program: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='R\x00\x00@', @ANYRES16=r0, @ANYBLOB="01000000000000000000010000003c000180060001000a000000090006006e6f6e650000000008000900640000000c000700000000000000000008000500000000000800080000000000"], 0x50}}, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8) r3 = socket$kcm(0x10, 0x5, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000100)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==") r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched_retired(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newtaction={0x14, 0x2e, 0xa0ea5228abce67dd}, 0x14}}, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) renameat2(r6, &(0x7f0000000140)='./file1\x00', r6, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) shutdown(r4, 0x1) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0) pwrite64(r7, &(0x7f0000000300)='_', 0x1, 0x10000000005) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000540)={0x1, 0x7f, 0xf, 0x0, 0x8, 0x8001, 0xf9d, 0x7fffffff}, &(0x7f0000000580)=0x20) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0xc, [@struct={0x4, 0x1, 0x0, 0x4, 0x1, 0x1, [{0xa, 0x2, 0x6}]}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}]}, {0x0, [0x61, 0x0, 0x2e, 0x2e, 0x61, 0x61, 0x0, 0x61, 0x0, 0x5f]}}, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="12fc917bd5d76990772daae5030c000000003719879d9fbb", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) [ 76.896735][ T5311] Bluetooth: hci0: command tx timeout [ 76.900727][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.903103][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.984006][ T5328] loop0: detected capacity change from 0 to 2048 [ 77.034628][ T5328] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.044893][ T5328] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 77.113154][ T5328] ------------[ cut here ]------------ [ 77.115488][ T5328] kernel BUG at fs/ext4/inline.c:240! [ 77.118748][ T5328] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 77.121421][ T5328] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-11125-g609706855d90 #0 PREEMPT(full) [ 77.125804][ T5328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.129794][ T5328] RIP: 0010:ext4_write_inline_data+0x3fc/0x400 [ 77.132324][ T5328] Code: 89 f1 80 e1 07 fe c1 38 c1 0f 8c 1d ff ff ff 4c 89 f7 e8 a7 94 ab ff e9 10 ff ff ff e8 2d 98 42 ff 90 0f 0b e8 25 98 42 ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f [ 77.139597][ T5328] RSP: 0018:ffffc9000d3177d8 EFLAGS: 00010287 [ 77.141847][ T5328] RAX: ffffffff8280e4eb RBX: 000000000000003c RCX: 0000000000100000 [ 77.144701][ T5328] RDX: ffffc9000e5b2000 RSI: 00000000000003b6 RDI: 00000000000003b7 [ 77.147734][ T5328] RBP: ffff88804467885c R08: ffffffff8280e276 R09: 1ffff110086bd870 [ 77.150768][ T5328] R10: dffffc0000000000 R11: ffffed10086bd871 R12: 0000010000000006 [ 77.153755][ T5328] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000d3178c0 [ 77.156820][ T5328] FS: 00007fafc39696c0(0000) GS:ffff88808c5b1000(0000) knlGS:0000000000000000 [ 77.160176][ T5328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.162715][ T5328] CR2: 00007fafb6a3f000 CR3: 0000000011d24000 CR4: 0000000000352ef0 [ 77.165837][ T5328] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.168859][ T5328] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.171909][ T5328] Call Trace: [ 77.173138][ T5328] [ 77.174399][ T5328] ext4_write_inline_data_end+0x2f9/0xa90 [ 77.176542][ T5328] ? __pfx_ext4_write_inline_data_end+0x10/0x10 [ 77.178868][ T5328] ? ext4_da_write_end+0x261/0xcd0 [ 77.180865][ T5328] ? __pfx_ext4_da_write_end+0x10/0x10 [ 77.182979][ T5328] generic_perform_write+0x70b/0xa10 [ 77.184889][ T5328] ? do_raw_spin_unlock+0x58/0x8b0 [ 77.186733][ T5328] ? __pfx_generic_perform_write+0x10/0x10 [ 77.189114][ T5328] ? ext4_write_checks+0x255/0x2c0 [ 77.191119][ T5328] ext4_buffered_write_iter+0xc7/0x390 [ 77.193208][ T5328] ext4_file_write_iter+0x97f/0x1da0 [ 77.195243][ T5328] ? __lock_acquire+0xad5/0xd80 [ 77.197071][ T5328] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 77.199227][ T5328] vfs_write+0x70f/0xd10 [ 77.200803][ T5328] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 77.203076][ T5328] ? __pfx_vfs_write+0x10/0x10 [ 77.205004][ T5328] ? __fget_files+0x2a/0x420 [ 77.206802][ T5328] ? __fget_files+0x2a/0x420 [ 77.208613][ T5328] __x64_sys_pwrite64+0x1b5/0x250 [ 77.210510][ T5328] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 77.212644][ T5328] ? do_syscall_64+0xb6/0x230 [ 77.214519][ T5328] do_syscall_64+0xf3/0x230 [ 77.216424][ T5328] ? clear_bhb_loop+0x45/0xa0 [ 77.218245][ T5328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.220516][ T5328] RIP: 0033:0x7fafc2b8d169 [ 77.222125][ T5328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.229079][ T5328] RSP: 002b:00007fafc3969038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 77.232050][ T5328] RAX: ffffffffffffffda RBX: 00007fafc2da5fa0 RCX: 00007fafc2b8d169 [ 77.234748][ T5328] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000009 [ 77.237342][ T5328] RBP: 00007fafc2c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 77.239904][ T5328] R10: 0000010000000005 R11: 0000000000000246 R12: 0000000000000000 [ 77.242591][ T5328] R13: 0000000000000000 R14: 00007fafc2da5fa0 R15: 00007ffee7973d68 [ 77.245252][ T5328] [ 77.246337][ T5328] Modules linked in: [ 77.248095][ T5328] ---[ end trace 0000000000000000 ]--- [ 77.254054][ T5328] RIP: 0010:ext4_write_inline_data+0x3fc/0x400 [ 77.256897][ T5328] Code: 89 f1 80 e1 07 fe c1 38 c1 0f 8c 1d ff ff ff 4c 89 f7 e8 a7 94 ab ff e9 10 ff ff ff e8 2d 98 42 ff 90 0f 0b e8 25 98 42 ff 90 <0f> 0b 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f [ 77.264442][ T5328] RSP: 0018:ffffc9000d3177d8 EFLAGS: 00010287 [ 77.267685][ T5328] RAX: ffffffff8280e4eb RBX: 000000000000003c RCX: 0000000000100000 [ 77.270951][ T5328] RDX: ffffc9000e5b2000 RSI: 00000000000003b6 RDI: 00000000000003b7 [ 77.274143][ T5328] RBP: ffff88804467885c R08: ffffffff8280e276 R09: 1ffff110086bd870 [ 77.277971][ T5328] R10: dffffc0000000000 R11: ffffed10086bd871 R12: 0000010000000006 [ 77.281360][ T5328] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000d3178c0 [ 77.284433][ T5328] FS: 00007fafc39696c0(0000) GS:ffff88808c5b1000(0000) knlGS:0000000000000000 [ 77.288633][ T5328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.291455][ T5328] CR2: 00007fafb6a3f000 CR3: 0000000011d24000 CR4: 0000000000352ef0 [ 77.294721][ T5328] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.298507][ T5328] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.301854][ T5328] Kernel panic - not syncing: Fatal exception [ 77.304731][ T5328] Kernel Offset: disabled [ 77.306423][ T5328] Rebooting in 86400 seconds..