program:
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x792, &(0x7f0000001a40)="$eJzs3ctrXFUYAPDvTl5NWk0EQesqINhA6cTU2Cq4qLgQwUJB17ZhMg01k0zJTEoTAraI4EZQcSHopmsfdefWx1b/CxdSKZoWKy4kciczybSZSSdpZiaQ3w9O5pz7yDnfnPs4d+5lJoADazT9k4k4GhEfJxHD1elJRPRVcr0RZ9aXu7e6kktTEmtrb/2ZVJa5u7qSi7p1Uoerhacj4qcPIo5nttZbWlqenSoU8gvV8nh57vJ4aWn5xKW5qZn8TH7+1MTk5MnTL54+tXex/v3r8pE/Pnn92Ldn/n3/qZsf/ZzEmThSnVcfx14ZjdHqe9KXvoX3eW2vK+uypNsNYFfSXbNnfS+PozEcPZVcE4Ob2YnljjQPAGiD9yJiDQA4YBLnfwA4YGqfA9xdXcnVUnc/keis269GxKH1+Gv3N9fn9Fbv2R2q3Acdupvcd2ckiYiRPah/NCK+/P6dr9MU1X5wLw3ohGvXI+LCyOjW43+y5ZmFnXp+u5lrA5WX0QcmH7TzD3TTD+n456VG47/MxvgnGox/Bhrsu7vx8P0/c2sPqmkqHf+9Uvds2726+KtGeqqlxypjvr7k4qVCPj22PR4RY9E3kJYnKos2HrmN3fnvTrP668d/f3367ldp/enr5hKZW70D968zPVWeetS4a25fj3imt1H8yUb/J03Gv+darOONlz/8otm8NP403lraGn97rd2IeK5h/2/2ZbLt84njlc1hvLZRNPDdb58PNat/9Fj/Rv+nKa2/di3QCWn/D20f/0hS/7xmaed1/HJj+Mdm8+q3/8bxN97++5O3K/n+6rSrU+XywkREf/Lm1uknN9etlWvLp/GPPdt4/1+vtvH2n14TXmgx/t7e+Gb38bdXGv/0jvp/55mb92Z7mtXfWv9PVnJj1SmtHP9abeCjvHcAAAAAAAAAAAAAAAAAAAAAAAAA0KpMRByJJJPdyGcy2ez6b3g/GUOZQrFUPn6xuDg/HZXfyh6Jvkztqy6H674PdaL6ffi18skHyi9ExBMR8dnAYKWczRUL090OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqDjf5/f/U7wPdbh0A0DaHut0AAKDjnP8B4ODZ2fl/sG3tAAA6x/U/ABw8LZ//L7S3HQBA57j+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM3OnT2bprV/VldyaXn6ytLibPHKiel8aTY7t5jL5ooLl7MzxeJMIZ/NFeea/qNr6y+FYvHyZMwvXh0v50vl8dLS8vm54uJ8+fyluamZ/Pl8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDWlZaWZ6cKhfyCzLaZwf3RjH2T6Y190QyZh2QyEbG71euPEoPdO0ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7HP/BwAA///F9Cf0")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r0, &(0x7f0000004200)='t', 0x1)
creat(&(0x7f0000000040)='./bus\x00', 0x0) (async)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000100)) (async)
io_setup(0x202, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x20000000000002c9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000}])
openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r4, 0x2007ffb)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x56f, &(0x7f0000000640)="$eJzs3c9rHFUcAPDvm2zSH6kmFUFrDwYKtqAmTVpRRLDFevPgj4InwZikpXTbhiaCrRVbqP+B/gGCNy/isYgU9eLVm+AfIMUiNRdvkdnMbLfNbpo0m07tfD4wybx5u3zf7PLdN/P2zWwAtTWW/8ki9kTEfIoY6ahrRFE5tvK4f25dmlm6dWkmxfLye3+nSMW28vGp+D9cPHl7RPz2U4onBlbHXbhw8fR0szl3vihPLJ6Zn1i4cPHFU2emT86dnDs7Nfny5EuHD00dPti3ff1l/Fjj6ok39n43883uz3/49lqKI7GrqOvcj34Zi7H2a9Ipf11f6XewigwU+9P5FqdGhQ1iQ8r3bzAinoqRGIjbb95IfPFOpY0DttRyilgGairJf6ip8jggP/8tl2qPSIAH5ebRlQGAcmxvqZ3/jZWxwdjeGhvYuZSic1gnRUQ/RubyGPPPpZF8iS0ahwO6u3wlIp7u1v+nVm6Otkbx8/zP7sj/LCLeLv7n29+9z/hjd5XlPzw4m8n/Dzvy/6P7jC//AQAAAAAAoH+uH42IF7p9/5e15/9El/k/wxFxpA/x7/39X3ajD2GALm4ejXgtIpZWzf/LyoeMDhSlx1rzAQbTiVPNuYMR8XhEHIjBbXl5co0YY3t/HexZ1zH/L1/y+OVcwKIdNxrb7nzO7PTi9Gb2GVhx80rEM41u+Z/a/X/q0v/nnwfz64yxfOz1n3vV3Tv/ga2y/HXE/q79/+07V6S1788x0ToemCiPClb79INr3/eKL/+hOnn/v3Pt/B9NnffrWdh4jM/++mMT+d/9+H8oHW/dcmao2PbJ9OLi+cmIofTW6u1TG28zPIrKfCjzJc//A/u6n/+vdfy/IyIurzPm8R/fvNqrTv8P1cnzf3ZD/f/GV/a9/9W/veKvr/8/3OrTDxRbjP/B2taboFW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+j7KI2BUpG2+vZ9n4eMRwRDwZO7PmuYXF50+c+/jsbF7X+v3/rPyl35GVcip//3+0ozx1V/lQROyOiC8HdrTK4zPnmrNV7zwAAAAAAAAAAAAAAAAAAAA8JIZ7XP+f+3Og6tYBW65RdQOAysh/qC/5D/Ul/6G+5D/Ul/yH+pL/UF/yH+pL/kN9yX8AAAAAAHik7H72+u8pIi6/uqO15IaKusFKWwZstVR1A4DKuMUP1JepP1BfzvGBe40DbL/vZwIAAAAAAAAAAAAA/bJ/j+v/oa6yqhsAVMb1/1Bfrv+H+nKOD7j+HwAAAAAAAAAAAAAefgsXLp6ebjbnzluxYsVKe6XqTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKD0XwAAAP//WHb5Og==")
