+Pqrx+3/U6z3eu/L3mjke7Ln3tvfG7u4mhEX/LK2ufHll9b5IvyWfxDx9bv/wdi+UgciYjsIr4/Ih6IiAfztj8UEQ9HxLEN4v/+hUfe3n78uyuLf3JL53/ricq5775uV//mzv/JRmoof2Yz73+bbeBOjh0AAAD8W6SNe+CTdHgpnabDw817+A/G3rQ2Mzv3xJmZdy9MNu+VH4zetJjpGmiZDx3N54aL/Niq/Il83vjTyv8b+eGJmdpkt4OHktvXpv9nfqt0u3XArvN7LSgv/R/KS/+H8tL/obz0fyiv9fr/lS60A7j1fP5Deen/UF76P5SX/g+ltJPf9UuUORHpbdEMiV1KdPudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DgAA//+LcuqO")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1478.636501][T31662] loop5: detected capacity change from 0 to 512
[ 1478.720615][ T3133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1478.731693][T31645] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1478.758698][T31645] EXT4-fs (loop1): 1 truncate cleaned up
[ 1478.764510][T31645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 1479.027829][T31665] FAULT_INJECTION: forcing a failure.
[ 1479.027829][T31665] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1479.041267][T31665] CPU: 1 PID: 31665 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1479.052307][T31665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1479.062375][T31665] Call Trace:
[ 1479.065667][T31665]
[ 1479.068601][T31665] dump_stack_lvl+0xd6/0x130
[ 1479.073203][T31665] dump_stack+0x11/0x20
[ 1479.077493][T31665] should_fail_ex+0x224/0x230
[ 1479.082182][T31665] __alloc_pages+0x10a/0x340
[ 1479.086814][T31665] alloc_pages+0x3f1/0x4f0
[ 1479.091293][T31665] get_zeroed_page+0x13/0x40
[ 1479.096038][T31665] mon_bin_open+0x1ba/0x3c0
[ 1479.100562][T31665] chrdev_open+0x362/0x3d0
[ 1479.105012][T31665] ? cd_forget+0xe0/0xe0
[ 1479.109261][T31665] do_dentry_open+0x59a/0x910
[ 1479.113941][T31665] vfs_open+0x43/0x50
[ 1479.117922][T31665] path_openat+0x16b8/0x1b60
[ 1479.122536][T31665] ? _parse_integer_limit+0x16f/0x190
[ 1479.127901][T31665] do_filp_open+0x105/0x220
[ 1479.132460][T31665] do_sys_openat2+0xb5/0x2a0
[ 1479.137119][T31665] ? mutex_lock+0x9/0x30
[ 1479.141353][T31665] ? fput+0x2c/0x130
[ 1479.145320][T31665] __x64_sys_openat+0xef/0x110
[ 1479.150114][T31665] do_syscall_64+0x2b/0x70
[ 1479.154568][T31665] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1479.160466][T31665] RIP: 0033:0x7f53668d4234
[ 1479.164875][T31665] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1479.184606][T31665] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1479.193011][T31665] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1479.201019][T31665] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1479.209000][T31665] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1479.216963][T31665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
07:34:23 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AIaAsHjYsRMgBQ0IJAqQkKAIpbGdyOQSo9hIJLKIQSiUKBI9okTiL6CCBgEVEi30KFKE3BCoDu3drn1+nPHjLhfY30/aZOZ2zjPf7s7d7MxeAKU1lP2TROyPiF8jYqCRXV1gqPHfzaWFyb+WFiaTqNXe/COpl/tzaWGyKFq8b1+eGU4j0k+SOLJBvXOXLp+bqFanL+b50fnz743OXbr8zMz5ibPTZ6cvjJ86dfLE2PPPjT/bljj7s7Ye/nD26KFX3772+uTpa+/8+HXW3v35/uY42mUohlYfyyaPt7uyLutvSic9XWwI21KJiOx09db7/0BUYuXkDcQrH3e1cUBH1Wq12lDr3Ys14H8siW63AOiO4os+u/8ttls09Lgt3HixcQOUxX0z3xp7eiLNy/Suub9tp2zsdXrx7y+yLTo0DwEA0OzbbPzz9EbjvzTuayp3V742NBgRd0fEgYi4JyIORsS9EfWy90fEA9usf+3c0/rxT3p9R4FtUTb+eyFf21o9/itGfzFYyXP99fh7kzMz1enj+TEZjt49WX5skzq+e/mXz1rtax7/ZVtWfzEWzNtxvWfP6vdMTcxP7CbmZjc+qs8BXlkff7K8EpBExKGIOLyDv58ds5knvzraav+/x7+JNqwz1b6MeKJx/hdjTfyFZPP1ydE7ojp9fLS4Ktb76eerb7Sqf1fxt0F2/vdueP0vxz+YNK/Xzm2/jqu/fdrynman139f8lY93Ze/9sHE/PzFsYi+5LX1r4+vvLfIF+Wz+IePbdz/D8TKkTgSEdlF/GBEPBQRD+dtfyQiHo2IY5vE/8NLj7278/g7K4t/alvnf/uJyrnvv2lV/9bO/8l6ajh/ZSuff1tt4G6OHQAAAPxXpPVn4JN0ZDmdpiMjjWf4D8betDo7N//Umdn3L0w1npUfjN60mOkaaJoPHcvnhov8+Jr8iXze+PPKnfX8yORsdarbwUPJ7WvR/zO/V7rdOqDj/F4Lykv/h/LS/6G89H8oL/0fymuj/n+lC+0Abj3f/1Be+j+Ul/4P5aX/Qynt5nf9EmVORHpbNEOiQ4lufzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xz8BAAD//7cK6gM=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1479.224925][T31665] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1479.232916][T31665]
07:34:23 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikDiAhASHcgxJWoW6DWqCRKuIBoSKOKFK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu4jwc8nDqwv5+0rYz3nFmvp0dezxjB1Ba1eyfJGJfRPwaEf3N7PIC1eZ/Nxfmxv9amBtPol5/44+kUe7PhbnxomjxvL15ZjCNSD9O4vAa9c5cunxurFabvJjnh2fPvzs8c+nyM1Pnx85Onp28MHry5InjI88/N/psR+Lsy9p66IPpIwdfeevaa+Onr73949dZe/fl51vj6JRqVJdfyxaPd7qyLutrSSe7utgQNqUSEVl39TTGf39UYqnz+uPlj7raOGBH1ev1+u72p+frwP9YEt1uAdAdxRt99vm3OG7R1OO2cONUxKd5/Dfzo3lmV6R5mZ4Vn287qRoRp+f//iI7YofWIQAAWn17KiKeXmv+l8Z9LeXuyveGBiLi7ojYHxH3RMSBiLg3olH2/oh4YJP1V1fkV89/0utbCmyDsvnfC/ne1vL5XzH7i4FKnutrxN+TnJmqTR7Lr8lg9OzO8iPr1PHdS7981u5c6/wvO7L6i7lg3o7ru1Ys0E2MzY5tJ+ZWNz5srAFeWR1/srgTkETEwYg4tIW/n12zqSe/OtLu/L/Hv44O7DPVv4x4otn/87Ei/kKy/v7k8B1Rmzw2XNwVq/3089XX29W/rfg7IOv/PWve/4vxDySt+7Uzm6/j6m+ftP1Ms9X7vzd5s5HuzR97f2x29uJIRG/y6urHR5eeW+SL8ln8g0fXHv/7Y+lKHI6I7CZ+MCIeioiH87Y/EhGPRsTRdeL/4cXH3tl6/Dsri39iU/2/+UTl3PfftKt/Y/1/opEazB/ZyOvfRhu4nWsHAAAA/xVp4zvwSTq0mE7ToaHmd/gPxJ60Nj0z+9SZ6fcuTDS/Kz8QPWmx0tXfsh46kq8NF/nRFfnj+brx55U7G/mh8enaRLeDh5Lb22b8Z36vdLt1wI7zey0oL+Mfysv4h/Iy/qG8jH8or7XG/5UutAO49bz/Q3kZ/1Bexj+Ul/EPpbSd3/VLlDkR6W3RDIkdSnT7lQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/gkAAP//ESfqbw==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:23 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xde, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1479.507150][T31672] loop5: detected capacity change from 0 to 512
[ 1479.522384][T31671] loop4: detected capacity change from 0 to 512
[ 1479.529815][T31671] EXT4-fs: Ignoring removed nobh option
[ 1479.587711][T31671] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1479.600675][T31671] EXT4-fs (loop4): Remounting filesystem read-only
[ 1479.607748][T31671] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
07:34:23 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 53)
[ 1479.633540][T31671] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1479.652027][T31671] EXT4-fs (loop4): 1 truncate cleaned up
[ 1479.660501][T31672] ext4 filesystem being mounted at /root/syzkaller-testdir184905228/syzkaller.PLYEBS/2998/file0 supports timestamps until 2038 (0x7fffffff)
[ 1479.907427][T31679] FAULT_INJECTION: forcing a failure.
[ 1479.907427][T31679] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1479.921003][T31679] CPU: 1 PID: 31679 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1479.932173][T31679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1479.942244][T31679] Call Trace:
[ 1479.945511][T31679]
[ 1479.948455][T31679] dump_stack_lvl+0xd6/0x130
[ 1479.953055][T31679] dump_stack+0x11/0x20
[ 1479.957490][T31679] should_fail_ex+0x224/0x230
[ 1479.962196][T31679] __alloc_pages+0x10a/0x340
[ 1479.966783][T31679] alloc_pages+0x3f1/0x4f0
[ 1479.971538][T31679] get_zeroed_page+0x13/0x40
[ 1479.976123][T31679] mon_bin_open+0x1ba/0x3c0
[ 1479.980686][T31679] chrdev_open+0x362/0x3d0
[ 1479.985110][T31679] ? cd_forget+0xe0/0xe0
[ 1479.989379][T31679] do_dentry_open+0x59a/0x910
[ 1479.994143][T31679] vfs_open+0x43/0x50
[ 1479.998193][T31679] path_openat+0x16b8/0x1b60
[ 1480.002928][T31679] ? _parse_integer_limit+0x16f/0x190
[ 1480.008330][T31679] do_filp_open+0x105/0x220
[ 1480.012946][T31679] do_sys_openat2+0xb5/0x2a0
[ 1480.017560][T31679] ? mutex_lock+0x9/0x30
[ 1480.021805][T31679] ? fput+0x2c/0x130
[ 1480.025797][T31679] __x64_sys_openat+0xef/0x110
[ 1480.030642][T31679] do_syscall_64+0x2b/0x70
[ 1480.035093][T31679] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1480.040983][T31679] RIP: 0033:0x7f53668d4234
[ 1480.045419][T31679] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1480.065128][T31679] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1480.073565][T31679] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1480.081525][T31679] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1480.089485][T31679] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1480.097519][T31679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
07:34:24 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SM6kPgLqKBBQIVECz2KFCE3BKpDe7drnx9n/DjnAvv5SJvM3M555ru7czc7sxdAaVWzf5KI/RHxS0QMNLMrC1Sb/91cnJ/4c3F+Iol6/fXfk0a5PxbnJ4qixfv25ZmhNCL9KIkj69Q7e+nyufFabepinh+ZO//OyOyly09Nnx8/O3V26sLYqVMnT4w++8zY0x2Jsz9r6+H3Z44eevnNa69OnL721g9fZe3dn+9vjaNTqlFdeSxbPNrpyrqsvyWd9HSxIWxJJSKy09Xb6P8DUYnlkzcQL33Y1cYBu6per9f3tN+9UAf+w5LodguA7ii+6LP732K7RUOP28KN57Mb1i8a8d/Mt+aenkjzMr2r7m87qRoRpxf++izbYpfmIQAAWn2TjX+eXG/8l8Y9LeXuyNeGBiPizog4EBF3RcTBiLg7olH23oi4b4v1V1fl145/0uvbCmyTsvHfc/na1srxXzH6i8FKnutvxN+bnJmuTR3Pj8lQ9O7J8qMb1PHtiz9/0m5f6/gv27L6i7Fg3o7rPasm6CbH58Z3EnOrGx805gCvrI0/WVoJSCLiUEQc3sbfz47Z9ONfHm23/5/j30AH1pnqn0c81jz/C7Eq/kKy8frkyP+iNnV8pLgq1vrxp6uvtat/R/F3QHb+9657/S/FP5i0rtfObr2Oq79+3PaeZrvXf1/yRiPdl7/23vjc3MXRiL7klbWvjy2/t8gX5bP4h46t3/8PxPKROBIR2UV8f0Q8EBEP5m1/KCIejohjG8T//QuPvL39+HdXFv/kls7/1hOVc9993a7+zZ3/k43UUP7KZj7/NtvAnRw7AAAA+LdIG8/AJ+nwUjpNh4ebz/AfjL1pbWZ27okzM+9emGw+Kz8YvWkx0zXQMh86ms8NF/mxVfkT+bzxp5X/N/LDEzO1yW4HDyW3r03/z/xW6XbrgF3n91pQXvo/lJf+D+Wl/0N56f9QXuv1/ytdaAdw6/n+h/LS/6G89H8oL/0fSmknv+uXKHMi0tuiGRK7lOj2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/B0AAP//dqnqjw==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1480.105566][T31679] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1480.113618][T31679]
[ 1480.317212][T31684] loop0: detected capacity change from 0 to 512
07:34:24 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe2, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1480.371346][T31682] loop1: detected capacity change from 0 to 512
[ 1480.385478][T31684] EXT4-fs: Ignoring removed nobh option
[ 1480.397924][T31682] EXT4-fs: Ignoring removed nobh option
[ 1480.427123][T31684] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1480.437933][T31692] loop4: detected capacity change from 0 to 512
[ 1480.439204][T31684] EXT4-fs (loop0): Remounting filesystem read-only
[ 1480.447029][T31692] EXT4-fs: Ignoring removed nobh option
[ 1480.457123][T31684] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
07:34:24 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 54)
[ 1480.458461][T31682] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1480.476478][T31684] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters
[ 1480.508744][T31684] EXT4-fs (loop0): 1 truncate cleaned up
[ 1480.514914][T31682] EXT4-fs (loop1): Remounting filesystem read-only
[ 1481.537116][T31697] loop5: detected capacity change from 0 to 512
[ 1481.551491][T31693] loop2: detected capacity change from 0 to 512
[ 1481.560492][T31699] FAULT_INJECTION: forcing a failure.
[ 1481.560492][T31699] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1481.573969][T31699] CPU: 0 PID: 31699 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1481.585076][T31699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1481.595319][T31699] Call Trace:
[ 1481.598595][T31699]
[ 1481.601531][T31699] dump_stack_lvl+0xd6/0x130
[ 1481.606131][T31699] dump_stack+0x11/0x20
[ 1481.610344][T31699] should_fail_ex+0x224/0x230
[ 1481.615012][T31699] __alloc_pages+0x10a/0x340
[ 1481.619657][T31699] alloc_pages+0x3f1/0x4f0
[ 1481.624073][T31699] get_zeroed_page+0x13/0x40
[ 1481.628689][T31699] mon_bin_open+0x1ba/0x3c0
[ 1481.633315][T31699] chrdev_open+0x362/0x3d0
[ 1481.637730][T31699] ? cd_forget+0xe0/0xe0
[ 1481.642030][T31699] do_dentry_open+0x59a/0x910
[ 1481.646854][T31699] vfs_open+0x43/0x50
[ 1481.650906][T31699] path_openat+0x16b8/0x1b60
[ 1481.655490][T31699] ? plist_check_list+0x14c/0x170
[ 1481.660576][T31699] do_filp_open+0x105/0x220
[ 1481.665141][T31699] do_sys_openat2+0xb5/0x2a0
[ 1481.669795][T31699] __x64_sys_openat+0xef/0x110
[ 1481.674594][T31699] do_syscall_64+0x2b/0x70
[ 1481.679102][T31699] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1481.685023][T31699] RIP: 0033:0x7f53668d4234
[ 1481.689439][T31699] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1481.709042][T31699] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1481.717493][T31699] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1481.725454][T31699] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1481.733512][T31699] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1481.742353][T31699] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1481.751127][T31699] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1481.759109][T31699]
[ 1481.786913][T31692] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1481.799734][T31682] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1481.820840][T31692] EXT4-fs (loop4): Remounting filesystem read-only