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)

[   58.625105][ T5330] loop0: detected capacity change from 0 to 2048
[   58.646174][ T5330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.744391][ T5336] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   58.892328][ T5315] Bluetooth: hci0: command tx timeout
[   59.446046][ T5329] ------------[ cut here ]------------
[   59.448400][ T5329] kernel BUG at fs/ext4/inode.c:2620!
[   59.452974][ T5329] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   59.455778][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[   59.459589][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.463303][ T5329] RIP: 0010:ext4_do_writepages+0x3d0b/0x3d10
[   59.465480][ T5329] Code: b0 8e 4c 89 f2 e8 e5 c9 a2 02 e9 ab fb ff ff e8 8b c1 3f ff 90 0f 0b e8 83 c1 3f ff 90 0f 0b e8 bb 00 7c 09 e8 76 c1 3f ff 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66
[   59.472378][ T5329] RSP: 0018:ffffc9000d2cf380 EFLAGS: 00010293
[   59.474656][ T5329] RAX: ffffffff82561baa RBX: 0000004000000000 RCX: ffff8880009a4880
[   59.477614][ T5329] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000
[   59.480675][ T5329] RBP: ffffc9000d2cf790 R08: ffffffff8255e3ab R09: 1ffff110086f84fe
[   59.483713][ T5329] R10: dffffc0000000000 R11: ffffed10086f84ff R12: 0000000000000001
[   59.486689][ T5329] R13: 0000000000400040 R14: 0000004a10000000 R15: ffff8880437c2a50
[   59.489685][ T5329] FS:  0000555561265500(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   59.493096][ T5329] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.495579][ T5329] CR2: 000000002003b000 CR3: 000000003e3aa000 CR4: 0000000000352ef0
[   59.498596][ T5329] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.501681][ T5329] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.504693][ T5329] Call Trace:
[   59.506014][ T5329]  <TASK>
[   59.507043][ T5329]  ? __die_body+0x5f/0xb0
[   59.508767][ T5329]  ? die+0x9e/0xc0
[   59.510428][ T5329]  ? do_trap+0x15a/0x3a0
[   59.512399][ T5329]  ? ext4_do_writepages+0x3d0b/0x3d10
[   59.514875][ T5329]  ? do_error_trap+0x1dc/0x2c0
[   59.517075][ T5329]  ? ext4_do_writepages+0x3d0b/0x3d10
[   59.519457][ T5329]  ? __pfx_do_error_trap+0x10/0x10
[   59.521738][ T5329]  ? report_bug+0x3e8/0x500
[   59.523850][ T5329]  ? handle_invalid_op+0x34/0x40
[   59.526175][ T5329]  ? ext4_do_writepages+0x3d0b/0x3d10
[   59.528645][ T5329]  ? exc_invalid_op+0x38/0x50
[   59.530583][ T5329]  ? asm_exc_invalid_op+0x1a/0x20
[   59.532501][ T5329]  ? ext4_do_writepages+0x50b/0x3d10
[   59.534540][ T5329]  ? ext4_do_writepages+0x3d0a/0x3d10
[   59.536525][ T5329]  ? ext4_do_writepages+0x3d0b/0x3d10
[   59.538528][ T5329]  ? look_up_lock_class+0x77/0x170
[   59.540436][ T5329]  ? register_lock_class+0x102/0x980
[   59.542541][ T5329]  ? __pfx_validate_chain+0x10/0x10
[   59.544495][ T5329]  ? __pfx_register_lock_class+0x10/0x10
[   59.546717][ T5329]  ? mark_lock+0x9a/0x360
[   59.548354][ T5329]  ? __pfx_ext4_do_writepages+0x10/0x10
[   59.550409][ T5329]  ? rcu_read_lock_any_held+0xb7/0x160
[   59.552444][ T5329]  ext4_writepages+0x213/0x3c0
[   59.554137][ T5329]  ? __pfx_ext4_writepages+0x10/0x10
[   59.556012][ T5329]  ? do_raw_spin_unlock+0x58/0x8b0
[   59.557823][ T5329]  ? __pfx_ext4_writepages+0x10/0x10