07:34:26 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4SBAWDzt2AqSgAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/sbvSaPcH4vzE0XR4n378sxQGpF+nMSRdeqdvXzl/HitNnUpz4/MXXh3ZPbylaenL4yfmzo3dXHs9OlTJ0efe3bsmY7E2Z+19fAHM0cPvfLW9dcmzlx/+4evsvbuz/e3xtEp1aiuPJYtHut0ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz/qauOAXVWv1+vH2+9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHmC80boCzuW/nW3NMTaV6md9X9bSdVI+LMwl+fZ1vs0jwEAECrb7Lxz1Prjf/SuK+l3F352tBgRNwdEQci4p6IOBgR90Y0yt4fEQ9ssf7qqvza8U96Y1uBbVI2/ns+X9taOf4rRn8xWMlz/Y34e5Oz07WpE/kxGYrePVl+dIM6vn3p50/b7Wsd/2VbVn8xFszbcaNnz8r3TI7Pje8k5lY3P2zMAV5dG3+ytBKQRMShiDi8jb+fHbPpJ7482m7/P8e/gQ6sM9W/iHi8ef4XYlX8hWTj9cmR/0Vt6sRIcVWs9eNP115vV/+O4u+A7PzvXff6X4p/MGldr53deh3Xfv2k7T3Ndq//vuTNRrovf+398bm5S6MRfcmra18fW35vkS/KZ/EPHVu//x+I5SNxJCKyi/jBiHgoIh7O2/5IRDwaEcc2iP/7F4+/s/34d1cW/+SWzv/WE5Xz333drv7Nnf9TjdRQ/spmPv8228CdHDsAAAD4t0gbz8An6fBSOk2Hh5vP8B+MvWltZnbuybMz712cbD4rPxi9aTHTNdAyHzqazw0X+bFV+ZP5vPFnlf838sMTM7XJbgcPJbevTf/P/FbpduuAXef3WlBe+j+Ul/4P5aX/Q3np/1Be6/X/q11oB3D7+f6H8tL/obz0fygv/R9KaSe/65cocyLSO6IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8HQAA//+H6uoH")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:34:26 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 55)
[ 1481.831918][T31692] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1481.840526][T31682] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1481.850414][T31692] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1481.880502][T31682] EXT4-fs (loop1): 1 truncate cleaned up
[ 1481.888695][T31692] EXT4-fs (loop4): 1 truncate cleaned up
[ 1481.911480][T31705] loop0: detected capacity change from 0 to 512
[ 1481.919722][T31705] EXT4-fs: Ignoring removed nobh option
07:34:26 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTviWIm/gBNcEHBC4gp3VKlCuVA4Ga29mzgPhzycurCfj7TOjHecme/ujj2eWQdQWtXsIYnYHxG/RMRAM7uyQLX559bi/MSfi/MTSdTrb/6eNMr9sTg/URQtXrcvzwylEeknSRxZp97ZS5fPjddqUxfz/Mjc+fdGZi9dfmb6/PjZqbNTF8ZOnTp5YvT558ae7Uic/VlbD384c/TQq29fe33i9LV3fvgqa+/+fH9rHJ1SjerKY9ni8U5X1mX9Lemkp4sNYUsqEZGdrt5G/x+ISiyfvIF45eOuNg7YVfV6vb6n/e6FOvAflkS3WwB0R/FBn33/LbbbNPS4I9x8MXu83oj/Vr419/REmpfpXfX9tpOqEXF64a8vsi12aR4CAKDVN9n45+n1xn9p3NdS7q58bWgwIu6OiAMRcU9EHIyIeyMaZe+PiAe2WH91VX7t+Ce9sa3ANikb/72Qr22tHP8Vo78YrOS5/kb8vcmZ6drU8fyYDEXvniw/ukEd377882ft9rWO/7Itq78YC+btuNGzaoJucnxufCcxt7r5UWMO8Mra+JOllYAkIg5FxOFt/P/smE0/ef1ou/3/HP8GOrDOVP8y4onm+V+IVfEXko3XJ0f+F7Wp4yPFVbHWjz9dfaNd/TuKvwOy87933et/Kf7BpHW9dnbrdVz99dO232m2e/33JW810n35cx+Mz81dHI3oS15b+/zY8muLfFE+i3/o2Pr9/0AsH4kjEZFdxA9GxEMR8XDe9kci4tGIOLZB/N+/9Ni7249/d2XxT27p/G89UTn33dft6t/c+T/ZSA3lz2zm/W+zDdzJsQMAAIB/i7RxD3ySDi+l03R4uHkP/8HYm9ZmZueeOjPz/oXJ5r3yg9GbFjNdAy3zoaP53HCRH1uVP5HPG39e+X8jPzwxU5vsdvBQcvva9P/Mb5Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/0oV2ALefz38oL/0fykv/h/LS/6GUdvK7fokyJyK9I5ohsUuJbr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMbfAQAA//92qOqP")
write$tun(0xffffffffffffffff, 0x0, 0x0)
07:34:26 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:26 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe3, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1481.929512][T31705] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1481.952292][T31705] EXT4-fs (loop0): Remounting filesystem read-only
[ 1481.959879][T31705] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1481.974778][T31705] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 221 vs 220 free clusters
[ 1482.011001][T31709] FAULT_INJECTION: forcing a failure.
[ 1482.011001][T31709] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1482.024355][T31709] CPU: 0 PID: 31709 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1482.035297][T31709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1482.045340][T31709] Call Trace:
[ 1482.048614][T31709]
[ 1482.051536][T31709] dump_stack_lvl+0xd6/0x130
[ 1482.056194][T31709] dump_stack+0x11/0x20
[ 1482.060346][T31709] should_fail_ex+0x224/0x230
[ 1482.065113][T31709] __alloc_pages+0x10a/0x340
[ 1482.069767][T31709] alloc_pages+0x3f1/0x4f0
[ 1482.074227][T31709] get_zeroed_page+0x13/0x40
[ 1482.078904][T31709] mon_bin_open+0x1ba/0x3c0
[ 1482.083409][T31709] chrdev_open+0x362/0x3d0
[ 1482.088494][T31709] ? cd_forget+0xe0/0xe0
[ 1482.092734][T31709] do_dentry_open+0x59a/0x910
[ 1482.097512][T31709] vfs_open+0x43/0x50
[ 1482.101493][T31709] path_openat+0x16b8/0x1b60
[ 1482.106105][T31709] ? _parse_integer_limit+0x16f/0x190
[ 1482.111502][T31709] do_filp_open+0x105/0x220
[ 1482.116015][T31709] do_sys_openat2+0xb5/0x2a0
[ 1482.120703][T31709] ? mutex_lock+0x9/0x30
[ 1482.124978][T31709] ? fput+0x2c/0x130
[ 1482.128889][T31709] __x64_sys_openat+0xef/0x110
[ 1482.133729][T31709] do_syscall_64+0x2b/0x70
[ 1482.138224][T31709] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1482.144198][T31709] RIP: 0033:0x7f53668d4234
[ 1482.148637][T31709] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1482.170816][T31709] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1482.179230][T31709] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1482.187196][T31709] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1482.195171][T31709] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1482.203249][T31709] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1482.211225][T31709] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1482.219234][T31709]
[ 1482.257072][T31705] EXT4-fs (loop0): 1 truncate cleaned up
[ 1482.324010][T31713] loop4: detected capacity change from 0 to 512
[ 1482.331281][T31713] EXT4-fs: Ignoring removed nobh option
[ 1482.653441][T31715] loop5: detected capacity change from 0 to 512
07:34:27 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikDiAhASHcgxJWoW6DWqCRKuIBoTKgQOqxB1xROIv4AQXBJyQuMIdVapQLhRORmvvJs7DIQ+nLuzvJ2074x1n5tvZscczdgClVc3+SSL2RcSvEdHfzC4vUG3+d3NhbvyvhbnxJOr1N/5IGuX+XJgbL4oWz9ubZwbTiPTjJA6vUe/Mpcvnxmq1yYt5fnj2/LvDM5cuPzN1fuzs5NnJC6MnT544PvL8c6PPdiTOvqythz6YPnLwlbeuvTZ++trbP36dtXdffr41jk6pRnX5tWzxeKcr67K+lnSyq4sNYVMqEZF1V09j/PdHJZY6rz9e/qirjQN2VL1er+9uf3q+DvyPJdHtFgDdUbzRZ59/i+MWTT1uCzdORXyax38zP5pndkWal+lZ8fm2k6oRcXr+7y+yI3ZoHQIAoNW3pyLi6bXmf2nc11LurnxvaCAi7o6I/RFxT0QciIh7Ixpl74+IBzZZf3VFfvX8J72+pcA2KJv/vZDvbS2f/xWzvxio5Lm+Rvw9yZmp2uSx/JoMRs/uLD+yTh3fvfTLZ+3Otc7/siOrv5gL5u24vmvFAt3E2OzYdmJudePDxhrgldXxJ4s7AUlEHIyIQ1v4+9k1m3ryqyPtzv97/OvowD5T/cuIJ5r9Px8r4i8k6+9PDt8Rtcljw8VdsdpPP199vV3924q/A7L+37Pm/b8Y/0DSul87s/k6rv72SdvPNFu9/3uTNxvp3vyx98dmZy+ORPQmr65+fHTpuUW+KJ/FP3h07fG/P5auxOGIyG7iByPioYh4OG/7IxHxaEQcXSf+H1587J2tx7+zsvgnNtX/m09Uzn3/Tbv6N9b/JxqpwfyRjbz+bbSB27l2AAAA8F+RNr4Dn6RDi+k0HRpqfof/QOxJa9Mzs0+dmX7vwkTzu/ID0ZMWK139LeuhI/nacJEfXZE/nq8bf165s5EfGp+uTXQ7eCi5vW3Gf+b3SrdbB+w4v9eC8jL+obyMfygv4x/Ky/iH8lpr/F/pQjuAW8/7P5SX8Q/lZfxDeRn/UErb+V2/RJkTkd4WzZDYoUS3X5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6458AAAD//+eI6nE=")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1483.016891][T31721] loop2: detected capacity change from 0 to 512
07:34:27 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CA+Lhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKJP4CKmgQUCHRQo8iRcgNgerQ3u3a58cZP865wH4+0iYzt3Oe+e7u3M3O7AVQWtXsnyRif0T8EhEDzezKAtXmfzcX5yf+XJyfSKJef+P3pFHuj8X5iaJo8b59eWYojUg/TuLIOvXOXrp8brxWm7qY50fmzr87Mnvp8tPT58fPTp2dujB26tTJE6PPPTv2TEfi7M/aeviDmaOHXnnr2msTp6+9/cNXWXv35/tb4+iUalRXHssWj3a6si7rb0knPV1sCFtSiYjsdPU2+v9AVGL55A3Eyx91tXHArqrX6/XH2u9eqAP/YUl0uwVAdxRf9Nn9b7HdoqHHbeHGC80boCzum/nW3NMTaV6md9X9bSdVI+L0wl+fZ1vs0jwEAECrb7Lxz1Prjf/SuKel3B352tBgRNwZEQci4q6IOBgRd0c0yt4bEfdtsf7qqvza8U96fVuBbVI2/ns+X9taOf4rRn8xWMlz/Y34e5Mz07Wp4/kxGYrePVl+dIM6vn3p50/b7Wsd/2VbVn8xFszbcb1nz8r3TI7Pje8k5lY3PmzMAV5ZG3+ytBKQRMShiDi8jb+fHbPpJ7482m7/P8e/gQ6sM9W/iHi8ef4XYlX8hWTj9cmR/0Vt6vhIcVWs9eNPV19vV/+O4u+A7PzvXff6X4p/MGldr53deh1Xf/2k7T3Ndq//vuTNRrovf+398bm5i6MRfcmra18fW35vkS/KZ/EPHVu//x+I5SNxJCKyi/j+iHggIh7M2/5QRDwcEcc2iP/7Fx95Z/vx764s/sktnf+tJyrnvvu6Xf2bO/8nG6mh/JXNfP5ttoE7OXYAAADwb5E2noFP0uGldJoODzef4T8Ye9PazOzck2dm3rsw2XxWfjB602Kma6BlPnQ0nxsu8mOr8ifyeePPKv9v5IcnZmqT3Q4eSm5fm/6f+a3S7dYBu87vtaC89H8oL/0fykv/h/LS/6G81uv/V7rQDuDW8/0P5aX/Q3np/1Be+j+U0k5+1y9R5kSkt0UzJHYp0e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74OwAA//9wWuoJ")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1483.062956][T31723] loop1: detected capacity change from 0 to 512
07:34:27 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 56)
07:34:27 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe4, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1483.192503][T31713] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1483.210102][T31721] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3017/file0 supports timestamps until 2038 (0x7fffffff)
[ 1484.144799][T31723] EXT4-fs: Ignoring removed nobh option
[ 1484.155910][T31713] EXT4-fs (loop4): Remounting filesystem read-only
[ 1484.162675][T31713] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1484.188904][T31723] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1484.891838][T31731] loop5: detected capacity change from 0 to 512
[ 1484.905989][T31734] FAULT_INJECTION: forcing a failure.
[ 1484.905989][T31734] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1484.919328][T31734] CPU: 1 PID: 31734 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1484.930326][T31734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1484.940370][T31734] Call Trace:
[ 1484.943637][T31734]
[ 1484.946558][T31734] dump_stack_lvl+0xd6/0x130
[ 1484.951142][T31734] dump_stack+0x11/0x20
[ 1484.955361][T31734] should_fail_ex+0x224/0x230
[ 1484.960115][T31734] __alloc_pages+0x10a/0x340
[ 1484.964727][T31734] alloc_pages+0x3f1/0x4f0
[ 1484.969180][T31734] ? alloc_pages+0x5/0x4f0
[ 1484.973598][T31734] get_zeroed_page+0x13/0x40
[ 1484.978343][T31734] mon_bin_open+0x1ba/0x3c0
[ 1484.982912][T31734] chrdev_open+0x362/0x3d0
[ 1484.987409][T31734] ? cd_forget+0xe0/0xe0
[ 1484.991651][T31734] do_dentry_open+0x59a/0x910
[ 1484.996359][T31734] vfs_open+0x43/0x50
[ 1485.000610][T31734] path_openat+0x16b8/0x1b60
[ 1485.005247][T31734] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1485.010936][T31734] ? plist_check_list+0x14c/0x170
[ 1485.015957][T31734] do_filp_open+0x105/0x220
[ 1485.020613][T31734] do_sys_openat2+0xb5/0x2a0
[ 1485.025245][T31734] ? __x64_sys_openat+0x44/0x110
[ 1485.030334][T31734] __x64_sys_openat+0xef/0x110
[ 1485.035175][T31734] do_syscall_64+0x2b/0x70
[ 1485.039626][T31734] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1485.045519][T31734] RIP: 0033:0x7f53668d4234
[ 1485.050070][T31734] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1485.069853][T31734] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1485.078282][T31734] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
07:34:29 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x9, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1485.086261][T31734] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1485.094292][T31734] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1485.102314][T31734] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1485.110538][T31734] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1485.118594][T31734]
07:34:29 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SPKSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/ubvSaPcH4vzE0XR4n378sxQGpF+ksSRdeqdvXT53HitNnUxz4/MnX9vZPbS5Wemz4+fnTo7dWHs1KmTJ0aff27s2Y7E2Z+19fCHM0cPvfr2tdcnTl9754evsvbuz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIVz7uauOAXVWv1+t72u9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHmi9kN6/VG/LfyrbmnJ9K8TO+q+9tOqkbE6YW/vsi22KV5CACAVt9k45+n1xv/pXFfS7m78rWhwYi4OyIORMQ9EXEwIu6NaJS9PyIe2GL91VX5teOf9Ma2AtukbPz3Qr62tXL8V4z+YrCS5/ob8fcmZ6ZrU8fzYzIUvXuy/OgGdXz78s+ftdvXOv7Ltqz+YiyYt+NGz6oJusnxufGdxNzq5keNOcAra+NPllYCkog4FBGHt/H3s2M2/eT1o+32/3P8G+jAOlP9y4gnmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPWNdvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9ddP297TbPf670veaqT78tc+GJ+buzga0Ze8tvb1seX3FvmifBb/0LH1+/+BWD4SRyIiu4gfjIiHIuLhvO2PRMSjEXFsg/i/f+mxd7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayl/ZzOffZhu4k2MHAAAA/xZp4xn4JB1eSqfp8HDzGf6DsTetzczOPXVm5v0Lk81n5QejNy1mugZa5kNH87nhIj+2Kn8inzf+vPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuP9//UF76P5SX/g/lpf9DKe3kd/0SZU5Eekc0Q2KXEt3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//Yd/qkA==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1485.143591][T31713] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1485.156112][T31723] EXT4-fs (loop1): Remounting filesystem read-only
[ 1485.159842][T31713] EXT4-fs (loop4): 1 truncate cleaned up
[ 1485.170846][T31723] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1485.176743][T31735] loop0: detected capacity change from 0 to 512
07:34:29 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 57)
07:34:29 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe5, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1485.197760][T31735] EXT4-fs: Ignoring removed nobh option
[ 1485.203907][T31723] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1485.222013][T31723] EXT4-fs (loop1): 1 truncate cleaned up
[ 1485.254167][T31743] loop4: detected capacity change from 0 to 512
[ 1485.281307][T31735] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1486.877687][T31747] FAULT_INJECTION: forcing a failure.