[   59.559817][ T5329]  do_writepages+0x35f/0x880
[   59.561590][ T5329]  ? __pfx_do_writepages+0x10/0x10
[   59.563476][ T5329]  ? wbc_attach_and_unlock_inode+0x313/0x580
[   59.565639][ T5329]  ? __pfx_lock_release+0x10/0x10
[   59.567540][ T5329]  ? do_raw_spin_lock+0x14f/0x370
[   59.569649][ T5329]  ? do_raw_spin_unlock+0x58/0x8b0
[   59.571591][ T5329]  ? _raw_spin_unlock+0x28/0x50
[   59.573253][ T5329]  ? wbc_attach_and_unlock_inode+0x365/0x580
[   59.575501][ T5329]  filemap_flush+0x1d2/0x260
[   59.577323][ T5329]  ? __pfx_filemap_flush+0x10/0x10
[   59.579278][ T5329]  ? __pfx___might_resched+0x10/0x10
[   59.581339][ T5329]  ? rcu_is_watching+0x15/0xb0
[   59.583203][ T5329]  ext4_release_file+0x81/0x300
[   59.585034][ T5329]  ? __pfx_ext4_release_file+0x10/0x10
[   59.587034][ T5329]  __fput+0x23c/0xa50
[   59.588503][ T5329]  task_work_run+0x24f/0x310
[   59.590250][ T5329]  ? _raw_spin_unlock+0x28/0x50
[   59.592050][ T5329]  ? __pfx_task_work_run+0x10/0x10
[   59.594051][ T5329]  ? syscall_exit_to_user_mode+0xa3/0x340
[   59.596206][ T5329]  syscall_exit_to_user_mode+0x13f/0x340
[   59.598252][ T5329]  do_syscall_64+0x100/0x230
[   59.600040][ T5329]  ? clear_bhb_loop+0x35/0x90
[   59.601939][ T5329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.604139][ T5329] RIP: 0033:0x7f402e77e919
[   59.605838][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.612887][ T5329] RSP: 002b:00007ffd3c80d418 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   59.616206][ T5329] RAX: 0000000000000000 RBX: 00007f402e937ba0 RCX: 00007f402e77e919
[   59.619159][ T5329] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   59.622117][ T5329] RBP: 00007f402e937ba0 R08: 0000000000000000 R09: 00007ffd3c80d70f
[   59.625582][ T5329] R10: 00007f402e937ac0 R11: 0000000000000246 R12: 000000000000e7b2
[   59.628856][ T5329] R13: 00007ffd3c80d520 R14: 0000000000000032 R15: ffffffffffffffff
[   59.631822][ T5329]  </TASK>
[   59.632974][ T5329] Modules linked in:
[   59.635343][ T5329] ---[ end trace 0000000000000000 ]---
[   59.723877][ T5329] RIP: 0010:ext4_do_writepages+0x3d0b/0x3d10
[   59.725834][ T5329] Code: b0 8e 4c 89 f2 e8 e5 c9 a2 02 e9 ab fb ff ff e8 8b c1 3f ff 90 0f 0b e8 83 c1 3f ff 90 0f 0b e8 bb 00 7c 09 e8 76 c1 3f ff 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66
[   59.733492][ T5329] RSP: 0018:ffffc9000d2cf380 EFLAGS: 00010293
[   59.735976][ T5329] RAX: ffffffff82561baa RBX: 0000004000000000 RCX: ffff8880009a4880
[   59.738943][ T5329] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000
[   59.742888][ T5329] RBP: ffffc9000d2cf790 R08: ffffffff8255e3ab R09: 1ffff110086f84fe
[   59.746036][ T5329] R10: dffffc0000000000 R11: ffffed10086f84ff R12: 0000000000000001
[   59.749060][ T5329] R13: 0000000000400040 R14: 0000004a10000000 R15: ffff8880437c2a50
[   59.752755][ T5329] FS:  0000555561265500(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   59.756333][ T5329] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.758857][ T5329] CR2: 000000002003b000 CR3: 000000003e3aa000 CR4: 0000000000352ef0
[   59.762199][ T5329] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.765266][ T5329] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.768733][ T5329] Kernel panic - not syncing: Fatal exception
[   59.771312][ T5329] Kernel Offset: disabled
[   59.772865][ T5329] Rebooting in 86400 seconds..