[ 1486.877687][T31747] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1486.891046][T31747] CPU: 1 PID: 31747 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1486.902094][T31747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1486.912159][T31747] Call Trace:
[ 1486.915438][T31747]
[ 1486.918372][T31747] dump_stack_lvl+0xd6/0x130
[ 1486.922965][T31747] dump_stack+0x11/0x20
[ 1486.927118][T31747] should_fail_ex+0x224/0x230
[ 1486.931862][T31747] __alloc_pages+0x10a/0x340
[ 1486.936560][T31747] alloc_pages+0x3f1/0x4f0
[ 1486.941147][T31747] get_zeroed_page+0x13/0x40
[ 1486.945751][T31747] mon_bin_open+0x1ba/0x3c0
[ 1486.950339][T31747] chrdev_open+0x362/0x3d0
[ 1486.954768][T31747] ? cd_forget+0xe0/0xe0
[ 1486.959095][T31747] do_dentry_open+0x59a/0x910
[ 1486.964070][T31747] vfs_open+0x43/0x50
[ 1486.968068][T31747] path_openat+0x16b8/0x1b60
[ 1486.972928][T31747] ? _parse_integer_limit+0x16f/0x190
[ 1486.978339][T31747] do_filp_open+0x105/0x220
[ 1486.983046][T31747] do_sys_openat2+0xb5/0x2a0
[ 1486.987683][T31747] ? mutex_lock+0x9/0x30
[ 1486.991993][T31747] ? fput+0x2c/0x130
[ 1486.995957][T31747] __x64_sys_openat+0xef/0x110
[ 1487.000817][T31747] do_syscall_64+0x2b/0x70
[ 1487.005243][T31747] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1487.011213][T31747] RIP: 0033:0x7f53668d4234
[ 1487.015701][T31747] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1487.035311][T31747] RSP: 002b:00007f5365c73ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1487.043745][T31747] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1487.051718][T31747] RDX: 0000000000000000 RSI: 00007f5365c73d40 RDI: 00000000ffffff9c
[ 1487.059775][T31747] RBP: 00007f5365c73d40 R08: 0000000000000000 R09: 0000000000000000
[ 1487.067756][T31747] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
07:34:29 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikDiAhASHcgxJWoW6DWqCRKuIBoTKEVXijnpE4i/gBBcEnJC4wh1VqlAuFE5Ga+8mzsMhD6cu7O8nbTvjHWfm29mxxzN2AKVVzf5JIvZFxK8R0d/MLi9Qbf53a2Fu/K+FufEk6vW3/kga5f5cmBsvihbP25tnBtOI9NMkDq9R78yly+fGarXJi3l+ePb8+8Mzly4/N3V+7Ozk2ckLoydPnjg+8uILo893JM6+rK2HPpo+cvC1d669MX762rs/fp21d19+vjWOTqlGdfm1bPFkpyvrsr6WdLKriw1hUyoRkXVXT2P890clljqvP179pKuNA3ZUvV6v725/er4O/I8l0e0WAN1RvNFnn3+L4zZNPe4IN09FXM/jv5UfzTO7Is3L9Kz4fNtJ1Yg4Pf/3l9kRO7QOAQDQ6ttTEfHsWvO/NB5oKXdPvjc0EBH3RsT+iLgvIg5ExP0RjbIPRsRDm6y/uiK/ev6T3thSYBuUzf9eyve2ls//itlfDFTyXF8j/p7kzFRt8lh+TQajZ3eWH1mnju9e+eXzduda53/ZkdVfzAXzdtzYtWKBbmJsdmw7Mbe6+XFjDfDK6viTxZ2AJCIORsShLfz97JpNPf3VkXbn/z3+dXRgn6l+PeKpZv/Px4r4C8n6+5PDd0Vt8thwcVes9tPPV99sV/+24u+ArP/3rHn/L8Y/kLTu185svo6rv33W9jPNVu//3uTtRro3f+zDsdnZiyMRvcnrqx8fXXpukS/KZ/EPHl17/O+PpStxOCKym/jhiHgkIh7N2/5YRDweEUfXif+Hl594b+vx76ws/olN9f/mE5Vz33/Trv6N9f+JRmowf2Qjr38bbeB2rh0AAAD8V6SN78An6dBiOk2Hhprf4T8Qe9La9MzsM2emP7gw0fyu/ED0pMVKV3/LeuhIvjZc5EdX5I/n68ZfVO5u5IfGp2sT3Q4eSm5vm/Gf+b3S7dYBO87vtaC8jH8oL+Mfysv4h/Iy/qG81hr/V7rQDuD28/4P5WX8Q3kZ/1Bexj+U0nZ+1y9R5kSkd0QzJHYo0e1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74JwAA//8eSeqH")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1487.075870][T31747] R13: 00007fffab5653af R14: 00007f5365c74300 R15: 0000000000022000
[ 1487.083866][T31747]
[ 1487.092044][T31749] loop5: detected capacity change from 0 to 512
[ 1487.102941][T31746] loop2: detected capacity change from 0 to 512
[ 1487.117995][T31735] EXT4-fs (loop0): Remounting filesystem read-only
[ 1487.129716][T31735] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1487.144861][T31743] EXT4-fs: Ignoring removed nobh option
[ 1487.147490][T31735] EXT4-fs error (device loop0): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1487.167386][T31735] EXT4-fs (loop0): 1 truncate cleaned up
07:34:31 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 58)
[ 1487.176873][T31743] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1487.189555][T31753] loop1: detected capacity change from 0 to 512
[ 1487.194712][ T9929] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1487.205234][T31753] EXT4-fs: Ignoring removed nobh option
07:34:31 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHEUYAPBv92wHkhibEB55AAcBYfGwYydAChoQSBQgIUERSmM7kcklRrGRSGQRg1AoUSR6RInEX0AFDQIqJFroUaQIuSFQHdq7Xfv8OOPHORfY30/aZOZ2zjPf7s7d7MxeAKVVzf5JIvZHxK8RMdDMrixQbf53c3F+4q/F+Ykk6vU3/0ga5f5cnJ8oihbv25dnhtKI9JMkjqxT7+yly+fGa7Wpi3l+ZO78eyOzly4/M31+/OzU2akLY6dOnTwx+vxzY892JM7+rK2HP5w5eujVt6+9PnH62js/fp21d3++vzWOTqlGdeWxbPF4pyvrsv6WdNLTxYawJZWIyE5Xb6P/D0Qllk/eQLzycVcbB+yqer1eH2m/e6EO/I8l0e0WAN1RfNFn97/FdouGHreFGy82b4CyuG/mW3NPT6R5md5V97edVI2I0wt/f5FtsUvzEAAArb7Nxj9Przf+S+O+lnJ35WtDgxFxd0QciIh7IuJgRNwb0Sh7f0Q8sMX6q6vya8c/6fVtBbZJ2fjvhXxta+X4rxj9xWAlz/U34u9NzkzXpo7nx2Qoevdk+dEN6vju5V8+a7evdfyXbVn9xVgwb8f1nj0r3zM5Pje+k5hb3fioMQd4ZW38ydJKQBIRhyLi8Db+fnbMpp/86mi7/f8e/wY6sM5U/zLiieb5X4hV8ReSjdcnR+6I2tTxkeKqWOunn6++0a7+HcXfAdn537vu9b8U/2DSul47u/U6rv72adt7mu1e/33JW410X/7aB+NzcxdHI/qS19a+Prb83iJflM/iHzq2fv8/EMtH4khEZBfxgxHxUEQ8nLf9kYh4NCKObRD/Dy899u72499dWfyTWzr/W09Uzn3/Tbv6N3f+TzZSQ/krm/n822wDd3LsAAAA4L8ibTwDn6TDS+k0HR5uPsN/MPamtZnZuafOzLx/YbL5rPxg9KbFTNdAy3zoaD43XOTHVuVP5PPGn1fubOSHJ2Zqk90OHkpuX5v+n/m90u3WAbvO77WgvPR/KC/9H8pL/4fy0v+hvNbr/1e60A7g1vP9D+Wl/0N56f9QXvo/lNJOftcvUeZEpLdFMyR2KdHtTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDO+CcAAP//BlLqEg==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1487.247721][T31743] EXT4-fs (loop4): Remounting filesystem read-only
[ 1487.255987][T31743] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1487.304994][T31753] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1487.512617][T31758] FAULT_INJECTION: forcing a failure.
[ 1487.512617][T31758] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1487.525897][T31758] CPU: 0 PID: 31758 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1487.536858][T31758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1487.547005][T31758] Call Trace:
[ 1487.550279][T31758]
[ 1487.553211][T31758] dump_stack_lvl+0xd6/0x130
[ 1487.557825][T31758] dump_stack+0x11/0x20
[ 1487.562062][T31758] should_fail_ex+0x224/0x230
[ 1487.566895][T31758] __alloc_pages+0x10a/0x340
[ 1487.571497][T31758] alloc_pages+0x3f1/0x4f0
[ 1487.575963][T31758] get_zeroed_page+0x13/0x40
[ 1487.581468][T31758] mon_bin_open+0x1ba/0x3c0
[ 1487.586035][T31758] chrdev_open+0x362/0x3d0
[ 1487.590600][T31758] ? cd_forget+0xe0/0xe0
[ 1487.594857][T31758] do_dentry_open+0x59a/0x910
[ 1487.599684][T31758] vfs_open+0x43/0x50
[ 1487.603702][T31758] path_openat+0x16b8/0x1b60
[ 1487.608354][T31758] ? _parse_integer_limit+0x16f/0x190
[ 1487.613724][T31758] ? sysvec_call_function_single+0x99/0xb0
[ 1487.619701][T31758] do_filp_open+0x105/0x220
[ 1487.624229][T31758] do_sys_openat2+0xb5/0x2a0
[ 1487.628850][T31758] ? mutex_lock+0x9/0x30
[ 1487.633141][T31758] ? fput+0x2c/0x130
[ 1487.637069][T31758] __x64_sys_openat+0xef/0x110
[ 1487.646636][T31758] do_syscall_64+0x2b/0x70
[ 1487.651054][T31758] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1487.656964][T31758] RIP: 0033:0x7f53668d4234
[ 1487.661384][T31758] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1487.681222][T31758] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1487.689628][T31758] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1487.697671][T31758] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1487.705633][T31758] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1487.713597][T31758] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1487.721628][T31758] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1487.729656][T31758]
[ 1487.751450][T31753] EXT4-fs (loop1): Remounting filesystem read-only
07:34:32 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe6, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1487.784131][T31753] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1487.801253][T31743] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1487.818351][T31753] EXT4-fs (loop1): 1 truncate cleaned up
[ 1488.033837][T31762] loop5: detected capacity change from 0 to 512
07:34:32 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:32 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 59)
[ 1488.126834][T31743] EXT4-fs (loop4): 1 truncate cleaned up
[ 1488.162365][T31766] loop0: detected capacity change from 0 to 512
[ 1488.374679][T31768] FAULT_INJECTION: forcing a failure.
[ 1488.374679][T31768] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1488.388027][T31768] CPU: 0 PID: 31768 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1488.398964][T31768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1488.409006][T31768] Call Trace:
[ 1488.412274][T31768]
[ 1488.415196][T31768] dump_stack_lvl+0xd6/0x130
[ 1488.419787][T31768] dump_stack+0x11/0x20
[ 1488.423976][T31768] should_fail_ex+0x224/0x230
[ 1488.428820][T31768] __alloc_pages+0x10a/0x340
[ 1488.433465][T31768] alloc_pages+0x3f1/0x4f0
[ 1488.437951][T31768] get_zeroed_page+0x13/0x40
[ 1488.442537][T31768] mon_bin_open+0x1ba/0x3c0
[ 1488.447040][T31768] chrdev_open+0x362/0x3d0
[ 1488.451478][T31768] ? cd_forget+0xe0/0xe0
[ 1488.455730][T31768] do_dentry_open+0x59a/0x910
[ 1488.460420][T31768] vfs_open+0x43/0x50
[ 1488.464540][T31768] path_openat+0x16b8/0x1b60
[ 1488.469269][T31768] ? plist_check_list+0x14c/0x170
[ 1488.474305][T31768] do_filp_open+0x105/0x220
[ 1488.478832][T31768] do_sys_openat2+0xb5/0x2a0
[ 1488.483555][T31768] __x64_sys_openat+0xef/0x110
[ 1488.488319][T31768] do_syscall_64+0x2b/0x70
[ 1488.492785][T31768] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1488.498691][T31768] RIP: 0033:0x7f53668d4234
[ 1488.503109][T31768] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1488.522720][T31768] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1488.531225][T31768] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1488.539196][T31768] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1488.547198][T31768] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1488.555166][T31768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1488.563131][T31768] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1488.571137][T31768]
[ 1488.580757][T31766] EXT4-fs: Ignoring removed nobh option
07:34:32 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe7, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:33 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG8UfAPDvrpP092sbEkp59AEYCiLikTRpgR64gEDiABISHMoxJGkV6jaoCRKtIhoQKkdUiTviCOIv4AQXBJyQuMIdVapQLhRORmvvJs7DIQ+nLuznI60z4x1n5ru7Y49n1gGUVjV7SCL2R8QvETHQzK4sUG3+ubk4P/Hn4vxEEvX6678njXJ/LM5PFEWL1+3LM0NpRPpREkfWqXf20uVz47Xa1MU8PzJ3/p2R2UuXn5o+P3526uzUhbFTp06eGH32mbGnOxJnf9bWw+/PHD308pvXXp04fe2tH77K2rs/398aR6dUo7ryWLZ4tNOVdVl/Szrp6WJD2JJKRGSnq7fR/weiEssnbyBe+rCrjQN2Vb1er+9pv3uhDvyHJdHtFgDdUXzQZ99/i+0WDT1uCzeezx6/bMR/M9+ae3oizcv0rvp+20nViDi98Ndn2Ra7NA8BANDqm2z88+R647807mkpd0e+NjQYEXdGxIGIuCsiDkbE3RGNsvdGxH1brL+6Kr92/JNe31Zgm5SN/57L17ZWjv+K0V8MVvJcfyP+3uTMdG3qeH5MhqJ3T5Yf3aCOb1/8+ZN2+1rHf9mW1V+MBfN2XO9ZNUE3OT43vpOYW934oDEHeGVt/MnSSkASEYci4vA2/n92zKYf/+Jou/3/HP8GOrDOVP884rHm+V+IVfEXko3XJ0f+F7Wp4yPFVbHWjz9dfa1d/TuKvwOy87933et/Kf7BpHW9dnbrdVz99eO232m2e/33JW800n35c++Nz81dHI3oS15Z+/zY8muLfFE+i3/o2Pr9/0AsH4kjEZFdxPdHxAMR8WDe9oci4uGIOLZB/N+/8Mjb249/d2XxT27p/G89UTn33dft6t/c+T/ZSA3lz2zm/W+zDdzJsQMAAIB/i7RxD3ySDi+l03R4uHkP/8HYm9ZmZueeODPz7oXJ5r3yg9GbFjNdAy3zoaP53HCRH1uVP5HPG39a+X8jPzwxU5vsdvBQcvva9P/Mb5Vutw7YdX6vBeWl/0N56f9QXvo/lJf+D+W1Xv+/0oV2ALeez38oL/0fykv/h/LS/6GUdvK7fokyJyK9LZohsUuJbr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMbfAQAA//9h3uqQ")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1489.162979][T31766] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1489.177581][T31766] EXT4-fs (loop0): Remounting filesystem read-only
[ 1489.184991][T31766] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
07:34:33 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 60)
07:34:33 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs28tvG0UYAPBv100KbUNCKY8+AENBRDySJi3QA5cikDiAhASHcgxJWoW6DWqCRKuIBoTKEVXijuCGxF/ACS4IOCFxhTuqVKFcKJyM1t5NnIdDHk5d2N9P2nbGO87Mt7Njj2fsAEqrmv2TROyLiF8jor+ZXV6g2vzv5sLc+F8Lc+NJ1Otv/JE0yv25MDdeFC2etzfPDKYR6cdJHF6j3plLl8+N1WqTF/P88Oz5d4dnLl1+Zur82NnJs5MXRk+ePHF85PnnRp/tSJx9WVsPfTB95OArb117bfz0tbd//Dpr7778fGscnVKN6vJr2eLxTlfWZX0t6WRXFxvCplQiIuuunsb4749KLHVef7z8UVcbB+yoer1e393+9Hwd+B9LotstALqjeKPPPv8Wxy2aetwWbpyK+DKP/2Z+NM/sijQv07Pi820nVSPi9Pzfn2dH7NA6BABAq29PRcTTa83/0rivpdxd+d7QQETcHRH7I+KeiDgQEfdGNMreHxEPbLL+6or86vlPen1LgW1QNv97Id/bWj7/K2Z/MVDJc32N+HuSM1O1yWP5NRmMnt1ZfmSdOr576ZdP251rnf9lR1Z/MRfM23F914oFuomx2bHtxNzqxoeNNcArq+NPFncCkog4GBGHtvD3s2s29eRXR9qd//f419GBfab6FxFPNPt/PlbEX0jW358cviNqk8eGi7titZ9+vvp6u/q3FX8HZP2/Z837fzH+gaR1v3Zm83Vc/e2Ttp9ptnr/9yZvNtK9+WPvj83OXhyJ6E1eXf346NJzi3xRPot/8Oja439/LF2JwxGR3cQPRsRDEfFw3vZHIuLRiDi6Tvw/vPjYO1uPf2dl8U9sqv83n6ic+/6bdvVvrP9PNFKD+SMbef3baAO3c+0AAADgvyJtfAc+SYcW02k6NNT8Dv+B2JPWpmdmnzoz/d6FieZ35QeiJy1Wuvpb1kNH8rXhIj+6In88Xzf+rHJnIz80Pl2b6HbwUHJ724z/zO+VbrcO2HF+rwXlZfxDeRn/UF7GP5SX8Q/ltdb4v9KFdgC3nvd/KC/jH8rL+IfyMv6hlLbzu36JMicivS2aIbFDiW6/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTGPwEAAP//CYHqiA==")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x8000, 0x3, 0x2, {{0x13, 0x4, 0x1, 0x2d, 0x4c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@end, @timestamp_addr={0x44, 0x34, 0xff, 0x1, 0x4, [{@dev, 0x2}, {@loopback}, {@empty, 0x6ce}, {@rand_addr, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xb8}]}, @noop, @noop]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x41841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1489.600317][T31775] loop2: detected capacity change from 0 to 512
[ 1489.610521][T31778] loop5: detected capacity change from 0 to 512
[ 1489.652459][T31781] loop4: detected capacity change from 0 to 512
[ 1489.655182][T31766] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1489.659726][T31781] EXT4-fs: Ignoring removed nobh option
[ 1489.675753][T31775] ext4 filesystem being mounted at /root/syzkaller-testdir1583530368/syzkaller.4IUY9g/3019/file0 supports timestamps until 2038 (0x7fffffff)
[ 1489.679460][T31766] EXT4-fs (loop0): 1 truncate cleaned up
07:34:34 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07IaSgAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/sbvSaPcH4vzE0XR4n378sxQGpF+nMSRdeqdvXzl/HitNnUpz4/MXXh3ZPbylWemL4yfmzo3dXHs9OmTJ0afOzX2bEfi7M/aeviDmaOHXnnr+msTZ66//cNXWXv35/tb4+iUalRXHssWj3e6si7rb0knPV1sCFtSiYjsdPU2+v9AVGL55A3Eyx91tXHArqrX6/VT7Xcv1IH/sCS63QKgO4ov+uz+t9hu09DjjnDzheYNUBb3rXxr7umJNC/Tu+r+tpOqEXFm4a/Psy12aR4CAKDVN9n45+n1xn9p3NdS7q58bWgwIu6OiAMRcU9EHIyIeyMaZe+PiAe2WH91VX7t+Ce9sa3ANikb/z2fr22tHP8Vo78YrOS5/kb8vcnZ6drU8fyYDEXvniw/ukEd377086ft9rWO/7Itq78YC+btuNGzZ+V7JsfnxncSc6ubHzbmAK+ujT9ZWglIIuJQRBzext/Pjtn0k18ebbf/n+PfQAfWmepfRDzRPP8LsSr+QrLx+uTI/6I2dXykuCrW+vGna6+3q39H8XdAdv73rnv9L8U/mLSu185uvY5rv37S9p5mu9d/X/JmI92Xv/b++NzcpdGIvuTVta+PLb+3yBfls/iHjq3f/w/E8pE4EhHZRfxgRDwUEQ/nbX8kIh6NiGMbxP/9i4+9s/34d1cW/+SWzv/WE5Xz333drv7Nnf+TjdRQ/spmPv8228CdHDsAAAD4t0gbz8An6fBSOk2Hh5vP8B+MvWltZnbuqbMz712cbD4rPxi9aTHTNdAyHzqazw0X+bFV+RP5vPFnlf838sMTM7XJbgcPJbevTf/P/FbpduuAXef3WlBe+j+Ul/4P5aX/Q3np/1Be6/X/q11oB3D7+f6H8tL/obz0fygv/R9KaSe/65cocyLSO6IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8HQAA//+zy+oZ")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
[ 1489.712890][T31781] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz-executor.4: invalid block
[ 1489.731753][T31781] EXT4-fs (loop4): Remounting filesystem read-only
[ 1489.738654][T31787] loop1: detected capacity change from 0 to 512
[ 1489.743522][T31781] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1489.746732][T31787] EXT4-fs: Ignoring removed nobh option
[ 1489.782434][T31790] loop0: detected capacity change from 0 to 512
[ 1489.789946][T31790] EXT4-fs: Ignoring removed nobh option
[ 1489.817599][T31791] FAULT_INJECTION: forcing a failure.
[ 1489.817599][T31791] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1489.831079][T31791] CPU: 1 PID: 31791 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1489.842014][T31791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1489.852058][T31791] Call Trace:
[ 1489.855396][T31791]
[ 1489.858315][T31791] dump_stack_lvl+0xd6/0x130
[ 1489.862898][T31791] dump_stack+0x11/0x20
[ 1489.867043][T31791] should_fail_ex+0x224/0x230
[ 1489.871725][T31791] __alloc_pages+0x10a/0x340
[ 1489.876438][T31791] alloc_pages+0x3f1/0x4f0
[ 1489.881005][T31791] get_zeroed_page+0x13/0x40
[ 1489.885696][T31791] mon_bin_open+0x1ba/0x3c0
[ 1489.890206][T31791] chrdev_open+0x362/0x3d0
[ 1489.894701][T31791] ? cd_forget+0xe0/0xe0
[ 1489.899970][T31791] do_dentry_open+0x59a/0x910
[ 1489.904670][T31791] vfs_open+0x43/0x50
[ 1489.908698][T31791] path_openat+0x16b8/0x1b60
[ 1489.913284][T31791] ? _parse_integer_limit+0x16f/0x190
[ 1489.918735][T31791] do_filp_open+0x105/0x220
[ 1489.923249][T31791] do_sys_openat2+0xb5/0x2a0
[ 1489.927840][T31791] ? mutex_lock+0x9/0x30
[ 1489.932078][T31791] ? fput+0x2c/0x130
[ 1489.935964][T31791] __x64_sys_openat+0xef/0x110
[ 1489.940751][T31791] do_syscall_64+0x2b/0x70
[ 1489.945156][T31791] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1489.951048][T31791] RIP: 0033:0x7f53668d4234
[ 1489.955459][T31791] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1489.975404][T31791] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1489.983804][T31791] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1489.992169][T31791] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1490.000212][T31791] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1490.008230][T31791] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1490.016219][T31791] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1490.024245][T31791]
[ 1490.058374][T31781] EXT4-fs error (device loop4): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1490.075255][T31781] EXT4-fs (loop4): 1 truncate cleaned up
07:34:34 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
07:34:34 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xfe, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1490.115481][T31787] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz-executor.1: invalid block
[ 1490.136107][T31790] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz-executor.0: invalid block
[ 1490.159710][T31787] EXT4-fs (loop1): Remounting filesystem read-only
07:34:34 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 61)
[ 1490.455373][T31797] loop5: detected capacity change from 0 to 512
[ 1490.466244][T31787] EXT4-fs error (device loop1): ext4_free_branches:1022: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1)
[ 1490.482595][T31790] EXT4-fs (loop0): Remounting filesystem read-only
07:34:34 executing program 4:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVLQgECiAAkJilAa24lMLjGKjUQiixiEQoki0SNKEH8BFTQIqJBooUeRIuSGQHVo73bt8+OMH+dcYD8faZOZ2znPfHd37mZn9gIorWr2TxKxPyJ+iYiBZnZlgWrzv5uL8xN/Ls5PJFGvv/570ij3x+L8RFG0eN++PDOURqQfJXFknXpnL10+N16rTV3M8yNz598Zmb10+anp8+Nnp85OXRg7derkidFnnxl7uiNx9mdtPfz+zNFDL7957dWJ09fe+uGrrL378/2tcXRKNaorj2WLRztdWZf1t6STni42hC2pRER2unob/X8gKrF88gbipQ+72jhgV9Xr9fqe9rsX6sB/WBLdbgHQHcUXfXb/W2y3aOhxW7jxfHbD+mUj/pv51tzTE2lepnfV/W0nVSPi9MJfn2Vb7NI8BABAq2+y8c+T643/0rinpdwd+drQYETcGREHIuKuiDgYEXdHNMreGxH3bbH+6qr82vFPen1bgW1SNv57Ll/bWjn+K0Z/MVjJc/2N+HuTM9O1qeP5MRmK3j1ZfnSDOr598edP2u1rHf9lW1Z/MRbM23G9Z9UE3eT43PhOYm5144PGHOCVtfEnSysBSUQciojD2/j72TGbfvyLo+32/3P8G+jAOlP984jHmud/IVbFX0g2Xp8c+V/Upo6PFFfFWj/+dPW1dvXvKP4OyM7/3nWv/6X4B5PW9drZrddx9deP297TbPf670veaKT78tfeG5+buzga0Ze8svb1seX3FvmifBb/0LH1+/+BWD4SRyIiu4jvj4gHIuLBvO0PRcTDEXFsg/i/f+GRt7cf/+7K4p/c0vnfeqJy7ruv29W/ufN/spEayl/ZzOffZhu4k2MHAAAA/xZp4xn4JB1eSqfp8HDzGf6DsTetzczOPXFm5t0Lk81n5QejNy1mugZa5kNH87nhIj+2Kn8inzf+tPL/Rn54YqY22e3goeT2ten/md8q3W4dsOv8XgvKS/+H8tL/obz0fygv/R/Ka73+f6UL7QBuPd//UF76P5SX/g/lpf9DKe3kd/0SZU5Eels0Q2KXEt3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMvwMAAP//TRXqkQ==")
write$tun(0xffffffffffffffff, 0x0, 0x0)
[ 1490.573416][T31790] EXT4-fs error (device loop0): ext4_free_branches:1022: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1)
[ 1490.615455][T31803] loop4: detected capacity change from 0 to 512
[ 1490.622912][T31803] EXT4-fs: Ignoring removed nobh option
[ 1490.629248][T31790] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1098: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1491.291139][T31805] loop2: detected capacity change from 0 to 512
[ 1491.318545][T31806] FAULT_INJECTION: forcing a failure.
[ 1491.318545][T31806] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1491.331821][T31806] CPU: 1 PID: 31806 Comm: syz-executor.3 Not tainted 6.2.0-rc1-syzkaller-00084-gc8451c141e07-dirty #0
[ 1491.342764][T31806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1491.352950][T31806] Call Trace:
[ 1491.356225][T31806]
[ 1491.359148][T31806] dump_stack_lvl+0xd6/0x130
[ 1491.363758][T31806] dump_stack+0x11/0x20
[ 1491.367901][T31806] should_fail_ex+0x224/0x230
[ 1491.372570][T31806] __alloc_pages+0x10a/0x340
[ 1491.377241][T31806] alloc_pages+0x3f1/0x4f0
[ 1491.381838][T31806] get_zeroed_page+0x13/0x40
[ 1491.386437][T31806] mon_bin_open+0x1ba/0x3c0
[ 1491.391003][T31806] chrdev_open+0x362/0x3d0
[ 1491.395433][T31806] ? cd_forget+0xe0/0xe0
[ 1491.399839][T31806] do_dentry_open+0x59a/0x910
[ 1491.404624][T31806] vfs_open+0x43/0x50
[ 1491.409332][T31806] path_openat+0x16b8/0x1b60
[ 1491.414458][T31806] ? asm_sysvec_reschedule_ipi+0x16/0x20
[ 1491.420201][T31806] ? _parse_integer_limit+0x16f/0x190
[ 1491.425579][T31806] do_filp_open+0x105/0x220
[ 1491.430085][T31806] do_sys_openat2+0xb5/0x2a0
[ 1491.434728][T31806] ? mutex_lock+0x9/0x30
[ 1491.438971][T31806] ? fput+0x2c/0x130
[ 1491.442935][T31806] __x64_sys_openat+0xef/0x110
[ 1491.447711][T31806] do_syscall_64+0x2b/0x70
[ 1491.452180][T31806] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1491.458080][T31806] RIP: 0033:0x7f53668d4234
[ 1491.462491][T31806] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 1491.482150][T31806] RSP: 002b:00007f5365c52ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
07:34:35 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x11c, &(0x7f0000000180)=ANY=[@ANYBLOB="00c9340600000000004000a2fbdbbe10f161c113000006bb71bf2012bc409f110e17cadc385f1fef2abb30c491a9581355e0974bbeed6dce82587a05d162cb66b245a6"], 0x3, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
[ 1491.490602][T31806] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007f53668d4234
[ 1491.498557][T31806] RDX: 0000000000000000 RSI: 00007f5365c52d40 RDI: 00000000ffffff9c
[ 1491.506617][T31806] RBP: 00007f5365c52d40 R08: 0000000000000000 R09: 0000000000000000
[ 1491.514709][T31806] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1491.522735][T31806] R13: 00007fffab5653af R14: 00007f5365c53300 R15: 0000000000022000
[ 1491.530798][T31806]
[ 1491.597297][T31787] EXT4-fs error (device loop1): mb_free_blocks:1780: group 0, inode 13: block 100:freeing already freed block (bit 99); block bitmap corrupt.
[ 1491.615914][T31790] EXT4-fs (loop0): 1 truncate cleaned up
[ 1491.625598][T31787] EXT4-fs (loop1): 1 truncate cleaned up
[ 1491.627630][T31803] EXT4-fs error (device loop4): ext4_free_branches:1022: inode #13: comm syz-executor.4: invalid indirect mapped block 1819239214 (level 1)
[ 1491.701293][T31813] loop5: detected capacity change from 0 to 512
07:34:36 executing program 0:
r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks}, {@grpquota}, {@init_itable}, {@errors_remount}, {@nobh}, {@nombcache}]}, 0x0, 0x424, &(0x7f0000000900)="$eJzs27tvHMUfAPDv7tnO75fE2ITwyAM4CAiLhx07AVKkAYFEARISFKE0thOZXGIUG4lEFjEIhRJFokeUSPwFVNAgoEKihR5FipAbAtWhvdu1z48zfpxzgf18pE1mbuc8893duZud2QugtKrZP0nE/oj4JSIGmtmVBarN/24tzk/8uTg/kUS9/sbvSaPcH4vzE0XR4n378sxQGpF+nMSRdeqdvXzl/HitNnUpz4/MXXh3ZPbylWemL4yfmzo3dXHs1KmTJ0aff27s2Y7E2Z+19fAHM0cPvfLW9dcmzlx/+4evsvbuz/e3xtEp1aiuPJYtHu90ZV3W35JOerrYELakEhHZ6ept9P+BqMTyyRuIlz/qauOAXVWv1+un2+9eqAP/YUl0uwVAdxRf9Nn9b7HdpqHHHeHmC80boCzuW/nW3NMTaV6md9X9bSdVI+LMwl+fZ1vs0jwEAECrb7Lxz9Prjf/SuK+l3F352tBgRNwdEQci4p6IOBgR90Y0yt4fEQ9ssf7qqvza8U96Y1uBbVI2/judr22tHP8Vo78YrOS5/kb8vcnZ6drU8fyYDEXvniw/ukEd377086ft9rWO/7Itq78YC+btuNGzZ+V7JsfnxncSc6ubHzbmAK+ujT9ZWglIIuJQRBzext/Pjtn0k18ebbf/n+PfQAfWmepfRDzRPP8LsSr+QrLx+uTI/6I2dXykuCrW+vGna6+3q39H8XdAdv73rnv9L8U/mLSu185uvY5rv37S9p5mu9d/X/JmI92Xv/b++NzcpdGIvuTVta+PLb+3yBfls/iHjq3f/w/E8pE4EhHZRfxgRDwUEQ/nbX8kIh6NiGMbxP/9i4+9s/34d1cW/+SWzv/WE5Xz333drv7Nnf+TjdRQ/spmPv8228CdHDsAAAD4t0gbz8An6fBSOk2Hh5vP8B+MvWltZnbuqbMz712cbD4rPxi9aTHTNdAyHzqazw0X+bFV+RP5vPFnlf838sMTM7XJbgcPJbevTf/P/FbpduuAXef3WlBe+j+Ul/4P5aX/Q3np/1Be6/X/q11oB3D7+f6H8tL/obz0fygv/R9KaSe/65cocyLSO6IZEruU6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8HQAA//9tG+of")
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x1, 0x2d, 0x1c, 0x66, 0x0, 0x1c, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@ra={0x94, 0x4}, @end, @noop]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x41841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
write$tun(r2, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, &(0x7f0000000240)={@void, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x3a)
socketpair(0x2a, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008340)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc, &(0x7f0000000180)=[{0x0}, {&(0x7f0000006040)={0x14, 0x28, 0x200, 0x0, 0x0, "", [@generic, @nested={0x4, 0x14}]}, 0x14}, {&(0x7f0000005f00)={0x50, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, "", [@typed={0x3e, 0x0, 0x0, 0x0, @binary="678a7dfdb799dd28b532d753a8d7082aac7f2a4041a93d50df2a0e783dba40e1c06b2f474764535573d7ff3f5524b9d74163dd757c5f9eb3a8e9"}]}, 0x50}], 0x3, 0x0, 0x138}, 0x45005)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
07:34:36 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) (fail_nth: 62)
07:34:36 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff,